b6a9c3c716da6acc577f584e738ebed02c6192e644756249dc18979a392880d1

Analysis

max time kernel
126s
max time network
136s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
09/01/2024, 11:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b6a9c3c716da6acc577f584e738ebed02c6192e644756249dc18979a392880d1.exe
Size

4.3MB
MD5

f3d2dbea692154b6a2c4daba70c9c4cd
SHA1

d89f74bdcd61ce83d457d73d5096ed0e9328edc8
SHA256

b6a9c3c716da6acc577f584e738ebed02c6192e644756249dc18979a392880d1
SHA512

84a7b2cdb8a43b188d583295fbb034b99357b1fba42b2aea66a9593cfe926c699f08b7125ce3bd77307573af6c0fe3adf843bda2a179a1b04272579659c8678e
SSDEEP

49152:qMLPIdiWU/o5LcUekfbj+whw5+r5u8QeKxFOJxdb4vZKVB:bLPIAN/nUeKbj+UFKdzOJDb4v+B

Score

8^/10

Malware Config

Signatures

Downloads MZ/PE file

Loads dropped DLL 2 IoCs

pid	Process
2180	b6a9c3c716da6acc577f584e738ebed02c6192e644756249dc18979a392880d1.exe
2180	b6a9c3c716da6acc577f584e738ebed02c6192e644756249dc18979a392880d1.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2180	b6a9c3c716da6acc577f584e738ebed02c6192e644756249dc18979a392880d1.exe

C:\Users\Admin\AppData\Local\Temp\b6a9c3c716da6acc577f584e738ebed02c6192e644756249dc18979a392880d1.exe
"C:\Users\Admin\AppData\Local\Temp\b6a9c3c716da6acc577f584e738ebed02c6192e644756249dc18979a392880d1.exe"
1⤵
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
PID:2180

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\lite_installer.log

Filesize
2KB

MD5
ce74f00f7c3f927cc65bb7d9cfb9badc

SHA1
d8c3be05ce3336dac57770727a4987435896d227

SHA256
eb2f31a9efd948936ac2a1e14a59045371a52363a198e6e7b24f82bf8871b49b

SHA512
53c4c0848239ad19b3a657c5a7af125ac56cad371f0c8b865fe937ed858e0d979b767d78c6056ba4debebda02bb12d742fbf9bc0a9a329067c9ef5dd8cea3fa5

Download Submit
C:\Users\Admin\AppData\Local\Temp\lite_installer.log

Filesize
5KB

MD5
0850cf34fc0c51155afe546a9db9abfd

SHA1
52a4e537749799a36d218f3409eb76909a481422

SHA256
188f62b9938456bcecfb0ca17179e1e5e9b0beef8a01025be2b434423ec44606

SHA512
4f14e6b844c67aef2fd941a4ef73fc9573e2c233c0700b473d92c93c521b8e8064d107c6b968bbaa37c95107cc1b2a57812f46945db9646775c2f64e0cff767c

Download Submit
C:\Users\Admin\AppData\Local\Temp\yb69CB.tmp

Filesize
3.5MB

MD5
62c142cb411273035e2c7c7057b67924

SHA1
5517391b8ce94149196ac39243a73258c72c0cbd

SHA256
5e261b1ee37ba5f9dc3935a82399d24f284eddd321b941e3307d9eeb17d2d484

SHA512
647f2e260a1da96d115c8076706c2af9310cfff4b29eb412a284c2e6dcff292be4cb6fbac25e61c2959e727e00277286367c2d588fe519ed67e0b026385b4a7b

Download Submit
C:\Users\Admin\AppData\Roaming\Yandex\ui

Filesize
38B

MD5
2361d1b75190439eed11816787702b02

SHA1
81d879a985a0e8595eb302dcc5864c8b4850f8a2

SHA256
322335a720e1099065ed19ffdd6088e96ecf1e6e144b1329c4e60e3716dfeffe

SHA512
d7116382152bd811f761a5e4dbd00dddf8c7c0b3ef8279401f684055a3edc2e009a864362cc6dccbaa83775bfb6857b2fa8b2af5148f53e8c6f881c699478bd8

Download Submit
\Users\Admin\AppData\Local\Temp\yb69CB.tmp

Filesize
4.1MB

MD5
f530a00ea29305e94f3e0790adb8b7ae

SHA1
04785baf567c26d66ebce8c87731eb8cccfe265b

SHA256
af0ba86ea24e39b595e3030b80971b2ec8d3d703e15595a4b6635b26a0223721

SHA512
b9fbc5d6707b42eb75fe25353ed50b0117589b98ac19895bcb4fc28871331c3fbcc827e68706ef5a27f0086fbb55404cf0e44ffb68d48ba73219e92addd1aa0a

Download Submit
\Users\Admin\AppData\Local\Temp\yb69CB.tmp

Filesize
3.8MB

MD5
e792a1223b703b9cb135d2aed8a03426

SHA1
7799202b80afec2f813fc2e2af2040ddab2fc335

SHA256
107b9e38183beeede2e49fc888a855e1358059fe06029a3cebeefb2f01f6b8d0

SHA512
22c7c114d4c036bfb233fe217e283591f438fce25c889d98919617f7e05a56f465de3e8a3428f7c2e21fd0202bf352345165a23dff003504c18f83e1256ed481

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads