f74096ebac2275a12ef4776f0655e537f090445b7353f9b7313721501c5b2ba3

Analysis

max time kernel
119s
max time network
125s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
13-01-2024 19:35

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

f74096ebac2275a12ef4776f0655e537f090445b7353f9b7313721501c5b2ba3.exe
Size

5.1MB
MD5

81cda5bde7cda6c84958b799b8d7a95b
SHA1

3a422ff53cc89c3f11d2a8b2c942ef8d8f5b5cf6
SHA256

f74096ebac2275a12ef4776f0655e537f090445b7353f9b7313721501c5b2ba3
SHA512

caa30601fd3ded1efdb1195f344e8b5c068b2f410fa6b82612c005e1f4dc34a9e02f6daf43bdef5f39a8a0abd89859fc58053cba429aa047f2597bff7a61fc00
SSDEEP

98304:8HenYKGxUcl3nT86Ytacv5Se1KdzOJDb4v+u:8Hr/YtacvuwN0v+u

Score

8^/10

Malware Config

Signatures

Downloads MZ/PE file

Loads dropped DLL 2 IoCs

pid	Process
2004	f74096ebac2275a12ef4776f0655e537f090445b7353f9b7313721501c5b2ba3.exe
2004	f74096ebac2275a12ef4776f0655e537f090445b7353f9b7313721501c5b2ba3.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2004	f74096ebac2275a12ef4776f0655e537f090445b7353f9b7313721501c5b2ba3.exe

C:\Users\Admin\AppData\Local\Temp\f74096ebac2275a12ef4776f0655e537f090445b7353f9b7313721501c5b2ba3.exe
"C:\Users\Admin\AppData\Local\Temp\f74096ebac2275a12ef4776f0655e537f090445b7353f9b7313721501c5b2ba3.exe"
1⤵
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
PID:2004

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\lite_installer.log

Filesize
3KB

MD5
bd8a0ee58c11d5e3c0b41dafca4fc3b8

SHA1
86d79a1d5d9d6d3cf7dff1c2fc9deea8e0e75fc9

SHA256
33d216d32a93a06d2be1fa717f456a1758c4d67348e88b1055316f54d96d0850

SHA512
a5828933a6036ad60bf9810957f5afae999b149424377e08125c996867a5b9796412fdff16a6c70c6e7a9673ab1a3e59bc3d6993bdb297f46a9cfcdbef7124fa

Download Submit
C:\Users\Admin\AppData\Local\Temp\lite_installer.log

Filesize
4KB

MD5
0617ca9d3d922ad5892ba0f89d0f6103

SHA1
65e4e8e900def4afed34bb7f7a78f285c3cf6c68

SHA256
59dae1f22738cf28408d07cb1a9282088f258962d594e4f61593e55455f3d9a6

SHA512
3037ced39458d6e7c48410f6bd84c260edda6d0f4b92dd71bf824ea8458c7995c6d4cfbfd0360b54b5df0a1b661aff2815acebf4aba87bb373c4c46bcaadd3d1

Download Submit
C:\Users\Admin\AppData\Roaming\Yandex\ui

Filesize
38B

MD5
ea157fd01b8576b74de372c842bfbdbf

SHA1
0d24cebb3c5677279210b8b48e9d6135c84faf0b

SHA256
355ede7132c6b9132d5a137eeab9225a1221494da62e97a65c564f97a86e996f

SHA512
36124532eac6559a90877fdd9e9cb3586e1269dfef94ffa75865af27bfa1f3445b1cb761783082d103fc35a67e4038f5afc6ef889b474be7d39789aa5bf7c1e9

Download Submit
\Users\Admin\AppData\Local\Temp\yb6078.tmp

Filesize
3.5MB

MD5
0f795243d565326b9697ebd132e9f412

SHA1
e0d454ba7e53f4af90782e6eff08649a57ae83d9

SHA256
bbeb03fa5093debae380277791f1d94bbaa47cef38773d62c9b8d8ddfa32b3e2

SHA512
fa84a2591270e54706cb47768f1a98ec3fed92322614b57de38104ff77c1547b2d253f86d1bdb2b3168c82a81136adaa4dab91f44a0b5d14126f0f3af5265904

Download Submit
\Users\Admin\AppData\Local\Temp\yb6078.tmp

Filesize
5.2MB

MD5
1768ef1251c38e8baaf318f1fbe5cf9b

SHA1
753e2ef1331ad597cdab981729b80731adc7f1ee

SHA256
c893bb83cb3fcfd4616a3763a40d09cde8ca5cd7375507291f47f407d70b375d

SHA512
3247bfbf1dd4a93ab13e312548a5fd6e0a16825f0e78de1e999fc363d619db0b26d6b956c9374adf25235fa01a61dc83fd42ab1ebba38fd21dfdf60264df2c42

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads