054daf3a5a81b5227b61f840d369c10ddabee38f1061ee04bae3c575dc25ebce

Analysis

max time kernel
121s
max time network
122s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
22/01/2024, 22:32

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

054daf3a5a81b5227b61f840d369c10ddabee38f1061ee04bae3c575dc25ebce.exe
Size

2.3MB
MD5

654bfe1a89c088b7978688eb4f3d1b1c
SHA1

7db12033fb7fa46317a8758b90563af56978791f
SHA256

054daf3a5a81b5227b61f840d369c10ddabee38f1061ee04bae3c575dc25ebce
SHA512

306a424168fffa85133d1d91179238b2efacbfa7cd4530e1bec05cbf6ab75af17adce79122f0b99dc272997ce70d0e357b3aa35e191697ba589dc77410e1a174
SSDEEP

24576:B5gEUwmt0f7HRZ/TJRMx3ZEHnF3hnUTIIgocXKFvLhRIdsgTRiKAf0aIz5H5un8V:3zCKHnFmTgAvLnIBT8K4A5H5u8QeN

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 2 IoCs

pid	Process
2248	054daf3a5a81b5227b61f840d369c10ddabee38f1061ee04bae3c575dc25ebce.exe
2248	054daf3a5a81b5227b61f840d369c10ddabee38f1061ee04bae3c575dc25ebce.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2248	054daf3a5a81b5227b61f840d369c10ddabee38f1061ee04bae3c575dc25ebce.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2248	054daf3a5a81b5227b61f840d369c10ddabee38f1061ee04bae3c575dc25ebce.exe

C:\Users\Admin\AppData\Local\Temp\054daf3a5a81b5227b61f840d369c10ddabee38f1061ee04bae3c575dc25ebce.exe
"C:\Users\Admin\AppData\Local\Temp\054daf3a5a81b5227b61f840d369c10ddabee38f1061ee04bae3c575dc25ebce.exe"
1⤵
- Loads dropped DLL
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2248

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\lite_installer.log

Filesize
1KB

MD5
3458f6e9946df91289183c003f46bb3b

SHA1
9d04ccc451d18f0e5d271d75c92e7722526ed3dd

SHA256
697cb65b14365d0e70858b30017e422fb2d980d5cab742471964f657ca0165fe

SHA512
3eb2f5a799753a7123d4b4efb1c1ae55b730fc78eda55144482c1150384754ea626a31866956f63c8a9f41cfc5be9ef0555db105170a26c1d56ae3f832b48298

Download Submit
C:\Users\Admin\AppData\Local\Temp\lite_installer.log

Filesize
4KB

MD5
d0845d3f6d3417af466fbbff252e8275

SHA1
3dbb25babcdd50fed9c2037af5557e735667df5d

SHA256
3963a356dfb4ca554c0b2507014e3e4584711e0444dc9e4c6f8d29654d483a88

SHA512
d183b42d8539e0edd6056c43bbd813a69933641c4f166e21d01e19be4bdc9d0559bb1f402ec03d2e8e91f7333b47e58d976a8d3bff0e5d66ece8b858b41a18a5

Download Submit
C:\Users\Admin\AppData\Roaming\Yandex\ui

Filesize
38B

MD5
92b3ea71dbefc33675b5333b92aabbe7

SHA1
78f8a1513f32cd02cdb86bec216db16a534266ac

SHA256
27fc85b94a7b9d91af2a410ad07f9400c96c62d4280f194f7ba5a20ebc3c7fe1

SHA512
c7a2b821ecbdb138238c3f29af53f0f733b0edf93e05a31530931bd9894c0d0af0789af8e21f602b082f3c03e23af3206242a28ba2d330af12235af7c9aaa9de

Download Submit
\Users\Admin\AppData\Local\Temp\ybE91.tmp

Filesize
7.5MB

MD5
acffa8a7fdfc1f6106dfbd6a22298531

SHA1
a5b39e427cac07c19d4ba89764b821f6603f8697

SHA256
c2bbb39d4b3071d4597e9f15f9600f58855aa61f9247aea96bf9d2efecf9b1eb

SHA512
866e40f85240f794628b2a482bf793ae44df34b945ce515cf8369f7c94f4e6a13202f17bd3a09f0a6c78100a7f0b342f83bffeddfeea42cb34f42206aa34c49b

Download Submit
\Users\Admin\AppData\Local\Temp\ybE91.tmp

Filesize
21.4MB

MD5
94856323f62144cb6965878c956f2fac

SHA1
dc101dfc6198a9e580105f82452c3677fd31baef

SHA256
4d97f659a983ca9a36c5d61bebd1e1f03381cb7f83fe6e4e5d047eb129224fff

SHA512
2ee94c13462d20e520b66400e037e4a0eeb673801875be280bfb95a154dd7e433f7997ecdea5ac34e59d479b7b6befa0c60e6dc9cc6798e982b329fd3fb0500c

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads