8ae976c8b28baa222b4fd527cccbad2d1102ed21c68f9082c53835fde94c2397

Submit
Reports

Overview

overview

Static

static

Hot Tub-2.1.2(19).zip

windows7-x64

Hot Tub-2.1.2(19).zip

windows10-2004-x64

Payload/Ho...2x.png

windows7-x64

Payload/Ho...2x.png

windows10-2004-x64

Payload/Ho...ad.png

windows7-x64

Payload/Ho...ad.png

windows10-2004-x64

Payload/Ho...ts.car

windows7-x64

Payload/Ho...ts.car

windows10-2004-x64

Payload/Ho....plist

windows7-x64

Payload/Ho....plist

windows10-2004-x64

Payload/Ho...fo.xml

windows7-x64

Payload/Ho...fo.xml

windows10-2004-x64

Payload/Ho....plist

windows7-x64

Payload/Ho....plist

windows10-2004-x64

Payload/Ho...fo.xml

windows7-x64

Payload/Ho...fo.xml

windows10-2004-x64

Payload/Ho....plist

windows7-x64

Payload/Ho....plist

windows10-2004-x64

Payload/Ho...fo.xml

windows7-x64

Payload/Ho...fo.xml

windows10-2004-x64

Payload/Ho....plist

windows7-x64

Payload/Ho....plist

windows10-2004-x64

Payload/Ho...fo.xml

windows7-x64

Payload/Ho...fo.xml

windows10-2004-x64

Payload/Ho....plist

windows7-x64

Payload/Ho....plist

windows10-2004-x64

Payload/Ho...fo.xml

windows7-x64

Payload/Ho...fo.xml

windows10-2004-x64

Payload/Ho...lytics

macos-10.15-amd64

Payload/Ho...fo.xml

windows7-x64

Payload/Ho...fo.xml

windows10-2004-x64

Payload/Ho...es.xml

windows7-x64

Analysis

max time kernel
105s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20250313-en
resource tags

arch:x64arch:x86image:win10v2004-20250313-enlocale:en-usos:windows10-2004-x64system
submitted
28/03/2025, 13:38

Sharing

Copy URL

Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

Hot Tub-2.1.2(19).zip

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

Hot Tub-2.1.2(19).zip

Resource

win10v2004-20250314-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

Payload/Hot Tub.app/[email protected]

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

Payload/Hot Tub.app/[email protected]

Resource

win10v2004-20250314-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral5

Sample

Payload/Hot Tub.app/AppIcon76x76@2x~ipad.png

Resource

win7-20241010-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

Payload/Hot Tub.app/AppIcon76x76@2x~ipad.png

Resource

win10v2004-20250314-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral7

Sample

Payload/Hot Tub.app/Assets.car

Resource

win7-20250207-en

discovery

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral8

Sample

Payload/Hot Tub.app/Assets.car

Resource

win10v2004-20250314-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral9

Sample

Payload/Hot Tub.app/Firebase_FirebaseCore.bundle/Info.plist

Resource

win7-20240903-en

discovery

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral10

Sample

Payload/Hot Tub.app/Firebase_FirebaseCore.bundle/Info.plist

Resource

win10v2004-20250314-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral11

Sample

Payload/Hot Tub.app/Firebase_FirebaseCore.bundle/PrivacyInfo.xml

Resource

win7-20241010-en

discovery

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral12

Sample

Payload/Hot Tub.app/Firebase_FirebaseCore.bundle/PrivacyInfo.xml

Resource

win10v2004-20250313-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

Payload/Hot Tub.app/Firebase_FirebaseCoreExtension.bundle/Info.plist

Resource

win7-20241010-en

discovery

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral14

Sample

Payload/Hot Tub.app/Firebase_FirebaseCoreExtension.bundle/Info.plist

Resource

win10v2004-20250314-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral15

Sample

Payload/Hot Tub.app/Firebase_FirebaseCoreExtension.bundle/PrivacyInfo.xml

Resource

win7-20240903-en

discovery

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral16

Sample

Payload/Hot Tub.app/Firebase_FirebaseCoreExtension.bundle/PrivacyInfo.xml

Resource

win10v2004-20250314-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

Payload/Hot Tub.app/Firebase_FirebaseCoreInternal.bundle/Info.plist

Resource

win7-20240903-en

discovery

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral18

Sample

Payload/Hot Tub.app/Firebase_FirebaseCoreInternal.bundle/Info.plist

Resource

win10v2004-20250313-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral19

Sample

Payload/Hot Tub.app/Firebase_FirebaseCoreInternal.bundle/PrivacyInfo.xml

Resource

win7-20250207-en

discovery

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral20

Sample

Payload/Hot Tub.app/Firebase_FirebaseCoreInternal.bundle/PrivacyInfo.xml

Resource

win10v2004-20250314-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

Payload/Hot Tub.app/Firebase_FirebaseCrashlytics.bundle/Info.plist

Resource

win7-20240903-en

discovery

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral22

Sample

Payload/Hot Tub.app/Firebase_FirebaseCrashlytics.bundle/Info.plist

Resource

win10v2004-20250314-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral23

Sample

Payload/Hot Tub.app/Firebase_FirebaseCrashlytics.bundle/PrivacyInfo.xml

Resource

win7-20240903-en

discovery

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral24

Sample

Payload/Hot Tub.app/Firebase_FirebaseCrashlytics.bundle/PrivacyInfo.xml

Resource

win10v2004-20250313-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

Payload/Hot Tub.app/Firebase_FirebaseInstallations.bundle/Info.plist

Resource

win7-20241010-en

discovery

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral26

Sample

Payload/Hot Tub.app/Firebase_FirebaseInstallations.bundle/Info.plist

Resource

win10v2004-20250314-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral27

Sample

Payload/Hot Tub.app/Firebase_FirebaseInstallations.bundle/PrivacyInfo.xml

Resource

win7-20241010-en

discovery

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral28

Sample

Payload/Hot Tub.app/Firebase_FirebaseInstallations.bundle/PrivacyInfo.xml

Resource

win10v2004-20250314-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

Payload/Hot Tub.app/Frameworks/FirebaseAnalytics.framework/FirebaseAnalytics

Resource

macos-20241101-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral30

Sample

Payload/Hot Tub.app/Frameworks/FirebaseAnalytics.framework/Info.xml

Resource

win7-20240729-en

discovery

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral31

Sample

Payload/Hot Tub.app/Frameworks/FirebaseAnalytics.framework/Info.xml

Resource

win10v2004-20250313-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral32

Sample

Payload/Hot Tub.app/Frameworks/FirebaseAnalytics.framework/_CodeSignature/CodeResources.xml

Resource

win7-20240903-en

discovery

windows7-x64

5 signatures

150 seconds

Report Analysis Logs

General

Target

Payload/Hot Tub.app/Firebase_FirebaseCrashlytics.bundle/PrivacyInfo.xml
Size

1KB
MD5

1fa581c145e442358018443c23c0b2ba
SHA1

8377dcdf2eb7e90242a0f888be97d7cb07a5b810
SHA256

e9bcc6e9c7382bf506cadabe74cfd4ed155686806ba81c195a634b86aa5fcce0
SHA512

8b4a37d121f728a6608dff0582c6c6b28ad8d18fedbc35d0f6c920f59fdb650eaa66e79d51172bc6ea82e18d88bcbfdb60f373a892c3e2eb3504340e65dfc50c

Score

1^/10

Malware Config

Signatures

Processes

C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE
"C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE" /verb open "C:\Users\Admin\AppData\Local\Temp\Payload\Hot Tub.app\Firebase_FirebaseCrashlytics.bundle\PrivacyInfo.xml"
1⤵
PID:1552

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1552-0-0x00007FF8E39F0000-0x00007FF8E3A00000-memory.dmp

Filesize
64KB

Download
memory/1552-1-0x00007FF923A0D000-0x00007FF923A0E000-memory.dmp

Filesize
4KB

Download
memory/1552-2-0x00007FF923970000-0x00007FF923B65000-memory.dmp

Filesize
2.0MB

Download
memory/1552-3-0x00007FF923970000-0x00007FF923B65000-memory.dmp

Filesize
2.0MB

Download