cb2f0f8bcf393e7c40aaaf09dc6387e3e801d2d07e6f6f7051a1cbf5b06d93e4

Analysis

max time kernel
0s
max time network
94s
platform
windows11-21h2_x64
resource
win11-20240508-en
resource tags

arch:x64arch:x86image:win11-20240508-enlocale:en-usos:windows11-21h2-x64system
submitted
01-07-2024 03:10

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ProgressSheetUpdater.exe
Size

13.0MB
MD5

b256b924484d5686ea9a0050382b18ad
SHA1

5a44737403a65723990db84596801d86da19b7c2
SHA256

cb2f0f8bcf393e7c40aaaf09dc6387e3e801d2d07e6f6f7051a1cbf5b06d93e4
SHA512

763099d7050c890fa4bd02f1657710e73107e7028576abdb11cfcb505ee22667d4ee6edbce5b9718fa4751b8330495e35b3163e30884265b0829fb1e838ad63c
SSDEEP

393216:B9xSYtQqCKYrFX8HtN3ZW+tVTXJecKxGb:B9xSYXCVrFXutN3jtxbKxy

Score

1^/10

Malware Config

Signatures

C:\Users\Admin\AppData\Local\Temp\ProgressSheetUpdater.exe
"C:\Users\Admin\AppData\Local\Temp\ProgressSheetUpdater.exe"
1⤵
PID:4964

C:\Users\Admin\AppData\Local\Temp\ProgressSheetUpdater.exe
"C:\Users\Admin\AppData\Local\Temp\ProgressSheetUpdater.exe"
2⤵
PID:5068

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\_MEI49642\VCRUNTIME140.dll
Filesize
83KB

MD5
0c583614eb8ffb4c8c2d9e9880220f1d

SHA1
0b7fca03a971a0d3b0776698b51f62bca5043e4d

SHA256
6cadb4fef773c23b511acc8b715a084815c6e41dd8c694bc70090a97b3b03fb9

SHA512
79bbf50e38e358e492f24fe0923824d02f4b831336dae9572540af1ae7df162457d08de13e720f180309d537667bc1b108bdd782af84356562cca44d3e9e3b64

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49642\_bz2.pyd
Filesize
75KB

MD5
d2aea2c7d91ac15f99bf8caa499e1251

SHA1
a2c70af8621c5ed56c555fe0cd797b8770a1dbce

SHA256
ae769b45f0a4bd76b82eb1d0e20d47301276fc78945cecab4e1cfb8244624331

SHA512
54d86794a9c27a3fc1a8f5945715151f7830570baa7425378986ac87cf1a23eeb7cfadd155694753e643792e1d1af9cbd9fd7caff192a7541248ed19e74c7ec0

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49642\_cffi_backend.cp38-win_amd64.pyd
Filesize
178KB

MD5
a7e31443fb461aae369257dd8e67c525

SHA1
c78636386da49d2418b0227739a9a562c2ce37da

SHA256
75f154e3c0b970a045fb40b14475d1804103c69b97294eaab048002ad4f9d0f8

SHA512
e34597c3ac0cdf5730eb1c82aa5727e66bda788f8bcaeb65028ce934f8023d2e8f6b9bc0dbb406678fea9ffb7c4d889cd863b6bb29817a2f914c066b8e585e9e

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49642\_ctypes.pyd
Filesize
114KB

MD5
bc5516ab19c71dfd667a227e96e5df31

SHA1
14fef0bb0cfd3903415e4521db018e5106e1fecc

SHA256
9c70eda126ff63222e9f0cab09d3c42872e505fac7a98dbd0b045c51c82b29ec

SHA512
079ce171c03b92d769a1662272253f2cedd0db399000cb6a27362fc8653bad0ad952be97cbe3749f3bc7a3e57e93a868430df1dc4086611a289f626a140d049b

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49642\_hashlib.pyd
Filesize
37KB

MD5
7d3829a73b6cb5b30c0da9721ffea3db

SHA1
6092ef8b8cfb9870c760f37666912e6fd32b125c

SHA256
bbb3e524ecc2c239e02127efe80e7be3d6a38de91308ea25d47ee6a03c9f6af9

SHA512
797c1522c47bbaf2efb34bbdffc362d2a9e923f3d99c5b4c90b790cee76250ff339224c0581602a0d3e9529778a43955706af8d0bbc72e23587f0a7404b5ef5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49642\_lzma.pyd
Filesize
152KB

MD5
26a746676f3826ded32523f06a6908a1

SHA1
36b1361b4dea82164bfcfb01ce3e105d9a6c88c4

SHA256
48fdc674296194b44d56f27307819a9c8c795446ea07b71b7a9e7eea09514124

SHA512
15d7f338db8bde068b802dd594dfa17061033aacd0903ff955cdf7b9775c144f75e7ea150b7007456e7cd16cfa13f3c54c2593e659e26ff7d29f1f7ef23ae8d7

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49642\_queue.pyd
Filesize
20KB

MD5
fb6fa19efac105feff1ff0d4660fbaf7

SHA1
3fcb404dca4d8e9a58e94c56d8fc6e8e4459a6ad

SHA256
e308d6ef045938d2989e6f8ec5b796f50f197406a4869354416226a70f153030

SHA512
bf0769287426c0107eed7117bc0fba90a8ff91e9187eb1d8d4fecdcc17ebc666b6dbd75ce32e7d23313913e16902a09e8ad976682533def8d4d075f1cd9474e6

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49642\_socket.pyd
Filesize
70KB

MD5
81050c77d4dee0cab75d891a21a06423

SHA1
f86d3918027daa9583edc92cc25879e447bcf7d2

SHA256
b9fed851700ada3ebc711e6f5827554759ab1ac56ff4aa194f0ef3c97bbd0d65

SHA512
fc67a990016f16764cd3b7dba235ef810eeee3bbda61e60cfee5607a0b77ed6a6d5229d58ed1ddb2d234707cedf74cccdc35c785d8032e30d071e9a61f9c3577

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49642\_sqlite3.pyd
Filesize
78KB

MD5
38f1cc9804f3a5f0c900971a391036e3

SHA1
5ca2a0de31f8b5be18f809c30df594ef08684a45

SHA256
1d536d8a6847f27c53bd4b2947113dc9625b4bb6dd86ef8a0b39b0ced193646d

SHA512
a49a48ff8790eb2d2ae7354a4fd56b8d4eba99cd11488e6f22526f80536f73174f3895aabbc194fa97814a8a68de56070da9ad7b821ffe3645d3cc3bb75430cc

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49642\_ssl.pyd
Filesize
141KB

MD5
ee004c1dcd9cf7c91ecbb57c7784fd01

SHA1
a7b5285a6a38ac625750d7ff8c1bd21baff794cb

SHA256
5a6d2f9842219807edd4abfb86222adae3746f980fba82ccf6c31d84d2c00d3f

SHA512
2ba38d79dacbdf697b4930aa884b5513de7547fcc03f7358536540e747dc13ddd766397a6fecaad95e1db712ea75ae5676e39e6db7fde0e4c374fca456f32a73

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49642\_tkinter.pyd
Filesize
56KB

MD5
1d3094391cca5d086ec6402447ee4112

SHA1
972dce3dd755fc213fa0cfc31fd386e6f5d8e572

SHA256
6827ed05ddeadc64949f7d974ec85ab8ce6c87a2682b6d8ae0cc696d691e44ff

SHA512
4c59aca727a5d69d5650b1d4a0bec7065fdb945b532af3b2b342e7168b1be11ef46670a9ebaa1bafddad2042554c176ca0e0a0a91981248f6c567c9ce1e6fab0

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49642\base_library.zip
Filesize
775KB

MD5
7c094fbfe6eb1529cd9262aad26148ca

SHA1
7092f9ada05a48817d5fa86fda2567d07048e742

SHA256
8fb4b54fd9cb9c85787f1c0f4f876757beb691f0fc7207af9c25b8efcbdb28d3

SHA512
082c200d3aa787aa3d1a44751017a77dd0259cbce10c84410bf099aed3973abcd5bfa458ab91c1e84149383b11efe1bce50c700e0071e1debeefa4fc28abab71

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49642\brotli\_brotli.cp38-win_amd64.pyd
Filesize
811KB

MD5
80c212c560ef3ed10f9babef65f9295e

SHA1
9bf8256f9c8900d00237596148ff563ee1bebae1

SHA256
22ae2465aa837e04ada88c3707180bbd5e5ed8906d8e271660bcc8ec2909c6b5

SHA512
af2990a844d871942bc65a609c695c5f47ae84f8105a00809b1a30e5277c3b07641eb7ae45b8cf3dfb94ca778288c58c231633c54ae629bad3d4e8db1d548487

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49642\cryptography\hazmat\bindings\_openssl.pyd
Filesize
685KB

MD5
cd83291c16235ed7adeb059a84ff49da

SHA1
734d73a2ccfa7f927625f02232214061626393ca

SHA256
8c065dceb3490107cd206cc6038a46a5a55b7fb8de081ccedfb3a67443c84df8

SHA512
e1cd5524f9d35263eaa8d3af63e1238c5d50491820b625e6eda065bb1aa9f5e10dd6cf1bfcd1a66ea826ab465ad35b93ea5f02c6b6573e9efd6b594e7fbad7f3

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49642\libcrypto-1_1-x64.dll
Filesize
3.3MB

MD5
bfdacc78ce4e0a3e8ce538de1716510a

SHA1
79741993c0045a647985c6cc17731a358de0e481

SHA256
49ec11b55669da5dbddee4cd9353a7b7d09750cb627f35ce5ca2e16b7c58fa05

SHA512
4423a3d029f93ce44458611abd64d3b303aa379e61e5384f215dc7b9a5308d041a1c2509f2fd393a3a82a470eb1adf791c46c8f275227cfbf1de3f7a6fb6e392

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49642\libffi-7.dll
Filesize
32KB

MD5
eef7981412be8ea459064d3090f4b3aa

SHA1
c60da4830ce27afc234b3c3014c583f7f0a5a925

SHA256
f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081

SHA512
dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49642\libssl-1_1-x64.dll
Filesize
666KB

MD5
058f8339d12f37d27c9633332018f20d

SHA1
61c49ecfcb21631c13e41e490b85381d9eb14eb1

SHA256
805aa7b72c740a0c56ea126ecc12fe0ee1d5d41ce0784f1eb0c517e3965f62fc

SHA512
b55cabbc14d15efac479c22b88679ffbfb00adddceb332dc2583a92216bd7544aede8321747f89c8d50fd797452fd31e7fd12e85cd01016a91057b0f8e5f8018

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49642\pyexpat.pyd
Filesize
178KB

MD5
cce35b2a1c49cf6b6e8cbe71f3698cd3

SHA1
7720d4daa1fe42baa7b1e4e5cb8088bbfb0d1004

SHA256
5b5a50d2095dbea7ac80a2a35b8dd70c3907ca2aeed19b2b893c0f8fe0ffd22c

SHA512
971952b342a6cafde5c295aaaa8c11c30a7e2e36626513e7f284043cd4b48a253c8b17299b6161c4d188ab485f2fa42a8c3252b3b58c5d15d856959d06418e17

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49642\pyinstaller-4.10.dist-info\INSTALLER
Filesize
4B

MD5
365c9bfeb7d89244f2ce01c1de44cb85

SHA1
d7a03141d5d6b1e88b6b59ef08b6681df212c599

SHA256
ceebae7b8927a3227e5303cf5e0f1f7b34bb542ad7250ac03fbcde36ec2f1508

SHA512
d220d322a4053d84130567d626a9f7bb2fb8f0b854da1621f001826dc61b0ed6d3f91793627e6f0ac2ac27aea2b986b6a7a63427f05fe004d8a2adfbdadc13c1

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49642\python3.dll
Filesize
50KB

MD5
194c51ddbd778a56d95afa7b0c366440

SHA1
1a1f614a5e1af342170f2ed48a65737c668887c6

SHA256
8934252132ea2c232ec39bb88b4f02eab27afcabdb9c6cf90f6e166bb6b9ba85

SHA512
8ed8b7a7c163b1be631df49532349521c29cd74866cca1676524cabb7125929bc47965c5e0a41d69bc260e4a2300d43c666f564960a4025209b2999ca5525b0a

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49642\python38.dll
Filesize
2.9MB

MD5
0b83c02feaf370d5b928dec88df60376

SHA1
090b929b9aff2f9296787ac6bf5dade7b3f657ca

SHA256
8120cbd52f65c383252233b211a77c7aef76e321b268df5d74fdfd38866bd5ac

SHA512
245a017119de35dcd0d1e7d562e24161e000ae576b884b9b54f7edf049ca24be24e26aadab52a7dbd5065e26d05f6f3725bce5db860dcbad12e77aeafd30e4a8

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49642\python38.dll
Filesize
2.8MB

MD5
6b8d687a631a021c67ccd47622866232

SHA1
1f24330d6ab05e5ea256848f011755e0e9ecf395

SHA256
bf836dbff3050c1d3b8bf018e685ab30ef9caff5b6beeb46bd9c133221a78af1

SHA512
bf1b9c7212d6add8fcb6a17de51ed1384b9862e538e24d67d14b8318e877984809163eb75d107a36636532dee9f8527c1675111af4dac8762f28a9d357cd546c

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49642\select.pyd
Filesize
19KB

MD5
f6e18478d3c7969169c1d7ab2bc4c37f

SHA1
e30181e687059c7747160c92dc8fa8fb4672f8b1

SHA256
4e30121a0f336549fecb55480704749e3fc2036ac0c20619572e47f683a8dc2c

SHA512
c91f49bf013ae1ed5b23dac8953ca89139ac2ba24c25dd45b2c8bb1caeb66665f3ac57bab635a11276f5835cf54713767478aa5df04126c6430c7040e638dd84

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49642\sqlite3.dll
Filesize
1.5MB

MD5
661e1d08aa162954c8acc3ee534cc819

SHA1
b2fa909f0b10f5f8fe5deccf5bb19576543e7c5c

SHA256
720b8374953d41aeb9613ba1876258c1ee00779c4f3b92ce58e6b7bd578e0ea2

SHA512
3524219a28d33d46466020c26c2d6b7402c6d5b47850174c34f3a851448b2056b069dc0cc010d2ca87320ed12e534e23e7fb8479c4625dbe0d9829416303d511

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49642\tcl86t.dll
Filesize
1.6MB

MD5
c0b23815701dbae2a359cb8adb9ae730

SHA1
5be6736b645ed12e97b9462b77e5a43482673d90

SHA256
f650d6bc321bcda3fc3ac3dec3ac4e473fb0b7b68b6c948581bcfc54653e6768

SHA512
ed60384e95be8ea5930994db8527168f78573f8a277f8d21c089f0018cd3b9906da764ed6fcc1bd4efad009557645e206fbb4e5baef9ab4b2e3c8bb5c3b5d725

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49642\tcl\encoding\cp1252.enc
Filesize
1KB

MD5
5900f51fd8b5ff75e65594eb7dd50533

SHA1
2e21300e0bc8a847d0423671b08d3c65761ee172

SHA256
14df3ae30e81e7620be6bbb7a9e42083af1ae04d94cf1203565f8a3c0542ace0

SHA512
ea0455ff4cd5c0d4afb5e79b671565c2aede2857d534e1371f0c10c299c74cb4ad113d56025f58b8ae9e88e2862f0864a4836fed236f5730360b2223fde479dc

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49642\tk86t.dll
Filesize
1.4MB

MD5
fdc8a5d96f9576bd70aa1cadc2f21748

SHA1
bae145525a18ce7e5bc69c5f43c6044de7b6e004

SHA256
1a6d0871be2fa7153de22be008a20a5257b721657e6d4b24da8b1f940345d0d5

SHA512
816ada61c1fd941d10e6bb4350baa77f520e2476058249b269802be826bab294a9c18edc5d590f5ed6f8dafed502ab7ffb29db2f44292cb5bedf2f5fa609f49c

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49642\ucrtbase.dll
Filesize
992KB

MD5
0e0bac3d1dcc1833eae4e3e4cf83c4ef

SHA1
4189f4459c54e69c6d3155a82524bda7549a75a6

SHA256
8a91052ef261b5fbf3223ae9ce789af73dfe1e9b0ba5bdbc4d564870a24f2bae

SHA512
a45946e3971816f66dd7ea3788aacc384a9e95011500b458212dc104741315b85659e0d56a41570731d338bdf182141c093d3ced222c007038583ceb808e26fd

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49642\unicodedata.pyd
Filesize
1.0MB

MD5
dbe4d0eec782a495730d6db2e2cceac9

SHA1
771037e5f4e34b55047ce039eabe3470d6929f60

SHA256
d42b9c86e7f5c3e1351a9416d1792820da771160fec9884cedcc0a67d083fda9

SHA512
0852daaefbe6708466dbe43f6d1f715c7b25601eb5562485f6113ac78e4ba0d1a0dcbc43a18092c219fa8b52833b0226b99e84b2de6c79d860cc8d379bff4a73

Download Submit
\??\c:\users\admin\appdata\local\temp\_mei49642\google_api_core-2.7.1.dist-info\namespace_packages.txt
Filesize
7B

MD5
0cfa9f600839f57e90e5559b8ee54864

SHA1
d662cc72cfed7244a88a7360add85d5627b9cd6c

SHA256
ff542f48922114019fc5befd0fa0e107b494c365fa4f8af09f3fcb2eb6dc0f77

SHA512
4100be97de001e7b1ad88e8e0ac5bae1ba3fe96b2cb9d69243ae31682ce99df489a8ec628d479a5cf6927a2fbe359465c56db8c5593cb9077374ef8727be774d

Download Submit
\??\c:\users\admin\appdata\local\temp\_mei49642\wheel-0.35.1-py3.6.egg-info\PKG-INFO
Filesize
2KB

MD5
8009a17b7bd1e73813c5b06f22443743

SHA1
f3f321c6b0650fb5f8bd85944d03b3524d0e64f2

SHA256
ce278871dc7b1950ccfc799368ed4cf748ae372dbc65d5a6c578f2aa0b93ba99

SHA512
e777aaf477e54b7215e3fa989acca222616b5906c4e853bca5b55e4c58f68a38a0055f58b782c1f7b2f5c35d3cb5901d5f50a9b4ab45591e1875fb535d417bf4

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads