Overview

overview

10

Static

static

1

LDPLayer.exe

windows7-x64

10

LDPLayer.exe

windows10-2004-x64

10

RealO/eulaLic.html

windows7-x64

1

RealO/eulaLic.html

windows10-2004-x64

1

Analysis

  • max time kernel
    100s
  • max time network
    227s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    27-03-2023 20:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    RealO/eulaLic.html

  • Size

    8KB

  • MD5

    a729d63514511766fcdd2de19cdbd017

  • SHA1

    737827e5c0ab0adc287d3b3bb16d26a9a42f0939

  • SHA256

    6dda16414ec5a7f6908f6088ea5edb7c67b024c3f695fbf7048ab823bcfee728

  • SHA512

    ad6bc65c950a94383f3f1d987508d22167343db632412b74d4734482916a7c18981dc8d84c57109f0882f6c5c6f280db876bafd24837f06996614d1bb9ce6ee2

  • SSDEEP

    192:HLFjO9B8eBfDX/Ek8IFyMlgy/RVr1YGrtsk2whjPYwWkpeFWlMddhTdLVxFl/:HLFjO9B8eBfDXoIFyLw1YGZsk2whjPYL

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\RealO\eulaLic.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1724
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1724 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:296

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    08b2a5e0733cfac555f5e6a0a1a0420e

    SHA1

    da983343d791d32f8f95775e4c91bf71a82ea46b

    SHA256

    46460619d68d6ecee39adedc514e8b822d9cd448cf1b30485ee27e532fad7037

    SHA512

    8456e39ff168a5aaf8a030af1ecf240e6e7226840e6298e3aac02bb29cc112d2ad5c8ba3a46ade7228f6ac7ee693dae7a5a3f03f2b290ad0a1df9a5a46bdebbc

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    16eaefa832eb2d408f2386993c599220

    SHA1

    703f1a06d9ca74a7c79db2f01bde258c55e4975c

    SHA256

    c645de2c3c3c7e142edd2cb76300f671a4298b3f0a3a00448b32bb17e875d081

    SHA512

    06892c23c0831544112e6ef52e89d04ee36a6fe8b05a22f05770d565eb30f69e31907647c666c7b93b33332fba36046eba17e546ba4a2b57624ef9ed9eed07d4

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4ea8a146097b94126db03ed793d69c7f

    SHA1

    087d4945a0d802f23fb8d92962fdeba1d03319c4

    SHA256

    5bb622f3832bd6e20b14067e0760ac1aae696766d7f840bf3cd08cc5f685f2de

    SHA512

    0e495ec601854b18fbe5ab19bd4ce04056561d1fadb8c71909535b6f8280b715c0a435051d0c5e1f5326527d2206319bc5b79af59b84ab7d161aa33a383c3438

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7c75b8f17533b7e1309eabf787a54c7f

    SHA1

    ca5467f776618e87e5a8bb0a76b3eadda3356381

    SHA256

    519311269e3e0ea288095504527239f415686dfe2f020b3e27d68ddc2a2fa8d0

    SHA512

    3251d9e20cefdb2038fac047866de850b363b7976a10987850dfdcc94b0cbce563d52f000a1d1196683bed52ed98ddc91def45aa37339ab59b4672668f1cab72

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a35358a3b5d172e9e53e06d805eefb0a

    SHA1

    f029988668a40edae979f14d765caa7ade53e08d

    SHA256

    99e18e734342e6cffa3ef5c644927e87332b59336ac1e1ed0d72f18cfa3e9d7f

    SHA512

    5d973bb1e55f7d8f56f03745ef2cef47737f23dfbc9bb8816a7141d47e95ca661dd824a598ba367a7c4ff3687cd22cd21e1f7797dca0c65111e1a1f6e56f2ee2

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    adb7ef3597d07b2438dfc98fbd950bc6

    SHA1

    ad3889d55d4aedb5cd666ba3864e00d1665169d4

    SHA256

    3cb6ef47350228db3c52c3809e67b2000eb7e60b8fbe9b78167dea11112cb8d7

    SHA512

    443825b1cf56f5da13545c95a7183040cf5466e2b8b50302be840f15b93678f5ab40fe9050d4ebe70d960df4150eb8c7d2be72aa0f8a3f01dc830db612c85b61

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c91bce1c4c4b9824dd75e7caa754aff4

    SHA1

    5b341461c855848c4ff85a9cfe4d90fc77151386

    SHA256

    16bae75a2a7056cd39996408590a9243db22f98be49bdcec5c30798049d4e284

    SHA512

    9a9e32514d1132c856ea01a200950420c352eeeb84e6e7c5ccd94687a9e7eaf4037b2c0b4c88c7173f7274c83fbde1c75b2258f6d5852462362cffa006bc08b4

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dde7e5145433b2851086a5038668a156

    SHA1

    4ff054bd0f20b564f998c716105183af0b973144

    SHA256

    cf81ed301c3bf2157ce305bfd1f75a129cd7a18f1ca30d5afe415b598a600e2d

    SHA512

    a721fd871e6e03cafe8e866e1894d3035247113116ff86d6b965852ea677d9699a36e26b75bc8fb9643d0e5b6a076c0f994eb790a412d75f5f5eee2193c4565e

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d6bb2ed041eac1e699cc478b9b94fe7f

    SHA1

    60c1c254964bbf7a50fdbdfe836f48ace4a14467

    SHA256

    e80fb3bc86416eb31c2e4ffb3ac2e2d92773b476dbeae3dfe0f2ef483b01eec2

    SHA512

    f1c4315777e45000014e00350fb74cf822832ec56dbc7085d757ec4a2a503f7e7d87931f541a23211c56cd7c5f4323636ea48670a844cc4b6e3c589d41f4d168

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ed4dd5c49a578acb7e949068f46a3661

    SHA1

    9fe112a4b1f0794f9d18e24b728f89f3b7dbf2be

    SHA256

    8e0bb75f9d701d1a727187f80384dae387492b1f69654a173f955774eb819723

    SHA512

    83bbe0c5a96d5fc2501eb36c104b3ac03100284d68ba8512411661f55998a1c6237660431000bbf9ddfe1518d5d26fa2ff1da70f9a2d5b05417d259a48a5c31e

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1e9ef708cb2e73e9d5db84e2fafbc64f

    SHA1

    bfc8025efc6a3bf716a7c7536613d69b9d85579a

    SHA256

    0beac885a7e89cf3b817d31896e0e871a56aabfbc5f5ae48fa6030121140ee01

    SHA512

    c37665b3eb8cd5cd8f414faebf03ede1693922c35aae022b9ffecc83141f302cb3fc188b8e90a0846203e7421fc19bf7a86bb4bcc59757c4761df12d870f4826

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S7FIT0B8\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Cab592B.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Cab59F8.tmp
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Tar5A8A.tmp
    Filesize

    161KB

    MD5

    be2bec6e8c5653136d3e72fe53c98aa3

    SHA1

    a8182d6db17c14671c3d5766c72e58d87c0810de

    SHA256

    1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

    SHA512

    0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

    Download Submit
  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\U6YXVCU0.txt
    Filesize

    605B

    MD5

    c62aacbdda3c14253adc598bd6ec3ae3

    SHA1

    b1868b93d69c76c8e89982f62e9f75a470ee1fe5

    SHA256

    e701558c55707169b19cd4b7881dccc2dc635bd54d4987e714da61ab9fc21f3d

    SHA512

    5d81d87bd1b3fa3e15394a78004b5dc6a658f6fddae40ece8b146b38048dd9aa5737d4ad6911997c6145dbebf27dbad98351798b28f7f67faf881824ad804131

    Download Submit