Overview

overview

8

Static

static

3

InstAccoun...te.dll

windows7-x64

1

InstAccoun...te.dll

windows10-2004-x64

1

InstAccoun...ip.dll

windows7-x64

1

InstAccoun...ip.dll

windows10-2004-x64

1

InstAccoun...er.exe

windows7-x64

8

InstAccoun...er.exe

windows10-2004-x64

8

InstAccoun...ET.dll

windows7-x64

1

InstAccoun...ET.dll

windows10-2004-x64

1

InstAccoun...on.dll

windows7-x64

1

InstAccoun...on.dll

windows10-2004-x64

1

InstAccoun...ha.dll

windows7-x64

1

InstAccoun...ha.dll

windows10-2004-x64

1

InstAccoun...te.dll

windows7-x64

1

InstAccoun...te.dll

windows10-2004-x64

1

InstAccoun...er.exe

windows7-x64

3

InstAccoun...er.exe

windows10-2004-x64

4

InstAccoun...rt.dll

windows7-x64

1

InstAccoun...rt.dll

windows10-2004-x64

1

InstAccoun...er.dll

windows7-x64

1

InstAccoun...er.dll

windows10-2004-x64

1

InstAccoun...er.exe

windows7-x64

1

InstAccoun...er.exe

windows10-2004-x64

1

InstAccoun...op.dll

windows7-x64

1

InstAccoun...op.dll

windows10-2004-x64

1

InstAccoun...op.dll

windows7-x64

1

InstAccoun...op.dll

windows10-2004-x64

1

InstAccoun...et.dll

windows7-x64

1

InstAccoun...et.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    154s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    13-05-2023 13:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    InstAccountsManager/Updater.exe

  • Size

    695KB

  • MD5

    b6fc23f49e8d892f0b77e14f843ea0d9

  • SHA1

    f4f336800a86b1b346534c75b7a684a33261fb6e

  • SHA256

    381d4caa115d0a12e8864d433d6001da997f8b712e7e67c850a221176a2e973b

  • SHA512

    4acf92349ff9da8bad630a4692150de65a06348254f7c04c7b31fc7c1bb958cb94ca1b36c295c8861854e07d2b4a6f45c15c5b9ac01a5f597fb4a2f69e54b72a

  • SSDEEP

    12288:n0cdiUCsJSwYMKtsz+Y/iJH96nFGCi+WxlX+1:/Pctsz+Y/GH96nF0+WxlX+1

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\InstAccountsManager\Updater.exe
    "C:\Users\Admin\AppData\Local\Temp\InstAccountsManager\Updater.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:2028
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" https://perfect.studio/docs/FAQ/cannot-update
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:1480
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1480 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:984

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    344d225065097c142aa1f323abb0aeaf

    SHA1

    4f3dea95ed25de2f81b81073162ec55316bcea94

    SHA256

    7adb2b665b276dd24d1439526571d65ff97887e22b6272d9a9f53507fe4aff26

    SHA512

    6bc490781116b201619a4f54aa113e7830fd2c102d97ae92d85423640fecbf79fb128932de1824e11be2c257791b77a274ffb718d07ba6c723980b3d73e8b243

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ac05ccf769d95426e7980357577231a1

    SHA1

    1945e73cd211201a3065bb3571cc6a8a1db9b479

    SHA256

    94533d8ade11a59c64b74b186b610319187b71e67f1833905bd00cc64802d3b6

    SHA512

    d362d537f78ea7ee0f33f2499e33f1e4417883480e9579cbfbdb154b74f9368593aeda972402323814e6204ea5f16beba599284a71dfb6d9b8fc0985c7ffcc65

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4a86a728631f538ea9d872c119353b80

    SHA1

    1ccc4914c3bbe8bac5cdf712cc00ffe3a9292c9d

    SHA256

    ac740abd9445479fdb6b03170a910e725dde2f62d5b5afd0dc99ecbc50c79be3

    SHA512

    cf6577050d0f0e7d0ba03b11e38f5280043cd23b453c814600e07f0eb2e16d2c5fde1b95ce2bc2c0037490f655bb477c7aa3c8562f619eb449a32cdbf2ce5972

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c0ae238c7d206d2ade9726daa38083a7

    SHA1

    aa6e7511dcc2c7cba101d3a7dfdadbd4dbd30918

    SHA256

    aa14ffa149a4b3103b539f0a2d87158b3e099142a56f9d7b09fd0fb8920b2e7e

    SHA512

    b92c4e86c2ec8a36ad030817ce443fbe59156727cf2c99065e4c3747236f51986a526f2781b39e01da860fb6446b34d8a521337ca75a8f8713c36e5d4051c0eb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    11beb3fa119ab7cbec2e8a1a5d6705f0

    SHA1

    bb8fea5688b1adea621948336a1dae9e2a47986a

    SHA256

    6359aaf280016e3d884c9c9584c90d5d7cf2655b6a9d6e8132f3c4ba070b77ff

    SHA512

    55c4c5cf2c54540cb2cfce47f267811f2747648fc2f7efebefbfd842b4f169ef6ad51da5b456b899b410a909fc15ee0fb446995993f969ac4b44d195ec6d36a8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ce67e2df2c875fc6cca4ba2cb552a898

    SHA1

    f9054380d095738282faeef87cf89a407e1c8900

    SHA256

    30599b34d389f9f12003b2ee3d931293a92ab03a3cba490d0b26db423555f9a6

    SHA512

    6521948db786cb1d58fb7256e352c06b531f134c01f07562507765e70d8df49c575c485848f6c9efb92d7397cb08dcbaec3216bb92cf3b2aa3f99b94ca9f36e9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bfc65ad00ef95c4968f9180afd51bf1a

    SHA1

    55814a64a33a5d2e07024bfbf41acb4f11a21101

    SHA256

    3ab9ce6584da4c5f628935622e0865b718ce6cbe1ff099d2c832e7d3ceb02ab5

    SHA512

    606ee3b533e268fbf6b3b5e0fa8a8b42a6726c99099410c7d673f88e821ee1bf0601fcd657cfe83f9d120d959a923d8a1d9d2a6345cdb5847a59cb6564b47d59

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f314af9adb31c18892d26c0e97d23a4b

    SHA1

    a0f420eb6c8830b4625361f88a269f8dd897a845

    SHA256

    4840415d92e0fbc5d9c5001d5e76246fe868e7884862adca83785ecc2394fa14

    SHA512

    22371233ca2664918ad6c7488a26558cc6c0132490b08bfddc3c9451307e081cfe5523ce1e501080d6a2a8657f5f4134e35aa329c01d6bccc120d05da6d09ca9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    401d01f9f88ae6b397856f1de948225c

    SHA1

    a9c716cb79bd9921e531da2e6cc1be17d06f14a6

    SHA256

    9bb8c37aa810089446b53dd59163d3ae939c0b37b80c69b7cb9379ead35ad535

    SHA512

    fa2ce9ee60c12a1b10fa55cd4fe351ee833182bc9280a01e158c7d555851c814e8f0decd924b7810582d48afe01bb28536ccc87c03b061017ffbb6a62a6ec547

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    de0eae4c90b57b6b0c7a2509dd9643f6

    SHA1

    e8a67af0462627f877d28b245caca966991f6b7f

    SHA256

    50ec607480994c3206faed5b42c82714cb8d6e432fc24ecbf754282055a603bf

    SHA512

    4e5eca185f44da47f1fb055116c7284e3919c9f7322ef771fe09063e8ec61f1ec1bab60407a5b9a83a56068c3786edeea8b1f086f65ee8feb43f2df7e4d82ef3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    89ba66b6a10b2893d9b7f87a47d8c53c

    SHA1

    c88266020c7e8ef3eeaec95bc6f77b08739b07f5

    SHA256

    8bd73c2c9177b57183c9dc26551527141d5fa98982e874c7239da1830dc5d74a

    SHA512

    5cce8fc527716e7d80dd697aeb8f7b2fb4484bd743f1b86c84fb1dc48353ac49e2880990cf1eea967b7aa0172394b43c850fb1477a414754273c6a802bd36cbb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    434899908b750c27e1f1a2e25447a5da

    SHA1

    9857fe033c6f028a2dc24eff4046e665eed52c13

    SHA256

    afdf3aabe3eb4c67252857778b7359be80f244ac566aa8d839f79fb423feeef2

    SHA512

    8b8e99548e0eddc2ca66fc16b4696e03141ea22f29fba8820c4787ed83ce33474d800ccab86c8165f632c72f3f04fce3d67de883a2999cba8d0455eb442af2ad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    27124fe6065066e2f42bdfe3148a2c3e

    SHA1

    8d97cff6f671486315b2c0c576bfeac4a33f4fa1

    SHA256

    87f0dfc10d103263b54f9c7ddd5a44e1cc995cef42bc8d682b5457f77e09e4de

    SHA512

    77826a04d7def8848ed86d2b68fa48ed8ce0d105d4d7fb9d9b1391e0e3424a6d3d7d2f1aaf5215acb0c9cd034f982ad26e7e55cef3e1406e9a96f5967a8e2975

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0b8203bd7e42e5bc2b7a6e3a1d7bc14c

    SHA1

    d8b5e6a0f452690a1d815de984b8602fdf5d8c76

    SHA256

    1d0f2a559a9242d5bd09a98a80cb7e9b63e889236f8e98a42d68b4ce93600987

    SHA512

    fa7716618e28b513188c1aa08ea759ab537db9ab088d0c13d627d1556625ca1561f27170e54dc3229b9264bad0bfabad93136f821c9c2a04a41349b2d2ba8d91

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    944c653f936eeef9d8240210725947fa

    SHA1

    072c6978a7ced0daa15cd2f92cbd6c85049452f9

    SHA256

    35929c241141be7022163634bccc38ed0439c825e295be75cccf96a5442cef8a

    SHA512

    ec9e18e78142322de8c33db585ce2d6a72c7f09e97a7017820ba9e7f813f984d8badeecd642c048bb0c3f3c47fe4ddb939adb0722fce223a34a7d74fc7050d70

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    95788444b229b285386d17398709de57

    SHA1

    f816987935a5e32f7af3b3335e3bba50e18c8f5a

    SHA256

    adfe5c09dc5a8a0f97d05ef9412f2320d8c6206b4413c16e539060a4ae009bf9

    SHA512

    7907c86154f90cafcb8709c96fe79cf042e09b2a5ebd6b0fdf22e1efcc5222ddc1f2687b8ec2595d59aacf50513febec65af84c1f8c2deb9c3afac4fddbdb504

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b6e15b9fcae7f1f269c8ae890696b205

    SHA1

    2a069434fcda4b344e6d69889dee10791159087c

    SHA256

    432f2441fd18c134620232699c9b7254f202797c04331697b32310755b220ca0

    SHA512

    734a86a3171383fa9350017cec8d0d24c6f7a3dbafb1ff064d7580c080460f0eb2c5d2caf83e65d8c3f309a1784031caf3d7d313b6835c42b1b47e9b805ed5c3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4237e25ef73d78f156a4d4ef554b1213

    SHA1

    101e78bf1a93191362dc83aef70e3dd67e310f7e

    SHA256

    08ab9e5128a8fb75926a9d3b37cc5d57cbb5e47a5f6317a217e8d03b79ba7b39

    SHA512

    d0b4b17a955db2e2383611a5a6a0ce332fd643ad8f9c0cb8f0b027b121345c6ab0d53b0055822f7ec0b60b684f0b0357e717f91649f421b0064469c967f5894b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cec98ee4b2a546e90f2b63b15575b524

    SHA1

    b86f49c4a87a574e5ac1da0efa3ff5f953245781

    SHA256

    01599bf8265f1cef5d49b2bd5a93a36f77872cc25422f8a711e2331635e41e60

    SHA512

    ba92898c4874ab206ae795a7d13891d5213a7bb552b99d43d5526b343a75ca0540fae33b3b3d9c9fe67822773ae55aa488fe81e5ee8795c3a08fb229ac1d243d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ee09081cf878b3a73d3c5694e624d283

    SHA1

    d0d496f8ed4a0d478f7eb6d2ef375be8ab290d97

    SHA256

    804e322451b738f274be60be2dc7c8283960de98b75d6229868b360b64d40f6f

    SHA512

    248932d547255d063d77597339ea1984470580440cdf17da74fc89a21fbe74bf1321267ddf06dc7ae2d8d168a15b57dbd03347d5b9d0c0730cac9fc3a70e7f07

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\z62wpf5\imagestore.dat
    Filesize

    7KB

    MD5

    8f96c6646847c29d97755da80f9128d8

    SHA1

    c0201f2c9388357127b370e487f63904ce46bc1a

    SHA256

    48bd5e970c7b634f9eefa2b10733f0fdfd831f683551b8733207617704f15aa1

    SHA512

    c166c5b63d593533eeb0973cb2203cc6cc6707dd7b7b5e97ebcef424511b283b4d659f8d509de22edac7d2b09263e9eb6b6858cc0149c62744d2b27623b91834

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CMIDRLTB\favicon-96x96[1].png
    Filesize

    3KB

    MD5

    1dc17b40501c5461d3895ccf4a3fd5ac

    SHA1

    903e408a0bf5e4eb118f81be0d63410279152077

    SHA256

    90827ca8008f7e20782e6631b8ab13611ab9c7ecf49d872a32eca04d839925a3

    SHA512

    30a244754d41db69de060fa66e2782e789cea132d7b0aa01df24736fdca5e4c4f6debe9a92eb69454848d241b7878d7fc95ed25cb806d4aeadbb902e3a6143ba

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KTB503AZ\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5055.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar51B3.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\2R1IOFVB.txt
    Filesize

    602B

    MD5

    2b422d479cf768c3a4514b6d6a0dfc2e

    SHA1

    c9eb92167b8017d6ac33288cdea9d276f3b41d08

    SHA256

    8b937d61a769201dfdd6bf625519dd5d4d59f4e8ff2f8a0b05490bc3ee079660

    SHA512

    6a5eb84513776d45e5b25be8eeae523a3c88f9efa9879d32aa8172d8185b14a1da7d427e781d7856292f1f239cd6c2105b41c7f235ad508190242e66fcc3f16d

    Download Submit

  • memory/2028-56-0x000000001B440000-0x000000001B4C0000-memory.dmp

    Filesize

    512KB

    Download

  • memory/2028-54-0x0000000000E20000-0x0000000000ED0000-memory.dmp

    Filesize

    704KB

    Download

  • memory/2028-55-0x000000001B440000-0x000000001B4C0000-memory.dmp

    Filesize

    512KB

    Download