Overview

overview

10

Static

static

10

Anarchy.exe

windows7-x64

1

Anarchy.exe

windows10-2004-x64

10

Anarchy.exe.xml

windows7-x64

1

Anarchy.exe.xml

windows10-2004-x64

1

Plugins/0g...oG.dll

windows7-x64

1

Plugins/0g...oG.dll

windows10-2004-x64

1

Plugins/59...uJ.dll

windows7-x64

1

Plugins/59...uJ.dll

windows10-2004-x64

1

Plugins/9O...Pn.exe

windows7-x64

10

Plugins/9O...Pn.exe

windows10-2004-x64

10

Plugins/EV...LC.dll

windows7-x64

1

Plugins/EV...LC.dll

windows10-2004-x64

1

Plugins/FBSyChwp.dll

windows7-x64

1

Plugins/FBSyChwp.dll

windows10-2004-x64

1

Plugins/G3...uZ.dll

windows7-x64

1

Plugins/G3...uZ.dll

windows10-2004-x64

1

Plugins/K8...WP.dll

windows7-x64

1

Plugins/K8...WP.dll

windows10-2004-x64

1

Plugins/KN...Hs.dll

windows7-x64

1

Plugins/KN...Hs.dll

windows10-2004-x64

1

Plugins/PK...TS.dll

windows7-x64

1

Plugins/PK...TS.dll

windows10-2004-x64

1

Plugins/Recovery.dll

windows7-x64

1

Plugins/Recovery.dll

windows10-2004-x64

1

Plugins/Rs...xj.dll

windows7-x64

1

Plugins/Rs...xj.dll

windows10-2004-x64

1

Plugins/Wk...pi.dll

windows7-x64

1

Plugins/Wk...pi.dll

windows10-2004-x64

1

Plugins/fzAgyDYa.dll

windows7-x64

1

Plugins/fzAgyDYa.dll

windows10-2004-x64

1

Plugins/mM...GA.dll

windows7-x64

1

Plugins/mM...GA.dll

windows10-2004-x64

1

Resubmissions

18-05-2023 23:26

230518-3ey4eseb49 10

Analysis

  • max time kernel
    106s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    18-05-2023 23:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Anarchy.exe

  • Size

    21.7MB

  • MD5

    e1529d37d996a81e4ff2dd1405773142

  • SHA1

    a45b00ed2f8e7454b1a43e95395352092dce0aa8

  • SHA256

    667fe2c8be172e7b07d9a14e34a1d4e9e072846a6be3406f9c6dbe71acf14c6a

  • SHA512

    b397e6eebe065e9c17954f4de1ca15efd0ff6ac1ec43f1970863ed8f3380f402c71e9a265f222de0008c670b8595c48cb8c85ec759d7434c57f1e220cc2b01e6

  • SSDEEP

    393216:wliZ1LmZ+I1cby9YN/XQDK153xVu7vHhqBa4Cs:wIZ1vKHsfQDK1pHCpqBa4C

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Anarchy.exe
    "C:\Users\Admin\AppData\Local\Temp\Anarchy.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2044
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch&plcid=0x409&o1=.NETFramework,Version=v4.8&processName=Anarchy.exe&platform=0009&osver=5&isServer=0&shimver=4.0.30319.0
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:1724
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1724 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:520

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    b5fcc55cffd66f38d548e8b63206c5e6

    SHA1

    79db08ababfa33a4f644fa8fe337195b5aba44c7

    SHA256

    7730df1165195dd5bb6b40d6e519b4ce07aceb03601a77bca6535d31698d4ca1

    SHA512

    aaa17175e90dbca04f0fa753084731313e70119fef7d408b41ff4170116ab24eaee0bd05dca2cc43464b1ee920819e5ce6f6e750d97e3c4fc605f01e7ff9c649

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    b5fcc55cffd66f38d548e8b63206c5e6

    SHA1

    79db08ababfa33a4f644fa8fe337195b5aba44c7

    SHA256

    7730df1165195dd5bb6b40d6e519b4ce07aceb03601a77bca6535d31698d4ca1

    SHA512

    aaa17175e90dbca04f0fa753084731313e70119fef7d408b41ff4170116ab24eaee0bd05dca2cc43464b1ee920819e5ce6f6e750d97e3c4fc605f01e7ff9c649

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e59c1f8fcec1f42155cf4b6138b9e5c2

    SHA1

    ef9db5ca7cd54ae006732cd3d08bb456eaece6ff

    SHA256

    388fa99c9af69020b56a722c5f31752eb4707773b9af135657620678b150c5fa

    SHA512

    d602d8ebeeb0dfc11755d7f3ac55b68d50715fd47096fc475e29818b453a233e4498bdac43ea431ae032f57a094f81d0c5a91a3858a5b36bdb89d0aa736f8f20

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8ba12a37a3383332299204601ffb8a95

    SHA1

    0d04b8ee36bcd95af81e5d768465f24c619bddfb

    SHA256

    ceba3e630353812a20cc6538c56750e35e1c1ca25845d081ce8cd4f9110a07b1

    SHA512

    32c38d4e8b3ee67bb2c06263e3bfa53e2882d4905589b452637eccf2699c1a4fb32718da108b7f568a9e6a5b18e463b3524660bc18d0cf277a0d2af3608fec69

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4ae23cde246434b65ccdcb656b073389

    SHA1

    f38015e17c2a91b5eb49e94dc772e8998a7d0f28

    SHA256

    67199c14cb9d8098f39128988b5a960cd6295f9d34eaa7f72c350efa832cbff9

    SHA512

    94434bdeb3cdc9d0b10122fc4c9e8325149faeb5a7c346bbd6bf3074913e9420e1720c63b8e83b08981ba61089fc710895a6d5b8f866b37299c6ac3465de67f7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a7edb82e04ff914f86a09599e61c240d

    SHA1

    f8daba981605831c33082443167c8949218b0aab

    SHA256

    ccf7a0f9d9dbb9ed0130acb87d90d18796cac139c25a36280dde64d22ed0e019

    SHA512

    c9d687a600c6b6029b8a5f7580e8d7288c3b12537bd973fb34a52ee1c753d7700920ab0823fada9f9d0d2441b662564c54e17d4934db74e05244476c0dc19f10

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8d76a47872b8974eca52b2a505348ad2

    SHA1

    2efd2d079a8150dc95fd7704b90afcdb9c05b6c1

    SHA256

    bcdba6abb5a3367210fef6138f3e0f35bdd9e69825a75f5d993065e7f5557509

    SHA512

    deda943642520ce03b5f3fd75c34266af1d81fad5a8b2d8a45f3271407dfdf0dc4aa58b44308f26a1c1375137fdc993ed61930bc352f283f19473b400077b988

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    610d7265093b9758263788990de5f0de

    SHA1

    5fc4ea116c3035679a9972f88126444e557325ff

    SHA256

    89bb85af11bcc5f44bca8d80fd8d25c16dd7b9d1a8007e2826347df3e725c5f3

    SHA512

    03ce6ad124be056a5109ed4d22d81f787b5811d0511d59a8e06e39f896a04e2ffc98ab830d1a39031763f61ddc54584ea96a7ae497499a523570715c68f9726d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5f58e2534e33701ac590ec0f81706a8c

    SHA1

    d8ad7ac55220f03afea7f608fa584814eb89d761

    SHA256

    8f44b35d6ec6dc96bb5b0ff00aa3d3828afd25650c96f9d306835b01244e83a5

    SHA512

    b8420fc5ce869c91315111fd93fb980dc57bcc3b23dd8152bb3b146ab07f5511bae4df5fa4cd58fae61072003d4d2c9d69cdb6cd8561db571ce361312dcbfa37

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    614dea2feb52b28e19f62f3b9845bcdc

    SHA1

    78e55632ffc46c9aca5317823cf01fa7aa5530c1

    SHA256

    20c8e432038c6f1d361385f66f03dbb229799570cc574e6be2e8abd6edfed726

    SHA512

    5cee00d7754970f81a0f32aebdc05663c8746157d96b63d5fa69cfbcbe3704ca20dc57bee5e0e7142e0446db9a558ccf4459eb99b7e33c8a1f8ae77a9999fc48

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T210ZMR0\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\5YDIR1WM.txt
    Filesize

    601B

    MD5

    d9182e9fa13ac65d49e4732ddadbc9ee

    SHA1

    9d0cf520c292e3582283ee07366b95dd7402572b

    SHA256

    04f9212087af618127438178ca4dd000f1f25d20becdfa0db9084e2eb0c8d36c

    SHA512

    f9f60dc32702738bbacfb81ec8d40f78fb14b807649b73ff6a9f66d2084422f74cf62a75bf6ada820baec3ce54d38d69b993ba9970de0dfeb9ede8ac3ffc5bf5

    Download Submit