Overview

overview

7

Static

static

3

SONY VEGAS...ar.exe

windows7-x64

4

SONY VEGAS...ar.exe

windows10-2004-x64

5

SONY VEGAS...ll.vbs

windows7-x64

3

SONY VEGAS...ll.vbs

windows10-2004-x64

4

SONY VEGAS...HE.exe

windows7-x64

7

SONY VEGAS...HE.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    135s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20230621-en
  • resource tags

    arch:x64arch:x86image:win7-20230621-enlocale:en-usos:windows7-x64system
  • submitted
    30/06/2023, 14:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SONY VEGAS PRO 14/Leer Programas Full.vbs

  • Size

    282B

  • MD5

    6dd2e63040d2a4a3c537ff68e18fd354

  • SHA1

    897e6cd380607544e32291cac592c7cc74b55f20

  • SHA256

    92c75c69e4ca093ee1e1fd3f80a503c3d199023f76601f212ee4ec668616c8ed

  • SHA512

    179516ee3e7f0ecb4c5547201dff5b4709dc468e5aba09363e8a45445b8d5a5a16e20bdacf86a0c3eecd6d69026023053c1a0df92330a3cb41979460c0edeb93

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 64 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\System32\WScript.exe
    "C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\SONY VEGAS PRO 14\Leer Programas Full.vbs"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1340
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" https://goo.gl/BxZldx
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:1260
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1260 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:1692

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b6563dea3fb213bb4522b31c93994e81

    SHA1

    627cf77cd27b3299fcb57463efad29140780f45c

    SHA256

    bca894bd8cef2cbc2011f421b217e39e8e182f9c38fddcec4c16154c011e79c0

    SHA512

    90d1c4295edf4fb8b9f346c563b9c9174a7c6564bd18cf276bc114ab32b297b182274eef61c245081a4b4d0115c66a84247cb58aa6e7838309c70efc31ed40a2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    56e83dc8a51e865bee2eef84aea40ab5

    SHA1

    be3464155997b2b1c24600b9b25e4995cbe12a81

    SHA256

    2e7bc3765aa0d31e99eb4b0a3d3c0b2c99f694710b63ca46e469c22f76689861

    SHA512

    70c1dbd65e7dd68e11c279826d468d6609b0371518ed9e131b1ca3bf71b7da3b13353a8904c85f0b48a7d75bbd68c818c3a1b7cd8b86240ff853b2119e2c008c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6db4053e1b33a9985bf24bc4b65f0da1

    SHA1

    17eba34028f7e6aeb12bb4acc508d3de2d977a35

    SHA256

    31cbba7fdd2a01dc259cd669eec40700622322e2532379fc9fce48c77776a194

    SHA512

    76d10523a66c70e471dd6e2c57714dabb54c77ab13306c8f91386dff7ddf98e0e6de557d34afb33479189e5f2e02ccacd96a1748a87bf27534f93fc2b4608ede

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dcc0bce0cb2e13a46ca039715cea9764

    SHA1

    08214f3a843bf5470d7246b3b3e9c1505a38faed

    SHA256

    d2591fe11097dbff2732dfca0c1c9ec8303c9dca9297d7ab8bd1df7a7bab7dae

    SHA512

    9ade12743fa49958bbd2382452704616b5808f0fe01bcd6fe81991dd9e117825c3b626b96b8d05705a0445e21aa4f7023bbaf9a62d10206902a11779fc2e013d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    affb0d177fba3b6a5fa5599cdc71cffc

    SHA1

    c68f39a0d076f39d2b0c52659426466f60e5f4f5

    SHA256

    979d4b3485897ee87895a1b413904a8bccbf6bc54a541cc98444551e6f2497ef

    SHA512

    9490961b0c12a7eec866098856507ae30d2a68a8bb09eda4fe59353313087fb4c141f41985bfa1c5bb7edfb422d268701ae84ab4eab9c8f31c8f330c335599e8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    71367fbd0eaf02f2b3e2c8aa303095ae

    SHA1

    237f1cc6fdedb9b5202051c4f1db139f5e0a2b4a

    SHA256

    33fba6b1441a75565a8ff6d932bebcac8e296548fc20a64c5ab7925faef5887f

    SHA512

    84b147420db260e181663a990f756497a3d094d0b226c498e6fc703f911d8c400e0ac4559790a8227d95f22470b76a8c29b7f109a876c092b95246215bb35540

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    612328f5e854ae96e2d2cf3add58fe23

    SHA1

    921929766de4d4629d511eaab15249fde27ca4e5

    SHA256

    4357564db8982facb63b498fbe7149072a166e37793862abea656a660759d06a

    SHA512

    b1927321823f2fc8165a8fd714d07a20178ddbdb1922328836cf03548189693eaa62808e606d30259e1aaaa3df01d76c952ffc74d21b795e55e2727d1faafe0a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ee0b1f7281aa5ea5699048465a1a5eed

    SHA1

    36574a765430a62420bd16c6662f866978972f68

    SHA256

    280b640a50dbcd58724bec4adec51ad362af7ac55b930ad07c0fe7e9044e891f

    SHA512

    ac2f996771296eee44785de3c8fce61fab776c8bd9e6d6c01f4468fd1eec63ccaa398577ffda2fa162ecbea8fbbf0487bb71dd9db8e7e26be32f4a7cc8793ad5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4641f64677dfd7dac482ee12cabc5a5c

    SHA1

    ed5e49698d0715c713d61965e2f21a8d2815c67e

    SHA256

    b841648af5b63db84544651c49d635ed909d799bbaf6077907bd3fa01e2921ca

    SHA512

    1968e49e93e5adfe076b2be0f8eaf7327ee3c5443150e1b8bf7158d43fd27d661e6117326c25c9fd12ed98ed7f8a8d23083a2e636aa6f2f7f39be5b9c77b396d

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\42H2OEUH\www.youtube[1].xml
    Filesize

    13B

    MD5

    c1ddea3ef6bbef3e7060a1a9ad89e4c5

    SHA1

    35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

    SHA256

    b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

    SHA512

    6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\42H2OEUH\www.youtube[1].xml
    Filesize

    229B

    MD5

    9bca6e7fa2921ae92a863b328b611c61

    SHA1

    0da9a7682c170357089bf9799aebcb5ee3f49830

    SHA256

    8f1b3e257ae2526a5ce424ef8d21a729154101875d945fb30f815453503ee433

    SHA512

    09b7efe50b24f43d49ef36c80a516f9f12a5f366851f490f5acb92db4fbeb9b1ff868d5141ef67a73807ee190aad5ec7c5c869dcac672ce3fad1ee6cccd58e73

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\42H2OEUH\www.youtube[1].xml
    Filesize

    638B

    MD5

    46c6b87cdf6b24e5bed006520df5f9e6

    SHA1

    351e7dde1a3d20d91c5d0f85d7477852a34cc498

    SHA256

    380d4ff5bcd74820433cb68bb6de7cf36b7ff28857c4b3da0709859521f4fb02

    SHA512

    05fb7460bb6c0986d0b1e112e8f09339f73abeb5884add5d5e693c36fa7af49ca454546ca8fb648ee991de2d1d6dd7a7a16aa66625d473173f0d6f8c9164f93b

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\42H2OEUH\www.youtube[1].xml
    Filesize

    638B

    MD5

    46c6b87cdf6b24e5bed006520df5f9e6

    SHA1

    351e7dde1a3d20d91c5d0f85d7477852a34cc498

    SHA256

    380d4ff5bcd74820433cb68bb6de7cf36b7ff28857c4b3da0709859521f4fb02

    SHA512

    05fb7460bb6c0986d0b1e112e8f09339f73abeb5884add5d5e693c36fa7af49ca454546ca8fb648ee991de2d1d6dd7a7a16aa66625d473173f0d6f8c9164f93b

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\supu5pk\imagestore.dat
    Filesize

    5KB

    MD5

    d3b465351544eed5a52c414f94da1e82

    SHA1

    b8f19f5dfe1bcbf52d5d615b494805be307c59a5

    SHA256

    5d8cf4a54abe108ab557a8af92ecfe500159bb4cd6665a3ff59b3ff3261f7454

    SHA512

    c115761f4f803e0d7f0d55e057337bc9ee41f172f9b3c8b8c844095d4561318c901ab25993918698b17f294aa1b2a8d2193dbf8d4362034d4b4d60ff721b5dff

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7ZXP6K33\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T7SBST7U\favicon_32x32[1].png
    Filesize

    1KB

    MD5

    12430f012c4b6b4a91c63cbf1369e1ff

    SHA1

    a8502ade0c47e23230e5da9d5658ec1f1da309d6

    SHA256

    079919e3400ba9bc0d569f5634cc41b2fd1b8e7a721b2b473d21f10fe2fa7f6b

    SHA512

    17b7564088e12cd64ae79e7179ef4b26941370dc442528cb08320fc0d40bec88d2b77124624685acf9ba974467e27a7051703761c6fffe5468c90217cac5a4a6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab38B0.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar38B2.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\EQ9LZLI1.txt
    Filesize

    603B

    MD5

    50b115bc313537015c94470c0f978d59

    SHA1

    fab8d7a07f2f110ad50c01c817246d32f6d779ca

    SHA256

    fe3a323cc7684ed21c9b3e54dfda188c909cea47cabac79ab21357a0a3fc5efc

    SHA512

    bb6f9f6d683c27d08d5eec8b7478679d9eda830cfe6ff33fcf18983e93af4e63f2e3c988fb8f6189d12433524c6cba20fabe259e5948c6cbadd473fa81d57343

    Download Submit