Overview

overview

7

Static

static

7

Geometry D...xt.zip

windows7-x64

1

Geometry D...xt.zip

windows10-2004-x64

1

Geometry D...et.png

windows7-x64

1

Geometry D...et.png

windows10-2004-x64

3

Geometry D...hd.png

windows7-x64

1

Geometry D...hd.png

windows10-2004-x64

3

Geometry D...16.png

windows7-x64

1

Geometry D...16.png

windows10-2004-x64

3

Geometry D...st.mp3

windows7-x64

1

Geometry D...st.mp3

windows10-2004-x64

6

Geometry D....plist

windows7-x64

3

Geometry D....plist

windows10-2004-x64

3

Geometry D....plist

windows7-x64

3

Geometry D....plist

windows10-2004-x64

3

Geometry D...d1.mp3

windows7-x64

1

Geometry D...d1.mp3

windows10-2004-x64

6

Geometry D...hd.xml

windows7-x64

1

Geometry D...hd.xml

windows10-2004-x64

3

Geometry D...hd.xml

windows7-x64

1

Geometry D...hd.xml

windows10-2004-x64

3

Geometry D...et.xml

windows7-x64

1

Geometry D...et.xml

windows10-2004-x64

3

Geometry D...01.xml

windows7-x64

1

Geometry D...01.xml

windows10-2004-x64

3

Geometry D...02.xml

windows7-x64

1

Geometry D...02.xml

windows10-2004-x64

3

Geometry D...03.xml

windows7-x64

1

Geometry D...03.xml

windows10-2004-x64

3

Geometry D...hd.xml

windows7-x64

1

Geometry D...hd.xml

windows10-2004-x64

3

Geometry D...hd.xml

windows7-x64

1

Geometry D...hd.xml

windows10-2004-x64

3

Analysis

  • max time kernel
    165s
  • max time network
    185s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    18-07-2023 21:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Geometry Dash 2.11 Funcional/Resources/Skull_w_02.xml

  • Size

    2KB

  • MD5

    053bc5334f60e46888df0711dd11f865

  • SHA1

    6e21b8c3af90d9eb75066a4db9d1f1b6f8267092

  • SHA256

    147d4e99c8360276debca1f1f72669f169bc2d0126fbfaf97359a0990cc57a44

  • SHA512

    c817b7cad320d7cd31e0797053466db83a043c38d82c6f4a42853e6294ac4d6b46d92fd95ceee8de8fa30b611844fc40af4d4e87de39202953b645dee5890f1c

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 12 IoCs

Processes

  • C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLED.EXE
    "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLED.EXE" /verb open "C:\Users\Admin\AppData\Local\Temp\Geometry Dash 2.11 Funcional\Resources\Skull_w_02.xml"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:880
    • C:\Program Files (x86)\Internet Explorer\iexplore.exe
      "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:2232
      • C:\Program Files\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:2244
        • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
          "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2244 CREDAT:275457 /prefetch:2
          4⤵
          • Modifies Internet Explorer settings
          • Suspicious use of SetWindowsHookEx
          PID:2812

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    c51267450f06d07d67e86ac4104f7025

    SHA1

    5d03d8dc9a7d4630eceb2c609df6f65a635f486b

    SHA256

    d05791ca8adfb5c579fb0bad99569546921488c0cc7a65095adf0c7d1c825467

    SHA512

    c646f0b9b0fe56edec96c4ceb10beb2af70520a24b42c930ba1bcc1ebea994a6a22bba02498707688d01965ed1fe46cda58b47c3f2fb5813374c471e0bb401c1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    2c2a2f4c21c4dc72134678418299499b

    SHA1

    ff3f947eb9132e81d101fa45311308987fca4721

    SHA256

    9789205355fb59038c89d1392e3a68b924bbb08bdf61a22ef064943c9adbeb11

    SHA512

    1e748f7beec71e31122430b2a0be2c7c976d6a8558bee4043956a0bcd8b5775aa8b9bc7b08398e43402ede99874ca637cf79a1c8987ad074897a74e643a3b15e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    abfed7cb098cf4269541c497644eced9

    SHA1

    88627108fcc542a1e309bf30d8f23cc7bead6118

    SHA256

    6ab9b5b3a89659391395b22d7c3415d9cf37a3f9fb986f5b0e30083b86174e15

    SHA512

    8df6e865ae33d1a81b076f264bbce6d6d76dbab4a32a872bf2d34fc5eb5b9526c427e0b41e667b4d2c1d473ca1372858c53a7fd4ab4a0aba42af36cd286ecde6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    887f0fc7ea6d2eb2973e21872b1d232e

    SHA1

    994a18d8cfe22b9fa520d1152336a7424cf5edde

    SHA256

    2426be75da9abe602e90e3b2f90827c31261d378d5cbcf98cdc24ee50ffae3e1

    SHA512

    ff3a5f3f11b1f2024e8aec88a1c784063acf6a02d22fc5ccff991d11ce77ceab9a6049c5d40a4f4c3648d9a6d96a521cfcaa1ae7e3203771599cc876306b1bad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    c8c25d1a7d5802068c8930d0d6b09a35

    SHA1

    64962bdcc46ff4a67a50a5a891174ee4fd7c2819

    SHA256

    8683b242201cf1e4235c57b1cf0a5a59ae85616600ea55eaf4e87fcdbff9c111

    SHA512

    1b424e51bfb2b2a37b12f6169a70eeae0356b7583703d6e1fc9bfbb4695126c463ea8b170654b80b3505f1c54377f3eee65602ddf175bfe56155406607ffd1ad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    fba6001fd1f68510cc55cbe232774586

    SHA1

    a0c94aeb40092e317d610dd2ed5d1a282564ce98

    SHA256

    d50aa07a11dd0193812e2f9c319d6d327fe02c3abcf89f87e81a3233bf7dc299

    SHA512

    2b0026984913cb18c4295efd31ca4b8c0a057c222d9d8c8a4303082095f6d6ef3e27d21ce4d70bf0eedd7dbdca8ca5ee5745d12e5748a24ff39e325ed13cfb8b

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DIFCPV5U\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF2DA.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF379.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\PSP58FH0.txt
    Filesize

    606B

    MD5

    ca5329b73ae12fa589b4b2daac5b1094

    SHA1

    2e272ef325406a31772a74536a4ff65b0a923e83

    SHA256

    24b05fc623e05b9bd0ee69265cb86011b6dbaa733ddcd1771b13aecda861eb6d

    SHA512

    59a9b5b81eb39c8b300155495bdfbb14fa86c40ddd7fc1ee71225ee919872bce793d510f359585c8c19aa7cfcb29bc9349fdd16c113a8c5d136958883d247304

    Download Submit