Overview

overview

10

Static

static

10

net6.0-win...hy.dll

windows7-x64

1

net6.0-win...hy.dll

windows10-2004-x64

1

net6.0-win...ET.dll

windows7-x64

1

net6.0-win...ET.dll

windows10-2004-x64

1

net6.0-win...ib.dll

windows7-x64

1

net6.0-win...ib.dll

windows10-2004-x64

1

net6.0-win...rs.dll

windows7-x64

1

net6.0-win...rs.dll

windows10-2004-x64

1

net6.0-win...pf.dll

windows7-x64

1

net6.0-win...pf.dll

windows10-2004-x64

1

net6.0-win...cs.dll

windows7-x64

1

net6.0-win...cs.dll

windows10-2004-x64

1

net6.0-win...am.dll

windows7-x64

1

net6.0-win...am.dll

windows10-2004-x64

1

net6.0-win...rs.dll

windows7-x64

1

net6.0-win...rs.dll

windows10-2004-x64

1

net6.0-win...re.dll

windows7-x64

1

net6.0-win...re.dll

windows10-2004-x64

1

net6.0-win...ML.dll

windows7-x64

1

net6.0-win...ML.dll

windows10-2004-x64

1

net6.0-win...et.dll

windows7-x64

1

net6.0-win...et.dll

windows10-2004-x64

1

net6.0-win...ts.dll

windows7-x64

1

net6.0-win...ts.dll

windows10-2004-x64

1

net6.0-win...it.exe

windows7-x64

1

net6.0-win...it.exe

windows10-2004-x64

1

net6.0-win...it.exe

windows7-x64

1

net6.0-win...it.exe

windows10-2004-x64

7

net6.0-win...et.dll

windows7-x64

1

net6.0-win...et.dll

windows10-2004-x64

1

net6.0-win...ts.dll

windows7-x64

1

net6.0-win...ts.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231201-en
  • resource tags

    arch:x64arch:x86image:win7-20231201-enlocale:en-usos:windows7-x64system
  • submitted
    04-12-2023 16:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    net6.0-windows/RegisterVisit.exe

  • Size

    161KB

  • MD5

    d1142ca89cd0111051e3811471bdac06

  • SHA1

    cfc4182f00fde88187dd27947c8b2d58940740af

  • SHA256

    a807db4694ad7cc6a83f59be166c2ea427c3550cfac84bf3209b591a5fa3c51e

  • SHA512

    3276ebb0a449cfe582d81748fb2a6540f9c0706896526f9141dacffb612a35e0bb188fdf95a844bfdf9e755d2cd3e7c34ca2302333e5c942259e1b69a019edc2

  • SSDEEP

    3072:9xyjMffJq5h4uMXTfSP89fA0J9W7clSztMq:98l4uMXTf0MU7c8ztM

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\net6.0-windows\RegisterVisit.exe
    "C:\Users\Admin\AppData\Local\Temp\net6.0-windows\RegisterVisit.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1876
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" https://aka.ms/dotnet-core-applaunch?missing_runtime=true&arch=x64&rid=win7-x64&apphost_version=6.0.7&gui=true
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2852
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2852 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2788

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads