Overview

overview

3

Static

static

3

1140bd5bde...68.exe

windows7-x64

1

1140bd5bde...68.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    147s
  • max time network
    153s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    25-12-2023 08:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1140bd5bdeb9b8a826f629fc91b51a68.exe

  • Size

    172KB

  • MD5

    1140bd5bdeb9b8a826f629fc91b51a68

  • SHA1

    8754c2ddbfacd0308fade716acfc12528bb56dbc

  • SHA256

    4a20790f8525c4ba089fabd9bf10eddb3b524f645a8dd3bcad9c4a268c964d7b

  • SHA512

    de3eb6e1cda2f6bccab3e9fcbe94e6dbcb351d818e9118ec97e0c064380d0b4a1ca4b6bb783f3daea96a9fc2ccf608be0cc4f15e548c095b5c4f96ab31ef4a67

  • SSDEEP

    1536:4aG/YYE1Brn2F+rxAI2/56ZYcBfAP5xx96pbzPwQw/IYXxfY1trjWApgH/Qt84pi:ZESyh6ZRyTAbmIcijWApgfQt84pkd

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 61 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 16 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1140bd5bdeb9b8a826f629fc91b51a68.exe
    "C:\Users\Admin\AppData\Local\Temp\1140bd5bdeb9b8a826f629fc91b51a68.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2132
    • C:\Users\Admin\AppData\Local\Temp\1140bd5bdeb9b8a826f629fc91b51a68.exe
      C:\Users\Admin\AppData\Local\Temp\1140bd5bdeb9b8a826f629fc91b51a68.exe -rc
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:2748
      • C:\program files (x86)\Internet Explorer\iexplore.exe
        "C:\program files (x86)\Internet Explorer\iexplore.exe" ya.ru
        3⤵
        • Suspicious use of WriteProcessMemory
        PID:2692
        • C:\Program Files\Internet Explorer\IEXPLORE.EXE
          "C:\Program Files\Internet Explorer\IEXPLORE.EXE" ya.ru
          4⤵
          • Modifies Internet Explorer settings
          • Suspicious use of FindShellTrayWindow
          • Suspicious use of SetWindowsHookEx
          • Suspicious use of WriteProcessMemory
          PID:2584
          • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
            "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2584 CREDAT:275457 /prefetch:2
            5⤵
            • Modifies Internet Explorer settings
            • Suspicious use of SetWindowsHookEx
            PID:1036

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3f29f822299843d4cdd2ab93841602b5

    SHA1

    295efd176398e7ab0807a2df8092e0fc22292597

    SHA256

    cf42b11142ca2d487b546e64dd057e3902ec48ffc4da930c7f4782537f111b16

    SHA512

    8f177b14bb1426931c671c4183cce865a9b75b23b4a7dac1cd67172eda5eb43038d63cb31e9501b39776619d016c169d6e792298c120a803a3f9e5d4217c6428

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1b22de25821df354c99e4f0685a4cf6c

    SHA1

    67e4482136aafa12c6a4d77150daa5ec59785654

    SHA256

    8082c284b0eaa816f2be629f08bd9d8edd9d1ba08772522f28cfd1f1660855c6

    SHA512

    ed44946cb41612f36eb651511387dbde47fbea1cd17a0a938adac987e84b52a3f1b15ebb57a6a4a4542f904c24119af326a7f5f8ebafe25b5a8d44c7743bfc28

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fc22fc7fa078171d2b380f849792e303

    SHA1

    95c43016a95d8a53a7a010751fbee85de80174d8

    SHA256

    217b395c6a8880bc72660b26034a78ad5f5e06c7c0f841c590ed1cb9ccae8840

    SHA512

    cc541c0ec0bfb557638526eb42d3430b4d864d3d58e14f998607c87152cabd66eca606d44a9a55c97e46f7360942142f834a0e3cf7ef39ea3167bd13abda1a23

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    df8fd2bbf916cdb732cd970f35a41785

    SHA1

    39467586c6da5102ccbec8fdc6aaab34b598edb5

    SHA256

    9f7c4a4e39051462ce83bf04e0036fec59d28806d12817b62f2884b937f0d3e0

    SHA512

    57eccee0f0b57b84dd759a54ed175dd75b5c1c508c125d5e9d3d9836aa12d918fccd32c6d34f1e1924824771e07ac1bc0632ed94cc7f5b735d6d9b1e5006e295

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d2f4737ab098b6b61de1d58e7fee98a7

    SHA1

    e23ced1d3a2e410698de0bb252329965e935dc2a

    SHA256

    469fa5d88984dd248a15432165d2768db537b71e71ed6afe3348baa01c01d5e2

    SHA512

    7938af66a45ae45a0763fd4dd4149ec70823cd80f00a13b5e375ded5ae53f78fec78089b3ecd961fdb7dcba3cc3650d690541e25ea9c84d937f4a2fcd36c75ab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3e0c51658211158af85c9f30346bca29

    SHA1

    88044fdcf802429930135a70e42464313bc5eaf7

    SHA256

    0c3911c23086b0c2585550402f1e02c8641e1fb630a7286231d46b2f6baa12d2

    SHA512

    a2654f3383c9c8ddf03b718691adfe3b0d92a6afee5d33fe4be27b70a17ef0a367510dc92142aed8be5790b31ae6b8b8c79aa22b2e91fca972d0a9a700edf957

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cfff2aefce85372c183deb2805a47060

    SHA1

    9626e73edbb9ea17664e32b573895107a56606fc

    SHA256

    3c2eb3fff6247e7afb5fcb9482eb244877dcabedff7064ba355ae4130a1fdad7

    SHA512

    570a468c538f1f18b79d697aa309cef971feb5d11284d12f78a7c439390eb38c6899fe947e5068d36769716979320d090031e16157198a5066fca848ae19ec22

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    042c4cb4a957b5962f69fa58da5b40bb

    SHA1

    0e3e08584ff1d5dc6806a7ea7b607fe8f4f94988

    SHA256

    c6b33213ea69abfaa9325c31e90c9a48a919af05404159b0544af2f7dba132b4

    SHA512

    80be75be93551389aec12be720cffe48461058b8d0e9825e94e80b456fdea30fb956c84156cc0bd2b2018349ae81aa23128a5f06d8ee78c0688effb00a8484a4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f85810ff710ceb737063ab3439aac34f

    SHA1

    3631497d93d94e600c7ff819db71dc6aab179ad9

    SHA256

    f8b55a5746dd8c564ac940ae1a7d8ce4330989156ca6abfa315172678cf2b6e5

    SHA512

    8752f0331f779ab4eb349553d9c26623080bbc1a8122493a3f0a27030215e801c8d48610cdc86879e1cc02240a12d46e60cd91c823764daa6dc22b810c2acee7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a85dabc77a7aeb88f19b77f704081410

    SHA1

    c4de00a7254abeebcf9507ccd2a4786133089a2f

    SHA256

    df684ed9e8b54b3aa29a52eabdf55abff0c13f12ef6fbf4c1e6ae2177e262dee

    SHA512

    afef3535f4fae0d0ee230f6f313489454ab212051c1c45c77ef9b91b231576cab95b651f78ecd1d41387d20d6f13fb90fc5fce8f5126e4f39e80312a94466133

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7aeee217c779d7c800db9d4218ec634e

    SHA1

    e53da493cfa94c0dbe277b919177afda9e309123

    SHA256

    7f9bc4967b4bc4b6e536d7be8eb47c58f1734042b76310b791d2fb14ace46586

    SHA512

    cfb9c459a0089a56062253b045e955dd338a9b0d171a15d33798e47151954cde49d24b2b887529f91c9c61f0c6c326938a10108bbd6dbfba0900d51b69c1f1de

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d72b99c5cfba20d1a5370a2c7f3bdb03

    SHA1

    b0f08b6418bd1e2ec342a46810f05a13234a78f6

    SHA256

    3b2851aea449760f61fc0c9a97ff5844ed64c123c963840f4b9acd0bc2ae36f2

    SHA512

    0af69ad8477040bb17c3d3fdef5a8de348f9e4cc2e742d3e69e15ccc63a187c324189baac3c389a9d744bc476485f8c4f623be00ccb470d60d9e09f6bdc14301

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b5ea30a0f328136b67a93b7b4341cf01

    SHA1

    141fb7484ca581a83bb99ad2f20c27503c41849c

    SHA256

    d9a389bb704a789d7e29cc4baed9dfe77117f8c9da5ddfbc232817b92ab2ae93

    SHA512

    d17ea86e15e36b7570c637dd246c8de07a3d1a3d233b0bac46dd766ac55211694fde61863453b06e14af3bfb1a9b621b331f7383f0f7a7b083dbaf49ef8be3c7

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\KV2ZSFW1\ya[1].xml
    Filesize

    338B

    MD5

    978e86008f3029481d6bab451f4b6a9b

    SHA1

    815bc9253d5f8e0d7492cfb135faa443f2367cd3

    SHA256

    eb4c225d532b1691542c44baf26b47fa2e079b071cf55a2902711768ce196a78

    SHA512

    aaefc9c682a7320d5857f3245ec156741e20be01418cd45bcb4fcf98e71f2f225465f71ac50e73484fc77a59368ea77a17007bafc0d40a8b837c220b51926bf6

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\KV2ZSFW1\ya[1].xml
    Filesize

    430B

    MD5

    6adedf7f1e57a5df2bc9694a61d6b913

    SHA1

    b7456f7ae1e39c8e8844968825a26d01892ee777

    SHA256

    c1c063148900b0a975bbe2bd5b9c1621d4151a761347251534db4dedd1b3a9fd

    SHA512

    72399a70ee8c6d66eb86127ae79b4e20af7d3a8ab1b69ae8017ea39e2373203391ab2c1d8bd58553e9c00a9c140674985086a1abcf7ba829ddc6e3d5d9f32e22

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\KV2ZSFW1\ya[1].xml
    Filesize

    999B

    MD5

    d044d66428a8b8825e8ae07e95769853

    SHA1

    f6b7f615853747926956c1540bd87f7219675b7b

    SHA256

    62e5c982648bc11e0ae59b4c45b125f8b1c10bf44f560d521e16b191d9381b37

    SHA512

    a196212b985117068e3f0ec3f550208fef6a7cc4229bece9097e79170a4dc274590a4b19cc1981cfd71c153a9bf8fa6dfc24a78225961d48f9b6712a9f8c6f80

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\KV2ZSFW1\ya[1].xml
    Filesize

    85B

    MD5

    a41577e70a5d8108686970814fdb8ccf

    SHA1

    1d86133739c33f80381b3b4faaad26652796213a

    SHA256

    0969e4549453b45b28e9a6a677659eb88a09d6689003ce7bb7efcfc7c6a6441b

    SHA512

    b9aaa927d11aabf65a257791eaa3ff67cce1867e44a8dc20c1a0c35817fe56049c19bb498988eb826b3ebd3693927e1be2fc60a0e40dd7787ed5ce8c3d5ec341

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\KV2ZSFW1\ya[1].xml
    Filesize

    85B

    MD5

    c4c43f6800ff00ba5df374ddd450aaa1

    SHA1

    c07a801b5dacfec8ba6b124d54b46a73829d9432

    SHA256

    d0ff2d83538ec2c9f2033605a1e56423ee8271858cb8101a662badf38e57fbb8

    SHA512

    dca22ab384f4ae25a83758286b52175d3742b926d776e65f92c0f1af5c4b8527172d545ca6b5978bce99a44c19529633083c478161f0476d87da6c72b5e27536

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\f9yyw0t\imagestore.dat
    Filesize

    530B

    MD5

    f70288c22085a80117d67bd0a6072f0f

    SHA1

    9a219c1441c523f3b34ea4ef125b19163be440e1

    SHA256

    826c4fcb40eb5e1db754c1a5196a68283387b79652dd6aa50dfe422601530c45

    SHA512

    036ecbc6ea3b0de9dd26d51682b51402af696194eaf1466a49eef7531c54c4283cc3af7871d5dd6ccd4fa7939db20956d8acff637c6339f7b2de551ff0097a3b

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A89I98IL\a557b72322add07a6b41fc8f71cfffc8[1].png
    Filesize

    330B

    MD5

    e67f4d002ce645da62e584c1a38ad15c

    SHA1

    92aafce14d0e2070aab1e26fac9b5d19ea443bb9

    SHA256

    be535b6e7b5791770a154ff51a3ba86dcfa23a01458951421fd320c2d4888ea0

    SHA512

    4230ff3d578edafdb2f71af31f4ebb7c4b89924b0409a78777b4126036b164455597e23b20423f09dd8187e501e6747defc6cec480e30612ae6d6c035f91dad5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5747.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5748.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit