Overview

overview

3

Static

static

3

14ce9bd598...72.exe

windows7-x64

1

14ce9bd598...72.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    140s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    25-12-2023 09:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    14ce9bd59860864879744834db2ccf72.exe

  • Size

    700KB

  • MD5

    14ce9bd59860864879744834db2ccf72

  • SHA1

    750cfa506c8cbae2c48108380ff92e367e9741e5

  • SHA256

    e5b7672b0772b4a865222e749a581f4a2a897fc9ff3d4b8ad3802b1f32d0a011

  • SHA512

    64cdaa7d63530778c19f643480e0aa0025edf0d1b05a15d7cbd4e331174095e7d3686af78d7d79b01d2f873d845cf30785ac26caaa536eace185a298f7ad85db

  • SSDEEP

    12288:DP7QqeEuT4CkjeSKbh+D7F8T5a8uXs9ZI68n:DP7QqeEuTOsbwD2T5a86sbW

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 9 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\14ce9bd59860864879744834db2ccf72.exe
    "C:\Users\Admin\AppData\Local\Temp\14ce9bd59860864879744834db2ccf72.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2288
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://220.ys168.com/
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2252
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2252 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2716

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9f51760a76077c5828b02b1f035bc75d

    SHA1

    adead5b650456994c51d3c03ff392d950e36025e

    SHA256

    6c1ea856c170d47bde030a8d4daee168bbc2f59c001268e604d98845d6e5f74c

    SHA512

    00d8b8ab95c470307bddba5a3effef7d4731764a2ce243b54b2b575b11a34e3a638d8c7a40f4dddfc76288977b2a6102227a72c11bc894d762b2e47f02119ee1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d9c05d5c1136596a9873565a1eb602e1

    SHA1

    47cc64ee69e402e206d56a38abf1a2fa284cb2a0

    SHA256

    7d67fd0c20ceaa639e772adf3c2a61fc9b090341f4b5e57a8785ad353cfe3c2d

    SHA512

    033a93af86c9785bb604dac59d02bcd71f11899b9e02c06a89bd9780a3991e93efd5a6c3022a4ecbb7c7cb7f01a33b81c9092e49ac238ea08d9b76895d15f114

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    61dacbd0b4d3106f4dd1641bd46feda5

    SHA1

    8bc773d76dfbd944742a03916ac820d2e032aa2f

    SHA256

    99d65740baa013c12b55e721f61effb41e21d986778d8edb5276b4c2e7c1e7ce

    SHA512

    d2de0b124c5a5676ec5c63d3355250ce4e3a4b362ce16d39e436d09feba5a354751da67bfa9d30a84057089343c3ad2c511a575f8ac10bd4b09077ff79186b5c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7b29def61a2ebdc42e5934bb5bcdeae0

    SHA1

    13a9118db6b66573cdc1a5c2174a2ba85a40cf89

    SHA256

    ba99d6896d9864f050f70680a45bb405b8d0786e659914aecad364ae50997d29

    SHA512

    fc3695851d4c5876f81eb0b8eb1eab421e4a6f3ea9222f85828c6b80524dfa23293835264bef8490f7e29a1e27e500b5795fd666ce67f2dd7402f985832e4edb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    49bc37d7f793e08792efebc91d47e200

    SHA1

    50c5d965bf7fe3d422aed61ba9b2fd6bf3b4255d

    SHA256

    b073429bf1f982987e9369a6d7e3949827511dcc807076823d1cba2fc6cc6001

    SHA512

    f2704c46fd64cbb06427d445af1ac47075c8fccb5da1aa353a04976a084d35503326bbb784b998e47df7a27f24a97e81f64020d46d67856ce0af32ed25c9e5ad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6e2d01adfe3d50fc9d4126c3e245c94e

    SHA1

    316a4b5890586df5cc97e5cbdac39ff88fa7765c

    SHA256

    c174a5bd40e4af1be2ca48830a8dcbef3b535b3cfbfa598c266a2fc072215919

    SHA512

    9db06ffee23c211f86bb8131ae16ed6a5f851b5f5c9972d6380aec3f28a4f64fe42cd015c76eafd95e62137fc2ed86cac3b7fa32494924b46b6921bdc05eff90

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1321e295ebb2a0664d838e3fe6eab6e9

    SHA1

    b78f876b88239554c5fc09817b7d634962339554

    SHA256

    351cc1013273160cb253ce82cd6171b571c915d96f0784fb72ae0cec3cc2f3b6

    SHA512

    f1a5721540699f16fb139a4003b20ebeba332d233bd93c81d6031e243865d8cd9c165fc1eda9df5a18b05e9308ac81935e03e311d8901d24ddc7e497f71f0047

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6AD6.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6BA4.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit