Overview

overview

3

Static

static

3

74c32b84d9...b8.exe

windows7-x64

1

74c32b84d9...b8.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    26/12/2023, 14:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    74c32b84d9e8b26453e10df972f827b8.exe

  • Size

    40KB

  • MD5

    74c32b84d9e8b26453e10df972f827b8

  • SHA1

    8a915e7b07351b78de060931ff9c6fd0d1e957c5

  • SHA256

    5aff7502e9e1fa1b06dd38582140432d411701336598c61389de5f0142a55018

  • SHA512

    bbb165080b28041309f5648f1736fa6f79d6619a6c8e9263885d2d7c3f5882fae4a0b379d3866baa3d3ca906d71d8b53d9bfc0bc39a17a17e38ac18be0453e37

  • SSDEEP

    768:TPtKjKWdL/skuHTVlHtcD9amIPdHgxjo:TP4j/NshfNcAmIPb

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 2 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\74c32b84d9e8b26453e10df972f827b8.exe
    "C:\Users\Admin\AppData\Local\Temp\74c32b84d9e8b26453e10df972f827b8.exe"
    1⤵
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:1104
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.eachnet.com/?adid=owm_wma_05_desktop_hp
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2544
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2544 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2080

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b35a74cdc58d1b0d8c0f14753adb0e51

    SHA1

    356ebbf5c2dea04871c276eac3074047e9b168aa

    SHA256

    13bcef5f4e41e75c3927e4cc552338a96aa488ad5bdeec1d09ab38b654c9dc9f

    SHA512

    4a37bcb7bda1820bf1ff144f482c49998e3138fa20d56aa6685e911137ff1a68fdac1f10d576a8b3bf1bd2fc9624d2415ba50b2055b3141b11e3b9596a5a6d9e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ff0a5a12f1d411800592eb5aaa4dab3d

    SHA1

    de0619c233e2afa8a7dafd8707a6635d45ef93c0

    SHA256

    203f37b2454ef4c6bfd2d94469830e9472392a4baafffa266450c42e9134f350

    SHA512

    aa197310a0587c698e1b0715b74489ce5f59130fbd21dc77f634dc5f4e0fbb01397f7d0fa3791e42c546d5fc6d547de1ce2880156473ef5885979f2ba50eb05b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5c6b19a4dc6877379b864f209ed8f6d4

    SHA1

    26f35254f476e95d635884e778f626c2e2f680d4

    SHA256

    fbc0dca5d25b87c6fb93977e4b76a79c0662aa160ca797c6ea8df205b5c73c9e

    SHA512

    38988e4029cb9a615fe6eae59d28a6fab2650cea3b76d6ef70caf372a2ec5bc355dc623aa000924d827b11706f7f0851e0bce833716a8bc3deaea33a9815c380

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3e18c5ad704bcb9c148d5a25e0cd7f15

    SHA1

    07bb56768c22ee32df868c4aaa7eebcd48fdf0df

    SHA256

    e7e597b086ce12d1c6c1d35da5c6729418b941ab97852baa5c78bc815865d1d1

    SHA512

    0258d9fe1fa5ffed440d15d67bf79c82a39c805c5150fb05ea67786d55f7f7afb2d086d13619505dcc1daa367f73406ac5ba87f9809d982e2ce1e8008523ed9b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    11e44787ecf5a4f2774e716de13240d0

    SHA1

    401ed89b3529e0139d3077d734e1f194f66035d1

    SHA256

    ba0c5cfc8d98bff3672f8d7ba9a4df84a04dbf1c7375d762f783189ad614c05f

    SHA512

    a4ce1f7a121414939f189b95bf5540b85d7280eb302190a8eed12ebb0b63597a129ab6e92829f8b37ccb16d20878f7bc93bb06a995674d5edbff8958b9cfb3b7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    20b62e000ed1f54139508ef2e1da0bd2

    SHA1

    ce36e82afe5bf0eb9de874d3d5235b8e2a401b6e

    SHA256

    b15760e876d93238d4a811471701aca736afcc381fed820dee4de936eaea8cc0

    SHA512

    7635a8e2386deaddc4868213a180198610011aa6ee5019a428adb51db9314568a44b8bbe5c71d36b15fafa266a5af0391dba150daf5cc4ed86671fd82b392969

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cd78d2ec019a1827543f439ba76ebae2

    SHA1

    c4401631a1bceff358bd140bc183b190aa6d60e1

    SHA256

    16f9f439bba05f4ea45dc2a3c258b58596d53a2b7054fdb283bfee4e2a8a2a8d

    SHA512

    e485fe6e46b58fa5589b7793e24cb12e3b778c797653bebd4bd84715b271bb0a3a8a891cccf79077bb46019812e9d29d7c6276a0d1386906888a5bbaa7c31ccd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ce9d262043f67d0ac04a391f637a68e4

    SHA1

    ba35267896e1a0dd671b906e6cf565dcdd051426

    SHA256

    08aeca5f8a689d33ec6e849a6b623ef1960542bf9800caf302f1c60e995f1e40

    SHA512

    241e10e17918a0ae9266502817141320ba2afd356b5579231a74aa1734eea5d586edfb7fc9d23a2b7aa9b924fb006ae9e138e5b2be5b000804c26425d9a8f737

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ef65772ba905c53b36db045b7694033f

    SHA1

    536e3daa1f25884c71b80f167f782f069f838766

    SHA256

    9c2710e65ee3ce5b452687a34aca49146c4ee0866c8ecf07d38249c497d45f6b

    SHA512

    68afbff16f073118aabfb2bcb99ea4f1d825e980454ae77f1ea881a5c3f27a36ae62e639e17196ebc37ec5cd979e6d66edc21856f0d636d36a54d64cff45e37e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab1834.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar1912.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit