Overview

overview

3

Static

static

3

07389f7061...5d.dll

windows7-x64

1

07389f7061...5d.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    122s
  • max time network
    190s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    29/12/2023, 23:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    07389f7061212c2018c0cde9f490925d.dll

  • Size

    5KB

  • MD5

    07389f7061212c2018c0cde9f490925d

  • SHA1

    5d407dee386972debe047611a242e49c2c786bb4

  • SHA256

    4541904d9c8f94acf8f577973dfc102fe9debf892525790688f4b25bd26bb742

  • SHA512

    9b2d55c9a01e7032fa731489127839b20511129f86ca8b60c7463e727d17279834eb03a20adce3e8b421a0c75199d2842499e8632f0a82f7046ddec7d3c99107

  • SSDEEP

    96:02nHe4TSDr15qRWLJQwbG/k5iP5VWcZHxUBNVJQP:02n+4mDpFC4G/kIP5VWW23JQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 15 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\07389f7061212c2018c0cde9f490925d.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2880
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\07389f7061212c2018c0cde9f490925d.dll,#1
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:2732
      • C:\Program Files\Internet Explorer\iexplore.exe
        "C:\Program Files\Internet Explorer\iexplore.exe"
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:2944
        • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
          "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2944 CREDAT:275457 /prefetch:2
          4⤵
          • Modifies Internet Explorer settings
          • Suspicious use of SetWindowsHookEx
          PID:2604

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ca53e58632a432090531998d12657210

    SHA1

    b6d14b8fc7f14e769bd4f1dd7c9313906f8e76c4

    SHA256

    8d6490e0361f8ec51f55d27191ca030888293c6bc9651800941211cefa18ebec

    SHA512

    16f8ced705789055cbd9dd7707861e3f81d03dffd017a273f6522678a32b640a17d8a29b296991f3e5167321b0a348de8a3fbacc80a15b601d7a5a8a96deac7c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3adfca07c7ea6c74d54ba9301f0a123e

    SHA1

    6e505ea4953c7e03a8cccc1c6170bf5bd0168ad2

    SHA256

    751288672de42c9fe5d804f7ec97a0d06de2b6b132b27e2bdd8b34f420284708

    SHA512

    db343dbeb3d0303720debcc2007dc2fd4c72b9055cfc02fb8eca7ad873bb4e28d9b354b5ec1311bbfb11fa5757ed5415ecffc5a91af10faa07d13e7ab447ba50

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0fe5f3595cf782677166a79e006943c5

    SHA1

    07bb8c3e5ff424cd094c867a598ac11e85933d45

    SHA256

    ede9eb4279ccd8fb3c197294c2864371f8aa39b8bc7b4540d76e0ac9d0ab2bc0

    SHA512

    7723396b309345db98e87fdf281b0bcd1f3f85650ed94f2972ab4fed85e3a2e055e5e1ef22886e64f8106842379cffa6098d11d0880229a0e6ab7f9af5c56bf8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e9379195dd90cb4f8f8f91f1bbdb0cc9

    SHA1

    4ed2f271bbf4ca7230c42ff92cd5ca3b6f235fff

    SHA256

    48d2ae411054b696618193bc137df0e23c39208ba507e9d345d268b48a3c14b5

    SHA512

    58931606cff5fd9c4b84884a10e029578ce0b85db0f816ed06ef5064bb1dcb8aa11a6e1da245c813373356bf6c8120fc1377ff11c7a2d8b5fb71eae8df8ecbcf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    341e613277f064d9db96fad7abbff6f4

    SHA1

    962df4fab341ac352ac0ee258bd2c63a9f9efe04

    SHA256

    f7354025f36fca5b6560dc3bcc0e5e6513100b5c27c35cca3a748afb6fbe6f65

    SHA512

    24776af8a0fdb07ec5e535097b56a0139e86329c34667314fb3cf06fb8b4ebfbb6d3ede5951a4bf9e9ee24909c6d8a1a2b4da799323026c2defbe8e5848d925e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab1B9.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3AF.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit