Overview

overview

3

Static

static

3

02fca34346...f5.exe

windows7-x64

1

02fca34346...f5.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    178s
  • max time network
    203s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    29/12/2023, 20:23

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    02fca34346c824b140853280724170f5.exe

  • Size

    683KB

  • MD5

    02fca34346c824b140853280724170f5

  • SHA1

    d10ddc19fa499890b5909c5e6af988745fd2ae97

  • SHA256

    7283d484a85424affe2c8f9b32a682313a4b658018ad33ef3baa0afa418f55f1

  • SHA512

    70df6b7b6d5e034a7b80f92780f39e4edb3963b852066f6f7bb6284c08a1c05f6d45853b74e211333f514290a0b1816cc6073b1cea16841305b8434cd6c6fa35

  • SSDEEP

    6144:ifh0+kCee/IqLQ6+2J163bO2Wa7/c5owt3kalXo5jCdK+XXlgtWM9:iBkCee/7/+okbh

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 33 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 8 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\02fca34346c824b140853280724170f5.exe
    "C:\Users\Admin\AppData\Local\Temp\02fca34346c824b140853280724170f5.exe"
    1⤵
      PID:2704
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
      1⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:1348
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1348 CREDAT:275457 /prefetch:2
        2⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:2676
        • C:\Windows\SysWOW64\ctfmon.exe
          ctfmon.exe
          3⤵
            PID:2208

      Network

            MITRE ATT&CK Enterprise v15

            Replay Monitor

            Loading Replay Monitor...

            Downloads

            • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
              Filesize

              344B

              MD5

              051e9b61c0264ded74810ace93deca28

              SHA1

              ec566feb83a28b80df97dfc31f976bdb7c3199ea

              SHA256

              b2b1ead7cc1fec9abe77e1d9703845c4d8a6359a9e9f28f5e3f703d8eeb69872

              SHA512

              ecf10da05a72e4a598152e2a7a8c5c66b756da80b4a6313e50b59f09d0df7fd7faf11236e5a991bef1311a26bb3d82bda1baca9b45fe78b0a5aa979adea96665

              Download Submit

            • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
              Filesize

              344B

              MD5

              3cf6beb9f94b856bc1e9f68441afc175

              SHA1

              7ef1f59e9af850c4eee09fe82d6d6ad614d72abd

              SHA256

              39792c360bf1c6c94dbcfb47bf30f8386f746215d1fca8c061d7dfa6b150d9c9

              SHA512

              514a741a974129d8c11c2b3e147858aeda8385a424fed469943c8a2399d63fba2dd7d823c81dc69c4f1dc3391c2becce26e70b8a8c8b30383fb1379bbfd9439a

              Download Submit

            • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
              Filesize

              344B

              MD5

              d2e565876fe6f5cacba1a7a6301eca1f

              SHA1

              46c5cf277b0532d187c3c60e0e032bedffc2914d

              SHA256

              4e61d3c9d9efcab7da343929549c7ae881574565df0ab5138b957e4d5818ef51

              SHA512

              e8b51308923d68b7fc0392d416515efedff0be2bcf8feaea4d8b9d766ff8e96de99e62c8ca6dbd4e0baa6c429038583a7d8ac9a713a96ab56b9fd789b99b0601

              Download Submit

            • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
              Filesize

              344B

              MD5

              7b23f03e8f9615b903d438cd0dd38150

              SHA1

              280edebfee1003c9b39441f33066b7e0f2351542

              SHA256

              e4f60782efe18bdefd733eb04fa31e219f7f7df28eb989977308b201941391bb

              SHA512

              5c2ac36ebab93b11639a70c1edd2662ca6828e95e8d8b7c8a72bc6f16827c96b42f79153ff3ff70f103e76262e032829502cda957644f8ba5451b7411b6da00d

              Download Submit

            • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
              Filesize

              344B

              MD5

              c961d5f0b336a1cfe4d1d350866e4957

              SHA1

              792640f3ba1bbdb62413e00f9313246e96405190

              SHA256

              60ff420a9ac5e4231b97ed69a72f95f21a2cb4e1895f06774baaf8b9f2569e1f

              SHA512

              1113cfe801d8a246ff77c0433a4ec8386ab945d7f16792e38357141837326f2653bc24daa725e096b29ca7546a8f5bba3df3527fb82576055ab4566cc3e2286d

              Download Submit

            • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
              Filesize

              344B

              MD5

              21818e3779aee494a1b89c27f4987519

              SHA1

              95bc114618e3db04789ee8ce855922f3028694ad

              SHA256

              8e8ed0d854cbef7ae1dd5b6692d282a25d949c06938908bc253a421fbe25707d

              SHA512

              9c94659848d8c75a72a83320d6ac8c77ba17b5af891a0dc9e816f669f7c4e59c8a26635458d93bbabbd939c011349ec96fa3674ab25df2b48e77910aedb949e9

              Download Submit

            • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
              Filesize

              344B

              MD5

              7bad1e6f99ddddd90081698d1803b390

              SHA1

              f91fc57184c2924af544488ba8d2565e2285bb4f

              SHA256

              4a3b98a157c3d8868745fe49af0a2f6cc1695e295c7ff10f58868d41cd19af98

              SHA512

              0407bb498039415bf320ba2d66e960a619a21b5a5ef344b50596a1b69b4bbad7347b6a4688e5daff13817ce6b65e07b1daf5651608194d0ba9bfee44a667e4d2

              Download Submit

            • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
              Filesize

              344B

              MD5

              53532294594752b773eefca1354e4ca2

              SHA1

              e157378283589c690214a1140321c19ef2e3e942

              SHA256

              49835308bab106da3909470382c0f63432917b04f987e052e3a840f46a6cf35c

              SHA512

              0605d84790f0de64510b3f70854e65f7df9653711fb79fd57af9a0e7c35b5f9daf1a6dea86fe2e2be7feb99a16b726329f0abcc0edaa2efbd6cd2c94c99b9e5b

              Download Submit

            • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
              Filesize

              344B

              MD5

              176844f71682bb4aa49526d7948d0ead

              SHA1

              2a735e0a609556d9b7e2e5df6919e9037734683d

              SHA256

              66f2f66bdb5152224fac00bac717917c9b0f873dc3098f073243ea95ec6a7cdb

              SHA512

              645eef5279f179d51f19c92ff280f6517905ad8260f46dafdf4b7f62a420d25b9d90ad6de19db1f7acdd2454633023d2c19a251e49239585ce6684e03f4e5b2e

              Download Submit

            • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
              Filesize

              344B

              MD5

              ed61ac79ca38fb7f5b869420f3b30d82

              SHA1

              4af3104c01e982884d45e025f44066918f00bf96

              SHA256

              f7223bbd4c6894a8fc257a49a7239b6b95bebdb189d021237e6711ddada0b2be

              SHA512

              f2c49132ce40568387c9214533ddc68e153db5fa17c748baa2f4d2a1b712e84323d1e4f9eded4b7b7215d688a9b0909d5615588963038ad55b7351dcb39c6166

              Download Submit

            • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
              Filesize

              344B

              MD5

              12a4f2fddf93fcdbae619e477fafe55e

              SHA1

              076d337586b9acab619785d589db5b781e998795

              SHA256

              ce7786d622539220cd3153b84a2971aaa5db715aa0f82e410fc02942a6cf53a4

              SHA512

              1562c1280bd69d06cfaabc28d0528589fdf3ecb7dc492d48b939d60980b6a2b571714c48342973a52669a05f8c75b939addfe174d38e6bc508b30ccd3af5d9ac

              Download Submit

            • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
              Filesize

              344B

              MD5

              254458a4ae642cb5df7fe0f9fd05f4c2

              SHA1

              46db63fb62e483a83f6b8a9170e9e9339d133ab5

              SHA256

              2c2b99d4120bc414b78ceb35b3eefc55f7c1146176701ab9394f0ade32e222d8

              SHA512

              cd944bc601c6e76981a43b5249e9ee525c4c3dd49d27a4590df6b31e930378ad4e170e8712b3a4ab0e5be17535197ab0efdd4729a3774dfdc16eb672a5878019

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Cab28D6.tmp
              Filesize

              1KB

              MD5

              1f1a3b101012e27df35286ed1cf74aa6

              SHA1

              46f36d1c9715589e45558bd53b721e8f7f52a888

              SHA256

              7f0b1fe38c7502bea9c056e7a462ab9f507dd9124f84b1d4666fb7d37cf1b83c

              SHA512

              d6f6787de85049d884bf8906292b0df134287cc548f9f3fadd60d44545652d55c296ed50e72687f776f0bf6b131102b4bf9b33143998cb897f21427fbc8306a3

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tar4D1C.tmp
              Filesize

              171KB

              MD5

              9c0c641c06238516f27941aa1166d427

              SHA1

              64cd549fb8cf014fcd9312aa7a5b023847b6c977

              SHA256

              4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

              SHA512

              936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

              Download Submit

            • memory/2704-0-0x00000000000A0000-0x00000000000A2000-memory.dmp

              Filesize

              8KB

              Download