Overview

overview

7

Static

static

7

Data/Astatix.url

windows7-x64

6

Data/Astatix.url

windows10-2004-x64

3

Data/CrazyTet.exe

windows7-x64

1

Data/CrazyTet.exe

windows10-2004-x64

1

Data/DGO.url

windows7-x64

6

Data/DGO.url

windows10-2004-x64

3

Data/Games.url

windows7-x64

6

Data/Games.url

windows10-2004-x64

3

Data/Help/...ng.chm

windows7-x64

1

Data/Help/...ng.chm

windows10-2004-x64

1

Data/Homepage.url

windows7-x64

6

Data/Homepage.url

windows10-2004-x64

3

Data/Regis...g.html

windows7-x64

1

Data/Regis...g.html

windows10-2004-x64

1

Data/Regis...s.html

windows7-x64

1

Data/Regis...s.html

windows10-2004-x64

1

Data/Top100.url

windows7-x64

6

Data/Top100.url

windows10-2004-x64

3

Presetup/Ungins.exe

windows7-x64

7

Presetup/Ungins.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    146s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    30-12-2023 20:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Data/Astatix.url

  • Size

    69B

  • MD5

    89de41d608be4128cdc66c5d51a48837

  • SHA1

    01968b678b1213d0a2d80b69adfee5ce06d9fd3b

  • SHA256

    7c865a555cb858d718e8fb67ba0fe430cd54ccbf6d402aa8bf89c4683799d3f2

  • SHA512

    467a167c8041a5819725a4995c07ecc0bfedacdcfb1ec91de9533113bfe827e44f39d63b7f88eafc04b87900d7f78f384f34bfc325b379b1fdecc83dfa7f479b

Score
6/10
evasiontrojan

Malware Config

Signatures

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Modifies Internet Explorer settings 1 TTPs 59 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1724 CREDAT:275457 /prefetch:2
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    PID:2700
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1724
  • C:\Windows\System32\rundll32.exe
    "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL C:\Users\Admin\AppData\Local\Temp\Data\Astatix.url
    1⤵
    • Checks whether UAC is enabled
    PID:2520

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8ae8f3c8e4afb9d587df13b971a31cc5

    SHA1

    8ce275a6370bce70183cc3efe4d27b97ca130b03

    SHA256

    b71282408a784e0bfc163e329f541d9dada4232b25922c4eec8077e9785c35f3

    SHA512

    dc2ee94230534725377abb20e89e92d08b81f128c51fe64058502a5d9efcdd1e2a51ae25d545b96ba055db180cf2684519f0b0c1a681a56076faf0db31d65363

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    527ac6ad6c8a5a5e2d4c15f4395c0574

    SHA1

    90b388282cbde0fb99790ec86856a4573e274330

    SHA256

    b8f855e872892ebdaff6fa98268df73509f76fa91b92119b84ef99cebfe95292

    SHA512

    8ab57b194f171f834745da93c509f4a8986cdca6e509869c5f3030a50380022ef56c47ed90a7f4b5729ffa731d23dfd517ff705738b868b9783d133d0b903401

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    853da8ce77b5d38e303a5ccdc89156b3

    SHA1

    ff086bca68abf469ec75f1f77be633411f44321c

    SHA256

    5e2ec514e7262daab01b7a4fd8160db407f26f10d3c1991ec2310d79ad417bff

    SHA512

    56ee672adfc675d6a74bb827c623a5f5bc3f740db1f7804ddb04eb78e70477b5ca691408362ece1fb365eeabbdb145a57e9ea9d807e59e81c7b71a2913c18f08

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    acdaefad21a43a1446ff388468862a05

    SHA1

    6685c5fa45bafbe3b8f52caa40c4da715f12525f

    SHA256

    08cf826400e2b0df8754d9817d7ff43f110e299be5d2f9199f534267279e7652

    SHA512

    774a71afc436178f1afcba9ce359ca9423acea4eeaac1463ec7af8796896800342bdee74a1691003f076d2fa15026c166330eb141cf2dfbdca2c77c70248c2eb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    662eea0ef32792908ccb6f5aaee3b03e

    SHA1

    27b9eca6e747f30d6f44d97b169cc26398250a5a

    SHA256

    90e6b51bb15333c0024791d728fce129b00d14e21e1d206d05cea5a69b468ee2

    SHA512

    2634c34d91158dc57f10df42daf8cb24a2f38656d6de57075a351bc771c4665872ea4b43aee16d36fe81106dfea7b4b17b09f9634299098db9be1e96295ed5e9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7feac64a377acab42476d2efe1be2ef9

    SHA1

    ee22e294dc252d5274f5df04644a683a06939d61

    SHA256

    e3aa8100821002e63bec257da3f8dcded7ada2334cd3dac958bddb8fea28e3aa

    SHA512

    dd17574a82f6b47d5213d3f0dbc9fcb1a6f1429f11e2945d9925240839cbd88a10a2ff47db02c34d10ce7381fe88ee1c9364436dbc1f792eef9c283e53a25dc4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    116f898116f4eb7d522a63c960aba449

    SHA1

    0b84524bf76cd34fe410fa1c13c576e3704a355f

    SHA256

    0937f4b6d3f73bba3d51737354c82bd221d88765898f0701f684b133c99ef93c

    SHA512

    4d5873e3526eeb6cb27723939d5a890257a2e49bb1ecb4e6832237e11ebd5e2fefd20864d9096ac0f86e994db67834ca1d7f2d94178390a3897a1857af1346d7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    81b21ab73526d10698166a831310e327

    SHA1

    3952c5d2b0dff4d5a4031e1ad05daa64e69042d9

    SHA256

    ce9570f356f8ea83bdc04bb2b0bc6fd7ed3442778b03ba65f06965d7288638f1

    SHA512

    6a5c8384b60790b02cc86568dd80d6d83a11f7bcf84e682419bbb9499bcc73489a22498199716ad06f119236c270f018552e3ae638f92a21f25c9df6c8f6ec21

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a846e7b2bebe4aeefc0d5bb03258736d

    SHA1

    c11c98e8d087b24e37d77cd898a7894201421b2f

    SHA256

    dd1c8bebaac232350b4e208abbe8615d3715027b3ed429c71caf7fdfb2cac68e

    SHA512

    a0b9a11281a296acd2df6e94f2329f5924da7d6fd967c1d6b61e144940311ec882637e833b2970e3f4fae4479b4c48230dddb15b74e3aa80cc6a8f846c3a8704

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4923c425b1b38037ccf12664a07bc250

    SHA1

    8e597bad35f81c1b92bfa16acd1545669b7e9e57

    SHA256

    0626abd6aaf4ab27aaa0646a3b4d75da47c3f0ffae14e9c5203706847bb80af2

    SHA512

    c88e44ee065320c1a640950503be614b514f872df28107d3be5b06f650b467b71633386eca4264b26f8c6ecacec48851c4b2262c8c1d1bdb28364db17fac35cd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8bd13ecd3e6337b56f0c577d0a295fa8

    SHA1

    abab9f671a95a60159d0b4e6151a2c7fb4e9bb7a

    SHA256

    7009597bcbcf01a29b15e476e989e8fb6bf76693275876b9d9a2117ade4147f4

    SHA512

    88d1a964b4368bf41ea2fa4dbf9580684e57cb3922f15be04b27690acfe670a5bc4e99875aaf9f6f1ff90e925f1d8a421e483cd7a9f5ce503304bc08a511fe92

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bb1b4697649f2355d4f3046c96402120

    SHA1

    552ed05994cf76e32ecb772f42fcaf18079c7afe

    SHA256

    fca64ee8a1a2b5e0041fc049787ff17765cf21bd41c581562ebf4da54f402901

    SHA512

    40de11aebd0d6663f677fe32ceffddd617dd227de61ff247f8a363551d1b0c48b3196618f90913f7f5af0d1748158671b4580c3130ffa174e18140c36320310d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f8dcf39505c1766452f2d6317bc2e596

    SHA1

    8a072dba7d7e379229696a13d2955a0583c044ee

    SHA256

    c1aee60366acdfe9544cf8457cdf6f94cc924b2a9d254a68374887ac5702587f

    SHA512

    31449e11ec6092140b89eeb706fe9c672f926d5df682687d5e489f4638d7489702b08c1e20ac973596883db5abd0766da3f42f35482255a7512c279b31f4fb1a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2c02fdcd9de32e009de0d4a8995ac678

    SHA1

    59e025cac6e9dfc0c7b78a18e4499cf470b9aad7

    SHA256

    4933f9f4aadee9decef2742eccbbdd1b127421b7e82e7681818cbda0874e81d9

    SHA512

    582cc6e4b725602443621ee5cce9c8cbdb77970c750bf1905baf18d836541c2992a3aed90c9176169080609668567409a13c548cec74943ce839c9b149c9532b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    36d4db71410aac0998e2bcb855c48577

    SHA1

    b1c8d77a89c7b5085cc8c68a177ab2730cadb688

    SHA256

    1f94cfc58a5d0d4797cdc828717487104168f9cf8ef1702024b1992560edf2ea

    SHA512

    649740cddea2073adab5329f39c33e4d1ae54619f0abd1cd44b697bfe5b444ecd15c057881e39c70d7fcd0b6e77fc2c403a11e8657c98e639122244a9bb95fa4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8844032ae204a7250fb2165b02d0307f

    SHA1

    38c33eb32e646f18a447f2aa677e77d789f8d682

    SHA256

    125c12bfecf46fd6a0f5c868dcbe3a8643cfcd945eab5c5e3e27bab4800f7b99

    SHA512

    e88c97547d7796b780fe73e3c11dc035c46c6c63f289de65bf7245ce1693ae8ff85d76c5504c09b9bda732f0ab62405ba41f314a1556eba407a2d4726c9a4eff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dcd39dfc0cd0a92fcd688abd4ef70b5c

    SHA1

    dd1f71deba272d9d664002202ceefcf64406a242

    SHA256

    be6e1a99964326923d2ccb49f31b3ea61a839a703cb30b991958597cff776e42

    SHA512

    ab258c5ab390c54c98663c3ff9ac08d7de760bd2b3bfc9c03cfda6eb94ce708b547a795474a410944e977039cb513c7f1d97777f3b77f7ff7b0a9a5bd4263c49

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    74d4168b4d03aa6dc93f87d5483a74fc

    SHA1

    b0a283ff36ff0d33371627e9abba62dd8345850e

    SHA256

    2df00bb73ef051193ef2976621d85e6469bef1681e8955d8fe826e47c12ddd2f

    SHA512

    9a8057c52c8da587924cd8dd4c9c3fcc441cca7e55b63535eb3707f5d8015e191205a6ccdd5bd2272401d5264590827a57c60aced70ea35e8e855178eb138fac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1d91bda3320134cec749365e27059719

    SHA1

    15da8853ec34db1b2667976f56975241e9e95653

    SHA256

    4ca380a8be7f11569bf5e9616adad9d6957cd5d7041552889f5fc1ec3f8c5dc6

    SHA512

    232895b1cf49dd4daadfdefb595470379e59e44e4ba41c9442876448f631ace9c957417aa4229365dc26e52bcb2b61c64045bda9fd5dc976643529a6b1af8b8d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bb995459bec4a4b65cd2dc0479117468

    SHA1

    74355ece387b5d55c8274dc2d72f53a4176fc31d

    SHA256

    7f6270596ecbbb99e3e2f3f007147635721f2b4d7d53e8ebf699ed0f5040a6a6

    SHA512

    4cbe0f17c486feb17553a958f00437f0fa5ec79b258926af0c2ea8102d3477d945d215e01d8521ea40175b48a60f4cc56fc3b434a6c36dfa60abcca6e1dd29d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2cc7a5a1076530c2f7d0dfe90acdc67c

    SHA1

    ad587a2a6408c44572b8011597dc40184e142c86

    SHA256

    b72024902128b879612bd1d4bdc5d0d00998ddef7fa632bd21ccfc56ce9445f1

    SHA512

    97c2da5e6ebbec2f3efcf99145f17fb4aa896bd6c8d13b901e046768c9cd229f74b6f52cc80510a5082dd87489be78e96cbbb63a6f7899b752ac54f506860780

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f270d91ac5809c8ffd18bc4d556adfcf

    SHA1

    1a173ad56c6fe409eb0ee337f487cba6de20b054

    SHA256

    eefce24bd4908d54b35846eafad941a876a94e753160c8fd1c7914135e9a0132

    SHA512

    be0081329b066a8c4b74672e517cb8d38a9f9103662ca3be7193cd444fc4bad4d4cf4ef58d72e4b1134d81e256bd7510c495cfa6eca26e27da819cc840a3ffc1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4ba425e00ca5300dd2a3a23b07ef763d

    SHA1

    9778ee9ef7b3d2d3a2d748f52639f3bc50262b73

    SHA256

    1b7cbcdbf0683deada442a43084c8023c041a4a24ce7694ddd15a7b43a5aff4e

    SHA512

    ece4318b2054faaf81276ee6b9db779a6478ecc275ee96597185ac09a9033472f65a3f33f08043c5307a7956c834c16aa5adb7deb3ab797d5b463ffdff4ab67e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4474c34c8b852fa2cd311bf939a0ff14

    SHA1

    a7d1a109c979b04528246cf2f5cb35802815942b

    SHA256

    7c7102d30f4140812a5d971caad1e7040f0fb71614af667e60ec81520cb59216

    SHA512

    8910ae83cd54b5fe2e7a5f274cacf9f9b07aba10da0b00d9bf256b912ac67f2bac30892b04da984cdc4521886eee2cebb3377121300ba5a028ccb7b2b4e01d70

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f73e528f009a14e16c8eff4423075908

    SHA1

    16372b5af718bc7553f64c658d4bbb70a1cb1778

    SHA256

    980a7548fffe3d8c3eb45448c9f3f54d152a6f7f79bb0276fc5aac634925de23

    SHA512

    390092201dbc90e6cad6e4fa287fa8e1b01e0b72feca0940c6913ba478ed8263adfe92bae07283e82cd5bae92369151566e095caffac82d4c76bf742fce4beda

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    658dab21b50ea6536933ea389dde9863

    SHA1

    77d8e155d01ea9d21f685c27555f169239a34a41

    SHA256

    19f50e4616887a50f022048fc2f3e3ba4af073f40a34d60016773446fa9785af

    SHA512

    36283220761dbbcd510843f8eee09622838575d23eb99fc1ba07ddd1578f35c9aed18fb1e42eae9207d475efa7a5323e8e08eae5af9f5927a583161037527447

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\H99PGPBO\www.astatix[1].xml
    Filesize

    103B

    MD5

    0abb8b944ea6c29333ace0c3dbb8acad

    SHA1

    4f2bd349db9a6f673c95cde3debeb8543db46b8a

    SHA256

    9aeb2a1f907d4f716dcea4c0682483f2a8725ecd707f52a2cd940a92aea92a82

    SHA512

    b1b47bb811b9eb35043da56da1bce6db749f10b38c370ed00b13cf184120dd78644798b7408be3993c016b81ee44d601e6d99209c67220f576943e0c48b49d93

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\H99PGPBO\www.astatix[1].xml
    Filesize

    3KB

    MD5

    47a2653d0bdd079c00947d4f8ad521af

    SHA1

    e57da1b24d779c77a398b8d7d4d2c063abccfa56

    SHA256

    622b428511ba57edfe261d3c52ab0af9eb39f31669fff6103b9e151721b0e7a8

    SHA512

    d64b294f149f8c44baa39cfcc0b4ad98f7833b014f51459faf98b96ac59868d0c9b28c12f9a5af0350d858827f1b2e501c3c32bb5acb79c9cc3f0e2afdee3975

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\Z9SLZRTE\www.google[1].xml
    Filesize

    92B

    MD5

    6543e9e6d11c0e2a1484b1b406afd8b3

    SHA1

    bd4a7f56f02fd3cfc489281c7e9a0488a715e8b1

    SHA256

    5a3fa9135358df90b19ba34e36ca155a9e1e17366f7b52c69ffde09887ddcc28

    SHA512

    cca4fac1e24f019eea4808f24e9995fd48853950e6fe5c063f71c1285eae316cb6f3ca28e015342d7debaab98aa19ca547c7f3457da1c153898674ca8d9d94d4

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9CAF.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9D5D.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit

  • memory/2520-0-0x00000000001C0000-0x00000000001D0000-memory.dmp

    Filesize

    64KB

    Download