Overview

overview

7

Static

static

7

Data/Astatix.url

windows7-x64

6

Data/Astatix.url

windows10-2004-x64

3

Data/CrazyTet.exe

windows7-x64

1

Data/CrazyTet.exe

windows10-2004-x64

1

Data/DGO.url

windows7-x64

6

Data/DGO.url

windows10-2004-x64

3

Data/Games.url

windows7-x64

6

Data/Games.url

windows10-2004-x64

3

Data/Help/...ng.chm

windows7-x64

1

Data/Help/...ng.chm

windows10-2004-x64

1

Data/Homepage.url

windows7-x64

6

Data/Homepage.url

windows10-2004-x64

3

Data/Regis...g.html

windows7-x64

1

Data/Regis...g.html

windows10-2004-x64

1

Data/Regis...s.html

windows7-x64

1

Data/Regis...s.html

windows10-2004-x64

1

Data/Top100.url

windows7-x64

6

Data/Top100.url

windows10-2004-x64

3

Presetup/Ungins.exe

windows7-x64

7

Presetup/Ungins.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    145s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    30-12-2023 20:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Data/Homepage.url

  • Size

    63B

  • MD5

    8c6913a67601d934a37197d0b3c9c5bd

  • SHA1

    97da3572660e947e1a86acc2b5ca6b7127e16983

  • SHA256

    6d1c970f9a01acc43828441da6efa08ef39ebf7230426e0322298fffd9b2e6ea

  • SHA512

    fd04de8213b4a8101ba01b1c4073ec157e2f84d6ad2750e4d26553c76e3a12258eaeb589d37bd6415af44af064582a9cc0a2076577f28aaa7eab3ecacac39b8c

Score
6/10
evasiontrojan

Malware Config

Signatures

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Modifies Internet Explorer settings 1 TTPs 59 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL C:\Users\Admin\AppData\Local\Temp\Data\Homepage.url
    1⤵
    • Checks whether UAC is enabled
    PID:1912
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2824
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2824 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2660

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fa1601718f1d04c31c843926fde81239

    SHA1

    702ffe034da6927227683c98176da554bbf15908

    SHA256

    8c8fa456632f955a6be0f5d6cf5cadf6fcc7e81b5577534c92b4d517c54baabe

    SHA512

    af2f69f6a23d5d725d2bc515b045f38d24831d225ab7c525b8067dba8835e9a2d38478aa11ae04b90023c72214c34b77b53716a4d15cfecd53d40f78543f39ae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1a500b3378421a4527184cb2404f850d

    SHA1

    590695791eb10497b1fd8f4d227bfd970f0aa6bf

    SHA256

    1020aca269bc0677d3e19c7c37addfec10d5d62035c153cb9c85f64a0f6f986f

    SHA512

    aef2b1a91e4a123e1e3153510da92ebb36ba99e0f994ceab2ade0b7eda165dcab7e62ac9d9541e6e2f566bea6af369364bc26ca237bc2b2d15d42539f1e48cfd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cb7b64b6c71084aac956af6cee1810ad

    SHA1

    e3008b55068027742e7b90309ab006eeb74a8953

    SHA256

    227b97fffc79d82ca41385b0c6839ee0cb88aeeae6a41b27ff480f8550f86db2

    SHA512

    ae8e774a83b381fbec71d90702aa7e768c55ddc7505200de10b6cef8a0d02bf1c168e9c07675dcce0568602f674428d56059f534d98ae761121d025ffbfb0960

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a441e8f7f6daf5456c4cae21b76e0d62

    SHA1

    b10ab6b03b6210d92a5e76fe8e761b7048f95331

    SHA256

    a021bfc850aac64278c6928dc5799577a29aea92f2d83c381900c31bab259a13

    SHA512

    8bcf539b3d9ea0bc527403d86736ecfc1107b87016af5bdcfeee4594771a40a9d3551e4cd2644da2f5e9d3c7bd33514902b4d07b34adb38b93a39cafd25be7cb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c3c80e8a7b3277c713624434d40762e9

    SHA1

    85bad055ef6a00754cfcf56162bf8f6391078544

    SHA256

    a7fa5d86e7b79362a80623e7e6493f05c02eb237a298672750998b2eb5348be8

    SHA512

    d02e6fa9c24d5ed6016c62e72750e804fdb086f90efcdcfbda15a63bd1339113abd35ef1054f72858302c7b4427604651bb05b2a16ed71c1c5c7890a08559f4f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5b0fd1a2a81e6a5353bf5df7467a04d4

    SHA1

    8aa3c2cc182542a57a8225c314ddf1b697596c85

    SHA256

    c41599f990a3de5cf52e6b25e3b694f5a21ae143f5c33b62b0c7fe31f0a8556c

    SHA512

    c46aecb3858f04bd45d02742a69c1c95143cb1c354c37e3404602af0f259bdd72425c7f553fabbbba729f3130421c00278b401622af06ac17258fdc86f34f20b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8c4783c02b7dbb0c5f3309c6021cb548

    SHA1

    6aeaca40cb7a51ad2bf5aed371c13fee22429032

    SHA256

    7fe15e13df6f61e179d2755205c70f615ee040171a93716abf2e8786028d63a5

    SHA512

    a31979ab57f958868810ca37cfc3dab421898acc00663dc96abac49e6568f0a577a8beb4bd581d7b6a018c051c9c88522d3b332a9aa2ce9cb9ba28152ddf6592

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    846acfdfe81c7dec4e810bdd39ffc78e

    SHA1

    bcdc988794ee240171f66b5f8f320f56b3ebb80e

    SHA256

    09e9eda68b778b3b70ef14a38a8c19e19235de338731ba695fd8113aa8441b5f

    SHA512

    73a51a8f42794376bb74f524dc2983c0d2c0b7548890d63cb39907bdcb3f3670e468896297b3ba4eae321e985055069cc745a390abb89eeb7dc84a8bcf9de1aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    99a9278a93fd87069f50d8c6e0d7a94f

    SHA1

    66437b3d6eb1d593c57052deb877be80aff09783

    SHA256

    26aca8c77f48a17883c0838bb910a963d6c4ac4a1be748c0120b9ee87ffb884f

    SHA512

    3b40893ea515d8844ef9962e6d989c311a88bbcf6c24b8d0f64b1554531d7b641db6fc4ee9e14bbd321e51b8175dd489c417dd8a6df95b2b8309e61ef0c00247

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    af40d73a147dbb297c636f669a79a641

    SHA1

    ec09ae1f9207cf6b5635ee885e6fb9443e492fe0

    SHA256

    1bd542a3d8bc405fbcb5e76136290ab5182c54d11b5d91c76a46040dde2574be

    SHA512

    67a19c5a591cdc1e6138bfeb5e25351e813f8eb22741c1d8d192805f64f508cdd4382ea9468d6b00a1b13575531498e7a8a98d356cfc78128b4e2dfde15c003d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    45cee69d03836c2ed85192ed347b4a01

    SHA1

    1b6ff883df679e2eeed24c617be4025a932c8522

    SHA256

    3ed88ba89ce661645ce74edc8905a586f6059dce081dabfa39a93e0e699e0778

    SHA512

    60fc911968fd411ed639f297e761c5f5106140a5779e65d1fb513a3b61534d72bd2f9e2d4c4a925ed5d09db0e29ebf9ca5612182491a133da6c7994c18b9d6b7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    599b2889df620036aadec3dab55abc7c

    SHA1

    4aea3b8c225d101c18e7a93856f08d8311a04453

    SHA256

    a722fe1caf597ff3907496a1b25b09abb9848c4eaea8848f8ddb3a2132a1ba30

    SHA512

    6c159a1959f4a0bd29db9961894c12a54e9374da369d2df20f83f29f78803fbd3f2f47f68af1b747da5f4aa5ae86ea8829596a52804afa92428383c2ccf091ed

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6e5552c4af30bab16ef7d1cf77b13476

    SHA1

    490f82c59e3766c228ed1f9a4c79959221463500

    SHA256

    1ee521924b2fe271004398a3ab7953a919a636ea06b4a2499138c0ce92a2d0d6

    SHA512

    fa6ebb69262d642a7e59293a09dde748aa7eb006db8ff884eb31a1eaf0fe973b8a53dbd6d470ee8785724ffb2db00b0106e2ef62b0a91b7ebc68218d028ec3ae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    13fe09ba7bcf836fcc3ad3238ddfd0b6

    SHA1

    866f0c343a328f8cbbfdf09b314778e6343da92c

    SHA256

    afd45c4ffbf0ccb72668e3fa53833770fc5e414d6ed1e2d444d9a643d6ff10a1

    SHA512

    13bdea9bf78a026fac0efe0ee2168fa89fde5fab1df9687ded45163213493de0f6368811edb768dc7c8b16ee3b6f95b9c5a001e566ed5daf40763abf82ca5b5f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1bb7798d8bdd1c223ca5ccc0e2bc0060

    SHA1

    5afd2f7704f3cb08cd78cdfed70593dcb4c181f6

    SHA256

    fd2ea4970b0fd5d733871473a1575f3dcab5020d352da5330fb9f1d2c057e14f

    SHA512

    4a274f5b094c677f405248963e1607a5d4d4b88a7c33fbb3a50377bfab4ce0409906b954351f4c6b0a4d29096d6a6ac91fab89b5e1ab8ecd59bce112a9521eff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    552f2fc42f9131b368a0d99bc1944ae1

    SHA1

    b702ea1b89fae22c5c248e42c1364d7b00a6e5be

    SHA256

    821157bdff5943fad944ed6006fcca0ebb5c8e8c2e6d8292328bd79e41605ba6

    SHA512

    e569102437d3f6d6b460f021061eb8133bdea8b0ccf3b2f87e1874c0a40fe8c2b670a490eed57a43e605266bfa9624a812077baf0e76b1c6b795eddc1d1120a0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ae36bd1d4672d5ef893898bc74221d16

    SHA1

    ce31dee731c57cc4d74cb07fdf1b0930db5a1b00

    SHA256

    18486fc9f972b53324ca013b6fae6951fae529c3c74bb89950b2ac8ad6166da2

    SHA512

    c444ed47ab102b84a350ab66327162cc90aba025ea1fef94d484726e84e45901484b4276faf66dc8a1ac2fba298514e4cb7433e26d2d32b34819447d37570d68

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    641cbb6c5185d0cd80d3b5bec0bf2e3d

    SHA1

    b61d50c84b53a946d76f0ea704bebfd154c2bb72

    SHA256

    76dd1bdc260fa76b6c005d4aaa9a2226c225857c349951a7c1a16e0d226f2da6

    SHA512

    134b0406c3c525d960c243958b99ba022d66d8ab2f09334a028d1f30d79cd5588793a7cecadd39c04c1c070186f14522d6bba3af2f48a8b3977516335a10e67b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b801f39124bba3e73980062593fdcf6a

    SHA1

    8861ba2394e4c9973537da561f4812479a392cdc

    SHA256

    f7e710385993c0e787a909b98130bd4c68585848f08e5f68f76bc82a6883ad2d

    SHA512

    7d2eeb448c9b365519bf999d80614a0779a129541334a88dfb97cbc03aa2f6fa6fa693dbafdb1bd328df85d3ef2c289c40a7dae34bd417a1ea1b9f0380a40815

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    52cd3b63f90fe9be3b5c988682841594

    SHA1

    2a789aaed15303e3d25376206223c3fadaea3557

    SHA256

    3d1fc100e0d1aee96033a7d3484f09b54643b0a03f4dd794d93d74d3a8bb54a8

    SHA512

    68945ad8e64c6ec7a03a89bacd8f7413dedb76400389505f95ad4bc9b58beddbefe5ec0e1ade30af6c1b2b2887f9518882b3a6bcede68e02fb86b4bcc074cdfd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    150bf24aa9aa6c9381a6f35e89d28bfb

    SHA1

    c32be8f007f5497ab8f79752527330fc76831756

    SHA256

    3fb3e68f7a05de7ceacb6136a66f645f44d2aeb5135d5f01275deaac720fdcc3

    SHA512

    19e4cf5cb2fd63714b2cef255b16771be1e434d22e25444a4f8267e8a7daf37c8c030c992ac7802b8143d6e6c09db38ae08afb950a78585f8f94ec2b0f033232

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cde19abdb3d66cbd8063d87ac2012ddb

    SHA1

    e1254aa45f3a4888eee109680875823dfc047d77

    SHA256

    5b3db3b32cff4a40cc08b906ae9693a667c6427c09eb1469917a66f16b78f446

    SHA512

    49c6a01b8d3942c4af65ae9982a635bd8693fbe7477528d7b488187986b10aeaf5f76b6d4807e1e3ea1ed7b01767c4cab71459f2cb53c52a2d67ccd74787714f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    626343a23ad68baee018d6bafe5cbd01

    SHA1

    649dca689e5cb8cdbaf82c77a2063dabab7b13b6

    SHA256

    b1e04dbb6db97b7536e84ab3d039bc5bdba4d605dc55cc893736a42c1020555d

    SHA512

    53c48d5da465781bf0a7604a5c50f2a7b4b84575785e685ed5eed33d928283c1317bf666be05af12cc9c5c4f6146d82b3542870fd0c166ea59147c0d7dd0de42

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4da2bd28e9882d5bdfc1dc2cbf2ff1c5

    SHA1

    c344e2268427acfc188ef2e09941b593a0721648

    SHA256

    fe1a6c9c28362eed4de514743a9eddd660d17b4452afc8446ec2469ae6a34111

    SHA512

    7fb014ea2109ed2940c09987b5002febbfae5a01a9593e10ad33fabc644cb461e00c27bb19407a5446fb24646e4b8d341a2742099a7928c16d985eecc31bb646

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c7986d3fa936c5f469bb8280cec9b5ef

    SHA1

    743814a14b524decfa5b79571798be85b6791154

    SHA256

    aaf212a5104bc6471dd38481f3aaf63df7c536915df614db031b22de40dc95a1

    SHA512

    d2ac322d176a86d138f1d76f060c32018fcc49a1ff5d62f902fd0277ecef48c25522c44247fe8a4473a93d71d1a6e6805a3a6e90b2527f81c3e368b1b914ecda

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    13a7129b7e812356b1c2a0fddc923680

    SHA1

    d02d1b76b771e786476347c94c17a632ecf43e98

    SHA256

    1a61f411cda30fe574f6dffbae737ddaaa5f452749597f1c1c4158aead7d1b1d

    SHA512

    7b989373de908b17365760e5ac560ca4a2ab72d09e67fffa9677072edd3be694e56436be02d5b1cac329d19f82891b2f8a4ae1a874fc07a9be768ea76708089e

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\62QULZ63\www.astatix[1].xml
    Filesize

    103B

    MD5

    8a6195ced90c05761ef8a1dec193b437

    SHA1

    7789fe2a31dab0328873d87b3e79f9e1e4c4f168

    SHA256

    f5e4b8b3f6de0efaa3a618a8e8f39444d27a4f7c4b7ac3d2bc343fe8ad80efab

    SHA512

    8ec78992089eac2543d2aa4c5017a40a13a6ff0b8fdf21e8e25945c362f84de039078cf522de712c6269a4e75fadda3e598435111decd56d6f5325c48aa66260

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\62QULZ63\www.astatix[1].xml
    Filesize

    262B

    MD5

    10be3cdfaad4aefeb2880232e4adac02

    SHA1

    88ce3dfa5728db286fdcfae7e009b042f627e57c

    SHA256

    bac4582ecfd82efba0ff7cb86de77369118184cecedece7ef09ae2b727a3af1b

    SHA512

    ce06021285e3ebd4a0390ace480c89819738798bf8bcc94a877b153bd1ffdf0692c83a1caa0b552ffc9a33d41c19b40a942aa4c7df61e526ce12c4e01ee92c90

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9C51.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA94F.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit

  • memory/1912-0-0x0000000000150000-0x0000000000160000-memory.dmp

    Filesize

    64KB

    Download