Overview

overview

3

Static

static

3

3809806326...4c.exe

windows7-x64

3

3809806326...4c.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    31-12-2023 13:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    38098063263e4075e080e6674ee6f54c.exe

  • Size

    242KB

  • MD5

    38098063263e4075e080e6674ee6f54c

  • SHA1

    558f072a07237d3df59e3c788918898291b088f5

  • SHA256

    b5bcc8230f1c6fba6ce7118cbd1d1f34822afde857fbd962d663afb7d9e30ac3

  • SHA512

    3e56cc63325bf19366e987c051edc8894f6de05241492fb647fbd0a4405e8411906afc600a33b702fe17b3f4a79c07fe0242b3a77621e5b29a59ef699fa8d75b

  • SSDEEP

    6144:/Zsbb9VFoj89YVPSDwqFsXwz5EKcg2HM2:/6Foj4SPS1FsXwzzM

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\38098063263e4075e080e6674ee6f54c.exe
    "C:\Users\Admin\AppData\Local\Temp\38098063263e4075e080e6674ee6f54c.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2560
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.amorepaixaomensagens.com.br/especiais/natal/nestenatal.html
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:1532
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1532 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2764

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f566b63898c8d0fe2f5eea29f3c260ab

    SHA1

    a0cb60b2a32cbbd3d4ea3faea4c3b6b826556fbe

    SHA256

    ac3529a50c1916e1f876f7bd6f5e0699c7ae5473e3617e86212e334de65ea937

    SHA512

    4c90e22e9a2a6dd131b9a6cbf3d3a02b9ddc73b22eb6f1ff0c458b74e4447b1a67dc309f46f848a252073183eff3a56b9f248ecb270ca9a0c1820fb7dcdea080

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    536bc8678eb45fbd99dcbb8e06a65cb9

    SHA1

    7b86c84b0014321c220495869e9b113b1da3b262

    SHA256

    b80cbefd1be0c5a1e2078f427cec287b92120bc717f8b401293aa5c2eaa7a0e8

    SHA512

    49a1ba8fc2f0e1747ef30964d4211fa15262bddd6f521f8f7bd92ad7a136e2c16cb560a817ffa6e103f0af41c6565167d84c1c8264fab8e8b65295db1ed202c0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4b9dcd4af2198d24596317077ef2b1fd

    SHA1

    c4555ab20d8ed751469f26fe6a712e1931876000

    SHA256

    7c6da79b73d8705b49dcf4eeaacc156e56b24b64cbab223b0fc33e8987f170ce

    SHA512

    a1758d190db4ce0fd6c10ec099d46e25ef0c5185c9416ca31eb5cdb46441e522fa59dbd7e8915c8e835ddb0d0b684c99a6f006fc3f90b6d273d6f04f5d16d974

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a5e046764cad411201d8524597e1ea14

    SHA1

    16616675ac4c87f1683448d9383786e0e10c9701

    SHA256

    ba141409cae78180523776152fe8c388f13c187ac9fcb895e3073a56b0473ac6

    SHA512

    1f23ec535e1a6661719b29c5433a7f0e00e9d2f094774b35aaec52d266b0529aff2a223bc2d6ffd7256baa0ed4ce5002bba8e30ed676912fd9b61e7e2ebd7ead

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    876924fd27cc29ce0f189eba7569c74c

    SHA1

    9af8846ae681178e03cfeb3e9b7bae93fcd6097f

    SHA256

    a7f5aa0e9c3f91def0b5c1e7bbb0bdafac11ae97e07e87a1fd43ef2901d50ad2

    SHA512

    b9bd248ab8aae0af89d6ec2bd84a34c26343a2c022882706ff57c0adc1d29171876d3cb2a71a078fe154a36c7022de62456162bb847941150eaeca0fa06f184e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    11b019d87616d40c58d740bab536bcd7

    SHA1

    3a8bfdd98fecb7c1d1f48ae9be22759ecb18e5e7

    SHA256

    5574773ce1f752d934aea9d0487eaf241c985c921228eeed3f9587677fec2905

    SHA512

    debde2905bd44dfefd922005668daa2ce0eb0b557658c6582266eb51b244c20bb7521ce9870d11d3f1185da364876d58f69e47eb92f2dc09fc9f0f309a29c5d8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    55baa48de0b97633f8e42014b70e3c5e

    SHA1

    c923d897064d5998be6d2f26c398bae981331d61

    SHA256

    3e9d38f0cd20ff3cef6b5dd4dda43ddd4e108c9630666ff9f5034b817b67a562

    SHA512

    6cc601b55e0b43c76ef4cde0a15e90f31c2774f1e701ced9e5e5dc9b7e8d43f7b26980524a070be784d21964e3469ade8d8c1bc6e641d5a0770a0bc352840be4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bdd5c0cd7fbafbaefdc54af82a178122

    SHA1

    437e0f8494403a803b658e9b40105d66f389a43a

    SHA256

    2bf4c78f87361c41b2889b6930cf63edf78121098877ba04332c7eb00195f99b

    SHA512

    a698d15562a8a8f7857b3243af99b611275ca2f5a508355589b1a3a5b7d7d8867b22479241c4602c016e9507d803c83807f0c16abbe241028e582cd0049946c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    46c829390cd1a53dcf41136859fdb7fe

    SHA1

    ea2731038a005bc803cf15e9736bdd6ab8d0a537

    SHA256

    2dc2a8901ef8bdc568d1e1f9c35fffe4ed608368f984fa36e08909ed6ca076e2

    SHA512

    3b2cff2670349dcc6e511e0cc5dd06e5c6b8ff4b6ecdd84716f3b8d686b9120f50cc34c32c534f2fd9f2e9aa216f56a8a6be7f553451489abf2c7f5abf939fcf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    123d564495e859a713115388d38ced61

    SHA1

    bb149c73d3c17ad00d73ca8800114f6e0014378e

    SHA256

    df94053764bf761f10d95969169315ae34747223480f4cd7dc3d3c8902cb4cfd

    SHA512

    48f989c730706cc958f457bcdcd2bfdd99166a14d117ddd4bc8008d81fa96a2153a7bff4f7ef7c3b3fa64f7cea9cdb7dee6b3a89ded4ff34cea5717ab2bfc86b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    53f7186222f8378766cb25eb3c66425e

    SHA1

    7c91d40fbf733b0bb0ff84d9c58918e9a55a9493

    SHA256

    d08bcde24843ad0094a7b0847e01f99c9ffcd7b6931c2e54312f4b38b381486f

    SHA512

    db1e57169bbc6a18c80da9e18a854c2da36ea28f941dd2aeaeda254f8ad2c673f18faa69f5485c19826dc90b4f868125d322be5cb0f31cd70c8d26c2ae429bcb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7a0720f450a5cbdbf721b9ae31fb7434

    SHA1

    79e2411c5a9fce9cb302f09a06ba5b80b7a69b5f

    SHA256

    0354a1c71b782c76da328f46588368dd3856e8daa5b30b09a5869940faedb08a

    SHA512

    06423be2cdc572db063f64fb03e325bc088b15a5e8c4b9676c3fa1dcb366aa171c1bb47d4a97ff40dfab5bef1381b9a85e34866c0d144ac6697c9ba706902588

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b3cfd077cd14b3a8fc0b20881911bc78

    SHA1

    68ced963103440bbc4640131c29b0a9694edfef2

    SHA256

    b80e5985261f12e47d50fb539222247c3c8920cca4b3f91251c77089c1511b6c

    SHA512

    d96a37f828f6d5906ff9078f14970ac442211c60a18491245917fbdc9c8aa665ce9658935faf6654052caa5e00fa9e8734cc2c1a3a5a76ec4e3e39bbc625e585

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6184cee91372bd7a47d67688bcbed2d3

    SHA1

    1d1875d6578d6cfc55c2a373339489ac2a502a7f

    SHA256

    734f49e94471901e4b1e6a556a7c1ace83b052fc94d89a8fb8cc0b9d0b8b6ea8

    SHA512

    8eb7459a588f1462c7d5ba845a4f7c85bbaea62500ff547a01df78764a2002fb6c2a0d660d135528e804b7360382661be6d184263b34f5fbe647abca034a27f0

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab23F8.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar240A.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit

  • memory/2560-0-0x0000000000400000-0x00000000004ED000-memory.dmp

    Filesize

    948KB

    Download

  • memory/2560-1-0x0000000000220000-0x0000000000221000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2560-6-0x0000000000400000-0x00000000004ED000-memory.dmp

    Filesize

    948KB

    Download