Overview

overview

10

Static

static

10

Ammyy Admi....5.exe

windows7-x64

10

Ammyy Admi....5.exe

windows10-2004-x64

10

sainetco.ir.url

windows7-x64

6

sainetco.ir.url

windows10-2004-x64

3

Analysis

  • max time kernel
    0s
  • max time network
    5s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    01-01-2024 09:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    sainetco.ir.url

  • Size

    207B

  • MD5

    5b209599e1fd1c0ad77f7be78ca6b837

  • SHA1

    e343809d0528d696fe2b0796da6aa1d73ac72f57

  • SHA256

    022030c51ccd5e05a028b9d2f5ca62dab950983e91840be1526eb10921f3961f

  • SHA512

    7cfe50ee60fd89f6705e4efebcb51fe99773b84ead6de20c689cd933aa15e868a0e70cb8164c4e128b4b1893bb53ad687ef787dbb5507a04214e604acbfed68b

Score
6/10
evasiontrojan

Malware Config

Signatures

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Modifies Internet Explorer settings 1 TTPs 18 IoCs
    adwarespyware
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL C:\Users\Admin\AppData\Local\Temp\sainetco.ir.url
    1⤵
    • Checks whether UAC is enabled
    PID:2860
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2880
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2880 CREDAT:275457 /prefetch:2
      2⤵
        PID:1660

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
      Filesize

      10KB

      MD5

      dd5313754e3fd8aad3ae2c7583a58fdc

      SHA1

      636a4552571836d48481f9dfda40b3b50dfabed1

      SHA256

      cfb53de6447a9220361d9b3c463e9a8e32e0afbb7368736d082725ea1aa80a01

      SHA512

      4319263b32efcb76443aa12e6e8f3e64aa337236507c8c9c0a5379455be591373738ab50098c88a1fc8200856ed013e5a04410f5c19bdfe6e4dd518d9e17a988

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
      Filesize

      1KB

      MD5

      a266bb7dcc38a562631361bbf61dd11b

      SHA1

      3b1efd3a66ea28b16697394703a72ca340a05bd5

      SHA256

      df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

      SHA512

      0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\4A9377E7E528F7E56B69A81C500ABC24
      MD5

      d41d8cd98f00b204e9800998ecf8427e

      SHA1

      da39a3ee5e6b4b0d3255bfef95601890afd80709

      SHA256

      e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

      SHA512

      cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      49abdf4f535338da560159c215758052

      SHA1

      4208f48003611b764ee26873940533e6cb4b785b

      SHA256

      8be1a83d6a239ec28ad1920e78e0fc2d4d87cbf0b0e66452af660b32a4f152f3

      SHA512

      ed91bf64f8094f75599cfc02f8712fd70c2882a5869a7a92013325072a9b02903ef0512e13d63f4f37eeace445dea812b3d515e969bfe2c2285744a0bed4119d

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      7d536d6ebbb3fea310b0b8e37b0327fc

      SHA1

      de3596f9f9dce9885a0b8b04e03dcab36ca4a83f

      SHA256

      471547627a24a7c2dcfad913957a284023b2e18121fd2f896f1b97c6bd16160b

      SHA512

      8997c23ccec488e2505555300febc7e1a823c3036e5fb4c5a22f98294ea7cb0ebdd385f9fd5a358210cb54ebf4fc1138393ed299c4c948ebf9c106328ae1efc4

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      ec53c727a2eecdf9e7e17676862def44

      SHA1

      3b45358aa2311f589d83a3a7d2e6e29356c3a93d

      SHA256

      d6d92824a0a4007260749b846a4dac4337f1d65e91d261435fe52197f371776a

      SHA512

      51ae8da539d8b89ec7f979528fe3f40242a34bbe12bf854d89e556b42cc95c0d3a9130a12c356eacaa9e7db052a7a1de15e87a19fa5cb0f86918dd3782d8413f

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      d7f90e009a14f72011140269dad0438f

      SHA1

      10587dab9684163bbe4aeea6d876aae9c46578c9

      SHA256

      cc692c97b0568045836a82bf308c8363850f49702c355679f72ad71ad93bcf61

      SHA512

      0f1db265df4cca0629f44b5b1159b460eb4e18c659ae1d4b2c2f45a06a9d6fff9bfc5927aca67e2e8f078eb55c795cd80e2cb741eaedac25147b49c482b1e4f0

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      2ac133380e04130b2bbec36c2120b141

      SHA1

      847178987eed861dfdfe1883c70ba88a44c2512a

      SHA256

      2c143a55d3223fe30be384cedf96db7a58d56d7713236995fd7199fbd94cb61d

      SHA512

      c18be0512b230a62673ab64c7ce391c1b1a0e4a95aef8d9e4cace5cc61f96bd1a63dc0698e6f320e3e90efa8e4ece4f8c5983ec9e0b0669f644d137f375e832c

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      6199d0245cb688d5e23f62fbe1fd87a6

      SHA1

      6370a2f6c4e3fe8087f404ee892dbb727a4cf21a

      SHA256

      e4eb44fffa54ea5446e43d61e3029b7ef1d9511f86391d4992371ad37b5d146b

      SHA512

      eb87e63f193113f9d36c96bf9afd7fff0766e2a5cca9673da0495b22766a1d900183e207cdacbaacb6b056692fb3f6f7b1b701f7958e84c98dfef94065ba4776

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      74deb6ae29cbb7c1e2f8eab7b84fd3ac

      SHA1

      4fa468d877314b54fc00c76f0e0aa8841be03ceb

      SHA256

      2ec8ef75838259c2bee80f5d6249e7248b42068c9fbbfe29bb2acb5d40db9007

      SHA512

      0e17357d242c5b8b8cde6b13c6be1f23c3b37bbbad7615ff3ac8c52c986184b8fc038aad81bbb68d0293bb1d244edf249aa1f8640e1a403648127e6a323d096e

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
      Filesize

      242B

      MD5

      c9a6c82a2b18b99783b4f965b566d0e0

      SHA1

      3a75a0a5cf1222d353f3dead95d46ab69cc8c96c

      SHA256

      2e46a3d61a49ee38efff85533b901ce2794f40281358ad8a937129e468c06f7b

      SHA512

      5f4362f55614c7b8b0a0b8e020449ae95d80043b3bf26e0136303f329ff2b80e3a177e4a373428e5e0c9d12cf0fcb1df6699fa312b7629461497d2eebcf8597c

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
      Filesize

      4KB

      MD5

      da597791be3b6e732f0bc8b20e38ee62

      SHA1

      1125c45d285c360542027d7554a5c442288974de

      SHA256

      5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

      SHA512

      d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

      Download Submit

    • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\28c8b86deab549a1.customDestinations-ms
      Filesize

      3KB

      MD5

      7f7be97c5770096df9592657ad68a57c

      SHA1

      7f691ef9c8c306ff5c771887fec35bbd6ddf9a6d

      SHA256

      8bb4b32ef68972c98f75b1eab0815a4a8f9facda13ac9296ae19d4578e2fae6c

      SHA512

      34deffd1d70dbd573aebb07ec523c2864bf7c910da3cef6a2a7be17fc14708709096fd9b95b31e7306c2fe3bd45faaa021bb962769d8d8f13c9491d29c4afe8c

      Download Submit

    • memory/2860-0-0x00000000002D0000-0x00000000002E0000-memory.dmp

      Filesize

      64KB

      Download