Overview

overview

3

Static

static

3

943474874/Dbt3.dll

windows7-x64

3

943474874/Dbt3.dll

windows10-2004-x64

3

943474874/...oj.exe

windows7-x64

1

943474874/...oj.exe

windows10-2004-x64

1

943474874/...on.chm

windows7-x64

1

943474874/...on.chm

windows10-2004-x64

1

943474874/...st.exe

windows7-x64

1

943474874/...st.exe

windows10-2004-x64

1

943474874/...ce.bat

windows7-x64

1

943474874/...ce.bat

windows10-2004-x64

1

943474874/...n.html

windows7-x64

1

943474874/...n.html

windows10-2004-x64

1

943474874/...r.html

windows7-x64

1

943474874/...r.html

windows10-2004-x64

1

943474874/...n.html

windows7-x64

1

943474874/...n.html

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    02/01/2024, 15:42

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    943474874/cooltray4.3/doc/SimpleTimer.html

  • Size

    6KB

  • MD5

    75e301019b0fc3a16b33f1896a0257af

  • SHA1

    d71fdb5893d6a0d1b1af319e2ad263498dec86a0

  • SHA256

    9139ddd0399a87e32db84398ce9de93d5b3959e0c28180de52fc5538a4162540

  • SHA512

    8e053152644a5b055b2f64925929b5cc8def625a427ebbddefef057b45d8dd9966a46ad1000c8a808a060efee4c7966a73c5050acfe68d3e4c3b6614bbd98e38

  • SSDEEP

    96:SvgTx/bhSDliaXwrnNpeg9uooTFwPJp5cKh0bp1HRZ3Sl3fGay/tvAg6qyeB:rTxgDlDXwjNpcKiKSbvAy/tvAgx

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\943474874\cooltray4.3\doc\SimpleTimer.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1696
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1696 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2648

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          ecbf6e56eb443fe330f3332b2ed13deb

          SHA1

          ca72d73a08f86ca1e3e0c9251f0288ee92d34295

          SHA256

          b7a22a493952fa7e394fd343f2118eaf0d38383fa70a0ab9bd75c4ddf4053e1e

          SHA512

          cf718a7a40fe12bb0285ecfba7dfcf6557a0753b3dda383b3cc55887c679e9ffacd1a9f7e3f3bff9c3d19a9044859067cf4eb30c32844bf76892379eca24111a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          c3233ce543f7d09fb2f7848c9d681c59

          SHA1

          517b31399ef7acf13a630480acdc63cfda4d9927

          SHA256

          7c067f1d6a8b893434aa146f47ffa06929731c0c387b0f13674559cd8a061ab0

          SHA512

          308a16c27b25a8d72ebbc55674a515e13584db85f2a6cd02b7ef591bcd2df23b40ec66b5ecc5a8168a0d4acdfac1008d2e161b7af954942291fa781d4d97a4d9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          5cf1f8ed1e753deb6b4e78d2595854ed

          SHA1

          8b745d3bf575af51ab38499a151dd8b2e5fef0ab

          SHA256

          c7b0a6a3cc83c88d921021c11e4a838ef82bd34a8914cd9a2365cc1c06f55fcb

          SHA512

          43ad8b1c0819731e4ea4dbbbf855f61223cb05d571a5115f8cacdfbf2e80fc1740e90216a63a008595b89ec1fa1dbc2635993ee48ce7da30fd1ef61e4068e4dc

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          fbd4cf58f8a9995642c4ad12d5fb37a8

          SHA1

          ec0290c0173dc197886f9f89a44845ea882ffbe0

          SHA256

          c54beeed17b241279a36ffcae17ba654aa9583c4949de1c9d667e961d95e6bb8

          SHA512

          bb27a6153493e0fefbb652b8edd4369cc94ab96a6356acad5deee11512188c8552fae171dae355709c71e4f3535a4e38d8c0781f5f09447f9b40feaeb4cde3f6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          d98e43d9c66e129b4d86e608997d8c7e

          SHA1

          77d2c27c5f8b03941c6655b5d95447af94f0a4e1

          SHA256

          53201446cf58599f00e8767e2c8b161b103ce7a4d05b2df1393055851053c6c5

          SHA512

          bbd37c19882b29a885e1dc8dd0270e4d52db0d48a23ce098333af25c01b24cedf2cce274853935a71507ddb8d4bca78ae92136a1d7cf764c4cae2c6df5b3c123

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          01808b73720356528162d24d0d779f6a

          SHA1

          b7a98da500293eb9a3c563e1b2b134126cd93c89

          SHA256

          f35fffd3bfa3ebb4b16c876bd3ef43df915acd76458420f37c1ee7eac5e34ce9

          SHA512

          c57679f03490752323372ff09b35ef6147c9ded25c0750c22e44e0cf402cefcddd39896cc00263ea38f01481bf942963b17d2858bc7b9f1e68ea4fd93b310490

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          f27f7fd6bb62d980fd3bd5a6b827e873

          SHA1

          066b9d859766b1fa9f8c2af994ce7dac51661bee

          SHA256

          64e2c9afa7aa43305601bbcaec52b14f82ec7fb75cd7f2c1d40c7d61ea777821

          SHA512

          b6b170600bb5aa5d9f16696f9b001771de97317b3294c4445bc675a269b22e6c499ed0011a6785bf6be94b5686eaf644c2005209be0f7198b9af70cfd0d9209a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          d8e9f28a527fb639bec58d336796be6a

          SHA1

          6da4ab67fd1a0b94f9e26aab4fde595a4db2c0ee

          SHA256

          e1d74a09c696db677c9139f06620669d74065d056d5a6e66624ab1670d64277f

          SHA512

          af0a8ab6271b2d09f8a6e4cd2fcce9df87127c1b05e86eefc8f546b0381374b6205657111825fdd7f75111f8dbe9f06dc295c5f5fd49a18187dd0d3c939734ac

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          504a5eaedea8f9f2195e5d1f5954c36e

          SHA1

          d459f77933e2b45528d2531b3562ba0257f38ed6

          SHA256

          6334e50e9d45175e2cecacb702a29136e9d171a325380722bfb0a70c603cce5d

          SHA512

          7f27822b494acdc50048a18d83bb9b9348a6dfea4b5926a486c614378bec2349ad1b6d17bfb68572248a34bef3f1049f9b1de713f5706263dfabfd21f69860b9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          4076d16591c44d6fe424dee15fcc032e

          SHA1

          1d71ddd816ea50f38da413c3a9d4c5d336de6886

          SHA256

          be4e505b9bdbb232c242feb2541c29abe0cf607c2a1bdec924338a9541314a78

          SHA512

          b802c9956950ace217b0986e53d6e3cc4f68f7bc25c659d6be2c4ddb7a5425778eec478c5e0bec91b0164680d208859c1f7f716dc8137c3051d3224303801e48

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          ba8ecc42e04719c116e3c59217c6ccca

          SHA1

          008ffc2fbbc0b2027bda0227d8f33fac908262de

          SHA256

          b06de2ec508c72eab78849d36df44ce9302d3f698fb1d15e298a79040a1a60e2

          SHA512

          b82c3b1da2b265207e83a9eee2fa1248093cdfdf237363dc318751578ff900c7405a66cae5ca696c0ec0575f84e29ea60c77101487487d4a416b373cdb236b0c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          ab36f1ebd42d0c6642aa543d6365b223

          SHA1

          7a591875237e8326e9e0041bd10832912043f578

          SHA256

          1c2d124a1db97b8b410f40b35a1db264e25b20a043f81541a84a1577754e9771

          SHA512

          9e844a9c271a71e339168e6a4aea6c8e5edc62e66c94b595b9dc4c5c2a4f2e8788b4dda9fbe80352bb42c7ea95aabb8414c9d5844b61565463b4db854b046af1

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          30e49ae85cbb9d8fba2ff0e81df4a381

          SHA1

          3541148d5f8dba829728952334af8f8cd73a4857

          SHA256

          95c8d9745a2be2384a5dbce1ac98a257e188716a1b42f640fadf5ede5cf1ca29

          SHA512

          fc67f700e0ac7e725a457fc21db9adf441943556c2ecfe0d6444510e0a53ba359a7ad72a6285b8bb95b16fa52b7c0dfd08be0ba4fb78af9e6e135ce7955ac1ac

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          4d5af3d52d30265390ff9ce344696ef8

          SHA1

          16f2f02e69c1e74f229efbc85f8fe1f61f6600e8

          SHA256

          bc4952b86c4fb613d88fae1ecdcecbd4c2d3b6eb8b9032fe9956389354ca192e

          SHA512

          2538db162e8db4e3795d38b2250827d2a87708e2a5da1900de2537159181c3b43713e6ab728b06e7768dad6aae9856d15352931c64f095c2a44266e35f47bb55

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabAB21.tmp
          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarAB43.tmp
          Filesize

          171KB

          MD5

          9c0c641c06238516f27941aa1166d427

          SHA1

          64cd549fb8cf014fcd9312aa7a5b023847b6c977

          SHA256

          4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

          SHA512

          936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

          Download Submit