Overview

overview

3

Static

static

3

46542b58ab...0f.exe

windows7-x64

3

46542b58ab...0f.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    140s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    06-01-2024 13:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    46542b58ab6473ede76621f8615de40f.exe

  • Size

    79KB

  • MD5

    46542b58ab6473ede76621f8615de40f

  • SHA1

    e6131e17349780c30eda59c7db3eb78b7a91d256

  • SHA256

    e07e6a28d4d75282f3a010e95673ec9a73f8058d54b7aa30feb9793609c804f6

  • SHA512

    ab7912547c0f46185de1650659ac50b122505a9efd70f1cbbc6b73434b93790eb5fa85a03cda8471a796a6d8df3bd09da16e4a213aae10ac64258de140420ecf

  • SSDEEP

    1536:qkn+TK4ET1+3ccK3TxRclHxhfIGAFLSQu7GRb:V+TK4ET16cpjxRclRhZOLSQuqRb

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\46542b58ab6473ede76621f8615de40f.exe
    "C:\Users\Admin\AppData\Local\Temp\46542b58ab6473ede76621f8615de40f.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:2360
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://css-h4x.net/
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2876
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2876 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:1716

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4b3677f268b6be31a9b56df5bae1f969

    SHA1

    c2efe7ef6f37f2e3296fea6d118c767af9098991

    SHA256

    0b0cf9efd4c6dc338f801c3a16418c99c5c289853b826ab074f5e7f2363fbf2a

    SHA512

    4b7964fc19e4397561b65e962c61c0a627b7fac94f2add664468bfbedc4b3c70e7affb2ee88e843b495307d6d558da036488abef010a06402c833e93d99e81a1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6d699348346d0bd33be35ab6563e9587

    SHA1

    aa20f7cde05fc00b6adabee582ecbbd367899c3b

    SHA256

    564f7d356eef811b092ea85278120a0d99d0168e07f60fd50016a21dba050004

    SHA512

    873770bf436b0685797fadd3a0b2fb4120dd74716e3a96c2b484045487610de0c1446bfee16a4384323c02f599c90528ab4365515edd14cf167d990f2637e63c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    220c6ff7ab767e4e10744f8fc704e612

    SHA1

    fbb0b064c5115bfaef1d534929717aa828dabc80

    SHA256

    91e056aeee50878517260b5e1ed48325a3222630b7c9fba45d05a6367fbfdb0f

    SHA512

    ffdbfd9a78e003c51430b52f1e780ab78622052977ee6cef271e36c6d6b369dff732d8b615d49da665bf07a0259f09c72eb1882890165b51ebba9e7133c596ae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fcf6ede1e17d617e5b37566d9e7bc100

    SHA1

    d3711a63d681e5f4e8441a47313c375f91d1b0d4

    SHA256

    0e4deae9b6f47d6bf186af8bea9444633355b250269b5d95b27661320f3c91f0

    SHA512

    e21a7e9ca1ac96cb66c97176c4dcf1bb86813f83d072b42d83daf3a7d4d51be5b6994c06a0ad738c57cfc39bc71a6570a04ad10da9fb3df77d06042b340cf311

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d327fb710b8e55e4496f1aa138666987

    SHA1

    dfd8abb677271b14a13d3bf15d5e524e2ea17eaf

    SHA256

    6713c939b3c4587c0c6d57946898529a1c817452f62ca5447c0f76b973f017ec

    SHA512

    d4c0743d4866993a6892165084296a7916079e483b82299af0fe25a9496553a9bcdde4102525119dcb6fa4c82a229e4601a82431372d043eb5a319b20edf55ee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1d3e5523ed7985f974ded89b824907f8

    SHA1

    4695c0e672ee168a6214e7d588865dd0046b0c5d

    SHA256

    72065cf3f654576d00049e84d740b09f972df08f0965ea5b55416f26a9924eb2

    SHA512

    1670f49ea4394165d08c3939c529b3b4a2f50f5ed406e6917146d78c6b19b1fdfdb9ca1dfd92d5e9e4016b7d358e6d6f7e9870c40f7fc8b9659567e304fa11a3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e17a6022348c4031501c4b36dceaacc6

    SHA1

    e62768c0005f76fb12f894b55a597be82ea42e5e

    SHA256

    bb52225c1dabbbc416c6bb814b32791b29b242e36c11047a31ab396b603f5ef2

    SHA512

    2f815aadb8ef4537a263eb60f279f6e7f77e0c4ee50978d2d98dc9c097dc02e78fefd8c2bd7b8e9c34a5b6e0756497a59932a4dae9d0fdc54e96e2c4c499fce4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9453bf577dd9ab54b6cfc3a40dd7e583

    SHA1

    709f30728409326faf743e58cd606a932e4425b6

    SHA256

    4073a38da99ec6b22c7edf80a9d0031e780191ed5e509c22eeb37ea717c5c618

    SHA512

    259aee7122b92b34c6c17bf80084a8a96571897bdb60cb840fb6e75784cf40b762ddb4df1d3d84f8959cdeef22927636f47ef1def60182c6576662b9bb81eaab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fea2b208d692754ab20f773128750029

    SHA1

    fa33cccb9a3bdb95e85f0646baccdc3aa55283fd

    SHA256

    f20401e6cd84eebae90ebd583a4b455068bead4a2464650384bc79d7380bb872

    SHA512

    f23adb16584b3880675da43e8c57dc169cff68a40bf1ef61c10b1a1d5e1d13eb9a83eea5a5f5d44aa251ec1a425e541283171642f5bc14d9f1242eeac836ecd7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    a7aba797f58f9f59f04fa70f091a7397

    SHA1

    36ed349125a41c082a0f69fa1b72383eb62e938c

    SHA256

    435f0c0ade27c7ba434412dd840619031ce91f9c2c0eb4519c98624b1daff6f9

    SHA512

    4cc4ac7c4d3d70082a29df1c4da28230eca12089d796af7b402f913f48ef7cbb6f3495e6d827bb8f95f4d81e6d618954b657a8a7c805454ca533c99ae488ba95

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar414A.tmp
    Filesize

    137KB

    MD5

    76280a52e887cc407f4a8972989cd6e5

    SHA1

    74454d75ff82c25b6d0b0953b1fa42a303d08a85

    SHA256

    b125d3d9339ea94ec7f492b4498cd68e51bbddd4770916001792818d73893850

    SHA512

    39835efb123959d1504d96376a9d8dab610cf6b65e80caa0bf3c9a4cf6561b7ca4722c058d7607cb21c229ce6829218fccde158cf563d92548de05c3273b12c5

    Download Submit

  • memory/2360-93-0x0000000000400000-0x000000000048E000-memory.dmp

    Filesize

    568KB

    Download

  • memory/2360-0-0x0000000000400000-0x000000000048E000-memory.dmp

    Filesize

    568KB

    Download