Overview

overview

3

Static

static

3

53355228c4...7e.exe

windows7-x64

3

53355228c4...7e.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    122s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    11-01-2024 09:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    53355228c4829303ec76c3ec1ca1cc7e.exe

  • Size

    60KB

  • MD5

    53355228c4829303ec76c3ec1ca1cc7e

  • SHA1

    246d1e81a32b3a9d5877089162930521f7ba4747

  • SHA256

    8d584ddf272a70167c6e82490b88b5262138a350f0461a3ad45f604cad317b68

  • SHA512

    97b121b8544010c3a46e95ceb9fc5e0fba9c66fa2b63167baea0d54541297d689cefe5d9fde9cbe798e5032418bf1602a4251b7756f2d1d3a39a80b410e10bce

  • SSDEEP

    1536:vqayPvEhzEXt7/rzrfEqDG7q9PubDY8x8c:AvEho9Pzrc77OWw8x8c

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\53355228c4829303ec76c3ec1ca1cc7e.exe
    "C:\Users\Admin\AppData\Local\Temp\53355228c4829303ec76c3ec1ca1cc7e.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2512
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ipfreport.html
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2876
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2876 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2824

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0f122ced5170ee8600fb25c9e4a8993f

    SHA1

    8ef991d44f7360ca4b235d6c19a3f7c697c0e573

    SHA256

    1a31e174d4ad8d3d09ee269de2b7d1ac5ebd7212c3bf82928f38841318b66db6

    SHA512

    8491108d2d54a461538fb02d193f88e756de6b1ed6b5bad15a1ad102a9456051454b9d3e28bb6c17178c6ba3477ec79aaab420df16957fdca1b64bd603fbd616

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    006090800f4a51d67f7cc47b94956a27

    SHA1

    09bbe7e3db5bd6b359b51168d6b408b0d34fa0f9

    SHA256

    0c98b40c1c972957efb3935e767824693dfa8bcb0841b7f3ad1f867c617501fa

    SHA512

    66ba8987baec38a0307012145d270446d00cc01effbf0cf3db2084774c9061edcec2a8c6adbd09b827449de9c3b6ed7317281c9a20fb810c43d45fb66418da3d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d1f3d135becf0ccbcf1beb6747b5aeeb

    SHA1

    0040c734cecea10e3cff3e5ee3814a758ec72222

    SHA256

    cea1bc02b7ea7f535f709bc241c5a357bce5f389d1a0f2766186c66e0bc861e7

    SHA512

    f1473012513053de7b3146b8e6c170cf05bd62fc9a0f352fc67331d1ccf902f23c4634bc512f9d7bf5e9da39c5095a2c7548e0c62be2d1fc087f3db81db68b19

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    17de8a0544fc012bc229fb005ae32fda

    SHA1

    6ab62fdbbf920825cf39bdbddf9d9191fee17080

    SHA256

    6a841d9f41afdcf7065b1f650f689dae3ba6bebdc7ebda9b847ef254c5428ef4

    SHA512

    659ef29c81941dcf63e11b877860784ec68280f5896440486b535c090dad599b030b482bc40f3ea2196f1fa279026f934d42005db495608f79d52f251a8ad21f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    09792aa4b4b718ceb23362b047b51dcd

    SHA1

    c2f7f7f50d64f75be1e4ab476d48525374eea27f

    SHA256

    4fd14b9c681e1f4b83bf4c9b2c4febaca9679cdbae0749bbf69e9babe2ddc5ef

    SHA512

    198f46a31df836d291f018ee8659f5254fb9cdb511daf4cc217a69c06aeb30f0eae40c1aedfa1f8fb7513ff502f02d8b76c7081d7b520d71b9ef31c21155a210

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a49408bbfa26760946d3bc1d1fd6346f

    SHA1

    f93c6ec2a600b602b63d7f2745446e1c4ba7aaa4

    SHA256

    bfda37ddc83682b87ee6b0e82b7c9f86c07ccd29c63a8d2efc8a23e79afdc8be

    SHA512

    8fece8851a1b93287b59b88b4b5d266089101501446b0ea40e73592180fabf330c33474b33e9f1ea4d51edf81c77265eb02c973322bd423424197837010e9d9b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b73e20e11c9994f69764f65a5964b784

    SHA1

    51549b7184bab77024359ca69dda1ad353396afb

    SHA256

    a75f50989bf49b7860e461572678afac439bb0d4e2e709b29b645e822da3b2f5

    SHA512

    21bb407e05a0de648cc39902df82d260eb2f56d4ca496b13860ef3dd9e542360a6d04b78f6e958efb5a60255ef27d7e95578664d2da38325d69aa4d963331140

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    737d2348607040beee9b6f99bea3676c

    SHA1

    200d42cf95513f93ba1e2b7bcfaec7c8236ceb96

    SHA256

    663f286c4c6e18c55c6775ebb72648136160738d8612ac69c785d315edc4a8d2

    SHA512

    ccc60c726c02f3f2131b8d07f192ccbac20f7776b0b5b01fee7293997e5a3d1d105fb87b0c581c6879890b6a51199a8d7c5c8be1db0a0591b54ceeb3d7f54bff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c64080226afdbc26f45399fe1e4ece8b

    SHA1

    32167458cd147afa502357eeec32d57f71627f75

    SHA256

    d0dda183796636455eda376e4d189927037b6e4664e67c69f9827d393869ee94

    SHA512

    89e3b308a68528ef23f11cc85385bb2248742a4bd0961793b229b7779a8feef064c567cdb512f91d25e1ca42b15433edb4bdafc0856e08095862d42f18a3e70f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    56f29d77d075dd507a9b6e90648ef3a4

    SHA1

    0f1ec123e019f315ae195c83eb725b78534c6eb3

    SHA256

    af7efcd741e2e72b96540217fe50124f0147f4df7254651266d0b40e7fa28aff

    SHA512

    7a7a4e4aa93113434c85285262936347ed1f99ccedefa0f52f9a71167285f341b7f93d0bbfcb40cb9da8465724c9e108bec594da2e192b948b799079b81230f6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3D23.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3D35.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\ipfreport.html
    Filesize

    1KB

    MD5

    a1e8787734934b3d5bfff524f3dd778a

    SHA1

    e0836cd4c2a27c1df6e4306edb7b04daf3aa4871

    SHA256

    376ecee8e3967a3ce1b2064e36e0b2e6ef3bf1cefc23361a475534101505d182

    SHA512

    41cd8b068a7d7a72fba40b7a24c4ca346c466cafe6978c1930544df881299e840d743b2f8faf230219be1f924572f14f0fc2512100833b08786265adfc2dbcef

    Download Submit

  • memory/2512-2-0x0000000000400000-0x0000000000416000-memory.dmp

    Filesize

    88KB

    Download