Overview

overview

7

Static

static

3

2854e234da...12.exe

windows7-x64

7

2854e234da...12.exe

windows10-2004-x64

7

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

LICENSES.c...m.html

windows7-x64

1

LICENSES.c...m.html

windows10-2004-x64

1

d3dcompiler_47.dll

windows7-x64

1

d3dcompiler_47.dll

windows10-2004-x64

1

ffmpeg.dll

windows7-x64

1

ffmpeg.dll

windows10-2004-x64

1

libEGL.dll

windows7-x64

1

libEGL.dll

windows10-2004-x64

1

libGLESv2.dll

windows7-x64

1

libGLESv2.dll

windows10-2004-x64

1

resources/elevate.exe

windows7-x64

1

resources/elevate.exe

windows10-2004-x64

1

swiftshade...GL.dll

windows7-x64

1

swiftshade...GL.dll

windows10-2004-x64

1

swiftshade...v2.dll

windows7-x64

1

swiftshade...v2.dll

windows10-2004-x64

1

updater.exe

windows7-x64

7

updater.exe

windows10-2004-x64

7

vk_swiftshader.dll

windows7-x64

1

vk_swiftshader.dll

windows10-2004-x64

1

vulkan-1.dll

windows7-x64

1

vulkan-1.dll

windows10-2004-x64

1

$PLUGINSDI...7z.dll

windows7-x64

3

$PLUGINSDI...7z.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    144s
  • max time network
    155s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    12/01/2024, 23:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    LICENSES.chromium.html

  • Size

    5.3MB

  • MD5

    dfa12f4edccb902d7d3b07fae219f176

  • SHA1

    c2073440a5add265b4143de05e6864fed2c3b840

  • SHA256

    501f0b7ebf0be7ed8702d317332a0f8820af837c0a2a1d7645ba04352270e2b8

  • SHA512

    eee3a8e0eeae139ddd9369d0869c29c91007bf6c5b0d7982918d5a013214a9e80b9233e7c1ccb43124152f684f0b782831b0a6b3d126558261dd161230004e50

  • SSDEEP

    12288:FetnJnVncnJnknE9RBvjYJEi400/Q599b769B9UOE6MwMGucMEbHDuX04nNWQFna:WbXZ5IoWSL9bcwVR8mf+/cHBBaRp1

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2136
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2136 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2392

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2c0989997ad938e105295c051a023d7a

    SHA1

    2a50d154465ab26a245f3249d1ae050f5a975269

    SHA256

    000cf9752ed262345c4d449365a72c5ec16b7cee9447b4f2bc408461ad0d86aa

    SHA512

    42d9ed1aa4d340012e01a7e412d3919b79b3d037a31bc4f13a51125e79feeee0c2d118b93f58869516208711fbed7e348e070bfda6b5b153705ec09500823a23

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fc287f6d643f3cbc5959b902acebd34a

    SHA1

    074bb24006636d7328df4aa488c018e955b75e87

    SHA256

    2cd11ea1b316b35df0e7ba6fefa2befba36e51f2d13868753faf17088506b297

    SHA512

    7290321a972346540828777ffb31a4bff271515583b3bec38a2300fa964aeec6c68d8fdce328603cb822ac6b6e32ecfee622426083703c242902429d0fcdf57d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    49741bf2228d7518f4512d4f67180cc9

    SHA1

    e25da8e474ac6f9bcfdf6f9d65e0b30e7f3d5ec5

    SHA256

    e49437b33d961e0a7ad6193467b41c2357a15bbe90385ac21aa13c688006dcc4

    SHA512

    749f393cbf8cf61c430f111d82e269037c5b0f34cbbcb88906eb6e2f6cf045e045acc30ef658e9b10998649c94ff1866b179391825d445e1752bb0719bd47fc8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6f0566713529ff6a7c868341bac17983

    SHA1

    69870d1623ab4c4fa97ba09dbf908d9285d97351

    SHA256

    a35090a4227f640587eef121f76062b45d75b2446c45be1cd3d2b81ac4a4e3c3

    SHA512

    fec50994ba72c828af30232de7301906cc2f4bac8c90f5736277d604defe83cf0f9966e642a4926be38c8340468b5e2d1f1c59d28fececc01e6306efcfe6994d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabBB83.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC5C5.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit