Overview

overview

10

Static

static

3

PlanetsBeta.exe

windows7-x64

10

PlanetsBeta.exe

windows10-2004-x64

7

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

LICENSES.c...m.html

windows7-x64

1

LICENSES.c...m.html

windows10-2004-x64

1

PlanetsBeta.exe

windows7-x64

7

PlanetsBeta.exe

windows10-2004-x64

7

d3dcompiler_47.dll

windows7-x64

1

d3dcompiler_47.dll

windows10-2004-x64

1

ffmpeg.dll

windows7-x64

1

ffmpeg.dll

windows10-2004-x64

1

libEGL.dll

windows7-x64

1

libEGL.dll

windows10-2004-x64

1

libGLESv2.dll

windows7-x64

1

libGLESv2.dll

windows10-2004-x64

1

resources/elevate.exe

windows7-x64

1

resources/elevate.exe

windows10-2004-x64

1

swiftshade...GL.dll

windows7-x64

1

swiftshade...GL.dll

windows10-2004-x64

1

swiftshade...v2.dll

windows7-x64

1

swiftshade...v2.dll

windows10-2004-x64

1

vk_swiftshader.dll

windows7-x64

1

vk_swiftshader.dll

windows10-2004-x64

1

vulkan-1.dll

windows7-x64

1

vulkan-1.dll

windows10-2004-x64

1

$PLUGINSDI...7z.dll

windows7-x64

3

$PLUGINSDI...7z.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    278s
  • max time network
    345s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    14-01-2024 12:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    LICENSES.chromium.html

  • Size

    5.2MB

  • MD5

    df37c89638c65db9a4518b88e79350be

  • SHA1

    6b9ba9fba54fb3aa1b938de218f549078924ac50

  • SHA256

    dbd18fe7c6e72eeb81680fabef9b6c0262d1d2d1aa679b3b221d9d9ced509463

  • SHA512

    93dd6df08fc0bfaf3e6a690943c090aefe66c5e9995392bebd510c5b6260533b1522dc529b8328dfe862192e1357e9e98d1cdd95117c08c76be3ab565c6eea67

  • SSDEEP

    12288:/7etnqnVnMnBnunQ9RBvjYJEi400/Q599b769B9UOE6MwMGucMEbHDuX0YnpWQZb:sPM95FCWStQj6ERs/mfMl6H0skDpS

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2748
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2748 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:576

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    899e46b0e4aceafd469d6a5b495e33d3

    SHA1

    0129c3bd621668aef98157a603a6ac0dd9381310

    SHA256

    21d3ffd8a13f12631db15e819f4973a1faca9a04f82fe5550516e606565f469c

    SHA512

    7d9b779f20a7ebda8df7887eb7c570ec98c5aa19d4acfb3c861fa6ee3ea89db1b0e3a738cddf314d963f221d30763b0f12f21970ef62c81544492a48927f600e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    61d4831b6d8ba5ffcbd91105474b275c

    SHA1

    968bdd8a29eb1d12b719b50e39527e59ec22392f

    SHA256

    0079b99ada33105d6637cbe2775d77b2d2f94eabe4faeb225a22905584b78c71

    SHA512

    5a256177e96350a51e2239cbd3b9bbb990a22e8f68466d454d707cdc1d0f83f82515aa23aa7430bb9394a9280a778f6d072437af2e5ea0a2059b51270797d4fd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c7ad6e477db71509cc65148879928bae

    SHA1

    35d3c01486af745b2acf33b34940fd0442d9e942

    SHA256

    c96b7e966a3aebcb6c6ece11f3dbf4264350f6dfc31925c076e8c7dfeba73c39

    SHA512

    abd8f29dd2093c1a033a8cf1524902c029140f06daeabe5ccffdd054d805968b8dd93bab7514aa81335c285277dba4efba70cda5bb340afc4afe8210e1aa86c8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    82956cf34045f121449b3a42d21d7804

    SHA1

    7bcf5ef17cc09bea195544c9fcf3a6f7a6b767eb

    SHA256

    bd9307f24df0842cec504dc7c01a0abc9ed2bb48563dcffc97e336d8e12d4d4c

    SHA512

    1fdf7c37b3e7e8cc8165e035003b3ab7c77d69847877e8e6b3754a7122e65d1b996c73242bdb470f8599a3842558ab0d8fa5e87326a5975c2d026c57d6ba6021

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    90fced6ef7845a408986099f52930c70

    SHA1

    291111019d114cbcd2428b35fa9a9dd92b2a132a

    SHA256

    d326c7d67d2610790bb1946fa6be269d11bf84ae2657033963a712eebb7274f4

    SHA512

    02af005e357eb007482634c2021afc563743aaeda063a8a04b4c052c2184ba073c1bc24531ada39b2709959b4a4fd80d7c23d1671bd22a3edda3c2f7b34e08ae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1bcd5c928cf73bd2793ccac4b3bc3a33

    SHA1

    e87a7b17028934eec403aa9453dfc918277989e2

    SHA256

    a054204529d2b67cfe0afc962959607fa0d4e2c5c7f021b6728671f6f36c888f

    SHA512

    fd308b1297a8359d8d7845e49252fed12701f02d06d9208b2df226f9da96ef21d84f8a3588f675b622a50f2d070a20ce3eb07b2c0706776ee8e608d043831cc2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dbd118ea007f9417076502e5ba8579a7

    SHA1

    d11262c3d05cf4708c9c3e4c367730feac083710

    SHA256

    22a3739f5c54f9a0a5550ae330a1b0e39d17ab301f61b0906d081b3c4ac435ae

    SHA512

    c2c4d21712d2bdeb36eb0726036d9e4567bfcd72ae7235636bf969b0b53e991707ecce716988c3b59ba2cfc461fa1cf9e0409c317c9d0b400d323002d68d14df

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab83F1.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar856B.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit