Overview

overview

3

Static

static

3

6509d64de6...aa.exe

windows7-x64

1

6509d64de6...aa.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    18-01-2024 09:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6509d64de6c7a3c95e57bb6eec25f0aa.exe

  • Size

    184KB

  • MD5

    6509d64de6c7a3c95e57bb6eec25f0aa

  • SHA1

    cf985aecfa8f8153b815e13ab32ead612fb44735

  • SHA256

    e4de66aeea42af458b1d50956500f076bc2a31f419ff7a6227e74e49676c666c

  • SHA512

    3072aefd2b641287cfd2c3f191666066661c46c4ec084b5a1b8fc44786c0c6c75b5579e7cee4e3eb3814972e1da75eef025e1a89066af5550c000c5316bd13c5

  • SSDEEP

    3072:g/na6WDmrZ5CnKlQf1kT3bQfxy36JfLRxSo2uVvCEbqyXbzkCn5VBxIz:g/nuDm9tOBe8FBXPkC0

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6509d64de6c7a3c95e57bb6eec25f0aa.exe
    "C:\Users\Admin\AppData\Local\Temp\6509d64de6c7a3c95e57bb6eec25f0aa.exe"
    1⤵
      PID:2932
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
      1⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2392
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2392 CREDAT:275457 /prefetch:2
        2⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2800

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      8ccb3d661003074e7090f9f7e951668f

      SHA1

      8d411ebea16c3e9228f85b65a33a14f3e0d1d2c1

      SHA256

      1520ab91b8ef848312d73bd293feaa993b631a44111525fb43f3f74b9ce80e53

      SHA512

      817fe96460f975f7552b505b92c5d23c72297a6c20019cf198db70744bba7e91fa588e68101040af88855e06dea90c6cac03595f6a21af132e07bcd0a161dfda

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      5fc7ed5cd3586b9d5c4158ca6904f81f

      SHA1

      7b36b80bd9eb2cc8c626409a291fc1be256cc070

      SHA256

      dd9f6417388f7a3251c352844a67e3423a838660dac10d2bc105314cb1127cef

      SHA512

      b7597cfcfe542cb92237dc8a8afb2f51a1f35e999a87c905ed36ea6f92f69ec5478fe07855346ea76044fd3cc4dfc9fa65cd1b3d14386ee2f3d3909d5564d4de

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      d4d9b6f947c03c8b616456580bc465db

      SHA1

      f768202cd3c6407de9078ec64486f6dfcca106a3

      SHA256

      1cd348f9c33dd0637fc9b1479eefc6f2fac2745da50c4e8a0ca7da27d7bcae95

      SHA512

      5d31f2cb0fe25bf6ffbc890619f62b549e732b58959de70093872185f5d0476c99231c5d689147b12de35142d118fad4b3c799f51be14ba2f8c59c119ccee187

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      8b119b03e0cc57da0f4cf6314202ebad

      SHA1

      5466473d8f7831cfd3d37cb209adec478a2adbc1

      SHA256

      1666a2ac48673c7bb25c5d95ba0b80f456f716b3b4776af414d8ce3e01d0a5b7

      SHA512

      cf234785bd8e8be89ab447da74e8d15195dd522da5551b23ece908f05fdd73545512302ee95f5487100868ca275b333c45a91bca108334c03598b2ae3f11db23

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      b55500662a67c7a14241298f58022ae0

      SHA1

      00157ed1046a58cc6273f850f944ea6148b85929

      SHA256

      66aa9d68234a902e72765f3df9a4af993c477d57e568b1724ceb147c30b09967

      SHA512

      950e1490d7c33080b80e20389b75ca83632fbc966dd6d891da0ef4ba64204563bf0e31834dfb04cff42db894fd2b8351e3a9715fda7d85e5d096ac242ce77775

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      81d62eab7ab5d42ec1e0bddaf447ce57

      SHA1

      bfca5a7535dc1358a8347015ed2161351f4cca49

      SHA256

      deeded5969b22a54453824bbdc78509962d907c17e29d5d53ccdda344137889e

      SHA512

      daf058518bd9d1f9e8658f0b9be46b0015d069ba00c7131a4c65a174f4cc2036c6898364c0d21f7161d1a58abe697cb61b5319c6576e5d45277e6afde7478087

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      71f73a334f07f20a23a5d422136beecd

      SHA1

      8201e2fc211f0295796f548fd30a40fd92d25d84

      SHA256

      2652f62d22aad85e153fd0844565b8b29d62b42772de38ec24b02d98ebefbde9

      SHA512

      24b61fd677089159d0b57de5b2afb0183343f6ee81ceea58b8ffd2bbfd9a7a5508c7bbb9c213c8771d86314830a1c8d3c97d0cac2fdb91c08efb83b9e9a29140

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      49bafa7b6c7cd8da2f34b658b63b1224

      SHA1

      603ce1c715ba286a00db93f8cab9a9177f0cf362

      SHA256

      231dd529cde77a445f84e13eb6c081d6c670c860fca0535ecd6888b6c7282b2b

      SHA512

      082638349415c78ac156abe66783ecd4052c41222fc7472ed0c44fe9662a49900b1128cfebfa6c6755cb82aebae75afb14ca60621a53492f3acfc7c2593dfe2e

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      c9bc4bff5d3167a4156ca4e00ee3c0ca

      SHA1

      341382424d4d3ec784f8af4b81a20fbd32855779

      SHA256

      a56557a8c7e5a4b020731673af7b1b8cfe90684481680c0dfd5f5ea49da30aef

      SHA512

      323c032969f02a0ca654962bad6a4fe4a1ebaec2a96e54800d3f8694c9d7907c55c7dd2a4d943b188dd530d112ca09ff678177aad88e18d3e14f974f90c66230

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      10edac825c0e0e81a0a0306793078d36

      SHA1

      730ec4bf9f6a38928909b550f8808eaea6c5b138

      SHA256

      6a19ea47676579976f80caf520baa472afe89abeb9b97f3c435384ea1e170bd0

      SHA512

      bc40020fe63381e5c95e617688a15bae4da19b83c9ef13550ce5069300071417fa61b9960b7562700913c2113a2de6b2df8921299f0fdb33f2b30d9a7c195b48

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      72f3eec5c56c4635a821a99879da4f9d

      SHA1

      eb2d9acb0d18513753b3c2168c7b5ed8a7bb82c9

      SHA256

      53516da5aa0526e45ae05df4a99fde09871c8c9785ab6fbf92b219ee7dd8694d

      SHA512

      a877c688b630b2ef5e94b81dfd36572de9f869755975a4736023375122617c5486afb938a89c89f294ad1ad625f8d8d921a190c6faa7fc0cbb75cc54e639b6ca

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      c79bb32a811671c3db1c3657708f37a1

      SHA1

      184e15b1b876e9e721a546827554a4f02cc517b4

      SHA256

      1fe5ae643bb5a21770d8e994cae2cf50d4e8786ec23bfd5edbd3c17a50cefef5

      SHA512

      10fe47fd2859150d25e87304733848ad5563c4a573d92a37804798657189a475e075d3b59ec05942f59c8f466d810670b7afa0f9f4dd1e1e9e8f97a14d7aa950

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      5a6e9091cd0b1520cf15be88f6309b8d

      SHA1

      408d701d79cc3b7d5147e3d1ea74b510d51be33e

      SHA256

      63ebb6967a9cf554d0b43e0067bb8195a538116994f5ae5879f8f9157bea2f1e

      SHA512

      45281ac9a41a9634dd4232fab2f693432b5f456efc0a7be07e22cfdec38259d024ecc4198a39b7848b3a11ed73bda99b2696bd1f5457c6a35375b1408e02dafe

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      8791a550e1163900057e6742ff29f057

      SHA1

      d4655c41c2cf60bc8c4d3255a1b8c170972ac6cf

      SHA256

      47360e68bf5c878b6a93ebecf1a10c9c43ec1c7f647a096d15ca08e1a3965899

      SHA512

      91eb1319aaa0e686b3200f56477ff134d256cf10aa9fb3d6f4153b18c54d8d5742fad2813c950747a968701f810d475abcadec5c39b7e5ce383b42c18843ddc9

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      ca681e27f6874d6c2668a4c32d1cc56c

      SHA1

      78f51ffe6a05e585a83a9bd078bf289f0aba0d98

      SHA256

      673c89cf496b1b44a37a114666531d7ff4564542e7a1d8220a8db7df0bd0a298

      SHA512

      847539d80608284bc202fe87689a99949e7a4110be1980bcc45e8cf8f6e70285b5917fe368f6f3c48bf1920d418ec5556a04b950ca0f8917c6eea17b1511db38

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\Cab35C2.tmp
      Filesize

      65KB

      MD5

      ac05d27423a85adc1622c714f2cb6184

      SHA1

      b0fe2b1abddb97837ea0195be70ab2ff14d43198

      SHA256

      c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

      SHA512

      6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\Tar3681.tmp
      Filesize

      171KB

      MD5

      9c0c641c06238516f27941aa1166d427

      SHA1

      64cd549fb8cf014fcd9312aa7a5b023847b6c977

      SHA256

      4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

      SHA512

      936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

      Download Submit

    • memory/2932-1-0x0000000000400000-0x0000000000437000-memory.dmp

      Filesize

      220KB

      Download

    • memory/2932-0-0x0000000000250000-0x0000000000251000-memory.dmp

      Filesize

      4KB

      Download