Overview

overview

4

Static

static

1

floorp-stu...er.exe

windows7-x64

4

floorp-stu...er.exe

windows10-2004-x64

4

$PLUGINSDI...ck.dll

windows7-x64

3

$PLUGINSDI...ck.dll

windows10-2004-x64

3

$PLUGINSDI...sh.dll

windows7-x64

3

$PLUGINSDI...sh.dll

windows10-2004-x64

3

$PLUGINSDI...DL.dll

windows7-x64

3

$PLUGINSDI...DL.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$PLUGINSDI...er.dll

windows7-x64

1

$PLUGINSDI...er.dll

windows10-2004-x64

1

$PLUGINSDI...g.html

windows7-x64

1

$PLUGINSDI...g.html

windows10-2004-x64

1

$PLUGINSDI...ing.js

windows7-x64

1

$PLUGINSDI...ing.js

windows10-2004-x64

1

$PLUGINSDI...ON.dll

windows7-x64

3

$PLUGINSDI...ON.dll

windows10-2004-x64

3

$PLUGINSDI...p.html

windows7-x64

1

$PLUGINSDI...p.html

windows10-2004-x64

1

$PLUGINSDI...nup.js

windows7-x64

1

$PLUGINSDI...nup.js

windows10-2004-x64

1

$PLUGINSDI...mon.js

windows7-x64

1

$PLUGINSDI...mon.js

windows10-2004-x64

1

Analysis

  • max time kernel
    66s
  • max time network
    70s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    18/01/2024, 15:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $PLUGINSDIR/profile_cleanup.html

  • Size

    1KB

  • MD5

    72e70244833cb1c8bad6fa8f98fc14d5

  • SHA1

    6abdc75d0bd50fd1796872661fa26e2e2e0f8fb9

  • SHA256

    aec8db1b7a2d3b09505ed0762d829c3786cf4e2b74ede492aee3631126e21a65

  • SHA512

    9fbc15af2c9b60d0405ff3e89f40789ac1cd4c8f792dbbd5ec3931134a150d72dee758e26a9911c31db1d44b78b9708d93a86d534253b9c296bd23fdd5237351

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\profile_cleanup.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2672
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2672 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2732

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    990ea1e437da7577338399bf8a02199c

    SHA1

    273e7cec2c9fdd688d4db4f5134809666b64fda4

    SHA256

    4ef9126d0e86f1ac7e610ab4d032487093c6b8924a35d0c76a37abc3ca217f2d

    SHA512

    a0f07d4f17a273fec91ec1b813559eca483f367a277d9cc2e58f7301178a7910bfa2b865b97a0b2ca27cb3526691b761165a5610dd751631ebb46c7acdd3e4bb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9621bf6544666c8c4569b0b9aaafcfef

    SHA1

    47069c91436dd1f4583ebc87ec3759b1fa13bd66

    SHA256

    89ad8c998a4d4fa77bd8c3d96db063f4ebe8b381e93fcbd3bf9706a83dcc3f33

    SHA512

    2e226441786eb0691b2af91da9586f6b41cdb49f24ab77a74b9fed2a436f69c5fed1ecd72be27f8f54a6cba8331dd676c505ed3330b948777ff755ced17fc241

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eb8962e7b81427955dab3df5db319d71

    SHA1

    e54ba67d7b9535bccf6d0ff195991d0f267fdc43

    SHA256

    326cd2d878a4ed27999fdce22bf71d21cee5cb1fe1ea0da258e362fd6d61bffa

    SHA512

    f97e75c7bfe17cadd68364d6b229450ca5c9d19015a9ab7faf8a65fba257709d81e860106afffcee20d4f7451c4078c89221b05be7235b54a2ba42a31fc0c427

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e2702074424fe79eb4475963d48e26c4

    SHA1

    2ee4115d0848f19aae736a02abd594fc1d020fd6

    SHA256

    1731b1d0a37a5fdd0d3fb2c7a0edd77f9e81f87a1eada29f011857a39818ae61

    SHA512

    2573a4d59ac891b23ee467a9b5572eeb238a5b5812c9c1cf82ba639ab7c8fd47978aeb1e27e4492dec6241a4110a1cdd570b039e41c9307640bb57cf5d3f304e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3835759e644b28c6ef5e70dc8eb0060b

    SHA1

    e29b0ac689366faf244bd5bfc2677a4cffd1b1ae

    SHA256

    9aa1b3109a6dcec66bc707574a1c060cd376367131a4e01183edba879dd25526

    SHA512

    98e01dd09ae3039259b8a4f0c3e19241f0ca51e2789d500f5f1f4e882550bb31e913ce7ad12281b4b02f21e6eb73df0da78c2cd2a9201cecadb3c85832dbe2e7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    99754aa396a51f170b08205529018d6a

    SHA1

    d56f38e623bc8b75e896cdc8e44845c70a08dfc0

    SHA256

    1bcc7f598be264d32bbd4299795bf73249e5adcc69ed15da5904814b5eb2e906

    SHA512

    249a15cd49a6103650e8cabff93a88bf0b615b141f78758d5682330f233816fc5e6ddc3ad3f8dbabe35a5ac11ffce329751a3c5d8d9f10382b6eb503c623d643

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0e0749222f6f56ce88b9698c64df09cb

    SHA1

    6f6f10402d7655253b0d29e4dd1da11105222812

    SHA256

    3aff86161f7b20d3ebe5f73c1f8dcc6400b845825ef7cdcc9af7e46d99100614

    SHA512

    997a0643acc23d5ce6af6fa2b1b7dfcfffdffee849c58bc170ae8ab24d02022a7deebb38fb3d848b4afaa2160d3eb3064e1bf697bb9757201c87423f65d61e1c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    36ee41069ea14daf2ac9f96c4bbfe100

    SHA1

    d4cd9b9ddeafb5e32baaa9b98f8711752bfe50b0

    SHA256

    08814f9b561bf835ac00662e4bd73934ffb55b5a92aed5431d4a403670af2e86

    SHA512

    f2176b5731fb560197cf3e98fc1b046de29a559a6f04a579a09f095f568c3cf2d2db3064b53fdb37c522ab8ce11d0d2a3e2c247d33dbebc5018c4df05e90615e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a8f9e6a9767e9515749777b27a723858

    SHA1

    f87b7b77e3300f20e2771cc1e0b19c192b5fcb93

    SHA256

    47a543da86b903746faccdeebeb6fb4611c5b9f00339fe86f1fb174781fff37b

    SHA512

    2c17861aa64f6470ade6663b7aedb8d832d92b065393287524ad5fba62c4daaf5b5f68f38305481f9cd9f87eed9c2114bec74d6be1b41882c6497780f3045818

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6c4ed5555210d28e73c1514946a11346

    SHA1

    dfa97dad1843855617665af30c8e3dcb7ad3354b

    SHA256

    524e56927e927a09c21b36fad6f27112f2b8afddfdf6fc19d6941c2d88cfd3c9

    SHA512

    aee26a6b9c25dde6ab363901ea5e83b0471245efaed16d001b65478ef706f8e3f39d56cec531effb13518e2a63c54da7cfe6ce8249db1a79574052e150ff3391

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4a50513a6a8f8cbc003be05bb9169bff

    SHA1

    7ddd5b172e1ee6d22df618034e4681375910d478

    SHA256

    5d676c64dadebb3da373a6d32be7931a018ab5647539f34fd5220be25685b68c

    SHA512

    915f27e7ffbf627faef394c92bda2d012409c969c1774b2bb7eb2f8700ac25bccc34cc6ecf6e7640bc4fa84394dd3c4592bf423acdea995990ae73b7c4968c88

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    58d778bbb66f08913c2b27bca4ce9d2a

    SHA1

    91d3978cd418ee7b36039534ba2f409a9b8604e4

    SHA256

    8ccb248d1ded240d20d298a5ca8d843b911b87ea54e08030d1038a6d277da999

    SHA512

    82005f584ffa3a1a3ea8017c0ac1885c90bfc33b91da1a883eb4172ca60db5b330be66ef88ceb6c1379a6fe899a4056e29e070cc030db692a3cd873319cdea09

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    47846d2a62e0dae3d69a3def39676c8a

    SHA1

    3111f5f2d9049bf0f120bfe2decfb124695c3f94

    SHA256

    22710a7882ba6342fe98989ffac0f9e5772054b568653d70bfb5a6e91b555edd

    SHA512

    10997ad0ea1b25b6fd264952bc96fd46952dcf0abd383ebef3352e6d24a60c5ed6410480c75b238b0b08a8b4aeb5378ceb67a0f25cab9575a7ff85a3e8576c0c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab4E70.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4F10.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit