Overview

overview

7

Static

static

7

72cbcf8028...f9.exe

windows7-x64

7

72cbcf8028...f9.exe

windows10-2004-x64

7

$PLUGINSDI...ol.dll

windows7-x64

7

$PLUGINSDI...ol.dll

windows10-2004-x64

7

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...re.dll

windows7-x64

3

$PLUGINSDI...re.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/inetc.dll

windows7-x64

3

$PLUGINSDIR/inetc.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDI...ip.dll

windows7-x64

3

$PLUGINSDI...ip.dll

windows10-2004-x64

3

$PLUGINSDI...fw.dll

windows7-x64

3

$PLUGINSDI...fw.dll

windows10-2004-x64

3

$TEMP/Alaw...up.exe

windows7-x64

7

$TEMP/Alaw...up.exe

windows10-2004-x64

7

$PLUGINSDI...ol.dll

windows7-x64

3

$PLUGINSDI...ol.dll

windows10-2004-x64

3

$PLUGINSDIR/Games.dll

windows7-x64

3

$PLUGINSDIR/Games.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$PLUGINSDI...nz.dll

windows7-x64

3

$PLUGINSDI...nz.dll

windows10-2004-x64

3

content.html

windows7-x64

1

content.html

windows10-2004-x64

1

Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    24/01/2024, 18:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    content.html

  • Size

    2KB

  • MD5

    6ef7c094393186e079cf9f0286f595fc

  • SHA1

    6a0a3fa1b14fa31d040edca75f1aabf2ddb2e19f

  • SHA256

    252b2ba0b93a9a81b367dfa965b2fa7cabba7b58cd9d4f112b7c5ae8661b26f9

  • SHA512

    d4c7b438eb3915ea6879824418b3173d58ffc9b1ff75578d435ad1da2f020da0d6b3134959e8143d96645cc7e18e745ec6db9a8c70f355927e3d1d75332d019a

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\content.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2124
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2124 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2480

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b53ae0495088b0167f87082202086758

    SHA1

    d3c73e6c11d503ffbb60ae671536521b771628e6

    SHA256

    5284fbbcb3cc5e3c4754117675dff94f6b8afc55168c14c1bc63d4db0f69e44f

    SHA512

    ef504e207ce7193dee4ccfcb436b18a183c20d56d8e988d1d113dc865e6383ec797501d62f13ed7e08c3134b3bb299f815eccd1c2d6f723b507ab9ce1ee15475

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3e2b34e4ef94375c174a6597336fcafb

    SHA1

    b82e568af1821845c9e15e37c31ec7f4c8bff813

    SHA256

    bc3e85bb172c6475fc22c7064c9354acfb06054fd60d2d2f6099238f31c4924d

    SHA512

    897430907f812701f8faa245f40c16b52341d5f0d0af9399484ee9159e37b83995a6df273e7fbb6fc4e5cd7e6fed85c3e944cfb1e6db6f544ff75a58d5592345

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b7ea3a7b2fd0ffa16d0b78f17f035e4c

    SHA1

    d95184b8d21b91b9e713942219202a9948e47870

    SHA256

    a0aef5502b2bb35edc2f8818945eacaf692efec6a45bf6277a87015035f4fb59

    SHA512

    b908f5fc7d5aed3b49b83a0e4cbf398306c2d294ba32cc5833dc6a53b9ca12be01e4e935f5cf9d337b7481ba670a3c6e72f6ab7aba207120adfeb6b02637b3e7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8d9eb6c7aaaf5f3867430f622dcb87d0

    SHA1

    c6b474bfe45243476943f27d1e9f6494d818b50a

    SHA256

    dbaa0c44f56d76fe9d3c46df6db962d056222b7a0e28c2ec50a381c4b2853cd2

    SHA512

    f94a5dc9935b94906e6dd9edc1f720cbb0a94ac394814ca46aa796878933a0509ab68d2d7fd5c5e332cb49e4ffe023e442bbc54f266361a6c05818b107eb5e71

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2287aed9be8d626205b27cfae1058818

    SHA1

    ee91af2858fc7baf00d4ee55148a67c3ae3b3146

    SHA256

    524c202dc75e213849883b298a037146c7842c5122243a834f7fdaf5cb9d7e65

    SHA512

    5b58160448c92108e03dfd20a05a6580bb14c784d40156ac919dfc5360872411b8628a557cbcd132f87cd3289d69c26fe570849b59c8e7848b5167d3b74a8cdb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f34fa8045a40f82f25a3fc408e6c27c0

    SHA1

    e4937d7ca87a9ad55597d09aa8ed2752dd9d020a

    SHA256

    f25fefb123b9320b26e7de194c5203d6e351d05386cd7181e92eeb74c38e8c14

    SHA512

    bd583060cf9a714cd9b2c5a8cc4930ec7827c6674a42a1c7d7ea1b84218ae53e6aebd11954d7578ad6ec493aeb24d97ff1586eabcf2d40a6b9ff5a7d70c9ed8e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0407074dec7ab799a69ec94d40799542

    SHA1

    b0a98f7e7b27c75cf4911ed142ee5a735f8becd8

    SHA256

    e764335662fea32faadcb095ab21a37e40ec0d26e8aa865fa570c77c268aefd6

    SHA512

    537856ad5ea3050a32651d6144398426a2089e64e9a2aa721380a1c4491aa1de20d0d5164c41ef064a424be16985304608dd5a306278c8611a565a489a582f53

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    21e1e97a3a0d029573690a2c2eeecd33

    SHA1

    ada2f5e423f2dc1a11bae3a7857b68634a090c99

    SHA256

    f9815073446abeafb086bf8dcbd5a358cf8b47a78ac260e3850078847ab29922

    SHA512

    5960ee4b0a590cc218399f885eb668e0f6379cb3c0f292fbf359d67d6f7a9110f0341c4f309456b55eb4dc66aed80cfd007bec495ed3263a7c7eeb426d62c4bc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c9403d0c7153ab9ac0bb4cfe59f4b011

    SHA1

    697f9f3a5d685671028f48d580e98ef35dc982bd

    SHA256

    1c3b9d6a1b6db96395628a32104f9a491c1915746acd9a6c0fd6fe930a9774f7

    SHA512

    3bb049e822eb3ae5851a50f14298785d2f8742ce7547f2db360be0b15d1d444b2374ce02e3775e473e0dbff06a0946e3776478b7a2285a47e2645a7d6c65b68a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ade0e325090d17ecfd8879dd10d8ba32

    SHA1

    7dc651ea3f9ae907006d083b721625a1b4477e33

    SHA256

    8d0e9e161bfe6989c729e71c502feda5a4a7e87017dad0bf4d08bea0433f203f

    SHA512

    932e4c1142ba95982b7e8da1aff65bf3b24b9ccaf9a1ef85b1c90ae6140bb96274b0a9a1163365d7de68b5c3dde79dc08cbc5e15271c1aed35799482b553cac8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    820c56a5cf9580204c887222f8386d1e

    SHA1

    9b0f01712369483c2adb381d2fd91038e291ef70

    SHA256

    f580e0eb3cf49dbc5cc903f109eefac1bffded3ad6c6d445cd75b06b02fd3154

    SHA512

    5aae506ee71dda855f3ff6f8137b21487f9648977e17f4764612505e5543ad1b09cc9e677ba74d1789d10599151be5395c22a646169e60f7d01fde0f25397add

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7df19341373f8811006de5652ba61905

    SHA1

    4922315b55b81646083c4f12dd148ea105dac59b

    SHA256

    6386c284a6ff583c92c914ca6bccb0b25b5378275df50379e6c76fc1d0ba4900

    SHA512

    89ff86800625935ef4c0005d008c810eb2a93b2ff9b8c73c4183d81797ef1d0e0d556140f3830419dea51278a3eae14f23b312791110af9989aabadae7172209

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9d663118804ce0563877940051c43f47

    SHA1

    3d14c10034e32555ae8479a0a4cdee86cab7d063

    SHA256

    a5cda7a85da68d1e556d549306cda91f2934add6b76ff47470077eb746b415a3

    SHA512

    bd8b5673a735c313179a45e666507035bc56a06705e1fbeefed740378c90dafab22ad83293333b7bbde290a7797aebc0073fafe08f028e936bd69d870e636205

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a299cccd63f4a335a13325b41bc0c3ef

    SHA1

    05c00139a05deab883473409a1d90954f0050a2a

    SHA256

    11d532ae486732a8b43710619eace3ecee2f012aa37d9ab3d4ee762623598708

    SHA512

    af3ec1ecb8d7f2e713d23c4538930cb7a36b6f5032dde141284a5ed63b9f4ae4b8e3cba8c0c3c6bdb4a3045a5d574b60c9112f480eccbe637db86966dd01f5a5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    388e2293f23482a6a2d5573816131847

    SHA1

    a39fcabb01b0182107eb9948dea6717d9555a540

    SHA256

    f3387790fc5bdaeca3efd04ec3957beb851ab3e26d14da42c5df31c17b5e5943

    SHA512

    19d46f73f738433306469231d9d5ca10f9389675b70bb1be398794cf9ad56ace52fa9ffe22906410a15841b8fa045f38bb5a8c4385afdc61752376e5631b5ae3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b7de9548ec4d91e17521ef821bbf5641

    SHA1

    add66b28faa2133cf06e35ee81458d93683cf51b

    SHA256

    70e92b865b88c145ba151e3bd70f59c380ec9f5905bc3f23dc65b47b606bbd70

    SHA512

    f6d9a97e302bb010e9d75ef8363d6c7759c3de2ba15d436dc2feff6359e1bd41c2200e1a4f6d3ab6a0d6f4a24c60e0db8f7526fdf72b5471f9e848e3b1a86907

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    97d25739af5cb7c0b6f79f94c84d8cbf

    SHA1

    4edb07d80c9640b351582990d3a3c64f8810513f

    SHA256

    80f65fa934b96a2f08cbfa7a160607687935d6e9aad52686238af39622aa895f

    SHA512

    8cc89e89e64a13eddb360f98236a3ad9d3324663e7c51ab56e8f4a41e680c650216580be6956a8a8c814991c7388a7b7c02f0f0a81ea4dac9cd597147207f2b5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    70191f9bd57950da098f706f71b4affc

    SHA1

    55aaa88fb2154bb4826d503a31390fb1bbc91dae

    SHA256

    3e09c4271160607c47b5854649f6d527a53d21ec1b841c12b3cdc6f217fcf2db

    SHA512

    a55183ec5ca280141e6a85005a1b0481075369641c6d0c4b9b4a93db1f1c580c4c6ed4da79af1a17ffbd788eef041abc9e87ce008028685ebeee753086b03139

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bf30f75b97ee3b9e7b2b060a832a3a31

    SHA1

    62f54311456c7b85d571760eabbc6cb8a6560409

    SHA256

    686ef8a6ba5ef99cc11439b697b602b65bf431bd7590ad35eae023908d5c7816

    SHA512

    5c1db3d9b7850c22c2008da35a1635da6a6e520e8051c471fd12a43bed9251d851b96798ef15c0a27ada1653104a308d7946c66ed20d2b9366da3197eb4e8f27

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2c3fc00e71f5e30f10ccf53be8a5d0a8

    SHA1

    cd189de1bfed432401bdd9449ec85aace4c27873

    SHA256

    c14ad68414f9cdb67c9a33bec236078356bf36acd660e534d31ecf5531fca5b5

    SHA512

    235752cfc19a163e9df70795368a84a42d8bcde54629a56838df239ba3544b6fb17f8bc3bc63a274d41b80d6a020ae669d062f829fb26102528fed5f4608ff15

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab1FB2.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2053.tmp
    Filesize

    127KB

    MD5

    12a05439bb6cdafc04e2b116996908b3

    SHA1

    e47bc4bf9d8547c9841e69d42284d95d54734655

    SHA256

    ebd3932fcd9695e3ba8dda510be6b981ef7c9ce2b03352d7d7c31943d07187fb

    SHA512

    4a769fb4efd8cce466525d88ff4d67aebce653895b535fe2c533cc56d6f46024987a89bf1ef2fb9a06fde0e76d4dcbb431898f24c9aa006298ae2ceeea00f1d7

    Download Submit