07a3e511bf3ba9f8e87b9f2e72a7cd5cb5f23f55391dd789ccb022c2080d5815

Analysis

max time kernel
142s
max time network
125s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
25/01/2024, 12:23

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

74b062a45148cf468bc6fbd556252656.exe
Size

20KB
MD5

74b062a45148cf468bc6fbd556252656
SHA1

db071e480a818cecabfd1a7237a565a1e2707a61
SHA256

07a3e511bf3ba9f8e87b9f2e72a7cd5cb5f23f55391dd789ccb022c2080d5815
SHA512

6043df801d841c99f7e5b7d22bf194f6ae5fd30626d685c9c1f6e93bbd6ef3ae440d2131aeff53548091c901ce3f538e6b583a6d34d872a625c8711080ed1289
SSDEEP

384:Nw+F6DwqxwEvElWb4s/TiD+s54cOOXCT29tfmaxT:/FPqGEvMk4Mi/pOgCSnjx

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 9 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main\Use Search Asst = "no"	74b062a45148cf468bc6fbd556252656.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main\Search Bar = "http://find4u.net/spb.htm"	74b062a45148cf468bc6fbd556252656.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\SearchUrl\ = "http://find4u.net/indexb.htm"	74b062a45148cf468bc6fbd556252656.exe
Key created	\REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main	74b062a45148cf468bc6fbd556252656.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main\Search Page = "http://find4u.net/indexb.htm"	74b062a45148cf468bc6fbd556252656.exe
Key created	\REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\SearchURL	74b062a45148cf468bc6fbd556252656.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\SearchUrl\provider = "gog"	74b062a45148cf468bc6fbd556252656.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Search	74b062a45148cf468bc6fbd556252656.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Search\SearchAssistant = "http://find4u.net/spb.htm"	74b062a45148cf468bc6fbd556252656.exe

Modifies Internet Explorer start page 1 TTPs 1 IoCs

stealer

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\USER\S-1-5-21-2444714103-3190537498-3629098939-1000\Software\Microsoft\Internet Explorer\Main\Start Page = "http://find4u.net/indexb.htm"	74b062a45148cf468bc6fbd556252656.exe

C:\Users\Admin\AppData\Local\Temp\74b062a45148cf468bc6fbd556252656.exe
"C:\Users\Admin\AppData\Local\Temp\74b062a45148cf468bc6fbd556252656.exe"
1⤵
- Modifies Internet Explorer settings
- Modifies Internet Explorer start page
PID:2908

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2908-5-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads