Overview

overview

8

Static

static

3

76f8e46701...67.exe

windows7-x64

8

76f8e46701...67.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    26/01/2024, 09:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    76f8e46701fa0ba4dfc0341fe6566f67.exe

  • Size

    48KB

  • MD5

    76f8e46701fa0ba4dfc0341fe6566f67

  • SHA1

    b4a28dabd689308062d4914ceefd245d28bc4e68

  • SHA256

    36110ce060c9dc4ab7e46df59fc1bcc6be9704b31de65a7f9d4fd69f592d62ec

  • SHA512

    c808a8fd57189d845d24c2b7f48343d520a19451064ee77a91cc7e237f8e3bc6481198dac3aa05ae0eb34fbbc33096464005b2b24d8cb372d4ab75a6f69000ac

  • SSDEEP

    768:/VXmggB+lhtF3BF3INUF3G6noj3r/eK4YtQLE:/VOShtRBRI+RG6or/eKEo

Score
8/10

Malware Config

Signatures

  • Drops file in Drivers directory 1 IoCs
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\76f8e46701fa0ba4dfc0341fe6566f67.exe
    "C:\Users\Admin\AppData\Local\Temp\76f8e46701fa0ba4dfc0341fe6566f67.exe"
    1⤵
    • Drops file in Drivers directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2548
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.fototorpedos.com/confirme.php
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:3028
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3028 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:3032

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    e289c574cdc09c201ab36d74fc96469c

    SHA1

    472ede7952d0f55d4968bb1b2ba0cbbabe1a4113

    SHA256

    2481841f5d0a92edadaae3e8c7a4e74648beb35875de0b868e9a533c1aac4e73

    SHA512

    d3958674143c1ccf8bf84dad9506dc749ff2addf7eeabf2d5e0b8cd03fa1c1adf3f8d8fb3a8ea3ec04efe7c1744556f42f00a1eb0cb6e9e1aa8b8a6f54cbd875

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    91b834de210fa269e9f0bdba34ebcfd2

    SHA1

    ad32df992e703385725a90a61954cbd55d6b30a7

    SHA256

    f3c2702367a7c4e9eb369c56ac30070ec63130082ffd05fcd43ad1fdf04800f6

    SHA512

    0beab88e4734b6b497abf9370caadd059a8e5f99d2c134c1b5bc42db558b6eb8008387d7aeee4b7065530b6db771ff10c1ff5c24cba8f2cfb5387fe640dbf844

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    672bab17c386887111ca0cdd0e40f6e8

    SHA1

    f32fe28230e88c13717cd6a1a6be513c33413de8

    SHA256

    c103144c9f10ad6ca46a2e488188e28bdfe718dccae8b280d7824ff7d52039d4

    SHA512

    d741f54960f77286fcd22a463e2833563973e4a00f8fd523d473c8adda012fc25556177cd2b62e407c8ab491015ecd8d4ea0e0832271168b37756b6bfe9cc2b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    055c640cc0f3aec6a81027aba1fdbbf0

    SHA1

    6b0cceda8fe539e73664595ec2efcc9439b6f5e5

    SHA256

    6777291f5e3027fc5ea6832763ceb6d1d5da14cd638ca3cee9f25b394fd0f83a

    SHA512

    0fdbdc8a768271b119916e715d1d4097fd117a52c8dd22e34b1a48d41f95d5030e395f6cbcb46b2c59f37e10998528976b1425d23665f6ed6b85f14e50d5ac64

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cc0474b7eb844862f056ac0a7bab0ed3

    SHA1

    f601f047c765528c046f443838fb3fb376fa959b

    SHA256

    78681cda2059676557d8246222e3a49276d5de8cd39c445a6a19cfab1c20c967

    SHA512

    0acb05d4d405af4a7a3251cafbc98efd01ede785ea8b12a4d5f481a1c7ddc55cf6ba89486decfcc3a04e83c703da1c5e0fa04a6c8187a38ca199aabe409f11bb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5cdb18c434492311e32b1856e51c9597

    SHA1

    011d43f55fdd94684739a6597240c3ced0505ba7

    SHA256

    577c762f193652a419b1ada64a5fed8463012eeee3a27482f82d7573957cceee

    SHA512

    ad351360406a3ce6b6e029ba21b4e68806194676be4ded84d81d8e14226f2caff50a366b167dcdb7f78c06a9ede346c2a1d7d577146753bd88b4d0a270cab916

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    98314bd321644b771f4ef17da9597a4a

    SHA1

    c52a867594aa22c5512c69b43a923d655c00ad7b

    SHA256

    01dd6021ed182fe675a4a0a9b9d4991daedd4a8e4b5f6056885476d7650dfcce

    SHA512

    66e796338c9cfc587e52dea959fd2ca819d06cc51e9c2ec157bc9cd012889f3259cfacc5666b99b400444696823a65b9b9d238c8aa334248aff6a48491bee4dc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dd9dcd1f8bfce3e70c9adf882cb77aea

    SHA1

    62c891a07a8b205df6374eb8eb0637b4bf73e8da

    SHA256

    051321517db87cc79afa198f4e95abc169c01c3083fb0c899adad75716934590

    SHA512

    1c9f6056d7ce8159c7bffa9317ada46f18db781fd5f1755d7df2e4737cef42698740b76026ef04615e307a5ad3bcd8d2090e174a86a7b91366c1174f399a52a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7ea3431149cfc977063f1d1be759790b

    SHA1

    596e7c2b371cde514c09fbad5c77848d12177db9

    SHA256

    0470012af6bbe892437e31f2b164b672c4095ac3d9d636525a85320cdf8b556d

    SHA512

    a86931b85c47c79ae7b5340b0229c4d9824fed73bb00a97bafe2e71036cffd4580840356ebeab006f0d59a445f3cd97ceefe4de4b466af2f8607181d134bccf8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    facd6cfd80fa70085cf815a028cc74d7

    SHA1

    39403f0cdb9d9fd858dd67fc2150aafa2b0b2c70

    SHA256

    94000cbb4b66eb2d87e31a5b81c2d92e0828cf0fa3adc1ec2cc26b47e73ef65f

    SHA512

    fdca21c6354c6bce12121881ffda94a840a8a5346f5a9155180bcd14db5424b804e101620987b396ea1be4b2b67269c257be7543294d041f55cafa253bc7a599

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5e46431ab624691d6547809676c16be2

    SHA1

    553e3d72763a3d46bc7a24da8603557fae726e49

    SHA256

    aa73b47f144e91464e99ac937308ed5898df5c3f217888413e873e24d2ad49c6

    SHA512

    68762c965bcca240cf71647f4107852a5614ebac620eb3a2c0cd62cb5f2b17fbcee0e0bbcda63a1e105db15098c119dc815afdb763517652fe050a79fed685c4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3f6d42e396d9bf33c5a90f1e781b0037

    SHA1

    4ecd427f4f577301298d7e862991dcc02e6fdc35

    SHA256

    eaab7eb48f8b1a2965bec3b803c12d4096c3b59d0398f3c414bbe9cee8c43c92

    SHA512

    901555d8937370b771801a95792961285548e5503ecd866405b16c668b78ca86a42b43811ed65932e3217fc9c84619ee74c41b2f827c5e6570f72bdb73746298

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    65ec16874de274b73943143a0cdb411e

    SHA1

    41d06b6eef6484f886391ba0b6ba9a7b4f208d57

    SHA256

    f41cce87ac3284902fba20b12ff75936ae9f0796c95bf4ae6ceae587c0201143

    SHA512

    89b24f9f13d5a6432b0b172e0e3694f782ee23aaaf72a95e8d39d4a6d692bd3aa4fed80f5971b15c21a5e57d2c005eb23bec057c16607b9b2233f4116cb1b43c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b1339176e318ba8052119c09dd6643f4

    SHA1

    130ff4e655b06fddea78cc20bc94d8fbb07ba2f0

    SHA256

    253df8b55417d198092461948dc8e5ebc8f19658a91e465e7c53039cf507b477

    SHA512

    aa292cc176fd2e507b9c205269994b24802a7665b2675c57c78dfd996e3049667c9172605e567e6ecd160989972ce27c1fdc3b1da15927ba22648843eff27652

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c48e37d35674b99464933c58011997b4

    SHA1

    36798f944bfd8b4692ac9dac12da88f58123585f

    SHA256

    32e7a0eb157af7709ee3150109c3add6a9a18c93f7ffda21e85016e841c66e1d

    SHA512

    38abc20c9dcf1e81edfe9d58df78a4e05bce368d04b1942e9de9d80646686b1761898aaac654e1c87621bfe17ef278f3561e47ee7e5ea3651ddc141490f984a5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e7d24e920a044017c3c2e4e8c3725890

    SHA1

    eb4fbf7deeadcb58f09643612d93f72a1ef4664c

    SHA256

    568f3235e13bba8158d445e12b0dc323b62081cf34feb14c642c5757616a0c2a

    SHA512

    529365ccd53cf4d7621ace0d9aea33424b381c778ec5d46673e57622058c8159f6239b1ab545cc658d8264c0efd109ae7adb5062009c63a64fbc364f70b913f2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    436d8eabee7287bf84e9d561e70967a7

    SHA1

    3ea65c7d47739c6b31fe7294e63645b47824bfc6

    SHA256

    af135b816ffc53f04a27e89d43341daa012c158e93148a4760865830c622206c

    SHA512

    658af1e27bb6ee2d563556a60ec1dcacb606d041be8fec10e6b4bf176e06137079bd92857858ee82732d9abc3e39f0ac044242259285587c131422062eb2aaab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3a0707a859b6a77e52c24efb335004b5

    SHA1

    5c5d7a658aa6fde9ad5e597bff4956f743c84298

    SHA256

    8545a108083928e6b60391b505d8be8a185a97cbb26c14d1fbc18957b616f95e

    SHA512

    7d6bcbc20e3658c4feb6204c271986523e05455ac353b4a156704e63265232807a0a63d4d670394b77a69df3d9f81cbdfd4e49014f319881e142e5c009e62e40

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4477e9f60cb717b7c9a748dce83fa3f4

    SHA1

    7005f73f6cd66527d78593d0bfb21f39fafbe745

    SHA256

    c28c79bf556b6d45bf95ec347f63973d3354308e53f3f38dc8e09c78cb522b7a

    SHA512

    6ab6d2c20f404d53336074107e4565c6510c4252f1a8746dfc89dc2d90bf40207ada314b7f6510ad3abdcfb3072f91f3f01a3e06ab491943543baf5f65770a09

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2bf605d20a558ee6a9f60b933e05a07f

    SHA1

    d827a41e791c62c894a09200141dbe3b510efd64

    SHA256

    29f885488ba549cc423968b2e9c6f6603afb9b88af95d27a02748e0652e03069

    SHA512

    3667b357438fcfa2317f4f726502af54699c71c3c265714ccbc314df60e72c27a2fb16826c4041a2287396ccf95f303f0a156ac2e194c5f28b7ca1fd7614b69e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    8438fa105858270a89df5a3f7c4a8ecc

    SHA1

    275b6e27d40dcd7c409052d812ce8b2576dcc70e

    SHA256

    2d52c05a12acf5c9fd158d1d78990573380f87f132abba60c90a7c72e8d857ef

    SHA512

    9b577dfec50b2d592b283022eb089d037f70e89037f44a2fb8edef811fe2716b26ce4d5e1aa2caee9741abe5cf448bb3dd8e1952e1039aed26cac679ff4fb01e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2F02.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit