Overview

overview

8

Static

static

3

EasyMC_Set...64.exe

windows7-x64

7

EasyMC_Set...64.exe

windows10-2004-x64

7

$PLUGINSDI...er.dll

windows7-x64

1

$PLUGINSDI...er.dll

windows10-2004-x64

1

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ll.dll

windows7-x64

3

$PLUGINSDI...ll.dll

windows10-2004-x64

3

7zip/linux/x64/7za

ubuntu-18.04-amd64

3

7zip/mac/x64/7za

macos-10.15-amd64

1

7zip/win/ia32/7za.exe

windows7-x64

1

7zip/win/ia32/7za.exe

windows10-2004-x64

1

7zip/win/x64/7za.exe

windows7-x64

1

7zip/win/x64/7za.exe

windows10-2004-x64

1

EasyMC Launcher.exe

windows7-x64

7

EasyMC Launcher.exe

windows10-2004-x64

7

LICENSES.c...m.html

windows7-x64

1

LICENSES.c...m.html

windows10-2004-x64

1

d3dcompiler_47.dll

windows7-x64

1

d3dcompiler_47.dll

windows10-2004-x64

1

ffmpeg.dll

windows7-x64

1

ffmpeg.dll

windows10-2004-x64

1

hostsremov...er.exe

windows7-x64

8

hostsremov...er.exe

windows10-2004-x64

8

libEGL.dll

windows7-x64

1

libEGL.dll

windows10-2004-x64

1

libGLESv2.dll

windows7-x64

1

libGLESv2.dll

windows10-2004-x64

1

resources/elevate.exe

windows7-x64

1

resources/elevate.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    185s
  • max time network
    210s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    02/02/2024, 01:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    LICENSES.chromium.html

  • Size

    5.2MB

  • MD5

    4247afa6679602da138e41886bcf27da

  • SHA1

    3bb8c83dc9d5592119675e67595b294211ddbf6e

  • SHA256

    bf59a74b4404aa0c893ca8bbe636498629b6a3acdff4acb84de692462fd626e4

  • SHA512

    ad3103f7fd32f0ec652bc7fcb8c303796367292a366037acad8e1312775cdd92c2f36ed8c34a809251ad044508e1e7579b79847de61025baf8bda5ad578a0330

  • SSDEEP

    12288:/7etnqnVnMnBnunQ9RBvjYJEi400/Q599b769B9UOE6MwMGucMEbHDuX0YnpWQZG:sPMM5FaWStHvmUKItmfDTeHiVQZp4

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2660
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2660 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2824

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c5316166f8d6307dc5d51c0cacd5d4ff

    SHA1

    ae957b32c95ba5f9ed152b0c6789c25c61a1d8b7

    SHA256

    bd6e762916580953eb818316822651634e96407c5d260a50e1704309008e08cd

    SHA512

    a3f12b65a854211bd0c2012847470600b645a5032a937d12fc41e358c0d0b862efc1bef9fb58d6351bd3595792dab63de45236355d411aac922ce2effaccfec2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    51cab7469fbccd0ebd042274b443af52

    SHA1

    c8a10716661eb9c6f475a1ae80a4fa1a9695c1db

    SHA256

    ccf3c9f03dddc3b5888db8f3b43ccad6173ce4becc0e2b526a604a5e001254a8

    SHA512

    4b1468e166f050ec1bc117bdcf7dd3479eb98c5594ae2eacf2e4923eaa77050ec384bb008bcca1de77eb1399b78b63cf594e12157608cecd3b0851073b8306a7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ab41eef5ac923e2292760a2c61e5281c

    SHA1

    6e3110a5b58e7db5d0897a0aa48df3357d12ddd4

    SHA256

    39c1c8fa73f26203ad952d0ab216abad573456e997eb5b35074aa36b4cff1b37

    SHA512

    13f464d3b20ff3376e8af13bcd6c5973ae7d9b3ce7dcf4a4668c63d1e7daf19ba07a69044a3fa23163d982fb5ea123c5b60295867542713781f009a7dd11c8e8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    20eb258f9fbcb6b5960cdffbb311aa90

    SHA1

    0725bb9c510fa9ac72aef6f0b27af79aaa152c54

    SHA256

    8a46f0931261031555de0872e9b6e49303b58345d4beb36a19b613d988115f0c

    SHA512

    e013327b95429738d4a7f443fbda73aa5337d178a29caf55c55d2bd2833cee4be8ddfc0a331e2993d8deff473bc75a4bf5e5f45a1546126072bcaaca71dae93e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ee06a87e309f3b6c58b570400c5d41a5

    SHA1

    b74f8f13ac4d8eeb2753afbbeaacbdb2bbb7e290

    SHA256

    6efa014d8779e4ec4846c16a3c0d11975583f8142ad43b5acd883317689605f9

    SHA512

    86a430314c7b6316db23621235767ec380c468c4b1cc5cdc94eafe69779e7aa4d66f37621e4220c8f5cdce5ac8e749d27ce950b4e48db82d45eb064e4e8689ea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    db412603c030bdd68a55131e7fed73ec

    SHA1

    abd9d337153a2a4c5353337f4e4a0b7b3818f7f2

    SHA256

    4da3e6f91fd269baf64adb893b4615f847b9bf57b40751400db0b24d4f900882

    SHA512

    844a101506dfece95606881b5b606fb0e8a7d8899b33e2b146a4655d59a73e744f5f73b97279cbf5347b4514f630eaddde9368cb19048cd69d65c70fac3a393d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    90391307d7abc4d3673ca30184813e8a

    SHA1

    473f05b4e5c8b2a54e1a733cddd11f513d80f2a1

    SHA256

    15e4cf2880c4635b1d780526d066e329f1e3d5cdfb630c4c0f4bfd62618c55c8

    SHA512

    67c915d056b2c3b3080028dde728fb225963b946242c528483240b72a7ed64eff72f03bff504a40a852727ed471641b8afb3e3562e5a7d7f4e7aec05b8006316

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3993457a2a068d23b0dfaa128d52cc47

    SHA1

    26789cc1a6bb2be3714ae5c224c1ae65b79a4667

    SHA256

    a9f155f4aaa74e01b76ed29a453b0275d3c5154f9680203301c18fef1cf7e5ce

    SHA512

    ec06786e27577830f3540ab496daf93a9b537829a18d5e74ffb7e3e49c068da03a91a610574db46f2d20e33f28bc2a3768ac89697b482110f4d67bd83569ad99

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    edb3fb93512152ba20720a1e18e17fb0

    SHA1

    f31a72ed1c3d52820da4b72936a2cf1a83b09074

    SHA256

    661ee7e4d5268b8bc9127d8d7b72f22d45b75eaafe2b688fbde2af3ab45a382b

    SHA512

    856e53a9966dc27d9256803857512e53f9e86243958de7d66022eae104fc9be3737123ee9fa858b58537914e5caa056d961b6c968e17d65f2c07579962057c21

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1ceee9744d83a9ec6856738b6fdac075

    SHA1

    1c63ef2bae6a8e831266328492545de03fae5188

    SHA256

    15ae32617dce0ed94df18fd45de2ab42dc40af0cd9faf6c90c023c878ea430ed

    SHA512

    a2c897fa449ca43be288b23d13d123a492536045aaa426fc738b33f5610a245b15c14dd7c468f139cc925b69d269e2c78eccbbcaae656a89695e36e723b37e31

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab87AA.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8BA3.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit