Overview

overview

5

Static

static

3

TypeMgr.exe

windows7-x64

5

TypeMgr.exe

windows10-2004-x64

5

orange/COMDLG32.dll

windows7-x64

1

orange/COMDLG32.dll

windows10-2004-x64

1

orange/Image.dll

windows7-x64

1

orange/Image.dll

windows10-2004-x64

1

orange/Image.dll

windows7-x64

1

orange/Image.dll

windows10-2004-x64

1

orange/MCI32.dll

windows7-x64

1

orange/MCI32.dll

windows10-2004-x64

1

orange/MSCOMCTL.dll

windows7-x64

1

orange/MSCOMCTL.dll

windows10-2004-x64

1

orange/MSINET.dll

windows7-x64

1

orange/MSINET.dll

windows10-2004-x64

1

orange/MSWINSCK.dll

windows7-x64

1

orange/MSWINSCK.dll

windows10-2004-x64

1

orange/Skin.dll

windows7-x64

3

orange/Skin.dll

windows10-2004-x64

3

orange/StoneXP.dll

windows7-x64

1

orange/StoneXP.dll

windows10-2004-x64

1

orange/StoneXP.dll

windows7-x64

1

orange/StoneXP.dll

windows10-2004-x64

1

orange/Type.exe

windows7-x64

5

orange/Type.exe

windows10-2004-x64

5

orange/VB5DB.dll

windows7-x64

3

orange/VB5DB.dll

windows10-2004-x64

3

orange/VB6CHS.dll

windows7-x64

1

orange/VB6CHS.dll

windows10-2004-x64

1

orange/dat...in.htm

windows7-x64

1

orange/dat...in.htm

windows10-2004-x64

1

orange/dat...ol.exe

windows7-x64

1

orange/dat...ol.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    133s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    04/02/2024, 03:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    orange/data/dict/explain.htm

  • Size

    262B

  • MD5

    8648909621e1bf8c0332d285dca9fdc9

  • SHA1

    19852cf0d6ec3506611f1892bf80e03905c9e0f6

  • SHA256

    6f9c16b3b944b13a8a41e60fadd776ad318298ea63a8f6a35efe3f156d0b9ba2

  • SHA512

    6823bbf7ad12c6ebb3506998ae53d782343144ef4c8ffea013a294d9253e56fdf3ab81b29c4d9e28b23550349a6a441e5d08cd4f48461856533eb01888c54d9a

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\orange\data\dict\explain.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2224
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2224 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2056

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9ce0d5d460a7012024a906a507156ae6

    SHA1

    e07b9f878e82a8aecade3baa504a81226744a9ab

    SHA256

    9b450fcac0f9c84133e042b5021e68af2cbedb4f67339806089aff6f83a21d20

    SHA512

    729c5d5ad1da5818399236ac119175e46fa8749b9767be8d325ad2c38bf900a5830de13c70939eaeefe7fedb16c2399180db6b0f5b3efb26398792c7ae0f1ceb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    541bd9bacc11bb33a4a1063fe97dccc6

    SHA1

    a948f9abaa8d2abb77b79ec3cb562edffec39fc7

    SHA256

    535de03e14284a16dff35f61d720eaad4f6a292915d22f5c014d857bddaafdff

    SHA512

    be0805f6f38cf5661ac39b36e21bf31273a9f5f269b6dd15da00d45a985b32121f52428a754036047b6adf5ab57bf9db42f454fb411180482a00d214819a066b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    829d8bffcdefc905f96b73af948e23e8

    SHA1

    3bf0d74faa0297956d1d5b6d8ffb0120423b7867

    SHA256

    e6695c1b5eb6cd5434bbcbf8fc98545634b2e3d19c7e9f6305526e626c5d84c1

    SHA512

    c543f5e7c873fde365cef279d1af9bb14ce44f16eb299f95ec6de39c04ccbb68df190129799bb9d1d10903e469ac307e4445342f322b6eacd71c80acf7dd458a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0f4db9f957367c5e3cfb3a9277657ec1

    SHA1

    59bf49c92819d6538672f221029cdeb1ea1818c9

    SHA256

    9d89997880be8ae596b072a3ea29a0633b44e7a65b891eadf5d4f8c49ee17913

    SHA512

    1472c843e46605880ba118f46217c272954ede63cf3d44a37a33645a49700afcddc1a8e5f8677c7e4d4f7b66ce4031cead003bf9744f52ab2df860d55f7b9071

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6f4656d7e206099cf57c0e444a975028

    SHA1

    fd9b29485cf2e4b2421a4544cbaf2529122be717

    SHA256

    ef7d2eb755aad984b1e5ed47d6be63992da99f68a4deb83ac318f75927067e34

    SHA512

    5e37c9900a48e2b2b7fdfc7c9c638cd5809036bb818e1fd43342bc349635906e7ad0de526d09698b60588823c1968b1a17093a1f574ebb491f6f0c0fca9222d3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9edf175e249f324d9d432b76daec2701

    SHA1

    33e8ef0a18f136c61c25ed149a1e6165c6907231

    SHA256

    48301730895984e9decb63ad9a4d5efb9a5288e09db7960d4649218100165f12

    SHA512

    39e3e8496abd2789ba9641040c8ab6a87321762f0308bad90f78125c69ea918681af90bf9c634631afe8ee270a343e59a883d53d75fa09b383ac2eed2c2589f7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    658460cc14f96d50ba2a3f2e2a6ad4c6

    SHA1

    94582d1167b9278a42f7f80784955eb4c39178c7

    SHA256

    09c029b4052b35c3202a33f33f5de38910ccbd319021876e8391a949eaa1ede3

    SHA512

    f91683c3ad397a06a00d707dee2c4f18cb3f85a888154b9d2c0678771a7309e500d0ee817fa98444cbaf74a715060fb721f15ae0768607ae886a39f61c690c58

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d0faa624f90e01c4508eaa6c437dc12f

    SHA1

    0c20c68b3066460b62105e3ea4ee8837a238bdd6

    SHA256

    56e4480deb78a4094910f3cad76557ff83da025cf4e1f0111b90c056208dca84

    SHA512

    c617910bee79f325afd5f1275f7d52678c29bdb656cb1c059d44b368ba640348678f64ccd0ffd75ff170dc3d3aebc8ee05a5b9f5de686b9a35752c73094c53fa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b6e33cc96723f97ba64e3c1aa6ea34e4

    SHA1

    f2c17aefd6aae3cbade8b764bc57c634506d7633

    SHA256

    7a3fa5b53e413567c77bfbd89e9c2af7fc0923faca84e644ebd38ac3df72538f

    SHA512

    1656c786f67bb79edd92f9d5985dae75cf0c8e10116c5cf1446ae191f1004e4e4dc2201a288181ef44032c2066e5b15a0c86437f262563d63a9697500b249cba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    493c7592cade9cd491ab2f3588ff4de1

    SHA1

    8e673266f9b5ebe52cc86b9da79e1b66c5abfaea

    SHA256

    8a74606df721aac6c521709d9c250d17cd5980c63b024d0cc7180506b5453048

    SHA512

    198ecb62c8f6809fc01531058dfc3dadb5aa3603d6bbd2074cb07b449e5cb5e320bf6f9a46d7a85a414d732d00c6f1bcf285d2d0d38a1562ac01fce5a24e7898

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ab9cd71b6a464ab0755287cd3a39df31

    SHA1

    5707f3645a1dde9446d0e433bf00a4750417f219

    SHA256

    b2f1e9d295ebf62ea59855b2bd2342063df616af5eb9404819c1ec4b0f3c8636

    SHA512

    ba8f0e66484bfcb2d8aedd0d7e6cfa2711a856a7d889913d01ec2ecf8ef23f1374f37dc22a33abe89f7db249c200d82861767b21fffde6825aab257350d199dd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    54f4d0870c11a3550cf48d5c0606a116

    SHA1

    14de47042d184ceb460cd2b6f8f09616ddcec431

    SHA256

    445299c701ddd2604213d923ad7448ff451b3efee6932f8adbedcee4cbe68041

    SHA512

    abc693dfe3b7474499e68003cb434cf733d3f4dc7cdd546ed885325c1bb752d311dda296e91e1832590722dffdf066ba7a08a44f49f2ece309f81cc67f4c4b47

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3a4793bf0068fee4246c91d49d4969bf

    SHA1

    9c61e21d7cff8a315e9de2375dbe3936166c2276

    SHA256

    6e9efb891853ea76ff9c40923edcee1819d100dbc02cd6ed0df0b3bb19852bb0

    SHA512

    4835f73933e772bd549060f24652e72a9cfe0cb982fa0fd6785f31ebc79a865cf6147b42a8f3fcebf24bc1e5bb1ffe2e1cf853f3f356ca99d16ac1a8031a0863

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    43670c9f6b7f7a352744d358505af2a8

    SHA1

    efac35eebdd089c5186009a0d889aca21378b285

    SHA256

    db5ac88bdc4d1b0f40cef0190099ac995d8016d3558164c0336463dab5214c34

    SHA512

    72b56bdf2fae0109931f897d903d83d4452bc269b74632470c3b60439b16a969a93b6683d828efe2cb234439b672eb777f62be3f9fdb143eebbf1325dc927ab3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    257ed6dbfa9d7c917bad83b4bc0d0f4e

    SHA1

    e69316911472fae39ef6b23e736a2a2074688adb

    SHA256

    f04a1f5541040315e13f2af2ec71398b6aaa15a9e67a2bed67e07529242aa7f7

    SHA512

    b97b187b16dda6aaab3d3af88e6484ad38787c8a8932f0380e0a32f1a4ae6223fabb686e37ee98e580abb3591897f335f58a702819b10bb93614bbabeaa92814

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    43c15f3cf1b84c8e86e1a3fd819ff81a

    SHA1

    f67e536ed3ff8681fe1c5fd69c9c5ecbc6acc798

    SHA256

    8545f44eb7c23b22ec5adddcd47bc04bf69033aca3a696ec81371c0ca306a8a7

    SHA512

    5315396705a92806251f32b3b1bfa678ae37d039c36bdbfbe86c13c41463dcc0e5d62076f87b9ea26502eb0c6918a6efd3f59edca390f6fcc3b8b69821610dad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6770ef59852eb1d9d1149ac9ddd3d79e

    SHA1

    ee6b5f9789ddd5a351ce820621223ffff98835d1

    SHA256

    9813088ce00ff972df5b7aa282cdcabcd72369c9483604b6891f99d6b168b4d4

    SHA512

    0bdea36ddab6692396a66a4569026a542c364398447118411b39ddf7f40165da0525fefbf6ac08eba966234c5f8685c5f88f8052bc25ad8555b9b101c1ce93b0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f7e8839fb416f76d30f8b22c4d0a1ef1

    SHA1

    2335900e90ad9ace0fe1140865d56f0b67e44ab9

    SHA256

    03ac0b1fad2d536ddf7ad7a2da25a94bebffc648e10893d469841866817762c7

    SHA512

    d7aa89fa2a650c94961192312ba8cd2162bbbb288792e842f787a2f69d420fedb58bc90b7078014685368a22a556f12281249322f8954f295c16051dad242571

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8e3ec5935b5fcdf937ea0fc0d72b8e3d

    SHA1

    aa0583c758218a0872fc7239b17237ca614e2b83

    SHA256

    3ae50de7f749da6651d5a88a46a9653f674a05ec38cc7e6aab911ba792d1c2cf

    SHA512

    e2eacb44ee4378c9252c94abc6ec6e7438cb848257c5bd1d05195988d841d9f74f0d118459b469d70558770fb4182dcc9c2e61e324d9d31b0776d4524efefb38

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab239A.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2439.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit