Overview

overview

7

Static

static

3

LometuBetax.exe

windows7-x64

7

LometuBetax.exe

windows10-2004-x64

7

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

LICENSES.c...m.html

windows7-x64

1

LICENSES.c...m.html

windows10-2004-x64

1

LometuBetax.exe

windows7-x64

7

LometuBetax.exe

windows10-2004-x64

7

d3dcompiler_47.dll

windows10-2004-x64

1

ffmpeg.dll

windows7-x64

1

ffmpeg.dll

windows10-2004-x64

1

libEGL.dll

windows7-x64

1

libEGL.dll

windows10-2004-x64

1

libGLESv2.dll

windows7-x64

1

libGLESv2.dll

windows10-2004-x64

1

resources/elevate.exe

windows7-x64

1

resources/elevate.exe

windows10-2004-x64

1

swiftshade...GL.dll

windows7-x64

1

swiftshade...GL.dll

windows10-2004-x64

1

swiftshade...v2.dll

windows7-x64

1

swiftshade...v2.dll

windows10-2004-x64

1

vk_swiftshader.dll

windows7-x64

1

vk_swiftshader.dll

windows10-2004-x64

1

vulkan-1.dll

windows7-x64

1

vulkan-1.dll

windows10-2004-x64

1

$PLUGINSDI...7z.dll

windows7-x64

3

$PLUGINSDI...7z.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    11/02/2024, 19:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    LICENSES.chromium.html

  • Size

    5.3MB

  • MD5

    dfa12f4edccb902d7d3b07fae219f176

  • SHA1

    c2073440a5add265b4143de05e6864fed2c3b840

  • SHA256

    501f0b7ebf0be7ed8702d317332a0f8820af837c0a2a1d7645ba04352270e2b8

  • SHA512

    eee3a8e0eeae139ddd9369d0869c29c91007bf6c5b0d7982918d5a013214a9e80b9233e7c1ccb43124152f684f0b782831b0a6b3d126558261dd161230004e50

  • SSDEEP

    12288:FetnJnVncnJnknE9RBvjYJEi400/Q599b769B9UOE6MwMGucMEbHDuX04nNWQFna:WbXZ5IoWSL9bcwVR8mf+/cHBBaRp1

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2128
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2128 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2756

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f974ad891fb02eeafb7669b7e9a6474f

    SHA1

    d12888843708d1fa0134f275b5a3f8414dda877c

    SHA256

    093460aa1dc3bbbad5f5e4eecc4118f43262f58072555e99b0fb3338b56e52aa

    SHA512

    6f78a96a2df45f91b00f647667846d82305e370aabbec1c35e0e7423f84cfea5ebe3f41cbdeaca879b70e7814ed51a62598ede616b63ec4d7b936c9b2d6ca944

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ad346fec6586670d7320711943d8cb5a

    SHA1

    bf08269506d08870f76958264401ecb52d6d1eae

    SHA256

    de40942f3e46d9f0996fa66b9b5f1671a7dacacd15066ce88a9b6a8824a7b1a1

    SHA512

    3d1b34534002c35ee152a38ed43eda126dbd67ef47e32f376070cec7db068bb5367f95076e445df84b387d304df0f4a29f08cc975ff100b03541312cc02f5869

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7f0376fa205fd28325f604c6e243460f

    SHA1

    572fa1e41f91bf7a6aa6999b0a251c2c7e633f70

    SHA256

    10bd3c03fc8cf36de785dc64a77780c4e156c5a91f9f2c5e54bbb16ba03ab0a5

    SHA512

    93349b40acd4187e74ae8da9d8229b15aefb7d94c6216c12be56cc501f13052645e2ba238a603094e37c88dac5518aa9bde099d3d1c3fedf3a6d5eafdaee8f52

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bd6b9f1266a49ca868f135e0250b5114

    SHA1

    daf92166684df5f86b9d7caffd779597d6948a21

    SHA256

    7676c2883a3cc9f9ef8b894b217a3e5af5d566ca4f39aa200f8bf2fe174dbd91

    SHA512

    5aabfdc2f551453766adfa6187341f6527ea059a440a23920931e51fef02b8a7fd5e9f5e00a14dfd36364b2c5a311f1827b01cc624617c105183e2b2a4019240

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    867b242978200878b03ec4524d582e55

    SHA1

    a86c7c89d6ddb5f8e3ee0eabfd507f0bf70fb635

    SHA256

    17b533bb44df7df08533d1212d747019b4d755707ea7cc4544c4a52fc5087034

    SHA512

    addaa867dcdff318c1f5c0f94d6bf3eb6dc79447c3f571d9e21c96814aaaada365f615d9b66e835e75c8bc6b24d26628bdd6c6a16e673a0bedfce5c6afb6b11b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b8a241893c9af0601da1c773391ebdf1

    SHA1

    750cb85d3b24488926bacf32a1de9a5f1db06835

    SHA256

    4f56ebd5cac97788585bbcef6aa4a1a99395fb2d06e5ea3348f89f66fe6f39e2

    SHA512

    dae113a91265feab554d95b6f423a399ce4304e32aec5f2d1424c069f10264bcc3fe42889bb3da148260a2e9ee3f5bcb0abacddf9895b37f65b48cba4491c2b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    895816c3a2635aa33065fc538be3a39b

    SHA1

    f160358d49cc852fd5082bc420f8d54c179d227e

    SHA256

    2332b5c8a4a5e6cf2b50301597cf932607e97f734b9656aa38ac82c5fe6485cc

    SHA512

    91ea2dec932a604b35ec6fe52cec96c684e136e45f538fc3ca04d138693d49f178d76d3f750cf909673cabb3283dad05411f91eef701c6c142276d389189a173

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8e625569166ad8f5f76f0fcb4973e3aa

    SHA1

    656660d432038d838112d340951c2602a32613fa

    SHA256

    91aa42a67762fd6c5ba5a3746e7c75ae420fd3c3d0e54b55ee73535aa69fcb4c

    SHA512

    a98bd843c0d608a2433d3f14c13536d1b9015035675f2d330399f7daf200573183365f4dfd5035f9640f8c7fbd6e4d46e071309f70de99c1009f507d75e59628

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f208fc7b8452fde722c5b51ab7afd8c2

    SHA1

    ea7541028d11ffde9da706719f5f31856ae6e160

    SHA256

    c6a2c60d4664783fe0232cf4419f2f6e04265a2f15c7cca211741d64d2896435

    SHA512

    b2398a69a203c1f80265d6392f7d43107bceaf819af5764fc9bf847fc8eb5106f64d8fc8a9cd6b2e91c3850c9be218a014c887184735450e1b5aebf1895f2b01

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9d5830ca401da771f82e5e3a092643ab

    SHA1

    6dd50a565f4f68faa1a083fbfb2de91571111b69

    SHA256

    46f7f8aeb201bf0cfa49d899f17cb49c831bf442388209f07a77fb7da72d12fa

    SHA512

    735d92649f696467f18f84ca83385bd6d69fdf3ca4f1e3d78e31c20bb03f5f7e2f7615a2b1c55ce691b4fa3f0e92cd61eb8601a16f811719fd27e6640aade43e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8d054e03cbb3399a690e9f056294cc9c

    SHA1

    00d7db5a7ce7c66b3d15ac2b1ddd6fa61202ab89

    SHA256

    bd064c9a7a68076ace2889c463505e0473c27d7863f0627db4526931e96cbcc9

    SHA512

    7c8d817682c14dc28a12007bbb4e06feea9fec65bdfdc4bcfcd8e60d276d2f12d9cc450b84541069852ee78ba4df824100ce336a3b474e27c4191418337b5df3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6be768e2b29c371e295b6aaa233aefda

    SHA1

    6f0b87623d80ab828126d9a9e469474e3f5b723b

    SHA256

    ab9743cd266f501928de3b98722d9dd6d958bc2b195d5aefbbe0824d2c9935b0

    SHA512

    51516449f56be7c8e2831e1f6748ae545fe319016ca6ccce181f846953a7e7b93148d14ebc42910d98df508fa3c8c16239e3852dfba1a4e743fed14e55a966bc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f1a3b0281b9941b6a272bc39757059a3

    SHA1

    a74193096f7ddbbb70e777bd7273bb8d106b2898

    SHA256

    818f658ac148dd8f323e1d637cd3f0edd35a89c0d8ee3a8dbca8e09bafeaf995

    SHA512

    bce8cd22747303516327b3c738fc762ac74808a9591440372c16627f6a795e2af3af83456605c3f953b24354d2aca11b6f7d8b95de5bfae4d5fc23ff15e7ec0c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3a80f8f78e05d4e32c4164a7626961dc

    SHA1

    6796e96ced85d054492cc9b2c8124fccb7aae8ba

    SHA256

    dc5a333abe8742a990816d4975f3cce0fbd8a7be04b4b9d5976ef17cc86bfd5c

    SHA512

    9a00574f1c3d5969c6966cb4d220d6ae921c58076282e79051edace4e5e048c9759ceae1715a5e5d4be36b5af066b3c90d88041549a1d0ea0470f4180c70e1a9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    48741958ecf1624a0bfd5331504df91a

    SHA1

    7fd09ee404c0730d9a23455e3035b2740e72be10

    SHA256

    7ba0a88cb2c3cd4ead107b6156fb7e282c74f74740d31efa5eb3c443074b6097

    SHA512

    22049143a5ada6af6da6f2fc87e6b7d75190077a5cf0dea824a553a63ff5c272c8468af6f59e335c87aa9dc6dfe834c49f2ba0d0e738bdc59e4a623aac6c7c2a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    201c251a2fe98b3c69acf22389452ae3

    SHA1

    b2cf3d85f93b4b33168d6466928cd35254012aa3

    SHA256

    a848fcbefc2ebd63f797e6c81f0c722548564508bd67b44380b785d33b6b599e

    SHA512

    de88c1cb317ca01ce0fbe1dfc5f9d1573fb86fd2a08da1822dae20b2577a874f1f991464438cb18017c031f3f415944b2737012a75c2fc83a0ebece49f3c336d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e37ebee7e74ff43c0cb00c62994d7a2b

    SHA1

    a3d86eaa319b97a2287cbc87e308fb6186f8547d

    SHA256

    5e8ca5ed9ec826c5dbd501e0cb6f47d2d8eb28927ab5e3894fb51d5c8182ef8d

    SHA512

    7c993555f1cbaeddcdf0f48a7db3d6d01524dd382e2cbb230b306aa3affded60f72d9130360a33754325a92dde34220ff0d5cb0d456ca0498af6b95cba8654c2

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab4348.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4408.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit