57592254f64b3e2a820d102d9c3ba74e925bcb0e9b9b763a5a1ce9ba648adcfb

Analysis

max time kernel
141s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20231222-en
resource tags

arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
submitted
14-02-2024 07:26

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

IEButtons.exe
Size

237KB
MD5

6fd2cf26fe898266ff6fbf1c2fc487d4
SHA1

51a745feb663b640691180e1b1ff491d916bcd15
SHA256

0b12138756bfacd97404e60ce23c7673454b0361fce92f922db4e9c6df2801ab
SHA512

3f1d5736d0b8c605c4c78dee8cab9eeec8a5ee3197aae072431b203109655c12b91fad77bf377fc4efc66c0ebf373268091489f5788b2235a1839f410ff78b5b
SSDEEP

3072:/j3hbuuNte1K5X3j+toZQODmSrdC24KIqZz7V9rQ1w1i0X7p/xuFmCOmYqEjPFII:DEiwkl+CZ1Br4KnZzjQ1OLJSOmYfj3W

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 1 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions	IEButtons.exe

C:\Users\Admin\AppData\Local\Temp\IEButtons.exe
"C:\Users\Admin\AppData\Local\Temp\IEButtons.exe"
1⤵
- Modifies Internet Explorer settings
PID:4636

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4636-0-0x0000000002250000-0x0000000002251000-memory.dmp

Filesize
4KB

Download
memory/4636-1-0x0000000000400000-0x000000000047F000-memory.dmp

Filesize
508KB

Download
memory/4636-3-0x0000000002250000-0x0000000002251000-memory.dmp

Filesize
4KB

Download