Overview

overview

8

Static

static

3

LGS_9.04.4...ch.exe

windows7-x64

7

LGS_9.04.4...ch.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$_32_/1-LG...PI.dll

windows7-x64

1

$_32_/1-LG...PI.dll

windows10-2004-x64

1

$_32_/1-LG...up.exe

windows7-x64

7

$_32_/1-LG...up.exe

windows10-2004-x64

8

$_32_/LogiKey.pub

windows7-x64

4

$_32_/LogiKey.pub

windows10-2004-x64

3

$_32_/MSetup.exe

windows7-x64

3

$_32_/MSetup.exe

windows10-2004-x64

3

$_32_/Setup.exe

windows7-x64

3

$_32_/Setup.exe

windows10-2004-x64

7

$_32_/SetupDll.dll

windows7-x64

3

$_32_/SetupDll.dll

windows10-2004-x64

3

$_32_/ui/h...s.html

windows7-x64

1

$_32_/ui/h...s.html

windows10-2004-x64

1

$_32_/ui/h...u.html

windows7-x64

1

$_32_/ui/h...u.html

windows10-2004-x64

1

$_32_/ui/h...k.html

windows7-x64

1

$_32_/ui/h...k.html

windows10-2004-x64

1

$_32_/ui/h...1.html

windows7-x64

1

$_32_/ui/h...1.html

windows10-2004-x64

1

$_32_/ui/h...f.html

windows7-x64

1

$_32_/ui/h...f.html

windows10-2004-x64

1

$_32_/ui/h...t.html

windows7-x64

1

$_32_/ui/h...t.html

windows10-2004-x64

1

$_32_/ui/h...s.html

windows7-x64

1

$_32_/ui/h...s.html

windows10-2004-x64

1

$_32_/ui/j...ler.js

windows7-x64

1

$_32_/ui/j...ler.js

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    20/02/2024, 20:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $_32_/ui/html/Install_Overwolf.html

  • Size

    11KB

  • MD5

    d5adcc16fb62612d4d903741a892563a

  • SHA1

    d6ce93c3d27ebe263a3a76a925fa9a21098f7345

  • SHA256

    52cee8720c1d65e37bc4a2894ac4a3e06e049bd4a70035c790c2fed47874a527

  • SHA512

    a3b792f9e2deac79190fcd7c3ec22dad5b388362b4b40ec743bb285abba2c71be63f56ebb35630fda551dd11fdc759f531ca450bdb18cb205997d707225ed684

  • SSDEEP

    192:bfZ/h4vG2sw1iwEiMlzMF34XHDidWifpo06Aug3H0LSTk/fJAVKUmPK2mFJA/5Fo:LqibiV4XHDiEifpo0bug3HN+qVO7oZ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\$_32_\ui\html\Install_Overwolf.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2304
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2304 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2004

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4d13d6a76c29751a96d6ae6ce1e39d06

    SHA1

    798b75c4093b06ea360ee6d70a9fe4bd22c73679

    SHA256

    8fd6960dd05b0c2f8e426a4083f11a51ef5aa357665c5b40f8df36b145ae12c9

    SHA512

    faa5aa96423bdbbf8718d8c7597c078767c28aac9f65369f95b34106af09aff56e0a1362b0cc78ed590c9b13f81e842a0cce51d944ae77630b0c868e9f29bf40

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    05da8badcfd7411e619a7914da767412

    SHA1

    7c78c78f6070663371b01aaa1846b92e2003a18a

    SHA256

    9289fc314e4e5a96a776092102e85378c4a857f7229e8e41b57b8c2926aa345b

    SHA512

    7bbef73cf1607e275a629990b12ea22e29dbf080e1ad3435461dc0afaf07f8dfe8d2fb6c7313e229d066946653ac5c23b06ff7324b9cd85b3e616431b7000c5c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3a186bc38b74f9da876541faf3646379

    SHA1

    91b34041f489ead6204058a073a9c19bb5fa9809

    SHA256

    b1d5ecbcdfa1597702f121fa12b9312a84d3611a0746829f950e4f829eb8621f

    SHA512

    f55a89ff3a2a79a15bd625491baba935c723283f6d9aa57b0517c9d88dbddac967a21dfd450560d25756d7f3b0954feb2d7c28fda675f11a21ac6e7c7863a5d8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1b08c7b2cddfe699427ecf4b948450fb

    SHA1

    d98c8e53c0b6833bea969fee25fad156a5cede24

    SHA256

    542e05c3d087c45f49a6767071b39fac9b6c81f3fc7b098a836e1b00131c3e41

    SHA512

    e64c4e52d02f3c1f242f90bdb2d7b1160789233fe377fd3673a416a1b24d094e9fa02796a19f59e02720c9f68287ac8d58f8713a7d72518616dff3558f917f1e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    60928d7a0a21c59adac563159b80d577

    SHA1

    297ff54a3a90ab7746de9d3ca50d374ed6711e27

    SHA256

    5d3af5a6ccdba699c1877fcfea9b1ab4aee3490f5e414b762611d51a9db01611

    SHA512

    59f9bcb6502f38c634142656b281897b061bd2a03344f18144a22fbe1cb508cb7b44b97b14ecde76855ea5e74bee1b1af7bfc747b04bc9685021b3158c92c5d9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    70763590280e5d8c6f91c2734e4fea05

    SHA1

    7558b8393fea0d6fd997df43b3b7e2887540d033

    SHA256

    87ddfef074df992f915cc9f196a2611853747428092a89c056d356cf8e94ca40

    SHA512

    a32818e7d8f075cc68668b356fcde2f2c476107dc5deb4af63261bb0df1de39417cb91a22ef3d51722dc2efc0b3f270658a76b1170b43a2df517ef935958a090

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3cea4840a4a8291217f8b19c5584a221

    SHA1

    9ee9226e4efb34312e8a146328803fafb2d6e103

    SHA256

    4715278e1e8fc57f0477c1e89cb946b4f7279f4bfa0c6f4c9f40923959ea0515

    SHA512

    18dede31f0c12604e061de23c1d1edb82383ba0c184638f15e009f5bfc1cfc01cd216290f94f42c1efd229cb93f8c95a4adc4aa4441b98cf46a72f214a2dd4b0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d50e59eb5657b32ab9316b97488242c7

    SHA1

    5c85a73a6c3ffcf991047da360d50dfcfb93aebd

    SHA256

    650168462f812cf790e658104dc04d7ea82095ec37c054a433d2d681dc81f9f9

    SHA512

    d234333eb9fd55ffd896d48d2571c28f70a316ee999178e48e206bbf6743eece70cc8fdedc3fad2e3cfb4d48c8c4ef278b751526dfb60bf7bdfe12f1e4c2bc36

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    44681fca3faa516db50a4240fdff6454

    SHA1

    2824da5742cd1d3b7fdf4ec669db53b6cc44c3f8

    SHA256

    34f95d46e0d83984672920d14d62adf3684fd005811375a09a1148c628814c92

    SHA512

    805b46fa974ecb081941a159bee98d93e60507277e0335b1cb32960b05babd56806569244b87314926509d3c21187c71ae74d5e09757687d920468279e0d9a77

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cdc72ded47339061ed183a1e0c95a6a1

    SHA1

    27a48385f794a15ee71172fe1937888a75066eab

    SHA256

    1e79a2ff8c2f6b766980f8248a23d2a1fbe61dfd9f053ddf6d0134ed208cdad6

    SHA512

    0c862e9f919ec0e1e8bdbf9b8d4d0d843ecab0facce0ba25e24d4780dec8f2ed20395e9838eb3329b5e74fe59922fa7c434526e4f9600711ea2901a968b99a6a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    84204eef0cf7ba2c52499aec8cb738ab

    SHA1

    c0a9340e482cd5cab43841034aa12636bb63288d

    SHA256

    62777b45e355480cfdc51a2544374e12ee665aa7f69bc9418f72d0681c768742

    SHA512

    9ae515742d42a8987f5bcf096151e9002d59f6362e32d9f084bef83350a5a414ac3076d435e3a5cd009c5038181a2a8b070f24048442b0bae0692e1add21efc3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d4caf38408fdb0235fe0a885e7696f42

    SHA1

    2b5f860be9b92363b486e6457a569c45b144f1b8

    SHA256

    86f04c5351246baa99cae752f0bcd436f3e28fa0b662f5208fcee29b98cf871b

    SHA512

    5938577ff54860bda260b6b0f02d50b86400765c20be8b0561a4d6ca66defe3c21741604b2b5f34df5c748d5c508f35719249dd1f729a498f63375e277a23c0a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8d47f48cfa687f47d2948c86bba8d6dc

    SHA1

    2ff1724e2d8de5078797fb76a9bab271e129592a

    SHA256

    70aefd6bcba36cc7ae0da9db3e2939d9723b48735b5d5db5118fdf6209c8b016

    SHA512

    15b604c71418c52958f4771324ca08e7fd63141df3578957c7d74702296cd06e596daeb05f9be1d2ca705a2aed6c8451c11dd256f8dc89f5efd932959132a09b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1214f2c8a3a0489a596044eca26ff745

    SHA1

    f3bea41695a4aa671a1f0374995159a9c17e9681

    SHA256

    52c04408b28d70deede8a3317c664c3285321c3fd9e7d0618f2058cee635624f

    SHA512

    17c24c0995ae8b972fe9b5fdb761f0af84a4693cc392cb82d2b5be839e2d3628f9a16d2b479333770f4172e8047da76abb511b1315fc1de3983237e6b2b6b5e4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4239b42c7a3ea2ec05444e7d7728dd4e

    SHA1

    c83b06162a557b423e1780d9795abc2646ab7634

    SHA256

    95f711d02453892722fd799e9b705147c53ef5c2458422b9b820359e93e5a4e3

    SHA512

    ef1c65a5a9e72f79de79ab0c6bc86a5ca8c2e9920a2ec2c8d5e5aff971dbdf44f49409301e267d3f4cc71d72a6e339cc850da09d8c9361c502b79fdc440d4858

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d198108e9302696417a2b001cb65bafc

    SHA1

    669bfcb029518ef8b0994e85fbc04abd8464a62b

    SHA256

    78a2d0700f91823ad27cd6109a31eabb8f8657984bd6e635da940c85f5e451ef

    SHA512

    fc3efbe5fc316785cab1c16f6700a2f223bf55712c88cb0828806bee9c3405521784fc7590720baa1ea7e1de0476ae5933b769007a9080a373c6eab40ceed792

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b39471e393ab6fcfd1db1a5a9211f19f

    SHA1

    57b0c748b341e3eee7d84ca200641dd5abf77aef

    SHA256

    c1a8a412e24bb90eb4e70f964855438ccad4ab9a27bca5fddbc3143df4a3832a

    SHA512

    19a4f21f6676ba7ec3cf2ba86488c4498eab6fb3bea5b797f2ffb54b5392ef16c00e9ae58a4fe094d61015dffa3e30575e6227525940e0434337e8cb5ea93144

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    45aed6084b66a8ec5540debe2f7c78a8

    SHA1

    8db70c857aca1c3548fdbacefb2542a118fd3106

    SHA256

    bfabe43d7a0a0c897cc7b4a83d9091d1a23d70c63a1a813514b7119297e6718e

    SHA512

    bd27fa48463706d5ef453f139797f1555d756e35a5332f9da13c08111ff900e959e9d03c79239f9e0fae8b1a4346dbcd656639e3a04c12a41cac57dd3152c11d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8D05.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8DC5.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit