Overview

overview

6

Static

static

3

Craftomati...OM.url

windows7-x64

6

Craftomati...OM.url

windows10-2004-x64

3

Craftomati...OM.url

windows7-x64

6

Craftomati...OM.url

windows10-2004-x64

3

Craftomati...01.exe

windows7-x64

1

Craftomati...01.exe

windows10-2004-x64

1

Craftomati...32.dll

windows7-x64

1

Craftomati...32.dll

windows10-2004-x64

1

Craftomati...64.dll

windows7-x64

1

Craftomati...64.dll

windows10-2004-x64

1

Craftomati...64.dll

windows7-x64

1

Craftomati...64.dll

windows10-2004-x64

1

Craftomati...al.dll

windows7-x64

1

Craftomati...al.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    159s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    23/02/2024, 14:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Craftomation.101/IGG-GAMES.COM.url

  • Size

    196B

  • MD5

    882e17d630d74b64a8176e38e2fadf7f

  • SHA1

    d6652d568db451c03b73eede688e0124e2d54ebf

  • SHA256

    6d905d76e7d807c5831231d791f2510160dd56018ae423a037e7ac88fd19412f

  • SHA512

    2baac743dabdbf133583c4d500699673e0bb2b2ade89f0a660eb17bfb440f1d74814ade3b82eb07d776f6a7c1b1975f25c6c1c500edc589897bc304a9c9fb3b0

Score
6/10
evasiontrojan

Malware Config

Signatures

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • NTFS ADS 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL C:\Users\Admin\AppData\Local\Temp\Craftomation.101\IGG-GAMES.COM.url
    1⤵
    • Checks whether UAC is enabled
    PID:2320
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2348
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2348 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • NTFS ADS
      • Suspicious use of SetWindowsHookEx
      PID:3000

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E0F5C59F9FA661F6F4C50B87FEF3A15A
    Filesize

    893B

    MD5

    d4ae187b4574036c2d76b6df8a8c1a30

    SHA1

    b06f409fa14bab33cbaf4a37811b8740b624d9e5

    SHA256

    a2ce3a0fa7d2a833d1801e01ec48e35b70d84f3467cc9f8fab370386e13879c7

    SHA512

    1f44a360e8bb8ada22bc5bfe001f1babb4e72005a46bc2a94c33c4bd149ff256cce6f35d65ca4f7fc2a5b9e15494155449830d2809c8cf218d0b9196ec646b0c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ccb96964eee1a5570a909407872959af

    SHA1

    a1336081f4a93a735cf1f39dc1342dfcb3b96287

    SHA256

    95879a0e3aaa85ffe79e29d7ef92b90de16894b882002da3495d87022b3ac5e8

    SHA512

    26683bc1731b0133997090f761e53a1be9d6db851b75f3c75e68bda952a28fc0f58f20434ce53080e2608cd1e86c018e0b83652f54e133e15b832b1feee77d48

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6b955488b26557797de053b1e8586cf6

    SHA1

    1d6feca24d358ccd0240766bf6e9a0675ccd1518

    SHA256

    b208a6ebbd8079d194bd0c454b9fad73a685410847637f594b6af04a5a713ad4

    SHA512

    d53d0e98e36f4303aed6be25815d13bdbdd90f6742cc68aeea2c347c4697bbfe9b9374e217519daa33533394535fbe02a1b86ca4a3b669bd1b5942148eaa9808

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    def1f7eadf3f951d6d7b482496b1e7ac

    SHA1

    6d83b80915c1f84fb10a0175ac8359712bc9be8e

    SHA256

    85ab17f25ac55b5a88ad9c89f59aa16dbef38aea3dc5dee465a58ca0d4d36518

    SHA512

    530ff2c74c9f480df3858962ff3340bce7a1587835569ec927ff1287aefde3b77572bff8bfe17197bedb6cc6c969ec7cc3b38de4eb918eab84ae4fb730688cc2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1fdfee09fce959537c2a5a62cf92b9c9

    SHA1

    dc933f2caf4c2a1214695c61646777986f59e233

    SHA256

    c97210359bc17caa826495a430ca7e2c89964c39edda4635163fd44254e5348d

    SHA512

    ee81c20f306f0aa1c2ef9b39200eecdbe3db68873e0bcb0a52e723dcb60ce188ca7a04aa5b52ec4235939af25ec59bf0831fe2b53e75e54d009af855309c04e2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    80b419d22bb01f2a4039d5a758f91dea

    SHA1

    7020973016b7cb5c8a0b47fd14fb025b2a71183a

    SHA256

    0acbac944e903f497810fa38374b19e8457f7c9d4c088c8d9ee89efb2d489d60

    SHA512

    38004d9eb5763e4191bdc188c9b22615297369858865c3cf9ce531a3e2e6158e4501a270760f6fea69fc237490660d002c179af0b459f3d84c3d06cb611fd134

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e03b575d67a674a3cf99abe7e30539b7

    SHA1

    8aa92eb50116ad4e3d4fe9d52d8f17dfbf6fb491

    SHA256

    2d921b26740b1718acf02059f637464e0b40d79ca33fa7b23949222ad72a0d20

    SHA512

    bac7b3b7b760594fa22f3a67ee897e0477d398dab9a7c42b878f7e593de470a03bdc27cefaebcd4be251bbfd8404db27f0f1dd7935e2215b3e421586d40445cd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3032b63fe0dd24d38684146193e7e094

    SHA1

    70185e07f4bf3c42895cbfe82c08d34d61dbc258

    SHA256

    98b2e361a4952f18780f8c29d6f38ca71eb929d4d0f665b58b047815d205f2f2

    SHA512

    6313313c851cea9288343d9c80cf341cbd20fab50476c4a1892bc7edec5b1bf2cf3e90ebf4492e8b893c3b03c9765f0f0de7ebf9ad68d68a10fad35661a4328a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ff7e88d42b6eee44eb26eeaa24f4c158

    SHA1

    147876d6eea567266939d04e6f94393b2072110e

    SHA256

    2b06f2ceeef18e5b0b5e862584f3dda56405102b81ee40630993be36adb90408

    SHA512

    b133909e2358cba52ad90ebe39b4fb0480a84ec3cae57bd5044e656ed82344392666fa140eddb2396fc7a04a05bebd85f7508e4447a8794af7c72196ca91527c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    72aa80b951f280a9be1d15308d7de7b0

    SHA1

    625092b856f287f280de7225dee8c84134a9003e

    SHA256

    40b789c79bdd33eb6d0181c549f85facc45455b6003355e4d7e6a41836ba9933

    SHA512

    f23c0572348c3567de1d4c81a4d76d72c1ee826a2ca77e8cceac0fcafb2269c08075ac920968e2cd7d0008767f76275e505262e9e3676b8bb9fc24bb961fd8b1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    425464eda605bda0478c01e205ee802f

    SHA1

    8fa3e888793974de6a42e4f40ad3d1d2e318ff1d

    SHA256

    42450cd764e63741e2efe22a8ef48d69838599acad7b342cc20f69bdc43438e9

    SHA512

    045b76998525a62ce3df621a0af43fc0a59ebe5105c73f7f5bdb6df5055b904808ac59adda531a6aa6cccf1346f43717187145a32b98a02a31fbcb8a3acf8d1a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b578994d0ec2fdf92302e1c5ffc2f75c

    SHA1

    80be7953830d10bb2ad7243e360bf921139cada5

    SHA256

    f58460b00436e75d094c82e3da4c7a77c0b28d4b9e30d57bba840280c91adc66

    SHA512

    a156bd4de6a19199486459cd3a828fbcb0e9f868af576e5e7dd9cb6b49896f8c6f94283c93dc7412794d4158a96eab74bd9c44199debba7255761c369a7e6a86

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    159696720e0bb4eb4f772743c9c6fc4a

    SHA1

    4f009aaf543f2163eb5cfc6f4a7a9f65a02446dd

    SHA256

    f0f6a4d25dd6086e4585d36c30c1b35c8c2d919ef1ae7460423fba5fad6c9f39

    SHA512

    63340e4b7e5fd953aa70f30635e3e77b913a617df9648c6ded9fb5ac2829c0846e78152918205dd3432d89457b719ba0833b7b4b5076ac97159aa8e0b9adc83e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    795f2c2cf9c67d7e48c8beea0c0bf3c5

    SHA1

    738d4ca355ee3b5be32ba7e9fafef97062f3dd3e

    SHA256

    f86df924609a971508837267a558d9c43d969e124bec751a253371bafb3208be

    SHA512

    e12852caa4eab2776df8af3b13b92a31f827cf3da3436817e64b7d1f09197ac030714c2989fbdcc4dd674230a56613cd2bf7442340cc4c328b62e3f218fa6063

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    422b9fd608a5baa4941d88d851793051

    SHA1

    97baa4fc323afc2d207de96c46482724dce5e2c1

    SHA256

    5755ec7ab3020444e3578606677c1b6d5b16617af3edce63650ff1dd750261e3

    SHA512

    8f238efcd8dbdda65fe5be612996593a9780a36e69805b80b6915774cff7439c22f6803492c2a20543194ec25acee8704e51fc3771328d5a9ae02135f668ccbd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2359de52637296d95f47b053e9895b6f

    SHA1

    3f73e206a5a2e1844f016005afd473b6af422e6e

    SHA256

    de0135c6bc11e9f1337d5ebd723b14f327d69ad6832258560611138f813dee3a

    SHA512

    576c3ba769bcca005c63b5c03ac68a31a778bf957c820ff670a3ea753756b0673edba5322ef668c52410d2cb59d9bc1d564e7e2e5cf8ad4ab398068e8e3c3eb1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ddbabec4bdd6048156414e1735fd885e

    SHA1

    ff49434985cbb53f96f12ea2ce95197f3d2f07b8

    SHA256

    917b359e060568382f6557bd51afbf0b5783bfd2dcecddde534ba69cbe765ba3

    SHA512

    b8f8e9140cfb809f653da06340faa08c4d719ec32bf760017b75221388ed5f06ba36dc9ba2796352efeb6c2b408b53f8740a679b28b6b88a9e6f5d2087a46964

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c12f528f715b807b17ef13c6753803a7

    SHA1

    e869cf63e63647c7f015f4ce6958b8446d684449

    SHA256

    66355a7deccd8db2d75862474b1982791ac3ef7141bb573c868521573ae9b998

    SHA512

    c3da7213731fd92f819be410a1973749ae4b40697467657a672f872cdbab46f08755ad8341bb7c59f3d6d15249f140e48def37ef31a1d682f9fcb7ccb4d72ff1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    062f285a860f45746f249ff43885c909

    SHA1

    3e3c9423606282533415787e23c72e02ae1a4cb0

    SHA256

    9faa121e23dc0697ae7b4318ad31184f9e9e0676415788d623f44705c8b76054

    SHA512

    e893ce980f7af6a5ab48afec045d40ed41a76cb3313dd7d0be856dd55df50a95ff4c5a3f902fbf9bd6e4ff17828bb8d2685ad8b26bbf9394894b1ea14161aeb7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    057d050e654afa1c753e42695eb92c56

    SHA1

    5bbd36d809e283fbed41b5f29162558e44463ff3

    SHA256

    0a6e37e480e5db4c779d069e2c910d2d24195f55920a2dcd520f325edfa3c533

    SHA512

    ece3ce7453b1211514214711f66e2db117fa238adc9e1e72c264964e13b4a4ef13762163f64eb83417c1d98db25660ca508b3534e70e21b8c76f7e29aa26815f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E0F5C59F9FA661F6F4C50B87FEF3A15A
    Filesize

    252B

    MD5

    15efd01c2f41b3553dca1f289834651b

    SHA1

    be2edce5d302a847d562b27d12a84dc99f1f516a

    SHA256

    ebb55764f0711ab89b069f8a7b7c5c7adc8c430a64636e96ce2844d0c77016f3

    SHA512

    5863d95371cf7228fd1fddef6dc9def68c77d0473ce94800b70b60dc2e46b76d9e37109a77aefa258a146ab03747afa2880496db3057ba4e169a68d1e0327128

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\jre0bgm\imagestore.dat
    Filesize

    2KB

    MD5

    5546fd10d5d4998b57875e04db78cec4

    SHA1

    bea278f059ba774759aaeb70bf555d235196f1f1

    SHA256

    d5a4d7897fccb3798b010783aad96304a936bf3a63fd4997e4421eb9da7659b1

    SHA512

    298f129ffb2c58ed8fb3740e1d8a8dda0d54ea528fcb86a1d9be54359f98e304fb71bcc378eb4ef60b47d9a2ebe123582cda92a302be1348938f0768d54f9946

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B4HDT8MX\i96x96[1].png
    Filesize

    2KB

    MD5

    3df25eb95d1888e160df779d493643ee

    SHA1

    c4907473c9688b56a7eef2f2e99dfde1b6fa7994

    SHA256

    c76d5eed7b9849b014957df851fdb3a94a183d56505a4711a90f5bc67d4c64f6

    SHA512

    c8641a363ec36c355e863101162a34f9104915334d5f9b9cc6a41f2c292af2d161f2f29793a2b50e0785ca600ea7ca5f17e943bd8f9417664bb2b63c599d8306

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB425.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB447.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit

  • memory/2320-0-0x0000000001AF0000-0x0000000001B00000-memory.dmp

    Filesize

    64KB

    Download