Overview

overview

7

Static

static

3

XSpammer Setup.exe

windows7-x64

7

XSpammer Setup.exe

windows10-2004-x64

7

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$PLUGINSDI...ll.dll

windows7-x64

3

$PLUGINSDI...ll.dll

windows10-2004-x64

3

LICENSES.c...m.html

windows7-x64

1

LICENSES.c...m.html

windows10-2004-x64

1

XSpammer.exe

windows7-x64

7

XSpammer.exe

windows10-2004-x64

7

d3dcompiler_47.dll

windows10-2004-x64

1

resources/...age.js

windows7-x64

1

resources/...age.js

windows10-2004-x64

1

resources/...gif.js

windows7-x64

1

resources/...gif.js

windows10-2004-x64

1

resources/...dec.js

windows7-x64

1

resources/...dec.js

windows10-2004-x64

1

resources/...ame.js

windows7-x64

1

resources/...ame.js

windows10-2004-x64

1

resources/...til.js

windows7-x64

1

resources/...til.js

windows10-2004-x64

1

resources/...dex.js

windows7-x64

1

resources/...dex.js

windows10-2004-x64

1

resources/...DME.js

windows7-x64

1

resources/...DME.js

windows10-2004-x64

1

resources/elevate.exe

windows7-x64

1

resources/elevate.exe

windows10-2004-x64

1

swiftshade...GL.dll

windows7-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    25/02/2024, 13:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    LICENSES.chromium.html

  • Size

    4.9MB

  • MD5

    8ac6bfdf42c0699b2ce9b3aadfc5a233

  • SHA1

    dd09db85821db4827d1a491993cb0311855d5d86

  • SHA256

    a6692be8af33d0673504a5d2bd519f4738aa872595eccc0434f5921185c0d56d

  • SHA512

    3868911062f5e19e570538c0104e54ce2bdce9b06185baa3ca5657724be1def9e56fecfe1e532fd504117cc1c8636b8058c0a5fa5d5c60c3d253e5d57cbfe08f

  • SSDEEP

    24576:bTUTBOmnLiLQrz62BrErzKm8bkUVQYwM/Q1OuS:/GOmLAOfNC+1C1M

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2104
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2104 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2840

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f428aab663fff15b22706b5f223bdb19

    SHA1

    2b35c7adccd18bf590238fd28459653bb8879dee

    SHA256

    a5f397eeeb772937c34ed86f3a80124eab64117b9ba85f857dfa5dd4ed4cfd51

    SHA512

    c14f57ee96195fd95dbb734d3b3f2d1dcf513d1dba680267d567ed20f7f6478bdac96b99b4d1f6ffa445bf4d10d4369b109b150c092d5853b259dfa1ce5a22d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f6917361c2e28706736cb201b514d862

    SHA1

    38a4582da34dbbb3d7e0e643c4a48349d971435a

    SHA256

    f41d74e97a6b8a960dfa532d3c3c1053b11f0317ef5f1ed40bcdaf7fd5de66f3

    SHA512

    3037aed3db827b4b44d6b95a5ad1c7ffa83cf1faf27b0a47028b34dd341712d84d033dca8287e55e804f9c0e6885b4e7bc04e4fbcef1181ba36b9af572ee143d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b05eef7504f239c3d3fcd60dba311f96

    SHA1

    15abdaa239e6a42664cc0b42ca455bad86524dec

    SHA256

    e0be908b05614c8618464c1e33a4b3c68c64c7620219965dd1f98c1fa6c41382

    SHA512

    140c6ceb5f0351592c849b8b3ea0632577c36c0a813debd5bb7b84983a2f0bdabcb8bae6c419b83bcde619905087c36e261eb4a174af960caa046d0f2541459a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1e71f18f0c9dee1fdad5b7721b1b8c47

    SHA1

    9f4db0fa0b3e6bd08b7e69e7156afa521914d527

    SHA256

    87e8edb6d3513be0a9769e7dd46ff889e687846b298bef764ddc3e13eef1dd9a

    SHA512

    2cfccf90db733832e87e472e65f88e87f6dc0187b611c42f30fd9eeb028596b2cf94a8b09820b9cd3a297368ef7f33122484e80a4f968ac31305ab052b1b0d35

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    90d0a528061723d1eb6cf8338076162e

    SHA1

    5de72035e6e82c0812c625e3599e44127d3d7f9a

    SHA256

    14451f7360b96381ac9fa9050b1cfc0e6ad002b016d24cc96348bf5f9d486606

    SHA512

    80b8ff64ace3f97999cf187d3c7361dba8c2f7e4bed8e6d1178b01e062b9cd79a510c817cfd755ebf85636c3076eb1ccb063f46e83183b1e8ac4a606ea46e15c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a67a34b591712f452669597a812b602e

    SHA1

    9e812c2306b68a1d095112bceae41651b9b4e468

    SHA256

    be52c6f5af7a04dd786423f5e79ea711b1a8c065e1882f6fccc4f344c8c7ba60

    SHA512

    b4ca42a2366fe415cb04bc387635fe7aaa579547bfd6962b0c1ceb89a78d291603374496345edc1a5b680af3e810778137e7fcc90c8395d080c6e5619fdee3af

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    43fcbe5f7f2789c94d92ef20d6aebad8

    SHA1

    40564c54cfc34843fab6728fb051c98a1eb767ce

    SHA256

    a24cf476b12f94c23f51e4a6d1282d0418307679b775a67702a47a292cce51a6

    SHA512

    2d728996f2a328497835b8ab0449c8c0d1270b4933db784386d02ccb819b2e393afefc08cab9f24459b7f5cae09da3cf9ecff2db728844b5693de267407695cc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d268961b46d0e07d48e6cc1374d81883

    SHA1

    50d9a03a18048378cce9df16fca6fc7346245976

    SHA256

    7f3b3c78399a54ff1769ddb4afca70c22d24cbf27cd607d983142d21bbf92f2f

    SHA512

    4cd482584f128fdfd1ac9c9f240c15c454d77b7faba9f7c924897b8a5721fd0a7bb1d3e7e2879bd281f85a4b5d94433ac214f06b4d2294fd4d793df7561fe128

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d8445dd79887664bc32e012b63d88cf5

    SHA1

    51393a89b29c3f672174d102c1f8c28198e63212

    SHA256

    8c3e9f5ac83176a071d89ee91daf26237b02ab75b91f3cdb6e471732582ab5ca

    SHA512

    f0cfe0046b3c4964f8280d2ed6d09fd670df06b27c005ccffd8ae278244633bebc0700324677155953a66741ba9ea4c062777b874ebe895edb1bbea66639f5c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0689d4fdb67981f81f1c137a6aa7cf62

    SHA1

    cc9a4bab90271f924239358aed0af5e36b978ccf

    SHA256

    d4660bb2e6384556b3f442bcc0131b35863c35fb908e8590324f73084dcdf924

    SHA512

    9a9433e142544e6af0d50a4d0bb0591d880c1a07d9860ff24f5dced717c79f0d53babff65181e68d246b466581caba0c733885f363945618dcded353b3d72269

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c43b2bfc2b7f7f8a8bd5aa0996c40959

    SHA1

    cb16347456e9175cef6fda1b0bc97ba0a891a708

    SHA256

    d44ea61e2b7bc9d47f14333738b92c254aad92673bc5914933d86b87a046efcb

    SHA512

    20d46129ed7565621b757af81e2b858c72e54baa8144966605ee60d300d98639dec40e0787dc5cc93163500294fd85489be3c0640149b6ea956c24943ba8b2a9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3844e0624a05bc4cf39b707debc5ff2f

    SHA1

    b606fa5363cbd937bf8e3927daece55cd5452a46

    SHA256

    0f97dae5c203c682e28dff4a7c17cfcec9758fc976dc73ef8b95ee3f46b774ad

    SHA512

    9dae48a628afce76a92cd6fee25135a33945534f574937209a40a68897da2f7fff507fb168a37dc19f537f63e547daeec61e0d1b996ffb9578ac61857c942c37

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c4e0677bb44c1252ac0a97306818eca2

    SHA1

    052109111f8fece893a82d8c739625b9396a6a56

    SHA256

    d5cdd93ac0a20db50a3155f1a5b34217cf201fed2c16e3818e65ffb5afa094a7

    SHA512

    9f13c7e4a5d579bf2343979382d5e9b136f0fc2982f5a0d059433486a13bb241db69f2784148998a99faaef51d060875d5b8acc0de025ca51f0ff6273bd1a51d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab51B9.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar525A.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit