Overview

overview

3

Static

static

3

ad4f6db53a...12.exe

windows7-x64

3

ad4f6db53a...12.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    138s
  • max time network
    138s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    29/02/2024, 01:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ad4f6db53a6b19bb816470c1d5f07d12.exe

  • Size

    48KB

  • MD5

    ad4f6db53a6b19bb816470c1d5f07d12

  • SHA1

    ee92c408f32d3e4d23ffae68ccccafa7805a3f76

  • SHA256

    52c6bb8df0b645f75c53b959506f47147acca44c310720ef23cdfd16899ca1e3

  • SHA512

    a1abb39d9a178ed1cf385ae499363fa8451665c5366ef9a8b21ba574c55d4a78aafcb86d795111eadaf3824e94a13ef0482c775c4d29b17db95999a9df225171

  • SSDEEP

    1536:PsyqFgaaYc24FLfxv8It9xCFDuT+jJuivB2v:PJaaEGLZ8It6wjivB2v

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: EnumeratesProcesses 19 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ad4f6db53a6b19bb816470c1d5f07d12.exe
    "C:\Users\Admin\AppData\Local\Temp\ad4f6db53a6b19bb816470c1d5f07d12.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2468
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.youtube.com/watch?v=ZvizXaqutWM
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:628
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:628 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2584

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4293a27426f96901a41a66795dfe160a

    SHA1

    a67e339a54939838f77636af2e6cd9b1e0f21daa

    SHA256

    2de1059ab2c7d1cb725e4f45c5b02207f587dfbfb2d1bbaa769fad0a0dfbbfdb

    SHA512

    984db035593c56fbddbee3d4818dc3e9d287e5d621fa3c3fdfb4f2fba77c6d2294fb69285b4b62756158b9fb745e822133c1b4d6490301c52158e74d02175e9d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c1d093d6df6f8b3e83102d22a55140c4

    SHA1

    ed6690c9f822ab33a83efe84510bef2030cf43da

    SHA256

    ab4725b2b70a9d0f5cf04a781cd6640db18cfee0fcb45f3d502af9e47d2aef90

    SHA512

    c2f0435627c5e33b2fd3e2521b4febe3f63069aa8cbdb880a64ac95febb1026b8c5dd42c66bf40a7a31d5551ad7410417dd3c7cb7b6487b60a318649cc2d1f49

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d2edd387255a95ec6350f7fbd6ac941f

    SHA1

    10949303ea2e36a12ac3a3986216ccd8ad2c71e6

    SHA256

    6929c7012691b152e93fb6c0d9f3af32a14c979e522303fb6da28a9e9be23593

    SHA512

    7cf0318ab4d5f391e5bf69813c76b86151a7ec5bed5f88dbac8d1de5a5bed7c57a81c904f15671af7a5e4505487ba1fd3eb3410046c57aeebdd3c053937eac47

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4c19aedddc2407bfdc301565bfc30db2

    SHA1

    abac2cd0a030b3d3d6fbf6141754d9e6a70bba86

    SHA256

    1f63cac246f1546ec93a2f26c19cc8da808a1e7a187dbb3e384c96286c55d7ee

    SHA512

    d72dbba9db90cc1898ae0ca9377573d1239fc00bd05cb53c29ae7050a731ecc4c2dc04b7d6393efb446dc38de9ed26ba570e10a021cab6548ce0d8932b9b17c2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    37217da2cc9edddaf4bf752d47f4af4c

    SHA1

    2697d0d999501815bc5bfc716e80e23e09941f58

    SHA256

    a5755f298b21833138d604fb2051731344a20e92aa6be06967b25e51f8c89ab4

    SHA512

    aff04fdd92d9df70e602ab02438911ab79d0f36794fe64c5f9a8f1f6f666e6d0b74fdb24f7f802f97da1d365efd21c1c382bf651c18d1ff5b92f9c721150bc0b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c5818ac95574e1d2dca891ad15aed878

    SHA1

    f6de8a43edc844308a08448f3c3a652f38585016

    SHA256

    a82d725b4e222fa573ad384c07168bc16d46defcc676a7c1e56d6f745b24a826

    SHA512

    e40cd9ae01f90e976643113962d69f825835bff6462aedfe06cbb00369f64b77987073e8928473059892d946108ed8745d3be97abfa37c67d2b362b98fc22fa6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1dfdec1e06ee8d21f397c25ba48fd38b

    SHA1

    23d5d5054e6e05b6523175f5a289b77b39b2d297

    SHA256

    d61d78e0b36970dfb921c87a4b03a61bb19a0c996d0f017956173cddd3742fbd

    SHA512

    ec4c88618b1a9d8eb745e93e3383a0d9cc2209a7f03a6eeeac0d73aac4e4b8d4194032b290dcba91f2809a1f0c08c27a4ef29503bdc752fbb0fb4ec2000d8bc8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    aa47a2b9f55d4e0620cc922da382e126

    SHA1

    8489ced88cd5587e14e3d78338bf9556a831c4d2

    SHA256

    dbe0e6a1fe445a69f7652ef9ae7f8bcd3d6c1aa9652f49ad6be95c70ed5afaa1

    SHA512

    e459e45212b20957574a7bbb150a5063c1418c81113dcbf7488c10ab5e838b8ed7f40784d73fe12c43affbafb7b08d3dc1b84997c329f6eebfd695ff6299c4fe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cf9a7651c4b0c0d6616aaf4a7842654a

    SHA1

    f57b3380eb929086715ae4bb012334396fffdbec

    SHA256

    e6b187cd32eaf8e7722c6a8f52bf780758477706fe9031a1a16b332f7dae1204

    SHA512

    aaa720487029c5294a90e6fc3c873316747616546906a4513913be62068d9deb51103dba1c55b49b0cd61eccb9aef0035c0cc0ebf9dee4061d24afd2d706ce5a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d933fba4eecd714218958601330f1451

    SHA1

    59b8a38755732d33e5a3ce1d32ae307c8c4d3dcf

    SHA256

    d8f5ae87fdb55f353709c19d113ca9c05f6c2b46ba12e080b204da8886f960ee

    SHA512

    82c8deb59575f5eed7a8c2e5756e5145a8976ec5095e31e511f852e868fb2ff523bb092a3365377a112daaa8c828d453ff3ec8aadbebd9c9da0b5d27ca3bb559

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5ae71c9c1a83d9364d8acb7e6fe463dd

    SHA1

    1e336890a862bec54c64fb609cae01600f760f26

    SHA256

    9db0ea4a8675308e41a5313685095897f2eebd4e2a967ca7e34291c3978f9672

    SHA512

    58eea9171a56771719e94b095d0805b6f8617428a4e6797cacaa3205326f9612c846ffb348c371c78d808b8e405398f87b9a27c461623399eb6ef00577be0634

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7b5c67e2df4efb294215accc7d23e5f5

    SHA1

    4ffaa8df1f9e7a26d3a61c1e4e85b2041d3826e0

    SHA256

    fce3e8780f09e6d8dc8e10c34b2d0278d0ba8fd63650a18ac646173f08959c3d

    SHA512

    0f981d1c92605006c23df61f2405b6efb9ed71224321cd1f6c71fbb40c672a205564d8f6ab1116007dfef1068995756040e0c90f9abaeef799cb7ffb2d462e30

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d807525830acce3cf0f3a9e0bc25a6a5

    SHA1

    3cad9a01006fc5d14bfc49fb968372e462fcf677

    SHA256

    7201480d0bce364f87fc12141282976885e5ce06d689c7d6eddfcdbc6682da6e

    SHA512

    5bd868cb8505f20903e102c3fa2b688eb2fa900f611d32284281fe8f05dc83f916cf54e1f2dd08c91c945cfabc4dc09d56b9ab0f2efa034b64c1ae9c7bf62584

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    585579cd2093475c60b645dc879f3f8f

    SHA1

    d69b436ad1dded294f5679a5cbf4dc7eb1d7816a

    SHA256

    50531888fa7ec254eff66ad015280e39737701e25d3134950d11e78844ef1104

    SHA512

    25b48664305fb3e222168b5130e6e12f14badea03d23c669d401350e33199be4374599c58c78b4a0f919aaca440fa696817b8291eac368839a498dd54a1a8bdb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0e0db70fcd68372045dc66495c2c7d80

    SHA1

    fd73f20a6dd44a2b97f29bb13eff3c5265f1b8b6

    SHA256

    20e1b22869ee7950ebb185f44b3a584a4158917dde83ac1a0182537f40946b09

    SHA512

    6e6ba61b62691c343983f4a05168a919ef6a6e59f5d56883c5e3c4465be58eaebc2140246116a6a5f6f8b3b48d9eb8afe2a4118ce04e27a5f611a42a85f0ab02

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9359515dd82ed90952883d33657e993d

    SHA1

    376373971b49d65e58226048d63f1a53998d3299

    SHA256

    99ba132bab871e591372e4378185c8c4885d6f730f0225ed9fa86eeb5f8a7949

    SHA512

    ab90bb80158204f02808ab7383548c941afd36e763dee7ce20545bbc4032533a74a661ef6e871cc94128a5668bcbd2fc28ac407d1c6aec27ca6513bbe49fea9b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9404d1999332333309356c017154b945

    SHA1

    adc83b8b52e369ab2fa5a31e6d76f746d1af03dd

    SHA256

    268eb149666d3c905e194b37e06a2079c02b6a21020624299bdee6da7dd7a680

    SHA512

    131eaa638a5ed7a2c529dead2fb40f478b7fded873c0499a8bbf18144bdcc33ffdce987450083d3a51ff806c429354eaccd2fe0756955748ffcc4117902e9711

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\jqfjk0y\imagestore.dat
    Filesize

    1KB

    MD5

    70f896635b9e48a613e8837580d2bf92

    SHA1

    8afaee8a41b1ff6ced0b37dc808caa06abd8cb0c

    SHA256

    3e00c067de93cd91dda656e69ba4c725a0e60ec8a8d55a027ebaed3668947bb2

    SHA512

    fd13d58e1c4e301061155d18f9f293f3918f9f430b04fd80bdec5059ba4503744bda5438f1b2783e6e24a239e5f8c7b2febb8885d8e8493a8ac666b81736cd35

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U4VLHPRO\favicon[1].ico
    Filesize

    1KB

    MD5

    f2a495d85735b9a0ac65deb19c129985

    SHA1

    f2e22853e5da3e1017d5e1e319eeefe4f622e8c8

    SHA256

    8bb1d0fa43a17436d59dd546f6f74c76dc44735def7522c22d8031166db8911d

    SHA512

    6ca6a89de3fa98ca1efcf0b19b8a80420e023f38ed00f4496dc0f821cea23d24fb0992cee58c6d089f093fdefca42b60bb3a0a0b16c97b9862d75b269ae8463b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab73BC.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar73BD.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar74CD.tmp
    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

    Download Submit

  • memory/2468-3-0x0000000000400000-0x000000000042D000-memory.dmp

    Filesize

    180KB

    Download

  • memory/2468-0-0x0000000000400000-0x000000000042D000-memory.dmp

    Filesize

    180KB

    Download