Overview

overview

1

Static

static

1

AppFile_x64.exe

windows7-x64

1

AppFile_x64.exe

windows10-2004-x64

1

Resubmissions

05-03-2024 02:05

240305-cht1rscb47 1

05-03-2024 01:47

240305-b7plxaba2w 1

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05-03-2024 02:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    AppFile_x64.exe

  • Size

    10.5MB

  • MD5

    9990daf76962f060a6039f054c68aa67

  • SHA1

    da3e2e6a2a479f0aa56ee725cb5977612d197d24

  • SHA256

    d199cef7bd0ed49ad3f054b99fdd92a46c1aa4299649823e5e28fd272f247873

  • SHA512

    c9a3b01129468934d0276f510161a35d4483296e5cc4462e30ba39fc870c18f3d10ecddcde589102decbc9cbb9ebe528aa1ee7d8615d2770950f620ab2570454

  • SSDEEP

    98304:xwAww1pLx7A0H6MujBbyStG+G/sixT4ff6:xDXxUJHH6

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 64 IoCs
    adwarespyware
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 9 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\AppFile_x64.exe
    "C:\Users\Admin\AppData\Local\Temp\AppFile_x64.exe"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:3220
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1736
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1736 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:2520

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\80237EE4964FC9C409AAF55BF996A292_C0427F5F77D9B3A439FC620EDAAB6177
    Filesize

    471B

    MD5

    227e5f553e9c81a13c6db3d71106ab53

    SHA1

    3dae1d6902dbdfc8f131f256c5b7108987f31ef3

    SHA256

    034952dd1278e3292e8885129d80b075300337ead3685de66572bbb21ff750ac

    SHA512

    a1fa2908744fd7070820f69d3cdc15c1e35dc103c9645811b0c8d256a59fb9299a326b19c45aa7b27c826eefbd5b4dd22a1bb45e5818614b081ed6376f932bc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\80237EE4964FC9C409AAF55BF996A292_C0427F5F77D9B3A439FC620EDAAB6177
    Filesize

    412B

    MD5

    a1d9dca2d440e46b84d5cdddb655f314

    SHA1

    0585077ca8bc15003f1eca4cb6edf99512a38bbb

    SHA256

    b5ffea8673e2905274a013c37fd1a82c897e48633c98ccb37b2f067e3c20d897

    SHA512

    d5852770b9fa18ed3cacbea08df7f817f49d0def16ec2c204f081e390569cf090ec320b40264eb83e0a324fea395328a57e949e4668152631270a0e8b2f8f444

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\XKGG5YUH\www.google[1].xml
    Filesize

    95B

    MD5

    c880e407e6ed4d43fc57f5fb1a2a504f

    SHA1

    db84fe83b6c533e3ddc8dbeea13bf5e16ebbaa3b

    SHA256

    98041e946040aec097ff77fb1e680ce981458e524ec085e758f4cfb94705ae25

    SHA512

    7890f2fc8f839ac5a50a95f897e047761bec035319780456bea1bb30acd8122b89aaaf257d2cdae728948c4c7b1bcdafe3309d495509ed5e147b1830ed5f1da4

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\XKGG5YUH\www.google[1].xml
    Filesize

    532B

    MD5

    f06908bfa1c3ec8ec2a0b2ff2a2de610

    SHA1

    06f9ef296350a3557b5972320810814cd717a0e0

    SHA256

    3a1640b2f86f612512ea7d1f7ffcf2c641355e207b6128175fadc2fd8e6077dc

    SHA512

    372786807866b8f4e3c45fc5c2c892af40795c6e2ffd508a8e64c13a07d4c35ec8d1420b05cc3742902ed1df5eff4a330f884a7fa4a5024011c2b4ec2469bb40

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\VersionManager\verFCEE.tmp
    Filesize

    15KB

    MD5

    1a545d0052b581fbb2ab4c52133846bc

    SHA1

    62f3266a9b9925cd6d98658b92adec673cbe3dd3

    SHA256

    557472aeaebf4c1c800b9df14c190f66d62cbabb011300dbedde2dcddd27a6c1

    SHA512

    bd326d111589d87cd6d019378ec725ac9ac7ad4c36f22453941f7d52f90b747ede4783a83dfff6cae1b3bb46690ad49cffa77f2afda019b22863ac485b406e8d

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\rsoh1uq\imagestore.dat
    Filesize

    5KB

    MD5

    e2c9897ae75ebc5e67744a1b10a77ae5

    SHA1

    fb647896e509e5a3f983c3510ec48bc524b6e7ea

    SHA256

    8b81432b0f1ee83da33020b549ac510139d049dedb607ff7cba6a829b0bac5fc

    SHA512

    b2de9f3bbac42d39c5fe7139e7cc5a998c8296a0f52bdbdf0d13fcb0df7e0626b52170902560bebd63a53e6f3f14a213d4a9926dd2ec535f578d33093bd4539c

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\1YRVVION\TG_XdOEg3NKIdftsV7XidAgI3OvClCw0-7YgJxQ1GFY[1].js
    Filesize

    23KB

    MD5

    a364179c3816839427c4d9fdbe8ecf3b

    SHA1

    fd423514f4f0e614688a99571b9165b4e212119b

    SHA256

    4c6fd774e120dcd28875fb6c57b5e2740808dcebc2942c34fbb6202714351856

    SHA512

    c4e29c47bb229a293d79a1aa4b9e226ff6261b723b75e0479df367fc7eee3ac006e4993e5406f510aa35da592b525e3f6a0bf62f8671cfa576cae40a627bc45e

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\1YRVVION\qsml[1].xml
    Filesize

    497B

    MD5

    3a5ac6bd2b2e3866b04a8fdaba8a57c5

    SHA1

    5f7b7544934951559aa4147ec8c3106543723b5b

    SHA256

    38e66b67005c8dfd452f13e083d4a0ea1a66a7040af689e64132c75ec3f3a456

    SHA512

    4c495d89e2e7417cd0ff5e414b687b3e5789709481e0214b2e73ea686d99aba8282ad3bd5511166d483d1079376ad73202c7c5e0a0e822c45d816c8c36b91d7e

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\1YRVVION\qsml[2].xml
    Filesize

    522B

    MD5

    55601345ab531dfe8dcdc1f788608e57

    SHA1

    6a41fd2c7ef86a7a269f8f9dfaec73d582e0a108

    SHA256

    3dc81030870cfc3cd5273e0df0313a6ace9359072c78582ed92ee9316a2c8cd7

    SHA512

    193768e62f442b9d35d2265d5434b97a6159e25ac0a23356d03a6d5c90305baf24daf3461b8945c5713bc4683e8a525610088b175a38daaae1c5634ebde42ac9

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\1YRVVION\recaptcha__en[1].js
    Filesize

    85KB

    MD5

    977368f070ae0cebcf7392ba569a3eec

    SHA1

    307d113e5711799ad9b08778ede117f30ab1d6a4

    SHA256

    f8346fc6d21d902b4eb1b0d74e1a9a96c892e1c1aeae596bee84d09ccf1b6c8f

    SHA512

    8f70a6a68a212a0b2afc5d76d62be48249ddfbcf7e5de5a68fe8a945957a40b5f9afbb34d11d8fe2b3b4c6a0544fafd9dadbd297f71f1a92cbdeb935713d8afd

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\1YRVVION\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\2ZG7H8ZF\favicon[1].ico
    Filesize

    5KB

    MD5

    f3418a443e7d841097c714d69ec4bcb8

    SHA1

    49263695f6b0cdd72f45cf1b775e660fdc36c606

    SHA256

    6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770

    SHA512

    82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\GP57WU1M\qsml[1].xml
    Filesize

    511B

    MD5

    1d9f2f2ddc94c000714b45c87bf03f8e

    SHA1

    7f1b01b9f47c476c83c2b6763496cd80ebe8e2fc

    SHA256

    15801042fb6a5b6292102004ead79f4a598ca4a84d435d410d3cb1aeadf44561

    SHA512

    757e01d7b55659ebd5ef1eef8a6f2d5934f7326dc51eb5c58960e4d818d85bfeef9ce156940620db59d3607dfee40ec4356db7dd028cd04c516587a86d9bdd71

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\Y4F2DR2Q\qsml[1].xml
    Filesize

    497B

    MD5

    6cabf8efd8bbbacca317424fb241c68c

    SHA1

    ce7492128fc728f768f7b10b40e24ef063208ea4

    SHA256

    595f1fe116462c20a2266c76a9253f5a432fc7acf0a9c201cc191f8e2cf4b275

    SHA512

    0ca92770ed23df0e41bbf1b8aa84b6e140694002bedeb2d8e63d468fe63d2288ed82d22de4da1bd5edb76020c60b1c56bc54f9e33acde1a9bc3a71fca6173f2c

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\Y4F2DR2Q\styles__ltr[1].css
    Filesize

    21KB

    MD5

    ae705bb04ce1dd4f215788f2d891e63c

    SHA1

    6969343e3c100a3ec77df4c47c46c7c6202ffdf1

    SHA256

    daeb69829c3015667076c40112fd885b406d47f5e13e997807cdd525316a95ae

    SHA512

    a8af5a0df6059201331de42cf8cd9cba971657c71de149a76680f1a02bc01a6d91e69c13c0c2227bf00e1df6686bce1fcbe391754809c1fcdf14b1fa7b0609c3

    Download Submit