Overview

overview

4

Static

static

3

tesseract-...05.exe

windows7-x64

4

tesseract-...05.exe

windows10-2004-x64

4

$PLUGINSDIR/INetC.dll

windows7-x64

3

$PLUGINSDIR/INetC.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

ambiguous_...1.html

windows7-x64

1

ambiguous_...1.html

windows10-2004-x64

1

ambiguous_words.exe

windows7-x64

1

ambiguous_words.exe

windows10-2004-x64

1

classifier...1.html

windows7-x64

1

classifier...1.html

windows10-2004-x64

1

classifier_tester.exe

windows7-x64

1

classifier_tester.exe

windows10-2004-x64

1

cntraining.1.html

windows7-x64

1

cntraining.1.html

windows10-2004-x64

1

cntraining.exe

windows7-x64

1

cntraining.exe

windows10-2004-x64

1

combine_la...1.html

windows7-x64

1

combine_la...1.html

windows10-2004-x64

1

combine_la...el.exe

windows7-x64

1

combine_la...el.exe

windows10-2004-x64

1

combine_te...1.html

windows7-x64

1

combine_te...1.html

windows10-2004-x64

1

Analysis

  • max time kernel
    196s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    12/03/2024, 22:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    combine_tessdata.1.html

  • Size

    26KB

  • MD5

    955cffe2d164f10e391dff609e5cfd3d

  • SHA1

    1b14ddea29ad2c09c87f896a88f43c643b5218b3

  • SHA256

    a6fbd59719bc3615c6becdc2e7621db409ad0a8277aff5d6890407f2a4567b75

  • SHA512

    7823284e0e2236af1025bf6b52365c7fcdd2f95f0a8fe93f05b04036c5ca292e19289a8c8911aa6f018a34c1bce63bf4023ce6ce45473c7cd5114ddb2865f5b7

  • SSDEEP

    384:xic/7NlHRV3nP73SXoFn1EppMkm9OQG2E4pA3xn7qIYf2r/gAJ1qihNX:Yc/7/HRRD3nippMOQGZ4pA3ZqIYfIX

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\combine_tessdata.1.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2744
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2744 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1312

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    442838ed2024a4784ededd16a26e4cfc

    SHA1

    8bfc0d548231e24e6a7910a82f9e70229627add9

    SHA256

    bca0304ffeb71e1f09f9af5c3026f64a2c86966939972f00875cafde44dcfd1c

    SHA512

    2f4b76218f15eb882b2bad7235961fd604044b56ffffbc392201bd2321368e6d0eede0e1311d5d2c08042bd35cd6cc3965cc2b3a7306e1a5ab48db872e2674f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8c54b46b3b276de778db0bc3107f56ec

    SHA1

    55837ae5cb035e3d9c426f855fb634da493b2ce8

    SHA256

    135f2930317b834faeaf3dfd11b7eabe5b9371820807e34065fc428d7fc36498

    SHA512

    d17daa03e1642825514d4d8e2d850f2e44c92bdf146622018a0dae1779163cd97e4f171fee1f377f5e4c777d6f1cc2592e2499c05e0e8f868d66bd0e33f3f299

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    afd626ecb9f3c754c0f17650f6d30f5a

    SHA1

    2a76495b840af472adca72ac6b2972a75d68b20e

    SHA256

    e86ae0aba009c3224104a5e877b7c4f3fc5af6e1e94a409cd8183f11334c0e43

    SHA512

    27d221667211350409939a663ad1f3f4cb525ddba675e27f192ff17976d530e7f34cfe275fcac0a1ce4a8a5c049faf4fd4e7471434b45b8123b6b2fffaedc946

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    34532c28ff7b564297b2b087fb79956f

    SHA1

    1af5324c79529d3f5ba53b2098d13c98858053f9

    SHA256

    b6fcc0583f91699a04e8aaa5db8f7cfb95a60e59e0e801baa19769b7edb072d3

    SHA512

    01d4d3cfe9e5f068069463313b092660c9e44261326718c0ba13abf33e01d5eaa1c3f8ab59f7dcdc64a68eb5e3f9390cd586b43f501a1c74d576a9fcce7741e1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c09e346a23b6e8c6923c6f7c4335809e

    SHA1

    33c2f4321eed3a91fb451d6952d0d3469c7c8089

    SHA256

    f89fbcfb7f7afaca46226d3134a25aa2cf484ea8b791a1eb35e4d7028355cd81

    SHA512

    f2b2794ae95fc51745aac8c72580ebc4369f6ea72ecf25fc35ae2593b25a7b5f3f06ec037a662bd04f4761aaf3fef7914502ef3e6b732b4a564228cddc378e96

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c49ea7594679ea022b9532d5608ec4bd

    SHA1

    067882d17e49584f9986eb61b6bd7a9e451ce532

    SHA256

    d2b5d2cc62e7e60d5f502fa455c89a09cfe04de8c6b316ff822fdb1d73336c7d

    SHA512

    0604941c20f2ee4daeee38393dcc85976749dc99f1cd869d919485e88a9d7e75a19dd30a7bf540e1678de88f2ac3c93f082d339b88c7da0b11c14e0c75b60aee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4c9691ccd56f6fa99d6d19913942a2f9

    SHA1

    1d306fa284cd824cee1aa2c4dd510c02bc8d7ba8

    SHA256

    757ce8e82ef56605df05e4f7b9d38bb4e7f8ddb2222992064afdd765cff86650

    SHA512

    75e51e9a13c91c244143bd5a8f103d359ce1c25b3fa1ec759ad48a0db749ff18f9651b3920bd3dbc6c8fd91593bb614248bd13a60c653ae397af8db3aa04737a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a17e34151e7d6c32f62ed28020e2b546

    SHA1

    9ba0e68d5ce01c9bc91e5252018b725f7d3903a0

    SHA256

    189d25a85ee0470ae9723fc8fd37dab68d357ec4566556e64b5ebe066a64236c

    SHA512

    09d6907093864009be1295940a4f2b583eb8b8480efdefbf7aef4746dd1b4aa7542f9221f72f5e9715541ccbe3c327814ec324478e5526a6dd38ad40aac9013e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a7265284ef7e3f990c6880d39305ccde

    SHA1

    30af768908e5b198c034dc921329ed70064f1d9c

    SHA256

    e889c225e20048a1a429b0f227837541df7c6d0429b79ff49b46fd65c5a67094

    SHA512

    e5d222aa6c6d314eb015ec227d8da710831feb58713daeebf37443f23922b166187e045bbc679a46a1f63f4472653b83f0f4dd168e3058a0b246582cf5a4a658

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    26cde468eca6445211341808872638d1

    SHA1

    295164fb9b45528df3bbeb0facdad673776e9b77

    SHA256

    383c27b39a0ecfb3caeb3a1eec8cf52ccebb9e8dd044cd3681b2ef89e24f4dff

    SHA512

    7fad9f3ef3a3cc8712ae03190179477606109b4ed603c742a6a758b348196087bc56622f4d32199f22dae94037f5428f1bdc404fdb3532631b11baaae2075bf5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8dbaa2397c42261ad57c0ae51908192f

    SHA1

    8253d5c3280c043c4d1e76ada8a118ebba251a5a

    SHA256

    dfe9c2090795efc8f83b84ee63b669a03872141ee09488bc26d74ea77892a648

    SHA512

    b65b94131f94d58e733670db6a2d53ec9ce7008be3b3129d8cd36dd76cfd0d7c3c4c51bb7eeeae44b10772477e196bf46c5571ef69c7e061688dbc3b4f425873

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e2c7f7f5542b5fcbf0722b6c6a9b7487

    SHA1

    751efa60f45cb255e3dded9db23048c3a832f466

    SHA256

    1df101c7bd37290b7815c7a9f09258885d2b88d08ff1c8bf2fbc69f62bc0545b

    SHA512

    cab657c779a8272b817c12b11f6d9e23037ec6efedf49572c57a183c4466c3e2ece9ad09301c8959c2c3860911379e13ef5452d0433aecc262a3119a453440e1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3d948549fb96a8979aa6d42f2350d598

    SHA1

    458f9d8401626fcf28aa134ccf4d2337c3a43965

    SHA256

    d67bb5a7d3a6a99f0b18126be85fb1c00af21253f874bf730061a26309d5cd86

    SHA512

    22cd619aaac9f04975f608991b504a5b694ac5fad07825d0036d889e58c25ac187088c427119c86ecfcbff7c74e78b31f084f981e627a647ca9928c0fc2e0d34

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1f40111b00d2cad9ea2fe94e8b2bfc63

    SHA1

    36b2b9b8aa63ff5d35772dff02445a65f72951bd

    SHA256

    77e84bd9819b467b6c3917bffd041ff7d7bfdf5ca7fc10111cdfd8df1debb9b7

    SHA512

    c469afd3a0d3608e7c77798302eb45dee38a35441e8d276c128f32d303ae6c6438198568361ccd46e523af08a8ad91c7a5b5eebb6fc48a0fce32b29cc476ecdd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9fd6622f67bc73aec968324c77607469

    SHA1

    55e910cb340676f1a3beaa2dbf7061b7b8a29be7

    SHA256

    c5bc6635edb571a087544dad60333e52e24af9da96a648acb8b3c564aa24a6d9

    SHA512

    0d4003732f4a7640ae81eaa6689185b08d3c3b66098e8e3cc9bf2964f266a499e648f51b91ef6dc482602c05774b6c71794450f54c3fa0f762ce46bde381b42a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab51BB.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar52BC.tmp
    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

    Download Submit