Overview

overview

8

Static

static

3

sunshine-w...er.exe

windows7-x64

8

sunshine-w...er.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

1

$PLUGINSDI...ns.dll

windows10-2004-x64

1

$PLUGINSDI...nu.dll

windows7-x64

1

$PLUGINSDI...nu.dll

windows10-2004-x64

1

$PLUGINSDI...em.dll

windows7-x64

1

$PLUGINSDI...em.dll

windows10-2004-x64

1

$PLUGINSDI...fo.dll

windows7-x64

1

$PLUGINSDI...fo.dll

windows10-2004-x64

1

$PLUGINSDI...ec.dll

windows7-x64

1

$PLUGINSDI...ec.dll

windows10-2004-x64

1

Uninstall.exe

windows7-x64

7

Uninstall.exe

windows10-2004-x64

7

assets/web/apps.html

windows7-x64

1

assets/web/apps.html

windows10-2004-x64

1

assets/web...ff0.js

windows7-x64

1

assets/web...ff0.js

windows10-2004-x64

1

assets/web...521.js

windows7-x64

1

assets/web...521.js

windows10-2004-x64

1

assets/web...ba4.js

windows7-x64

1

assets/web...ba4.js

windows10-2004-x64

1

assets/web...39f.js

windows7-x64

1

assets/web...39f.js

windows10-2004-x64

1

assets/web...092.js

windows7-x64

1

assets/web...092.js

windows10-2004-x64

1

assets/web/index.html

windows7-x64

1

assets/web/index.html

windows10-2004-x64

1

assets/web...d.html

windows7-x64

1

assets/web...d.html

windows10-2004-x64

1

assets/web/pin.html

windows7-x64

1

assets/web/pin.html

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    167s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    12-03-2024 19:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    assets/web/apps.html

  • Size

    17KB

  • MD5

    62004cee42a310adb6d4d98b2b90f414

  • SHA1

    bd8a8892452e486590b19feb5a032c8c969078c9

  • SHA256

    1765e7e95e1c652c3339c99a89f61317b4a53010508d9f80252e96794800fbaf

  • SHA512

    2948bc3fa8b5710b31aeadbc7cc7f8fa624a5db3b5043c4fccd11d22fa89a75c81d1f8664e0e228899b1f1606aa95d775fce9f1193f469a3c722a8534d1d7523

  • SSDEEP

    192:qJhJaav85eJMXLmG+r8+KA1wTu6Dp3P5jmUqV3dn3:Yaav85eJmT+r8+d1upfMUqVN3

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\assets\web\apps.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3044
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3044 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2764

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0fce9b04ecd932a26dc7a490dc1b7a3c

    SHA1

    051be69429b0e59e0ce21c573149adb1fdfba696

    SHA256

    cbba6706878576263ef3da52d7f9f9031f862e5a230bada435cce25246adb95c

    SHA512

    c82d1319b4ddbc9edd3cbb178f62417755d5133cd125c7decae89eee29618517d41347d464a46ae89b646d44cd3d086ca1388bb651dd9500be26ea531f6cb375

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    76a022136b8a30beba72f177daf0a374

    SHA1

    ac8285d93ed5784c6437e74d13d5cb3cb3ca2d9f

    SHA256

    bdd3b3294db88cfd6caa721628d7b9a12027524386bb361854e584d794fa1b5d

    SHA512

    cd6e3ebad7d87ddf621f942db402fb87e320a66aaf9b20f02745b1dae335a560d0dc306a6eb544b94a03bb9a8ef6806b8b967f5c8b3dbef6764c865a1961227f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4503dce865e81ec737686a29c34d75b1

    SHA1

    267f6056263164f82c85304d3368d826c1bb7504

    SHA256

    d0278068e623c61abad99218fe1cdacb5134f1f89806c516d9f7bc4dfd4778d4

    SHA512

    c0c54957da2744fabeddd9f64428d65c8cd1dd01cbb84a149beb0eb74bcbabda09ee47c40537622c77b38274d2fd924d9b5211706310f55724cf65c13f43d506

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ed96a31732928487b7b2f34a1832ffe1

    SHA1

    9ad4a3fe1fc6ed296e99e768a5285097417b0b5d

    SHA256

    1d5b1069b7fc71834a03602559dfcf41c446c1fc91bc4dd03e4352c21c38f0f7

    SHA512

    2fc887efd7d4fde6433ef31980ec23365e84810984ff8a3bb95efd751e210e653211061892a59621b4fb20c2419628771e8e19723b66e3e0324e24ac61ffcc45

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8e65ed988b1de622c4fdfb6296e001cb

    SHA1

    b37f411224b115433ef0e34861e436c07740c7cd

    SHA256

    6b2bff17e15d3b7d5e5457e43f19b9806f3d478f168fe997787403b05f93a6ef

    SHA512

    191734c9353bbe52f718789b6dbc60b2ac2c7f3fd4c86fa9ac0e5e64810c5153ea832daa43093b66f9cd59184eb7366141bcf8e2cb02990d4b1890b43f26ad03

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1ab522d6ac4c0196f7768aa106cb557a

    SHA1

    42e6ebaa7e6f7c24f6cf21c892a3711f1f2735ee

    SHA256

    0a689dabd3c42aec6c47bf90b978ff98aea10a2eec819d067f8d98f64c36a76a

    SHA512

    27d29c2121828d655b3ad533c75f5451f8b42a5da06f2b0e17c3e747424b3c945b4802b3abdfe33391e66f1e363c78a02f14c7e3c30242161127d8a5b5598786

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eee1256553537029e6bd089f02637655

    SHA1

    c45d8fa5d8a2fcda4b37af8d72c56ce74580367d

    SHA256

    989cbafe62c0432c7527bf9a32609aa0c71ffd40c501a8718117034815c1a1f3

    SHA512

    27a1107cd8ede4c3812721c420859c336e332ef9f3962e6ac6afbd6f2489f752f927000d9deab4dd0b8ad19910d1bd87083205a526d64b3174670df3681708f6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    474c7aaf82ac311529ca3cf939ef8cf1

    SHA1

    09075ab092a4d136f5169b4c86c9ee179a4a5481

    SHA256

    94f57481fff5d6d1feea13b226525dfca52fa535b9de04aa20e41f97f0e54ec1

    SHA512

    dedab038e963a100cb670a29b9c147aefef78acce535bfc06433e496139e7a0063b0b9004e1b33c16b659c5cd90b6afd7a527ad368d397e73c2012768fb567de

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0c70122cbf5b63f37459a724458da5a1

    SHA1

    2c7adae7272e33b2cc55f93de813851a14f5331a

    SHA256

    1707f0effe68075451bcc7cd4a104cafd483dde3eb5f4dd3a8e15bee458fce9c

    SHA512

    34d33a15662c3d9d084be8856563cd6bfeee00a796a6dac90ab028879ef77be276a87e01e8c9e1174820bcaf427798105c54eadc41fdadf2a148b26bb22b22eb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e2d462375fc54df1866fafb7f3600185

    SHA1

    093c80a965200914898552ad22d298f9f33f610f

    SHA256

    370b61745aee656cd77da9d32a28ca6a0a3ab94c22034c248b47b5e17afb2bcf

    SHA512

    8c632e3e746984928757369ce38d734ca278bbb9d8c838b048910bad5066ffb927c641213bde5fd3a585f5c67c9e490a4f1d92a4ccd446fe5280436d991932cb

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE043.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE2BB.tmp
    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

    Download Submit