Overview

overview

7

Static

static

3

MN9-PRO.rar

windows7-x64

7

MN9-PRO.rar

windows10-2004-x64

7

MN9-PRO/Ha...er.exe

windows7-x64

6

MN9-PRO/Ha...er.exe

windows10-2004-x64

6

MN9-PRO/In...es.txt

windows7-x64

1

MN9-PRO/In...es.txt

windows10-2004-x64

1

MN9-PRO/Ma...as.url

windows7-x64

1

MN9-PRO/Ma...as.url

windows10-2004-x64

1

MN9-PRO/in..._9.exe

windows7-x64

3

MN9-PRO/in..._9.exe

windows10-2004-x64

3

MN9-PRO/ww...om.url

windows7-x64

6

MN9-PRO/ww...om.url

windows10-2004-x64

3

Analysis

  • max time kernel
    138s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    15/03/2024, 02:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    MN9-PRO/www.compucalitv.com.url

  • Size

    116B

  • MD5

    a173678ccd263653c0bd5ca5090f2aea

  • SHA1

    05e90af1a35e9567924126c938c90c0fcb83d756

  • SHA256

    f48b2308b8ca944064c10ab4fac9fc9b6a6045b5d7a47173a151f0eef020c000

  • SHA512

    10ae4e80e5b4ab98f5855feaa051e8fe5c26db4e68ceaa23c6002c8936fd28657e5cc87cdc74c26be315c914ed5a017e8808ad664425b3e27e6d6df7d0dcebce

Score
6/10
evasiontrojan

Malware Config

Signatures

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Modifies Internet Explorer settings 1 TTPs 33 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL C:\Users\Admin\AppData\Local\Temp\MN9-PRO\www.compucalitv.com.url
    1⤵
    • Checks whether UAC is enabled
    PID:2396
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1420
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1420 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2172

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1aa77a781712e6c38357709dc6d08bbe

    SHA1

    72e7d82b9a235360164fc1cd363102573eca94d8

    SHA256

    2c118ecc520f3aa0d79efd36d0680d6b7ddf904c49d630866b30c1d1c6d5969a

    SHA512

    734d7a57facd6eeeae89a3ea13472aad0d889ac71741e3a5ab7dcdf267f6be2beacfbe784ffa87102f5ee89a8342187da7ff7560ecfd3361f1af074ff0e677d2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b696bc64c5303a77ec1672d8a3c80acb

    SHA1

    98916994b79ded082560aa3e1363c36f9e4ae81f

    SHA256

    81ebdd483af8ded692bcf5fc1ff6254b98985f2456d20e27490dc38de565ba64

    SHA512

    989bfa5b86d6da77216539b4fa70cddc9c9bc0f7dd2ff1c8cd470b6fb4982ca6ea3b15346f409d41c7d180a81eb85612d286fb18924b455ecde500c9b9eb1389

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    93703c061f7b35f362936b8097025f04

    SHA1

    7c23cd62991984bcb5eb4a80ae1ae181b1cdcd1b

    SHA256

    6f66bbed26a9bdab01df7208ebe93c91aab15a4b6ff847fe5127a0b57c9d76c1

    SHA512

    305c3f0ebf0877ff6b07ebb1c41d07fc3d041d7c3f24ffa82d2da68d453c183d7e7959776583e894d4cc43c5be5f27232c208d1e15353cff3d2a6292c8347561

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3c849979336f31724d1fe1cf8c80397f

    SHA1

    cdf5dd10396cb52df45533dc204793272fa18390

    SHA256

    0dbf7be02bbc0e2653dcfa6729fa5bae32c3177fd16d106740978bc21fe63da7

    SHA512

    c9261ec8746517a9e7e541bb89d7dc1fe31beac6b39ea1c94ca93da25f033f28b7dfdc5b80af0823f4a8f408d2745ba97e6d4b84be0a4a83564b59857d8b2447

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e4e9cb70eff4de185f2a787d009ea22d

    SHA1

    981b1e09a60399c10c98e03c784dbd2fa643c300

    SHA256

    a7a6c2535364f156986e91058fc745e40f352b99a0648a7b68747b276f647098

    SHA512

    eb9e1447e74c95c3f55d3cbeef825bc6bb0e0f99e8eef3ec796c94396557a326b3e6b15b4aacdd386843a233605449215055bb3d8134b12d0539dcca4a114d3d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    057e613873882789b9788c99f4501427

    SHA1

    81f0563a418387bd104f21195f2f4485a0fc0f4f

    SHA256

    e4e18657dd2116aaaf1deaf2b882ae6ea53bcd6507d3f81eaf6d70c748365588

    SHA512

    50e3e633fb60cc495578dea4fd5cc820d83895b4487c1368c5804a4ea09a8f7e76fdf4d9ad372ac4a79e70fe2749752c9faea81965a3fdfd1f96ed29f1a2aa5e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b6d8ce45fb750454445180e7f9068999

    SHA1

    7e43a86ef23b3dcacaebe300f51c59fb3b497a86

    SHA256

    7e3ead0a28804e67a1f47282f03c017a33d328de304454ac111f2d8c22ee470b

    SHA512

    614e61a95b584eebf8dd03f4220ad9d2f3f2a2330d3da40156d92f0c556b57fd63eb8f27b1714809506a3d9aaf2a0a111399e00347928bedd5676bb2310c2e85

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b69a8150b9fe7a728bbb3faff1564768

    SHA1

    a7a3857fd00264e8561fc8d89f5feb0670bea875

    SHA256

    7b6b19a1fb156da3547043bac3d88d59feed31374b389a430433af2ba784c3b5

    SHA512

    c0ac347e67b6c2ff07fd82bc08c3f5f62b7fad725f011e24bf3819800bd613f014d1b14b0af0ab52a5bbee6c7803a70fe9ae2a0e6a14fc36953ff8f73143d697

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab69AE.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6B7A.tmp
    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

    Download Submit

  • memory/2396-0-0x0000000000150000-0x0000000000160000-memory.dmp

    Filesize

    64KB

    Download