Overview

overview

7

Static

static

3

cc2740467d...12.exe

windows7-x64

3

cc2740467d...12.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    142s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    15/03/2024, 18:48

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    cc2740467d7e6f251b6875d45ef88a12.exe

  • Size

    45KB

  • MD5

    cc2740467d7e6f251b6875d45ef88a12

  • SHA1

    20a9b359dc8f665acdab544a12a545b68656dbfa

  • SHA256

    e50d70a9c439a1405cf69776ccc582e168e239bf3c2b999bfa2e245c4e5192d4

  • SHA512

    bb42b16783702dff0021bf5e2036044952c2d4d27cef8cdc40e00243cc4fd811b987200c26fc2e9ff9bda279399d0503551956a18bdb2f8fd479d4089bdc0352

  • SSDEEP

    768:Zz7tmjV+VcexfguwxXBrmGINgIz8l8FeA0pG:Zz7tmMjxfguw9Bm6W8lzQ

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 11 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\cc2740467d7e6f251b6875d45ef88a12.exe
    "C:\Users\Admin\AppData\Local\Temp\cc2740467d7e6f251b6875d45ef88a12.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1648
    • C:\Windows\SysWOW64\explorer.exe
      "C:\Windows\System32\explorer.exe" http://66.219.101.227/~dark/loud.html
      2⤵
        PID:2544
    • C:\Windows\explorer.exe
      C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
      1⤵
      • Suspicious use of WriteProcessMemory
      PID:2924
      • C:\Program Files\Internet Explorer\iexplore.exe
        "C:\Program Files\Internet Explorer\iexplore.exe" http://66.219.101.227/~dark/loud.html
        2⤵
        • Modifies Internet Explorer settings
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:2596
        • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
          "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2596 CREDAT:275457 /prefetch:2
          3⤵
          • Modifies Internet Explorer settings
          • Suspicious use of SetWindowsHookEx
          PID:2472

    Network

          MITRE ATT&CK Enterprise v15

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
            Filesize

            67KB

            MD5

            753df6889fd7410a2e9fe333da83a429

            SHA1

            3c425f16e8267186061dd48ac1c77c122962456e

            SHA256

            b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

            SHA512

            9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            304B

            MD5

            423c824e7f2406e2c7f4913ce993aaac

            SHA1

            2480f7b5ac00b8bf1da958c1cd5b703f900e6cf5

            SHA256

            b2deade8f95a8b8b2b6c804d84b5a48347ee193699b2fd372ff1cb6b05b2a5f3

            SHA512

            a7beb3f565092fbd69ab4829eef40180ed104c316242a4941802d7086b32cc591c7ab180cb0b6377f0295639677b723b2a4da264b485c6f34047234146a9f968

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            304B

            MD5

            f3e22095e1741ff497d1aaedcaee9c39

            SHA1

            78354036ee93858aaf29cdb37f4633ca0d8d5f47

            SHA256

            a00ced199de3bb10a6fc1904a964ca7ed380b87c835e1dabfd5e7feabc919743

            SHA512

            3e907fa0df83b94e307f56cca392ab03d375d91d786f24f15d7d00648c317891570785d48a15a10c16332adff4cd697f0aeeb5bcdabeb5276960e16608fcf085

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            304B

            MD5

            c07527161f0d774ae538176c7c2500f1

            SHA1

            9c41c83ff3aa70ea796f522e93b47d3092ff1bf5

            SHA256

            52518544ca81d60d7985a0e9d12d4da26f51105fcf5690538e0d3014fab049be

            SHA512

            e310bca7e9bb257b9249729472033aafbdacdce7207150202d3ca24aa883295599a7277c770b71415342b86240673d4d629637f8037cd6c653bd7030d92de47c

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            304B

            MD5

            374fe02a3014a0b13ee94917c14ca37f

            SHA1

            831d5a6e07550f9ba07eb4f7228dab53ccd98f57

            SHA256

            fe4ec7b88639b251d322dbd424b4c1cf24e78c69fa02b5c4617c5ff09f9496aa

            SHA512

            7f8bdce00c33bba89eb4a1277331a8c3d64dfc0d8b24607dbab25b6422ef6a11b750ffc0dd58321df32f85cd2c0250d8020b51a22f7c6050203fabdc5db3f21b

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            304B

            MD5

            e32b257db5cca39b82922d42b2f8d817

            SHA1

            1ec67f41183e3957a777be1ce70feb5b1cb92655

            SHA256

            81c6446e5c11d302d1cc8440ebc7f9c9d7ac608ad6a250e00954e25badda3fe3

            SHA512

            958d4c6e0b229d3ce25ce63ad70cd056b97b120c9d7eb36607d41db6dc4ad3debe360af068ba5dce1399c15210f3d77f22927d7bc9b405e770b0e03109ce0bc9

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            304B

            MD5

            8f40b95dc6c5be794c23360cc4ef829b

            SHA1

            4bdc239eda7a39f57877569d6590f18179e02d4f

            SHA256

            9cab31863aaa866bc7291ac79ce4da352031b929d4e222b53aafec857abc2a60

            SHA512

            ff8c22efe002a16bcfdd290606190fcbe8e94b25c6f7c0eae2a702abfa14315be7b0710f07e82b5cc25d14ad0c4994808aeb8e2e776aac32df7e099c3f84c5c4

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            304B

            MD5

            28eb013e742a043e6c28dcd972a33bf9

            SHA1

            55eba5f4190c8adde9a0e151b750aad3cf99cfe7

            SHA256

            419c345bc7ed6133b874ae2fa893f47521a2bbf97bd7053f3c11e9f450063367

            SHA512

            e1ac2698207923a1acbb39f2a2ccc4c1ffee500dc9c629ee47e183e97079478b71f0b8ce71e4a4a72bd3209e6e431cf7a2fcb066eb28ac7d27dc44aa67154fd5

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            304B

            MD5

            a740331677e1d683a7fcbb2feef269e1

            SHA1

            9efd00aef2d7fa12d24aecfe5f37897957102f2a

            SHA256

            1a41a64b2946a185adc3dcb667986e80787e6a3d3b0bfa28098d8fc16609107f

            SHA512

            7297fa71bc11135acd68c57f7faa79a05c7786c3c7f760722b0e75c9b7e21986c8b5837c766533bc2d4b76948392d2729f02331b578dd500c9ced0ecabea7455

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            304B

            MD5

            f8e19b7f68469080f551ae6d4f327885

            SHA1

            2995b19bafe930664257b24f27ea30e9dc610e16

            SHA256

            8b579c0299974d3717e10439c1d4732b44744d9e0ddc345b1e79c6d9ff3bb196

            SHA512

            82280f4b42b1bca57b8c350060cf0798230ba23b4061a87ee81c196c78944be743f085c43cc8f4b17da98491bae286154dcab4f694b2f487c47a05cddc607a6e

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            304B

            MD5

            21a472001ea8875f9bd22ab78e8724ad

            SHA1

            95fa0fd90574d6d0d3e65bf7f120b2483d9c7321

            SHA256

            41d73426bf93569726cbcb5d7df72f147d448a5b7a02c8ae31941c3e06b2d549

            SHA512

            8dcf6adaeca08d0b8b8a97147eb3fa5a3363ec92625cc3fc36205a3d430e0d0c3f2e43e32a50ca104e361b01b7801ad13277f4568db2aec35537dc8b9d468fe4

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            304B

            MD5

            58e777f80edf7c7f634d926ceb32f80e

            SHA1

            463078de5a37ff08a250df75425e91a092c7cc17

            SHA256

            f9609181af94174316b6a2feb617a62ec1a3f2fee7fbebf30695d5542f7a482c

            SHA512

            cbe38a9cfff5269f5bff40881a70e7e61b3f85d8a1e2b723b201685974f6ce992cf8700e78acf4341727cabb49cf3c306a5b98767d035143add52afd19b7e34e

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            304B

            MD5

            29d401dcccf2fa66c17b9d3af8333ac6

            SHA1

            b51539c055c7265b8d2ae9ea6c05ce4198423932

            SHA256

            5f3fd9be232b6c127395d4fe17e5af0424a97d2252d7128bf740b6b3849c3b6a

            SHA512

            2fda5569d041d4e1a97555866798b23a7a480119ca5081cb7e08e6527460e8b8363280dc7a62712779dd3175e6ceb3f055d421ac17a648180e469d21ff57da58

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            304B

            MD5

            2aa8c71cba9a2fa574c36ab19772f308

            SHA1

            dfa0f93c80dc52b8f13fad2af36463435997cb4f

            SHA256

            fc72946d9b8540e8f5590fe0485bfe25af0b4c8e45352491014d410073832bfe

            SHA512

            cf412b9fe719b21d3b4840bd84348922f098378e7546a199c23dec9c1374e2b179391bd725a38db5f78edc72c2a0aae402e8e1bb4fd841a1732748e1e07a3943

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            304B

            MD5

            2978f27c7c26c8a2d603a7791a4ff7d7

            SHA1

            dfabaaab3504c817363831abf57a8fb286f9436f

            SHA256

            15d684f088d8ef3977110a27b167e34585bf915b99ae39c4a9af13426c51894b

            SHA512

            38a1e9e251d87f141a14c1acdd85901ecaeb1f780970637bbdf0ebcf7c7e520b1b4c5e567d046c8eb3d580d3f516727477f93e29812b11f87c724f307f2d6d03

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            304B

            MD5

            1aaee18615c56c8c0cf8d56891f92a09

            SHA1

            0105fc303e8bcc971c810b3edd48cb448116d8a7

            SHA256

            95e7a213a3ce3ce6937f4ef1a3307ef2e16eed134805dee1fc83cb487ebc68cb

            SHA512

            f003012ae79631dad615424b2a93449851b408a68acf36b09503b0600830f5dfa8dd50a2824fe9cfcb21828b7779473cc4953175c3a4bcf934a5c6f9899679ad

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\Cab343D.tmp
            Filesize

            65KB

            MD5

            ac05d27423a85adc1622c714f2cb6184

            SHA1

            b0fe2b1abddb97837ea0195be70ab2ff14d43198

            SHA256

            c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

            SHA512

            6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\Tar4120.tmp
            Filesize

            175KB

            MD5

            dd73cead4b93366cf3465c8cd32e2796

            SHA1

            74546226dfe9ceb8184651e920d1dbfb432b314e

            SHA256

            a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

            SHA512

            ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

            Download Submit

          • memory/1648-0-0x0000000000400000-0x000000000042D000-memory.dmp

            Filesize

            180KB

            Download

          • memory/1648-1-0x0000000000400000-0x000000000042D000-memory.dmp

            Filesize

            180KB

            Download