Overview

overview

10

Static

static

3

QuietForest.exe

windows7-x64

10

QuietForest.exe

windows10-2004-x64

10

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

LICENSES.c...m.html

windows7-x64

1

LICENSES.c...m.html

windows10-2004-x64

1

d3dcompiler_47.dll

windows10-2004-x64

1

ffmpeg.dll

windows7-x64

1

ffmpeg.dll

windows10-2004-x64

1

libEGL.dll

windows7-x64

1

libEGL.dll

windows10-2004-x64

1

libGLESv2.dll

windows7-x64

1

libGLESv2.dll

windows10-2004-x64

1

resources/elevate.exe

windows7-x64

1

resources/elevate.exe

windows10-2004-x64

1

swiftshade...GL.dll

windows7-x64

1

swiftshade...GL.dll

windows10-2004-x64

1

swiftshade...v2.dll

windows7-x64

1

swiftshade...v2.dll

windows10-2004-x64

1

vk_swiftshader.dll

windows7-x64

1

vk_swiftshader.dll

windows10-2004-x64

1

vulkan-1.dll

windows7-x64

1

vulkan-1.dll

windows10-2004-x64

1

wqweskxoxzl1.exe

windows7-x64

10

wqweskxoxzl1.exe

windows10-2004-x64

10

$PLUGINSDI...7z.dll

windows7-x64

3

$PLUGINSDI...7z.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    17-03-2024 09:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    LICENSES.chromium.html

  • Size

    5.3MB

  • MD5

    dfa12f4edccb902d7d3b07fae219f176

  • SHA1

    c2073440a5add265b4143de05e6864fed2c3b840

  • SHA256

    501f0b7ebf0be7ed8702d317332a0f8820af837c0a2a1d7645ba04352270e2b8

  • SHA512

    eee3a8e0eeae139ddd9369d0869c29c91007bf6c5b0d7982918d5a013214a9e80b9233e7c1ccb43124152f684f0b782831b0a6b3d126558261dd161230004e50

  • SSDEEP

    12288:FetnJnVncnJnknE9RBvjYJEi400/Q599b769B9UOE6MwMGucMEbHDuX04nNWQFna:WbXZ5IoWSL9bcwVR8mf+/cHBBaRp1

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2212
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2212 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3004

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    252aa4daa4f45faaecae2f01608f5a67

    SHA1

    cba09a32bc3184a5b1721010e28f58d63709faa9

    SHA256

    38a3701361bcb198b5ca02ad6ab88be77affba34364d8ca84aca5f210a88dc95

    SHA512

    0a0cfe1de7d49dea952002cab01bf6a00d38f4d18da13098f7866905e0465eb4755d90dab52ffda922a3f01dd203364e143fb6154783df4b9b08defe2d8e1391

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5b4824e2fb25b2f072eb7bc7a3eeb4c4

    SHA1

    cd9b7050427d74ec77701a54552dea31a2c85305

    SHA256

    c8c2275c84f7177170663584984d2250f6026427a5e737407e317e1064aca3a5

    SHA512

    37611e05b00e0b67d9f43642b7575534ae201487bd98fa0f59394d793706aefdb51374b2c0fdc90b96597ac8485643498df08693beca5813fbe29d982dde3ce0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b0041670e71861c7ea38afc058f3f057

    SHA1

    0efd1dad1a9aa98240c5138bc28a74d390fda021

    SHA256

    1425cf9b218be68a0790cfb0f7e652133ec4b5d207f2ffee712340c6242b3355

    SHA512

    ca01bb53617441871c2fb56a1e0a5cb394297a7d9ff0431bd69a27671636ef98f1682658cd285ced5c4fb50f863297bc8a5202ecfb0cb7d3b9948a728d01e723

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    839218ae105cb3fb622a7325687cb379

    SHA1

    213f0616f9a1d6d7676c4a09398b618f51d5d8f4

    SHA256

    5032cb74e884d5835da06cc2615221fade862ee9502d6f18726992cd2670b09e

    SHA512

    2edc646ab4b4c2b5f8e9898e2ceab46b22ecc058e3d963c8b8e0f2c26d15e8f72e9973c938d371e541c788f8aa5de63bebd8e3e2ac46ddc3cc0fa4af0054c559

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    31715c4ca0536b3dd7dbd6587dd9b332

    SHA1

    e71bb858dab980f1a0e05cf57c3bad2c158d8bbb

    SHA256

    23c3f8883108a88752d529d206a13f0acb8a5f8afcd3f51471564210c0ce70d8

    SHA512

    7169c05c435e73bef835bb6cfbf7553c4cc0753b15dad483e8f20a6cafaa1d6087823e3657edb6e6c411c8d72f25095f9a94953d840e02a6ae824c54171e7787

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    25708e816d4387bca731c4a52e79bce7

    SHA1

    a6b10abf1a23467835932e87977a812edb22d936

    SHA256

    c19938d73959ebc77ddfa034e5888014196690661079e6d21f2b3564cedb2b9c

    SHA512

    b41a05175b935e1615a80b24cff1a0182c89c83d6a7023df255201c23ca3207a2a9990e7f211d46c01290fcba825e997f1dac6a5a2fc433717ad725ebdc423ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    108fe460c3a7b02cca48fdeb50731cc6

    SHA1

    253f692f24cc4719fac81eabda4a818bb75bf0c6

    SHA256

    0a98dcce09b03aba369fbe27817c7a093e647a79f23ad1dfdec1f7481f9424f3

    SHA512

    eefdf37af234a177ec57068c261e00b00dd024625d99030fe4b5d4abd75586125a845864961595bd298698c10fd521e4d88751906f2c605c03e2b5ec387f89b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4285540b20bee657eea90aa41df50bd2

    SHA1

    193a6f8b9269e96d033cd0f3ea094d02f151d849

    SHA256

    6fb30466d6e63d772b3ce54fcf5845c6e33362bc126e11e2cee105e690f0280b

    SHA512

    7791f9c13ea2801873908630d4af9a8c1041f2aec2ac2d41b38e07bfd43d30be31004c6db3256aaa8ec2855f2931e315178a9929f19d8bfea3cc4f2ceffcc900

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b7c9d10dea71df1869162053ce765c1f

    SHA1

    026ed1fa4d0cc6962d5c943e0e8797a366d20e58

    SHA256

    3eb21a770618a4ffd565a04b3e4fe71eaff55e05ac7ea7ff5c8988cffc67aec1

    SHA512

    212646f3e300778431dc5fdf263884dea6a13bf555258b31628b71af7b13f6ec83848a199be4ba2366998bf7db2af7e40362a7facd0e5524b4cd8e0c0dd8b9cf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    311ab94c21471cf838ec2bff327d2cab

    SHA1

    7d2aedada1a412b94cc1cf4f856b4f0ca7375dd3

    SHA256

    12757a6c757e86fb1e83b53e2aab66a9eca7cfa778064e974a319c04608631ac

    SHA512

    561bfd40390831bbd4a676854b5aa9ddd3c4626b7d9cddb4cb605a0fdb57c0148cc3194634d47ac41aa0d81f6a01d785e1c9f7fa9cd9a62c72585de145ff5078

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    704c8eb8fa0d734bb592e399f328af59

    SHA1

    440cc66504ca323dd6d0b08f63ceebb455ed1230

    SHA256

    1f72158eb5bcef8387c5f4682be1a9fba35ee0059c45804b38bc6842310a7fd2

    SHA512

    f345f7d3d6e939a94af7bbf9ee8410c11c76e4f371c586b9244a0baf8656fa9a7f371e9c48df69aaf389658f8570d655dd0f7bdfc2dd9c80ffec6b445c97b6d1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f03d766383bb3fa66fb54d6830987068

    SHA1

    172867d934944eba5746bd6e2132ce3331ba4317

    SHA256

    124f5aea0dd705e9c432d8f053c2451e6b95d1595a23f712d72949c3a79935af

    SHA512

    8c73e5c02c89024896483169dd7cf9739170154060313df018da4bbbbde00a9aa3a69ff30db97d9726b0569e555c3517336a572a030298e20c52136446c0c2ad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    27afbcb185bfc95a38bd73907130b3ea

    SHA1

    0072a4361775a45f68978a3779c1457cf4cd73a0

    SHA256

    72155478cea42d788d923c0a80655ad1f898c54f70c036089f4779656ddeb28f

    SHA512

    1ce5f7fd1149cfd307e8b28465b8a4dffe669a1469b52313e0b585dcffe4c743e6ab18b701e7618f1ea3cb26255ad55ef66c382b9fc3805bfa40171616070cfc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bef776222d5ba60d00d3555a77afc581

    SHA1

    6307703521aa6e3c2ed4f9cbe98a0c625f87729a

    SHA256

    1f95e2d3ed072cdd1a6fee627ab65776c866f2e5ed07fd926bae80244e562a67

    SHA512

    5eea1d0ead99bb88ea03794cdf0ecac1a0eda8f7f6d7c2b78ac2d707840e34e947fa8fd6fa6cba14b3a36284681073202797fa84e2e062469bde59f0467cf31f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f5d76df0be3c1d54bf1d5cc1a90ea355

    SHA1

    3c1a6d38f29ce7452308e8b3b706cbdf654c6130

    SHA256

    0aa91d9d0814988e63c831772787f69e787cc023dc9b56f7993ef64e900f3248

    SHA512

    1bdeab9cd4c26622d93acb8359a170a2b112d118972d5dc1b7744c10b76b50bf74c35c67e202e4a3705f8ce4f3e975f16aa64cca79ed6c414b5a9b50d68d6fca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e9e74753b18017f015e6d639b18d5149

    SHA1

    7c1b43845f63dacecad0c531fed918dd864596aa

    SHA256

    302b6bdf51e07cd6473254a2442be372934ac329e3d437223ac86497ead05146

    SHA512

    1e318ef670f63566ed3d5b559fea1cd2e2fce0c21fc65e18f0e1d660655e8d8d6c60ab4faca6db70ff14e125854a9715b82688207de5aed6e07fc0f90beb1deb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a9c1272148f31ce31973b7bd4c897e6c

    SHA1

    1f75e3239d34b0149aa24f8ff314cf52ac70b2ef

    SHA256

    9c4e8dc6201c9cbffdbaa4981a5277b60c119058c0a12807c133a32d3039de0f

    SHA512

    c6d27fadfeedbd59038548f47414185784160fe38a56b3612644a3bd8a96d9156e3b2d01e31e7fddcdaa3d5460ebccd0cf446203ed9d328060ca1817ad800ab1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    afa2efe08b008304e46aea6c50f21442

    SHA1

    ba713d2e121757b38e9ca7798140f16dd0d3593a

    SHA256

    75c31f34d3ac7f941f2dd3aa55d7bb68d5b8b6f23036dbc0fb0d9371ae3154ee

    SHA512

    c708f3b8abfe9e512fa369187b945f91301810b4d7897cff62ee895c22800c15d5657848e05f15f2919c1b8519226ad8a6c482acf5606c20612211c826b1f82f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bab9955013e6e9d84c692381e8230953

    SHA1

    4ecc943fc89aca33a7418e182928106651fbbdfd

    SHA256

    356dd3e749a8589418ad1210a14055d0a312192c891ae36994c02f6b4629a18f

    SHA512

    615ca021d6d789a47b080e623feff414de81f3c4a1e67d60b872b101e24ba03599a604be8ff42bfddd08a0cd315e07a265f7b4905de8ad0b0c7b5bede7b689a2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d62cf84ce6d971b4f6ac68cb8213b734

    SHA1

    346085db12cb539a06068e367ab628cfd8667d32

    SHA256

    ef5d1cbc00eb70e1592b3f41653593c9a7389bdba548fd4009b6221a42d263b4

    SHA512

    3168ce2c35abf49de4d62cf817e8c9fe1587ad21c7cf010bdce54276067aaacb69bfc83cdb29e1b975b6470b153719dd6340a8e240c8a7b263c2b3ae1dd76f16

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    fbeb21a6dc4643602610e2b961a9a0bf

    SHA1

    32d2f745c90723dfb1246affab43c3196652f6b1

    SHA256

    c3ce6866674e98e3598ccfc50141c84dad7e9c3e958a13fae0193af0202d5e52

    SHA512

    d3655cc2bacbb13d56a26973bd831f14caa3c0b7fd3924db9b34119dec40da86c3f0349de2af8288637a51704ef7a40c2860b484f6ce669a957b3f5df0844cd5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar456F.tmp
    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

    Download Submit