Overview

overview

10

Static

static

3

6d9cbfd099...b4.exe

windows7-x64

7

6d9cbfd099...b4.exe

windows10-2004-x64

10

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

LICENSES.c...m.html

windows7-x64

1

LICENSES.c...m.html

windows10-2004-x64

1

azkzkzz.exe

windows7-x64

10

azkzkzz.exe

windows10-2004-x64

10

d3dcompiler_47.dll

windows10-2004-x64

1

ffmpeg.dll

windows7-x64

1

ffmpeg.dll

windows10-2004-x64

1

libEGL.dll

windows7-x64

1

libEGL.dll

windows10-2004-x64

1

libGLESv2.dll

windows7-x64

1

libGLESv2.dll

windows10-2004-x64

1

resources/...dex.js

windows7-x64

1

resources/...dex.js

windows10-2004-x64

1

resources/....2.bat

windows7-x64

7

resources/....2.bat

windows10-2004-x64

7

resources/elevate.exe

windows7-x64

1

resources/elevate.exe

windows10-2004-x64

1

swiftshade...GL.dll

windows7-x64

1

swiftshade...GL.dll

windows10-2004-x64

1

swiftshade...v2.dll

windows7-x64

1

swiftshade...v2.dll

windows10-2004-x64

1

vk_swiftshader.dll

windows7-x64

1

vk_swiftshader.dll

windows10-2004-x64

1

vulkan-1.dll

windows7-x64

1

vulkan-1.dll

windows10-2004-x64

1

$PLUGINSDI...7z.dll

windows7-x64

3

Analysis

  • max time kernel
    117s
  • max time network
    160s
  • platform
    windows7_x64
  • resource
    win7-20240319-en
  • resource tags

    arch:x64arch:x86image:win7-20240319-enlocale:en-usos:windows7-x64system
  • submitted
    24-03-2024 02:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    LICENSES.chromium.html

  • Size

    5.2MB

  • MD5

    27206d29e7a2d80ee16f7f02ee89fb0f

  • SHA1

    3cf857751158907166f87ed03f74b40621e883ef

  • SHA256

    2282bc8fe1798971d5726d2138eda308244fa713f0061534b8d9fbe9453d59ab

  • SHA512

    390c490f7ff6337ee701bd7fc866354ef1b821d490c54648459c382ba63c1e8c92229e1b089a3bd0b701042b7fa9c6d2431079fd263e2d6754523fce200840e2

  • SSDEEP

    12288:/7etnqnVnMnBnunQ9RBvjYJEi400/Q599b769B9UOE6MwMGucMEbHDuX0YnpWQZO:sFEc5FeWSPZza8yUMmfSHCHWJ4pps

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1684
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1684 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2284

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0198b76f2c4f487fa3fa735e330bd9f4

    SHA1

    b3dc1dcdb25cf3393ef69ff97f5e380513c4ef6f

    SHA256

    3418ac3d9576e07c07968f566048ad0ace536df6c5b39ed01116fd8d42d6a2e9

    SHA512

    458f59e78aa557b92e46495ca9a2b39b159032b3ef863f064cc4e28713887c1a7330353b8972690f524864e4d49eae937d0ae3769a4e90b061e5f4db98ff1b10

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d7ba8358fa94c178dac982daf1a76af0

    SHA1

    d323028850e9c8c2edca5c2e48b88769d27e16fe

    SHA256

    f8248ed0a82cb2a8026de9b0fc1b725a8fbdd776232a261c88ceaa1adf12b319

    SHA512

    054794090c1d704346ba460d95c2a5c7fa8610b5f05523c69dadf54c5436ff3ee555905de456da8b965da56cba113137d78a12e0fe98dd6fdc07885d043e9af2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7e60d3a83bbac60a7695d5c090782248

    SHA1

    094c8b3f68f5ffa71853f4342b654ac00a9b1049

    SHA256

    f618a44b3b84ecaa01c5cfe49a81e87607a800f943ef3bbe95bc00786bb7361f

    SHA512

    b505f35387d43b033ce6b9f4a835ee80b1bbbe3ffed16a26bc5596c0de828ae36da1544241cacb8bca62d2fd48d7bd6558f690a34438b3e1e6a7275903bc1339

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5b6373725aec283dd1ef7775ae9d0ad0

    SHA1

    b8475773368f0b74eb5cfbf96f25cbc749c8015e

    SHA256

    a7ea5f749a36027a18fb06a4f521c583d9045b09789157a51f2f9643d136aa0c

    SHA512

    a65087b1f397bb933df3c4c06bab690df6df1c1bf1dc203619ab341fb5023caa101e2393b0fca223a5732131bef95ae3b32826bc146d8f3c11842f4be10f2dd8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1fd3648f97581cc10e69fd676e3c1991

    SHA1

    d0d84d892014d7db0d90919592e509deb79348e4

    SHA256

    85c8461cc6ee4cf9c7fecd44a656375d0031dba282b971ebd013a498d5c13814

    SHA512

    fba8e0add2003a5fb9b800abca996186797766ab4c8c19d5178eb36370c44a9ddebacd95e7d84e54ea0189c05e43aa8bef18de58ef34bdc4ba42e8803fe86293

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fe4a4e30b2c7e29e541b712ee3be7882

    SHA1

    d395bdc417102d50f46c6026c6dafdab8f0c41fa

    SHA256

    bedb0e370b068d9d9ee66386d4ffc4ba0c7678382afe7c8d414ff1a1152d9222

    SHA512

    f5ef0358e30bc5e684992227ce766323f7dcd7e77776a832ae8fe4ee749eec024662b76607d685f93ac53e57ddf4c6e70fd2883ee192c28157f68707dcce6211

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabAB6F.tmp
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarAB91.tmp
    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

    Download Submit