Overview

overview

10

Static

static

3

a3228a0724...b8.exe

windows7-x64

7

a3228a0724...b8.exe

windows10-2004-x64

10

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

LICENSES.c...m.html

windows7-x64

1

LICENSES.c...m.html

windows10-2004-x64

1

autoclickos.exe

windows7-x64

1

autoclickos.exe

windows10-2004-x64

10

d3dcompiler_47.dll

windows10-2004-x64

1

ffmpeg.dll

windows7-x64

1

ffmpeg.dll

windows10-2004-x64

1

libEGL.dll

windows7-x64

1

libEGL.dll

windows10-2004-x64

1

libGLESv2.dll

windows7-x64

1

libGLESv2.dll

windows10-2004-x64

1

resources/elevate.exe

windows7-x64

1

resources/elevate.exe

windows10-2004-x64

1

vk_swiftshader.dll

windows7-x64

1

vk_swiftshader.dll

windows10-2004-x64

1

vulkan-1.dll

windows7-x64

1

vulkan-1.dll

windows10-2004-x64

1

$PLUGINSDI...7z.dll

windows7-x64

3

$PLUGINSDI...7z.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    142s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240319-en
  • resource tags

    arch:x64arch:x86image:win7-20240319-enlocale:en-usos:windows7-x64system
  • submitted
    25-03-2024 01:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    LICENSES.chromium.html

  • Size

    8.7MB

  • MD5

    1ca87d8ee3ce9e9682547c4d9c9cb581

  • SHA1

    d25b5b82c0b225719cc4ee318f776169b7f9af7a

  • SHA256

    000ae5775ffa701d57afe7ac3831b76799e8250a2d0c328d1785cba935aab38d

  • SHA512

    ec07b958b4122f0776a6bded741df43f87ba0503b6a3b9cc9cbe6188756dcde740122314e0578175123aaa61381809b382e7e676815c20c3e671a098f0f39810

  • SSDEEP

    24576:ZQQa6Ne6P5d2WSmwRFXe1vmfpV6k626D6b62vSuSpZ:ZMfTVQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2876
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2876 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2812

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    563709e0a5cbe22d14d2d5741f868677

    SHA1

    4d9c96c718a278a7057f000276b8fd09e1257ff1

    SHA256

    11a5494eecf2ed96a18b936b40de7aa83e1d80f0f876a9833b74288d21c3bc71

    SHA512

    ef076530e951d1986c8874a2cb1ba23bf113c44f16549fa62d3deff53913833901adf02981eb4c04a2d1e060280c113d18dd0bdf4fc7fe4fcbb782caff94b3d9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    079d06fd1c8427278bc1ff0bfef54a4b

    SHA1

    30f7e40064f76d1d28a0f55dfac912b87ec705f9

    SHA256

    698333e88c033c51d397f84a0eae78fde39c8a604f663dec7478764b7c04817c

    SHA512

    da941d22798e679d9b27b2e1a5e5861256caade8ed9f4d267225a8ee6c62031def6f3653f63e714a84760df5d025137b600369aa12921727bb76d779fa9880ce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4217fbdf0a6f228d98fe7efbd29399e2

    SHA1

    3259276c6f89ae1a98613ec90255ab27984a3346

    SHA256

    3fb6db2bfa36c343eaae86fd1cfa400243e97d3016c604e4a873e6d16bde7923

    SHA512

    0f480d6482d747137264c9afe569cd1ed28b1a500c526a618c46155bec08655cd1fa01463564436ce9fdf6e3b84623a21177c10d378d77bdc71163770b9546dd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    18a120e0f5a9563f989e79e30fb6cf9b

    SHA1

    2b624c1b0c8a7d30f63e547dce417e56590573ed

    SHA256

    644d7a87e69863e08a1e13a7efe7c7e7aa41dd8847820e254747f51dc2658485

    SHA512

    02753be50fcdf1bb2f3b1893e3c5bcea3cbf37674f266a0a46668e5a9878b6407ede1569df2b788ab6db25cace5cab02fabc64f04eef563e59415903222a804b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    60b95ecd4066a5e6e14ed5651fab6114

    SHA1

    0e290efd2e38d6cdd8c74de6ed9a89bc010d279c

    SHA256

    f7212d621d484d044e10f1c458708670e5c9e61a35b281bf08914ebf0abb1abb

    SHA512

    232de5c9e7ad0f62d0a55765860a5882420dc4b977b8b32ddfaafbab62435c8bd92709e54c19fde9cebfc83b3eb8af52595dd07b5aab55333d04c7cd6be1d367

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3efced11b831a739315faec1a34fa177

    SHA1

    0e25051206e2a8d360609cf598656462f2055faa

    SHA256

    3e04c66594dba654c1b349b9bfdd8f2b725d602326cbb53794316288e50414dd

    SHA512

    8fc915f6cecdfafedd60f7aa20287cb9aa60c08f3fd6f79cee201c9c5eecff353f8c3c5fbb40bdc3bfde9425fdcfcaa292064f11b5ff2a9a327d6fcad357c35c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eb638aea29e08883a9871e1c3b358363

    SHA1

    720c01c0666325c101d70b3b45457a396c1cceff

    SHA256

    8589dc6787584af1abfce3404c580faab62da6bd6f1ecb356e7d9a041960c187

    SHA512

    4ae7acc559e1a7cfcd91f3d87ddb8bc618f2eec639e74f1c9fa2e8936319491e101fd6f830642e73377503b962fedc79d150e52b6ce878ba80686c0e7378d3e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bae96bd11c5670f7992c1605b588211d

    SHA1

    546172d0febdc627071048fcfd3265fba7081e22

    SHA256

    24b4be5140cf148463081a3562342a094050c5e437250c70cc614d25d04775d0

    SHA512

    4ad21695f7003cc321bd65590341a03bd5ca2c5558cc3aab63f2c4bb2f9e5161277ed400352df4903f19a83b912f5522974db0098e70a91105c4bab0c2acbbb7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4c3163e7b7ea8ca910fe14d5c0609146

    SHA1

    bb81bdb270015d24bfc188adb717a9ee5594a228

    SHA256

    87714ecf5ae2bb39833ea2777618b17d43b344219c336439bdba0b74c708f2b7

    SHA512

    e49c1db9d9ee24318b0adf26b8ba4061954a3508498cd2ddb4b1a78109084467ab5fc27caa9ecb47fbc9b31336f6bb3a2bf5103abe8bf87d4cb7e33ba1fc2a55

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8D64.tmp
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8E32.tmp
    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

    Download Submit