Overview

overview

10

Static

static

10

081899c525...89.dll

windows7-x64

1

082060e332...76.exe

windows7-x64

10

09d22d6340...64.exe

windows7-x64

1

1f4e927f6e...a4.exe

windows7-x64

8

20efc37efc...db.dll

windows7-x64

6

23b5ce252f...5b.exe

windows7-x64

10

35fdad147c...8f.exe

windows7-x64

1

36bfd9f40c...07.exe

windows7-x64

1

56ec95785f...a4.exe

windows7-x64

1

675e7e38d9...a8.exe

windows7-x64

9

6b4df38111...7a.exe

windows7-x64

7

6b4f6a820d...96.exe

windows7-x64

1

721ccbb780...29.exe

windows7-x64

3

75a9ade196...1d.exe

windows7-x64

10

79271d57c5...61.exe

windows7-x64

7

*.*/update.exe

windows7-x64

6

*.*/˫�...��.bat

windows7-x64

1

847001fe67...7e.exe

windows7-x64

1

97d846563e...3b.exe

windows7-x64

1

9a5a08d7a4...4a.exe

windows7-x64

10

9da42140ca...70.exe

windows7-x64

6

ac7da11c38...e2.exe

windows7-x64

10

b3489810af...5f.exe

windows7-x64

1

bf11915a5a...55.dll

windows7-x64

6

c453aa991f...3e.dll

windows7-x64

6

c97d9bbc80...15.exe

windows7-x64

10

cfe55dc501...48.exe

windows7-x64

6

d2a120aa4a...78.exe

windows7-x64

10

db97db6b03...1b.dll

windows7-x64

6

dc276b7ca4...cf.exe

windows7-x64

10

e714a8c576...a4.exe

windows7-x64

1

f0c2927859...a6.exe

windows7-x64

7

Resubmissions

26-03-2024 14:35

240326-ryecksfd5y 10

26-03-2024 14:27

240326-rse2xsfb8y 10

Analysis

  • max time kernel
    12s
  • max time network
    18s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    26-03-2024 14:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    db97db6b0367434c2170eb34f828ec6b99032a4722ea55dc14a72883d8af1c1b.dll

  • Size

    28KB

  • MD5

    af62cca39cdf2faa1a3e9b422afee8b9

  • SHA1

    5714a48c24d79cf820c98ec3575ef4f0b7b7c921

  • SHA256

    db97db6b0367434c2170eb34f828ec6b99032a4722ea55dc14a72883d8af1c1b

  • SHA512

    c7ad2ef82f1f1a23ffa5ebcba8efca1dc8aa788847cab8d2693cf082f85e2e87979b92c559c69e60bc119929912c105e40c00aa9fe2f09d1cf8ad9e8fc3c4d13

  • SSDEEP

    192:0P9IGUkZxXgGEmqnpbXf206LF9+qQ/1nwzJvZvdW9+2Cp92xR4qVeMNazlQF9gR:nGlJEmqx2029+qQ/1nZM2eMNazWm

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Modifies Internet Explorer settings 1 TTPs 23 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 18 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\db97db6b0367434c2170eb34f828ec6b99032a4722ea55dc14a72883d8af1c1b.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1592
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\db97db6b0367434c2170eb34f828ec6b99032a4722ea55dc14a72883d8af1c1b.dll,#1
      2⤵
      • Adds Run key to start application
      • Suspicious use of WriteProcessMemory
      PID:1932
      • C:\Windows\SysWOW64\rundll32.exe
        rundll32 "C:\Windows\SysWOW64\Pidalce.dll",DPldalic
        3⤵
          PID:2216
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
      1⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2380
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2380 CREDAT:275457 /prefetch:2
        2⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2136

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\Desktop\ÍøÖ·´óÈ«.url
      Filesize

      119B

      MD5

      a167617e7beae2993ed74dfbc501d8eb

      SHA1

      0fe32b76717d56fbc17b85f97a7a366fc0c815de

      SHA256

      08522254c8f6dfc9edbbec52bbfa67d12a8ef6c05a3f0b755e1f41b5f1800eba

      SHA512

      499d13f94423311124c628b26f232fb0a9d62df69b3e94c95f8f4c971babbe4b4833a5d0ed3f0bdc0c397ac826a284d799e094938f02dc196588dc2d367f59ac

      Download Submit

    • C:\Users\Admin\Favorites\Links for United States\ÌÔ±¦Íø.url
      Filesize

      97B

      MD5

      cd0a61d98969279d5726bfe656429ef4

      SHA1

      37fcfab8293e7d41361394ae8a827f6416b77515

      SHA256

      1106d3ae302e51bd55b0fa50a5befd555d0919576831d0e821daefa717b7019b

      SHA512

      d1ad1422d284942d0dbdf5b823cf30f705501c67244f920ddd50416de7783d7b779c1ccb0ee5452f484f5d43ff380ed255a2c30649ed4289efbac5b0b80331f1

      Download Submit

    • C:\Users\Admin\Favorites\MSN Websites\VANCL ·²¿Í³ÏÆ·.url
      Filesize

      63B

      MD5

      c772d95f3921ad2b5cd7e591daf41bb2

      SHA1

      eb4d2cbe38be7fe0aded05266e1186b06281be4e

      SHA256

      ca07aa59518c6eacf0e572980d27d9f0fbfb6a07c390114002c35f0f4fafd555

      SHA512

      1d0b7b43a500d7f7f75f62bb8dd3c3f505f0b97f00d7fa8f077648461ed4ccaa1773711c118566a6caea9d2c1eab9e83b851361de7622ab2a6e173e86431b46b

      Download Submit

    • C:\Users\Admin\Favorites\MSN Websites\XpϵͳÏÂÔØ.url
      Filesize

      54B

      MD5

      f34737c4f0c4fdb889e074ca99c25368

      SHA1

      5a9d9c9c4126fa806240046f22d1786a2991715d

      SHA256

      24f3957dacf5651ffc813986e8ac169607f7588da8ec94a2b524a877decbd480

      SHA512

      919225d77fbebe711a173566f159d5dcfbc13e6939ea913f87b150bd5950680aa8296c03e8580f48dae527890bf259d7a9071245af0bfa45997d454ad0ddd0dc

      Download Submit

    • C:\Users\Admin\Favorites\MSN Websites\°ÅÀ­ÌÔ±¦·µÀû.url
      Filesize

      52B

      MD5

      feb809ab6e61d75e1bb8a241e11385e8

      SHA1

      12a71885798109dea55771e53358606d2a0c4b56

      SHA256

      0d80613e892f32c5c09acd87cfdba76512987eac5320d07bdf40ad1afacdbdc4

      SHA512

      6e8b3ec1ac1e34191666bd0c84438cf089a230a1a17a3b180172615a5019097c1d59d284291a9d8877edb310a0f5e64fd0897232f89eb303506af94d549ef207

      Download Submit

    • C:\Users\Admin\Favorites\MSN Websites\µ±µ±ÍøÉÏÉ̳Ç.url
      Filesize

      131B

      MD5

      27de099ce4510609d75617971251ed1b

      SHA1

      3a7846070baa7e4e06d95193eabf395e4933c238

      SHA256

      55a0bc5d42f71e47faba9ea96a43a5e417ce335bd289bba8a1379466b9913bce

      SHA512

      1cfeffb282a6d5de6672ba191722e4f909ffe775d124d6d01205103b3ee2e3f12052e039a6aa5be5f1e6f1d6e7ce8f694f3ded3964ef01a66f05a0109e0c5e71

      Download Submit

    • C:\Users\Admin\Favorites\MSN Websites\ÌÔ±¦»Ê¹ÚµêÆÌ´óÈ«.url
      Filesize

      100B

      MD5

      2584d6cfc29621552b28f0905fdba7f8

      SHA1

      a2fb6de408e519e71883974e0e3191d5f5e58949

      SHA256

      1a7771485a51404fce51f453ab0e4532a0674a26ac7e305d9992ba6f3daacccf

      SHA512

      85bf76dd1e0d4caa19713ebca259153f33511f9712a7bea97c708f526316fc2604ceba98d130404bb9dc28c0d60cfa4c3f89899e21e88579aa1e7dee4ff70dc3

      Download Submit

    • C:\Users\Admin\Favorites\MSN Websites\ÌÔ±¦Å®ÈËƵµÀ.url
      Filesize

      95B

      MD5

      a866782554710ef7e69bb381fb5bd7bd

      SHA1

      922ab6f615ae84165e084d58345515be1ad81a9d

      SHA256

      69e3df75ac1833490ed17a88e9fbda30301e6d18499397cfefbe6e3b2ac6d78a

      SHA512

      57ec15586e869d12e5fc343bca8f65cae1f65482b6655fdd01b395f289641855c17a89bbf03befde18ad190c137bcc165f86e5f17b780dc3bf38b6419a4131c3

      Download Submit

    • C:\Users\Admin\Favorites\MSN Websites\ÌÔ±¦É̳Ç.url
      Filesize

      105B

      MD5

      bc9250c5a3210f2db2391cbec1f33f74

      SHA1

      4c3aeb7f8c73081a3bfe8299f07ca431e18d68ab

      SHA256

      7d54dcdcd48c6dd7f8138ac21f7b9a4b8a1dd3fafa1bd8947982ce908120f845

      SHA512

      d5ba01669542a7e0bc913d211a81651fb6d2228f42123fc4727c2da531ae75a96509e26bbd6ae251d6eaae4be49fc16a2aafe0f370617d8f71855bc965a395bf

      Download Submit

    • C:\Users\Admin\Favorites\MSN Websites\ÍøÖ·´óÈ«.url
      Filesize

      48B

      MD5

      181686fb05f3abd9c7adea860e5f8131

      SHA1

      43188041be0d74503e22ac42771c7ec7b7e94907

      SHA256

      64efb9a71ce40259dad8cc393188f05e36804829551a4fdc1656d736af197eef

      SHA512

      b8943bf08a45d531f712f227ae934c5ac6fa9d71d03558bc9eac30e45e7c51e2f6ee81b4004200f331957cdeaf45af78f1c874dc4b4c42ca8bd53908c6f89753

      Download Submit

    • C:\Users\Admin\Favorites\MSN Websites\׿ԽÍøÉÏÉ̳Ç.url
      Filesize

      162B

      MD5

      2ce9d605c8cb62c08b90f07930df170a

      SHA1

      2780c34d620ed793133c0635dc050371fc048498

      SHA256

      8c313420a0b779d32016d4d8120a361d2106e218dcef597c80af7b81efc48b5d

      SHA512

      20598be8e77e8ad45bb123ab0f2a63b075ee4594b363d9f564101c8cc9a0374329a36e784b6cac191815b529fe498c9782cecdeb5b15a124a5864a7d52ad4823

      Download Submit