Overview

overview

3

Static

static

1

a3c949762a...5f.exe

windows7-x64

1

a3c949762a...5f.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    145s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20240319-en
  • resource tags

    arch:x64arch:x86image:win7-20240319-enlocale:en-usos:windows7-x64system
  • submitted
    26/03/2024, 18:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a3c949762ade2e6c3a81f28c25ad7bc80ad8b77de691765a97a64ae99593b85f.exe

  • Size

    938KB

  • MD5

    21776e8edb25c66fc62d2dd38169900e

  • SHA1

    6014b525344c3fbbd37496f9309a03ca684e42da

  • SHA256

    a3c949762ade2e6c3a81f28c25ad7bc80ad8b77de691765a97a64ae99593b85f

  • SHA512

    75e86983f9e9126fb2176247f207c8975e0308cf8c7f5c1088c947dc64a091dbdf0ae12eb41710513e4e930ba347ae47212edfa71483234b338a3276ad3f5f08

  • SSDEEP

    12288:ZGoCd+aXUSHC5/srRj3ruYFytotwuXF6riJ0eskjB1gMlLIfhWDC3GHk35Iu:ZGF+CRjbuYDquXFFszMlj22kJl

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a3c949762ade2e6c3a81f28c25ad7bc80ad8b77de691765a97a64ae99593b85f.exe
    "C:\Users\Admin\AppData\Local\Temp\a3c949762ade2e6c3a81f28c25ad7bc80ad8b77de691765a97a64ae99593b85f.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2044
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.ni.com/rteFinder?dest=lvrte&version=21.0&platform=Win7_32&lang=en
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2104
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2104 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2520

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    19f296672e4f0ca2935c1843270e7f0d

    SHA1

    351f79c591af51e9390a332809fd527b73af93a9

    SHA256

    353f7d8f248d84db3802b551bc3caf53f55bc1b7bd6be89aad54f5b368a1ad8b

    SHA512

    f55e1031f5f91c2b37cd2df5c3eeab7c516b524f473daaee4b004a9ad3a74f2058ddd13d28f516d63cf7705da827dc43df13c6d7b7eca9a963c9c6fd0d9406d9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d2b5329cc0722d839c3aa87f26626261

    SHA1

    bec331ecf5c4d0289d67daf9f7b5ef826aef6bbf

    SHA256

    82c0c63f5240d8a9ed098c57200c1dbffb99ee536f4c34fcd27961650051f367

    SHA512

    dcc69b87d4d8b7f1db693962b4655b250f8ed15ae3a844a4af56d2014404e4193e5ca20b88090b309a9ad0bf617b9ef9618a5922082687f5b53b7e30a55ebb89

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5c56bc1a1cdc2d6ecfd54c90fe18e770

    SHA1

    af9360756b31a8339b0bc4bcb3c0f9569bb7d3d8

    SHA256

    c5c68ae2806c99d20ee23ae694cba255297c65be62556f6110157011eca41663

    SHA512

    8fa264bb932aff8c8b68ce3d28a0e4c35fee00e6817ee4acc6e0e23f3c1bf0ff5ca22d53a3a1ff5f74a1bce48bf93a699661e20e715267445056cf2882da170b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    846eca659159716dbdac08447c0ece4b

    SHA1

    a36324639a0e96ac852b32c8ee4ab4aed3c67ad7

    SHA256

    1b48641729b7ed3c9c02f6688abc8c24d3345886e22f026305f00a51ab0c0ad2

    SHA512

    ca8f53391785dbe35de0039c953aa37d3cffdb48805aa8662522a1be81b7d65276d4af0d1df89a8f051ddfc22397af04c7efa9fbb8d1a346ccf929374e367810

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    080b8b99f58c80f973c73ee8588686c2

    SHA1

    1a52d0ae0263e84b3aece437ce0360d297162f8b

    SHA256

    bd416ce7d0c32e8180438406ef4931378639ffab15171bf9e13ee1b501664e82

    SHA512

    7c46b61eddd6b465d71e7502d48c49fa75a1f77418858907ec2c013b44d989eb2d41bb751ce271f0c6e31aecfcc9fe76ab03d0020d2f126f30bbf359f220e307

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    728db81e9241e3656725f56200c88ba0

    SHA1

    947cade86fcc4551fa2fec653a19a1a407c7d4ba

    SHA256

    b06e1cd6648c9c60f7d72fd0c36d15c8ba92f35b1301b25535b9afbfd98af44d

    SHA512

    156ece27ab7e2f186b421df1b8f4f0184ee57ff58d9ec6b811a2c85bff886c2149ed655d7df06bcd504a92af1067502adef59cf98c8d866097661bc087a95b35

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fa9b0ec5a40108672d0c19137c60bcd3

    SHA1

    7b3a003331254b12fcdd3d4c3b7ed19121ba31ca

    SHA256

    bc280af37c7063e34777ffae85a375e9dd26136467e6282933535ef995de20fb

    SHA512

    e788cce8b7a06242e00a1424dab61575d0ec48c1327f15d1abb343832163392a05e1755aa00309907cbfe7ae7c00644134780f04686dfce16eb5d7f79e226f61

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eba4ca0279e11a650fecdbf3e5f2d8df

    SHA1

    5c87e805efd778e991596e1e553c3aaf60165e3e

    SHA256

    5bb16b226469a5c84f682b20ea21dc6473b353e286091907acfff5e5f1e588c9

    SHA512

    1cc833ce593a319755ecbc9a9526fe35fec358a15cdac33840087eccf9e8f7f5fc041f5350bf214de00e9f73788a1070f5140e6d455a5c29b37dfeddd21e34eb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8620151cb5c5b71cfc0dd4e1ae11dccc

    SHA1

    8fec520fca95319607ce2481a055e9fd29091268

    SHA256

    0f93cc4bdb7accacf8d601440caa3c0663323f387f14711791684577e53ca67c

    SHA512

    4d9300efb9d3ffd138d4abe62c5a2f7f0805b88c174a6272b2c3d9598749903672d34770587a6ab1580dcdb2f30ceaca33f9a084ff6883b1bdb04b6d7492aba8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d74f6121e831792dee6d4f509131333a

    SHA1

    2ad3eec0c564a4cec2243459ed756b1e99b3381c

    SHA256

    f8f5b82c9165bb3285cdf8c5aff9d103a30ab856b7ce4148375f0c7ecfed18d7

    SHA512

    a41e4d3c47f16080b0a8c8fac4f51b11d026f7e045f140011ece8fea6739b617e0e8ad3e270e921c5e0dafbf59f5eb977967ae296fe5bc54d7ca9f89b80c0b0f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a60530758e69c60b9fb94339aa371728

    SHA1

    a08340a16aa26feaec9bf17b1cb85b4dc4cbb47a

    SHA256

    c3952ab7ce39f2fdf1776ecb3b8249f868d240f4f524c31b635b607aa285997a

    SHA512

    0a6c0ae3f114ebc941cbe1829587e23bea6014358d2bd9d1531579a0bb87f7c43a0d5aad0305a1233a7ee192bb11dd5a4863eab8309ae0b6b72b6574e263deda

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dfd35f993db92903883d031a47ea51bd

    SHA1

    afc4c4715ec7127b0bf108449f053b34da84d131

    SHA256

    754cc958d1267fd8b015183e26240933531ffc3ef1f62a66b59a66cbacbb24f3

    SHA512

    1cf5cb2ffec856779f1c2c0ddd5158b552bb1f8a120a3aa9b9dbf05c8d700bf7a064a790b5e2ddd86a364e95302f72a22b1982c9f58a69aa900777b07158f38b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    37fdc87b696641bfd12a612b71fe38e3

    SHA1

    235efff81328d93b03986698c46ab7271e04e702

    SHA256

    887603fdd58b686f3f9d99dbbc154147d1c7a2a1f2d0585a836e915eeb12a406

    SHA512

    d5aaec7756fca418e594a7c7d22cd725eef56790d38b426dc4930727e03edfb09f25a87e8dd239f0bf6e6c8a4d6eac06289fd3ee23bc1ff34a6f054ea671a43f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar686B.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit