Overview

overview

10

Static

static

3

4728b5eb67...31.exe

windows7-x64

10

4728b5eb67...31.exe

windows10-2004-x64

10

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Epsilon.exe

windows7-x64

10

Epsilon.exe

windows10-2004-x64

10

LICENSES.c...m.html

windows7-x64

1

LICENSES.c...m.html

windows10-2004-x64

1

d3dcompiler_47.dll

windows10-2004-x64

1

ffmpeg.dll

windows7-x64

1

ffmpeg.dll

windows10-2004-x64

1

libEGL.dll

windows7-x64

1

libEGL.dll

windows10-2004-x64

1

libGLESv2.dll

windows7-x64

1

libGLESv2.dll

windows10-2004-x64

1

resources/...dex.js

windows7-x64

1

resources/...dex.js

windows10-2004-x64

1

resources/....2.bat

windows7-x64

7

resources/....2.bat

windows10-2004-x64

7

resources/elevate.exe

windows7-x64

1

resources/elevate.exe

windows10-2004-x64

1

swiftshade...GL.dll

windows7-x64

1

swiftshade...GL.dll

windows10-2004-x64

1

swiftshade...v2.dll

windows7-x64

1

swiftshade...v2.dll

windows10-2004-x64

1

vk_swiftshader.dll

windows7-x64

1

vk_swiftshader.dll

windows10-2004-x64

1

vulkan-1.dll

windows7-x64

1

vulkan-1.dll

windows10-2004-x64

1

$PLUGINSDI...7z.dll

windows7-x64

3

Analysis

  • max time kernel
    119s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    28-03-2024 02:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    LICENSES.chromium.html

  • Size

    5.2MB

  • MD5

    27206d29e7a2d80ee16f7f02ee89fb0f

  • SHA1

    3cf857751158907166f87ed03f74b40621e883ef

  • SHA256

    2282bc8fe1798971d5726d2138eda308244fa713f0061534b8d9fbe9453d59ab

  • SHA512

    390c490f7ff6337ee701bd7fc866354ef1b821d490c54648459c382ba63c1e8c92229e1b089a3bd0b701042b7fa9c6d2431079fd263e2d6754523fce200840e2

  • SSDEEP

    12288:/7etnqnVnMnBnunQ9RBvjYJEi400/Q599b769B9UOE6MwMGucMEbHDuX0YnpWQZO:sFEc5FeWSPZza8yUMmfSHCHWJ4pps

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1148
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1148 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1000

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    10af19f486e0c6331ec392667926feb3

    SHA1

    914beb8f83982371b286023c9e2541a5e125b8cf

    SHA256

    cff45ed2781a2935025fb448308d3c6a72b30ab2ce302d6ae8427f4b889894d7

    SHA512

    be5e31d38470cd855062287bea176c66b87915adb608225dc72701533d93f4f9a47c7c545e801ff617a13961f211ffca864dc8d5368092f5b8fd59213cc7bd62

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9fc672d7b6cdb381029121c1c619c6b5

    SHA1

    19278550febc3199653fb1b35b4de21e2644902b

    SHA256

    3b3484c26519a98dde2b74a2f264cade14968fd913e8406f5eed1154bea30d28

    SHA512

    3f45839d8221d2c3fb51c8a646f127741508899a60d0e0204666aad57983f83bcc21c83683109a75194f485c3fbe7003e0542ed2622e95652707937b8ceea78d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ecfebe34a05dd3c07713574fe17afa7c

    SHA1

    8a7386416fd914baf7cf9f90b13f0301eb195877

    SHA256

    9d1841846f22f02103d02dc89819ab71c26e69d15eaf261d3f20f1edce57e5b5

    SHA512

    65b7cebd3f736808b0a044dc4c0b102447ac46a0aa78d92869de794f36c2ad7a07e2327285e54d6b57936445968f2cabc5d480c0882294a769dd34795e627eb8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1f578186626174eeb099e9ec0b4d4fe0

    SHA1

    dff9c2b43f4541773bea7d2495a320ababa86cac

    SHA256

    2445b583a923a56ec2c436f4476312d259fe845f9163d01c92d2460f8bb504f9

    SHA512

    f97582741ae1d9b94934d40fea2bf8582e28c52588249c1b2f001ec8b663bd2f9eb85666e99816b9a266ff24cd9e7cb43e0dac8b5a7f2603f89e5374e8cd2e62

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    06279fbd3fbbaf73886eccfe255d5bd2

    SHA1

    ba5a06eae6bf8b428bf6fcc2ea38d2620da2f8c1

    SHA256

    5fd6c39da0ea77d1ab69627c543c13a6faae195199694f016463c1fbe3af624f

    SHA512

    c5520311abfa4e2e8947d4592915ca1164f8ad91c42a186f4486738a53101a5fd49fb74988ce8ab560a790dccedde409858e359d56ef0478fe7039adc25bd743

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    67545cdf025435744c8c76a73938a4f5

    SHA1

    9a90319c650568e474bdd4d590c188771aa52703

    SHA256

    3a96b0a03f75b6c72c4467629fbde557df483f5ce397149e65cfdda96d7df80c

    SHA512

    5f0b866cc878ddeb4c674fc1c367288dbc6d8940248cbcae8ac5fbf26a20b3bc9bfb4838ba9d0a00692320f3eadb4df60d7a7eb99b8b93f3d11333d5f5575ed3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1409232c395caade614d32409df7fc98

    SHA1

    f7f0ae9d079fac4f8ee2ada1e473fd215958e0c8

    SHA256

    70c77309af089dfbaf2660c1c4b7139bd4952dcb95504758f8e791046128b039

    SHA512

    671522787fdc3fc6fc9551e71dcd73e3a324c26a8d83f89ea15a8b6bf02fb5ce20838d1f45d419c98685e31afa7f1545edd4023602637cf05be66f541b860a17

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7c3c913d0ff986b5af4db9a9e33b62a5

    SHA1

    63822467f9a977a2b15c1f8e5cdc306db05ee90f

    SHA256

    37c6a9ab6aabdaabe5ca2ec0db16b01e664474a2a515604c652f7d7af982839f

    SHA512

    b4c90c5fc10f9eb557a9f07974cc834993ca2531d29c0de34a67cbd666ede93dd2b4637370115df3140191865432e76bf213df6958728229fe10b03ea46f0a46

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    182a194a86dc0b2f53524d0bb1acba31

    SHA1

    c4ffa69ba9817718fbdebea57819c99d2c540e52

    SHA256

    a7df34b33181d89fe8dca2c3b161cecbc5c35907367c93aa09baa7a0aa2262f4

    SHA512

    ef01c5be2280b5f73d101671c143c2c09a856c82ca193a0654971e125de0b4e53a4d889d38edc2cf41de0d300e925fdc056c3b1b0327c203e8e8c8f7f594ea81

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6cf3f351d4b592778b4a0be545fcce3a

    SHA1

    ae0c68860f3f3c89bb2cf08f6a2994766ffae01a

    SHA256

    a307371a5e190e5d33b9d2d66ec5234b1043fd1b447303ac59b26aef55f9d062

    SHA512

    ac59d3b553614c5ed11fd47f2cfdf17bbb726cd79e68407ab19007e6412f0ee0802c4c77a87207ebb393903e60ddc5ea5591e7847937b70f5f3e5bb95b256444

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d5bf00033c815b1eb7a092811f9a55d6

    SHA1

    010760ca74f8a6890efba6addd160644c946b5ad

    SHA256

    912af4bfb4c0988643a257182b213353d2437994925c85101faee5149fdfad72

    SHA512

    9c12822775a14c4a92dcb9bdf54198be55b9d992052e25cd9fc8a8b969d82b4f822141aadf8ba413a743845fb02fc5a6092bfc5954aa5634ac7ac388a753455f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    871a094d4e6cb51a22488a1264b4ab47

    SHA1

    363b2e0729fda76871a446b82eee071d497e98a9

    SHA256

    013b4e64f3b4401d090feedbbd19b25c0ecd29cb84d3d778d3079f13dea64e6e

    SHA512

    f75dcb46c79e79ada3df335614f77a6ffdb10f667fb6e38617bb7cde47d6cbf419486a98151dbf9a037e8af03cabddc81792ff0bb3babdc44bea0d5afacfa04f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2df34054428156403da036bdfcd6f1ac

    SHA1

    770e6a4676f8477f79e8c19808dd2c2448e0d54c

    SHA256

    2cdee6e8ea790c90aae195522d17eff633df2ec245d705d640bdb33fa920d87d

    SHA512

    51e30f23e1975418e45c3f9c4dea5a8985003a509c75e5bb3f68acfe816a2653ba53f7d3477ca0f1b6a07813e9ad2e19498a4c56fffb7f16b1f6daceb2994838

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    823a2cc503ff7c4c81d52927ab2c8206

    SHA1

    8ee53f70ad77332cbae4f9d7251a1bfa785b6519

    SHA256

    0d0f3957edab761dd12b7fab707b9d3aa0276659fd4db8f3d0ce2f1f3f8b8e9f

    SHA512

    22b1840c0e5ffbbd7852e50ceaf8e6baeb8eced09cd583eb93d260c6863feaaff47bbfde2ca995622ea2e83110a70cfcaf8c07ca594c1ef630c8009c74807bc7

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabADFD.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB334.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit