Overview

overview

6

Static

static

3

7cd20f4b94...6c.exe

windows7-x64

6

7cd20f4b94...6c.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    121s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    10/04/2024, 12:08

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    7cd20f4b94dbe2d1d29bc25dc8b827a74db0d916d11451b058253de427acf66c.exe

  • Size

    28KB

  • MD5

    292ce07af4e460cd6740fa4f998f2e75

  • SHA1

    3718a5c97573f630a2200b6137944342aecae9b8

  • SHA256

    7cd20f4b94dbe2d1d29bc25dc8b827a74db0d916d11451b058253de427acf66c

  • SHA512

    001f1788c9a9921be73c8abf17e048c7920ad0d36a97ce9d68d41a983e586c3764c7a15b3285b00ca9fc04094cc60abe16748e45d77493744377696baf6925bc

  • SSDEEP

    384:US6LXbAzu/EztWcI5yz13k0hK3otSILaMoHMl664BT:sLXbNEIc/13k0h0otSGvoH3VBT

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7cd20f4b94dbe2d1d29bc25dc8b827a74db0d916d11451b058253de427acf66c.exe
    "C:\Users\Admin\AppData\Local\Temp\7cd20f4b94dbe2d1d29bc25dc8b827a74db0d916d11451b058253de427acf66c.exe"
    1⤵
    • Adds Run key to start application
    • Modifies Internet Explorer settings
    PID:3008
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2744
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2744 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2680

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          087889701ddf9275c802774bcdb0c51b

          SHA1

          74a20f73507fd9935cc82ea385ff910365f32b08

          SHA256

          d7e5b9a5103f9c50feca9d5d04f9adccc74839e5b1627633305cf710d099be05

          SHA512

          d0ae722e857006914b6ca06e86b61d91c543490151e9987378f9537bfd4e8c06cd8c92f10bb44943cbb4a3e0cad5c6e9c378e1e8e8d6c4360c5357084a7e9d94

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          c290c9345347cbb274302add3dbf4f23

          SHA1

          41fa873da597d3fca968226634a6ed43a6f22a55

          SHA256

          7f28785e83980c259a4003f618fa28ff301443a5c79356b2bec3da04eaecd3de

          SHA512

          73bdba7eb4f5ef5bbdcce891c22f3a89844cfcd8c12693b3e6b7f44ca457c3bf9e9b93e71a81341ca0e04dc98631791294756dc616d4c6d7898b285daf265837

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          f79213e2040eebe4bd28e6d29f98b21d

          SHA1

          2fc4e8f3b7628e6917f281dda4aad8119c22fb52

          SHA256

          ed29e2e3cc8baf3da2431b079869b35c657a260afbd354f59374cd4eeafaa57a

          SHA512

          171bc0aa1fb261cc4edd771e995fd9b7d10ff23e4d82a949e604a869455b131272fb16704c3ec986744d3d21ff2b703e707c88001c7f078be732f7fe43e1dfd8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          0f1200024cfb514510f3156b748d1d38

          SHA1

          dd88fe14f3ceeb1faed599768604216604fe246f

          SHA256

          174a469ee950f1cc944e90e10c55912b4e003d0129dafa1f0a351dc2849d186f

          SHA512

          18e1db5ffbaecb8dd04fcbcba55919cb6d611747ce2ffd8c91d103f7975d241481372fd362b181690ef6d9118c3e272b7aa80e55764af15f2dd641b463ad49a6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          9dc1685e3e5f110244b507fcb13654c7

          SHA1

          b0c4b2bc8ff66940793e122405fd200255fee17d

          SHA256

          8ae202de25b046f8acb9a95f43948dc7c39b76017e95348eca2a592bca72c5c7

          SHA512

          6f5f05c009799e404086683d79760be6819e77cb2e2b45b0b53a5d99f1b80aa21ee0d5ade356d7b972ecd118b6d47e979358f218a92117497072c87ca5fa2bd3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          3308809fadcb1905900c9b1e0e38a8b1

          SHA1

          0a7ef6a24778759c27590438374cd08cca020aa6

          SHA256

          393f905bb3f3cfcfde34931a0fad3ce3a4d7dabb16ca70d061d0d38741c57491

          SHA512

          a0f77901fdd6ea3e5c1b26b7a9b19b2b06c63fe69943e35faee7b31495532dc66fb863fd529dafed7cb4ea2bf5042e90bca8b21ee1bf0c8cfc904b3a43602ea0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          bed43e3c29be97cd1db3894a793a8035

          SHA1

          0eb405de9c129379f1ef466ed99f98126c8c8650

          SHA256

          eaac96df59336f08c3b5e643cb9b9637fd7eae2c3dfd9a0013fda2b2bfbe2623

          SHA512

          fcab86773c7b2920d2ff67c32564f3a741f29c13a788e083b6389c2760d698b01ba21710ccaac332b05eb7d3e61271330b8160ed7f3f25e1079f8f7778cebe8f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          8213a6e1a1d80d1dec6b600e6bb4f514

          SHA1

          60dcdd4353b3e49d4c3aade71363966c3f143f82

          SHA256

          13dd66d9826452e236bbd7409fbe7c6172f8209b8c2196b7010c34d98bd32594

          SHA512

          b7d51beebdd285a68010a82df75d532b180d77cfddb5674f902b263d936164fe29e60ff351387af1e2bced3d119d8bdcddc5dce7d00cf63b97ef07c1fe74e032

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          e2079a090569553ad3add316cb43f655

          SHA1

          22648fe2302e479d3d2c13103816a52cc1c95537

          SHA256

          818acf7e93eb425fe7426cafd2df39b98edf5c9d0f7b9f218930eb520c76c122

          SHA512

          4db897e421c7dfb8204687ffc7c7edf09aa543ac67c2be8dc49fbb5a761f9bf9a195c40191143da603c43d1f9f43acbc1c56ec62a55849d3c2a04b0aa1fcf658

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          180862f5b0b76e960c1f1fe45b1ffa52

          SHA1

          4f48532b2b7e8f4ebc474932494544c76c8f571c

          SHA256

          a2d3265b89a40d9d12d0b6ce204744e8735508e91b7aff4fbd801718e403ef02

          SHA512

          489311722c6a4853f82640e7e0af471cafb8aa685db3ef1fd62eabbf01519e48509ae91e5718c6eb896a13ccf0d73a44f4060598a0e16c04b0cada37ec760812

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          8814d98ef50a8183352d570c4581cdc8

          SHA1

          748c084cbd08c487377fd690c6cd20cca708ddef

          SHA256

          532a482939cdeb9b7f7fcbcbf8597f625313ed547aa37b1567998d1f437e89c1

          SHA512

          bb099ecc57f0eb05b02312d39ec537a87561bf364cc1f3c22bc5468705ed380fcd27603cb3ea33700147d22a17d03d70e4cd584f72ac81eff8e6164356843425

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          6b14b0f1189ea05c5505e9d910ba2a24

          SHA1

          1b61ae40eae2f489776da68ccf61ef230518b8b8

          SHA256

          44bacaf3b7e8736d1b054b920ef9804a4ebfc66920f79ce319a168f365b7ac85

          SHA512

          6e7c7a30898c284f597567f2056b34ecbed8a86e22d59e84b2fed362b8e15b1070da27c646c85265edb9f494947dadd5e07df291416b576e56ab3c8f2566eb6f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          95721efb20a31d553ea8a5694eb3b9a9

          SHA1

          adc38a9cc86454181303006e1e4cccd0a4828673

          SHA256

          948e6006f41c4f7e23c86a4d6950ca2861c98e34b17691793deb8d008bca0ee7

          SHA512

          78855d7743847aa58c7e079a9692cd5cbf31f1c9a8b4de1a91deb79e7adb64640367e13f2b0cc7581d8ab6e937526fad5cf5e148e7deafbc018a0d16e04ce0e5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          35cdb2145b07976596a48d36864b281e

          SHA1

          def436c88db091d089beefcfd1dbc0b7f32ad4da

          SHA256

          5de2b46ee985475a4489849cc045f76027624b70b58cd3292f3679301eec684f

          SHA512

          aa92fe832f49401d326155fe380f72ff7ff60c7129c9facc830f921da43bf23cdaad48d7e8e038062a5367821170fac912ed9d25d1228f69d6a63faeaad876ff

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          18c8b3ee252df53c00e21f3af64aa9db

          SHA1

          6ad5a943ccb08aa2a27ed0e4503e65563a7d404b

          SHA256

          c4f416689ae7e1e04b2349d07fd1c0478b372dea5cd9b32b40f2297bfd35d88c

          SHA512

          f0de9f6dc2eeb06ade2155552ee58392f12485c6337f03442844c805f4dee6d3740e58849590143fa6031f7025f1a383424fc8bbe4a494d48a77eb98e8e60e19

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          9b13c11c6391b93998f2a584e56c5770

          SHA1

          4712471826e065534f1b78dec679a9c8066cc4ae

          SHA256

          b0a2c2ddce8c5b8dc41ee98c792ea90ecb11b2a680268667664f88d25a606713

          SHA512

          7e8af49271908f283724d84e402c22586cb46a05453e4eb4e005f9b2e02977af075d2f6d9df3baaa54690e0a6f1345d86d11f0d1262b837448cc8bdafc97901f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          974c9d5c6e66cb99e947b4e252df1394

          SHA1

          cd03db57c3b6dbc10a84263b2178dd0977c31db2

          SHA256

          5911862d4c6a4946922db12b1d3d69e940900f39273ab3d78d46066ddc345373

          SHA512

          e39432c65a66c3a1ca4669aab0e778c8d15009f3102bb22c08d2b43e9695980a545cb354567027a4a7c9ce3d78f3e223b17092dfe6d69643f0762b212c63e395

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          8c50653a8a7038bcc5cb39f10c358509

          SHA1

          aea2b6f5a3e790e0e5ec194ede6979a3a6e4d6e3

          SHA256

          794de5149648f325493b31ddf157f35fdebd101fb0f19508c36ed0b30056bb25

          SHA512

          f2b00dc3e532482713e34c696386074806c5290221a42193f60a49d0c50b5928d9bfa95af2925ebd3724286e55c08d3f68faebad9defa0dbdc178c871a425861

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab3E59.tmp
          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab3F56.tmp
          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar3FA9.tmp
          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

          Download Submit

        • memory/3008-0-0x0000000000250000-0x0000000000252000-memory.dmp

          Filesize

          8KB

          Download