Overview

overview

7

Static

static

3

mkvtoolnix...up.exe

windows7-x64

7

mkvtoolnix...up.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

cygz.dll

windows7-x64

3

cygz.dll

windows10-2004-x64

3

doc/base64tool.html

windows7-x64

1

doc/base64tool.html

windows10-2004-x64

1

doc/mkvextract.html

windows7-x64

1

doc/mkvextract.html

windows10-2004-x64

1

doc/mkvinfo.html

windows7-x64

1

doc/mkvinfo.html

windows10-2004-x64

1

doc/mkvmerge-gui.html

windows7-x64

1

doc/mkvmerge-gui.html

windows10-2004-x64

1

doc/mkvmerge.html

windows7-x64

1

doc/mkvmerge.html

windows10-2004-x64

1

doc/mmg.html

windows7-x64

1

doc/mmg.html

windows10-2004-x64

1

libcharset.dll

windows7-x64

1

libcharset.dll

windows10-2004-x64

1

libebml.dll

windows7-x64

3

libebml.dll

windows10-2004-x64

3

libiconv.dll

windows7-x64

3

libiconv.dll

windows10-2004-x64

3

libmatroska.dll

windows7-x64

1

libmatroska.dll

windows10-2004-x64

3

mkvextract.exe

windows7-x64

1

mkvextract.exe

windows10-2004-x64

1

mkvinfo.exe

windows7-x64

1

mkvinfo.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    11-04-2024 00:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    doc/base64tool.html

  • Size

    2KB

  • MD5

    9ee9f37a6071365a4080dd4f9a07c188

  • SHA1

    e848d3424fc51a0145b4631cb8d9e9cc527e88f5

  • SHA256

    47c978988bedab231f02002467f8153b039277fe562863f8a0e99d68df216733

  • SHA512

    a8fa8f321f8b4bb894863764255746b2fee6ae0a1e11d34c59ff651ad2bb80005ac6de8a1d43c20c05db18e9a618a9295ae2bd3a04f118bedb510e689df5836d

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\doc\base64tool.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2148
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2148 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3000

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    9d65b740efbe338c679d444cc905e455

    SHA1

    20b77e8fffca28e7114a16d504c2db2f7698570d

    SHA256

    52d4894ade1cace3141fd9d74b337a64b6e711787146aeace7152f5ea1e3e1b8

    SHA512

    5d84569ad25a01d64db792c3f70ac12459651c3ea1d5da1f40e03a0fe3f93c98806f5816fb69f4e36e5b179f3612b67218e2ebad47256302dec79f4b32e709e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4dda588c309528362ee28e850a81fbf0

    SHA1

    6118edd73327483311e8c503aa4ac70dccd0945c

    SHA256

    00881f97f09e9d605cc8222c587a6b971849076085a53bf754ea128abbf2f313

    SHA512

    5a946c18b288f68e8c0a20cd54845eeb5d1dcd69fa309b81922fe82b763b8dbd03a092576710b61989c41bcfa9151397c5edc0d70cec118067073b68e9451ae7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8c9dc5449390d8a37fee83ecdfeba4f4

    SHA1

    c17ee1559a02a8b8d5c5076d018efce31869ebdb

    SHA256

    40d1c9ec6e7ba3cb454b002f625076b0130340d8a5f6862ba510bbdf41dfaaf2

    SHA512

    5391ee970e7ee8f121c30a975ef30388315a06c6aca27a19525712e819f74b0c47af4bbfd7f281fbac740c19f80c4b2c62ac41a3f8306546067ad4810071d5a3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ccb459e2ae286ab2c15cb38e96a4afbb

    SHA1

    74dddb863935e7c8d021e55583c07b5b05fba29c

    SHA256

    0df9fcfaa16bc3245857037cc1e3694298d326994d16a1b6784f1829b0a0a933

    SHA512

    0744ed5dd8510289f56b540a0df68b0b8a1940f18ce7b163dfa3e78dd4ec1bf9a0f436600907c3386805c187b2b2595aac85970d38d9f2818cf278efdd530bf0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    75f076ca8ba6efdb0f59f99fbe535d0b

    SHA1

    4807b16d139440006957e3a8543db5ac31766fd3

    SHA256

    feaec8e363ee3ad805f5c0a60320b6639886967b5f01db63bd244cb730622cd9

    SHA512

    43a141e3bed7f69d21f4ff3750105acb0afdc18157c473aeb5934e5ff2206dcf8ff78b4cdad970d93c814d34864ba79753c9a50a806211e999b37880a51589fe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5e96fb59d154844dec11e1d9ba7487ec

    SHA1

    23aa743d6a779a9264092cba70a2c72a4e3cd0f7

    SHA256

    dda0580a2e9808aeaec25afe3ce8495362a223ab27e40841d67f192653060020

    SHA512

    9c9efa84c64597bc512cbe38791a3ad21727515270a098f3247d231407e1a756f80d9ff933f4d1b41ac298c1de30df000d6a0072300da550cf6a39d8f0b9b69a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3fd08f07234d22ceca442f30c128296d

    SHA1

    d976130dded7b45478554fdb6c30ba1e4d92ee4c

    SHA256

    7ac39111cb6e3c4d5709ea0d56c808a78282bac242e1cfca2ec056b961912058

    SHA512

    e7f828eaf09f3df6b94880020a96d344eb9531238c8a80597df211d93664b3a8686d6a374df50960c1f33c48871554b96b5e5cbe8622996e077ea8f744c41bcd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9c208b8e6d17ea9f17668fd91469a066

    SHA1

    2f65d553d91d6971dadf8d253b4b2deaf1f45a18

    SHA256

    38de015c3c47901c64d3005a6a04af29c4ecfe3e3346fb096bda4ec9714ac224

    SHA512

    13b0631f20e123d603eb301e2a427e91b69d0a4096ce276785bc8f777de607d3afad049e4220ac1daf0e44c91d457af9e7964c6297f256c3c698d55dd617425e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    402ecfd935c43ecb9f50967023b2a91e

    SHA1

    85f191bef2e68f228706abd6cefc5c4fbd5e27a3

    SHA256

    8d1de458b691c24fd413effb23d51e2d0a25ce553b584a2f71191874a6261ba3

    SHA512

    804202aeb1b9eef09e44ae854bccaff2e8d10f0cc08620543ac7e850b0e99daf5fc4940e202254a032adc6d33398813d2f7fbb111296955d34203678204c05cb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    456a52e247c736d86daa8c0160d3b1c6

    SHA1

    691de3018ef5b36aee01800c37a8f401eaf51f8b

    SHA256

    f93ba615e1c39297280604096420b644bbe985330d97d1cbf0534c5911d75881

    SHA512

    e1b9c24700d06863f3e81bf8d99eaa44a6891103688b4a8627fd35e66bad8bb0baac095ad7ecb9dcd7112866a416ef83c79f726fe8660f7f94b324703667cdd9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    849b2ba82f401054491016b77fcbf11d

    SHA1

    aa80e91bed0d00fac262a0f9bb07d456366f446c

    SHA256

    dff1e52e0d377987db4d4f91a690fac856f8a91a8d1342bc9792244083055498

    SHA512

    619f1b1399eedf38e66e32184e404e2f2eca9fed6fcd06ace570c6b6c7cd810b228208067d5d10dea928a3b43f8be3889fe954ef2fc752baf11d10f439e54a72

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    06bcf90e9713c97e6ecefad2c9b538e3

    SHA1

    e162a7c69752967387b75e0aa7fcc61d35c1147b

    SHA256

    2ef911d8bb0485767287cf6d5e18e9fde427f57936989cbbdc893c87c710b150

    SHA512

    84faaebd5e7d33745c10c7f339e4c05f6fbed9b0a22a7f402cca674752966c2b628175ad93fe0a3c2e48891506a51246e01ff07eeb79dd6a030945457bac214d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e1ea97d92faf77ddcbef77ddaef326b4

    SHA1

    5f3a8cd4c957cc2aff8355e718d4f585fa4ebfa8

    SHA256

    59eff7d8d1bd662d3ecbf138abd0d8b488a20baf1912bde70cc2d384795a4ec4

    SHA512

    20c24c53368080a6ecf8e7de18039f61d09f8c3a2894c9ee3cd7a628f549affeba9aa5b7bae1e82998c2ba5ee14761f949b4159916e1268f391e986b86d086d7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9b65b4e262cf5fec27be5615a8837a67

    SHA1

    16b3bb54f9fa378c07a000486d23a141c1c196f8

    SHA256

    889e27a7ebfce586c3194744869612f0fc6cf00f76162313836430313f600c19

    SHA512

    7411182597fe0b50349ff31d20017d19af2147d046be916f6fa904b6bca3ba76862983f299b0ebc8a1938c1f0e8a29843850e0c0658cdb32cd13ccfe12dcd042

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7c5dd6054212c49705aeb82defd0699a

    SHA1

    3b7917fc542ada1acb70fed9268015d8e1eb57f0

    SHA256

    b628709d074d3eb2b25fc1c3b86da6a0b626b7224839f5052177aee12d50f12d

    SHA512

    8927891725e951fa84151d9f167202ec3470e05c8ad06caabae100bf52df5192f3844cdd6f1e72f620f2b462a2c091d77ffd1ea3907b176441e33f52931e7249

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c9fec71a0a02df6c08d3fd31a0d1f1ea

    SHA1

    6e8f765fe6004fba872879bff0cfd1c355772920

    SHA256

    4c9e28dc31ff49717c5dea8d6b2a3106402d9f75fd88d0138e41ef6f7f04cdbb

    SHA512

    34a16ba76dd9b1849954b7bd2adfa40cf18f776cb1e0ca8ed24545a5f7cb6aa0d834d233417023df076fc029026ea868087ea4bbc137b7444245ab53a710b52c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6d36b9eeb8ee43456f85fb9cfdf9ce01

    SHA1

    b2a42730d41b0b1ae5fbc07b645362b8e893f984

    SHA256

    0566a03530bfa1e8091b840e7da6efc84a925820ec6b49709dd0ac613922bbc3

    SHA512

    19d6375aedf645977011da2f338db341017b819f90184d602c3ab4efb54b9417499a0b84625e676c4aad69f8ca6e87d6fbf4bfede3b6afb2f997f3db94d7b39b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    14fd3658994f95e305610ac0e7dfd0ee

    SHA1

    f868e9dae0d469c3b7da42505900e80cc0cbf9a9

    SHA256

    8fdffd945d5e52834f77abc1b6c58b0696c75eebe1d256b2ae2e33e39f46d1bd

    SHA512

    a9965ebe480371215c0f609253e3b0c21d9516c57ed211393e870c3917c46ac52e031e11fd87c1a9990fd06910f3e5523c03220b241a19e00a7be5d5e7a81a0c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8923d37b47c020d9cce257b9883e456c

    SHA1

    42add9f3b36661abc0dac88193d4b80b908571fb

    SHA256

    68d687d67fe183827f4cc7e27a65bbc224ba44ff42356471ae5099a02c78f375

    SHA512

    0f9a514766f2befde69ca7b73b09005ee95afc1868b6c0c78e7458a6428bdb837f0822118e00bc92191f594a00ef51a0992481e5e8e7be1ecd9d681f4d94975f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d60357fcb7536a812725f70f188c9be7

    SHA1

    4d9399c27906ea621233aa67034e376ad72b85fd

    SHA256

    72989a32180f4e520ac7c7609e138a1eca9d73debd1c8197a17cdd48223b5f24

    SHA512

    f6b6860820471e16ed872319000a9598dfae5ff702f77e82c41d4560f5e6a610afbc92802591d2de1570805303a4bbdc472b54adf2aedb76ea11de4870e9b52d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    6fdf4ca084817f5a290160089559392b

    SHA1

    39a894c2c5ecb0af29352162be25f5b6f066e021

    SHA256

    bb32fa1ce213891a06c10e71c71913f1b4052270eff884b4f7694bb287ffad70

    SHA512

    3c07fbf536a91cec186dc6051831c1b21ce589d2297eccbfac94f10e98ee30000e8a6042f7d10aa20af29f17a618e1eca218d68d54d230dfa6986e2332ab1f69

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab1E6A.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar1FB7.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit