Overview

overview

7

Static

static

3

keygen.exe

windows7-x64

7

keygen.exe

windows10-2004-x64

7

www.suryadewa.com.url

windows7-x64

6

www.suryadewa.com.url

windows10-2004-x64

3

Analysis

  • max time kernel
    146s
  • max time network
    153s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    16-04-2024 02:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    www.suryadewa.com.url

  • Size

    48B

  • MD5

    afb7915119dd2d6a48ce42617fae4fe8

  • SHA1

    ac23b932ee93e6516fd1b5f222a0e82531f84800

  • SHA256

    79b922b26be1a04604b278ead6b1aeb98d50218419727c6e3e69dc0ad06fb16f

  • SHA512

    a413fd4bef304f4b1cffe6a7ed55a4c613b8052112f3f4fd4a0e7ddbe95ecad5640699204e867b5904480a00dfb4af8dff1f866ac58eb0de44ff3df2514059ec

Score
6/10
evasiontrojan

Malware Config

Signatures

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL C:\Users\Admin\AppData\Local\Temp\www.suryadewa.com.url
    1⤵
    • Checks whether UAC is enabled
    PID:1724
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2384
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2384 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2192

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a2688425f0f6b150f8d9ece905c8e292

    SHA1

    9d101d9ff94825210eddc08dab7687d3f045c2eb

    SHA256

    003b98a3744f8c5b3a587d337106eb3150bc9537f242bfc9c732e03c63551414

    SHA512

    8a84d10c48ddd9e9edf252ac3429a6b78ffc771e843da173b3bad16758eec80695498df41dd10ce774ec738d07356ab5bda29ce70685d0fdd41374666fe13032

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2a18c1641274df629b740904f47ea264

    SHA1

    4e640beee283856a6f4273d805df774d29c545fa

    SHA256

    b0dbe13b87c491f8f5fd88ac6eacc93275aff5913d30153c2f76f9632b2b06ff

    SHA512

    a9e4183a5e590ac13dbfa4b72f0a799794da2acf614f4d803665d2b33c1b4c620e7161dd9bb5936f2c6b5cbce57fbcdc32ba7fc7130d85da64746d1b5d5a19ea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e05ebf72a252b3ede013849273779798

    SHA1

    9188132d1c56fde2a444543efce2165e5adf66ce

    SHA256

    5d92e0364a170444a713ea0b97bea2db484bade11180d07bf7f67c7ad324c86b

    SHA512

    746f50db4ceba0fbb59d223d8851e639da6645487c79e2a094e4b2f9abce0e6b396c47af897ff8177f887b693c70851bdec397df694294be9d84f19ea55362cb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7b604d47e2fbef5e3674e32940894e45

    SHA1

    821c3154e6d58606039733d2fdd3b6fba28d67c5

    SHA256

    d36db18c9b5a7ba1138e92345db9c4673688527ed7a617837dda40bd7d55b142

    SHA512

    ed2c5b70ed985e99ec1193e6f4c433bcfdcc58f67a056590b9baca3a3637cc14d9e6741fadfeabbecb005902e91be9fc18d6d043d0350afa87d3eb24c2a03fb9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d04ca3dbf85936c8a8c0889a6bb17827

    SHA1

    22ab1298a1459a3b6efacca80e2f6dd69b65cd87

    SHA256

    b4939b17469ab3b2f12725a2977f50cd749211cc084db1f320417297c164804f

    SHA512

    b117f356c073b54a4956e01ff7d61eda57c89be800862e81341e42aedfbaabfd17aa23aaac65839e8d3dbea860e34328ca33dbb113a32b8fd2154e4c70e04f5d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b91b5718be0b592830cb8162c80a8078

    SHA1

    95a31441dab159bf6537302dfc73625f18b48970

    SHA256

    897366a245c96f66d0e588cc3591cb276cf061351ce22ae907437551d91f8596

    SHA512

    9714ec05257bd9fe4669d675014125673439581188900cde204c9b28d3e840e7cb77430bee5593f9ef94c86b6dee7c323592ebc1540b0e12162661edaf73226e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a2fb4c7f1be4331396cf63d55d4c3dda

    SHA1

    353e64703d0920c148cbd8a71a1103f54c9c4cbb

    SHA256

    5c489cb0c8e205380be129ad7b41c325789c651fc00f27d4eb17388e024eaf02

    SHA512

    b73515df36e127e024540604cf9635c65f675ade9ed036acfbebf53a499272a943d0fd682abe63bc8facf393e8467a219646e80708501a6de6227ece6cde3af7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e7aff5bb91575b7a98b7209bbe8c5060

    SHA1

    87ee5ad5921b803288dc81dd4a1bfee7d0ed8abf

    SHA256

    ab6a76454f8acfa72dbfc6091a7a63c923d9ae50b105269b83a396278ebad97e

    SHA512

    a8df87d59304c18a0db57db58cb6cb7636927a534ce632515ca091281827b156c406bac271cbd91df0dff44c51a3367ea6a87cb027e8e3f53a4f09692346ae7a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bd442e1b07883d5aaf55761081efd7bb

    SHA1

    a82a1dbdd37797df70d97069e3750d3c72b97bce

    SHA256

    a7cafc3ee78efaab86fe6bf1a95538ce58cc17d0d57dced71299ceda475bb340

    SHA512

    f427064ef35f356e6ec718685dfd468d88092d40965dd7ca646e61a7e05513418973523618a6f525f5ef1995012931d6c2e7687f12dd39a4de2e08dd7beacfcd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    17ef233d5d8626bc938958ed18dc317e

    SHA1

    00e1949eb4e2017885bab2711c871424534844dc

    SHA256

    29c68de48a5e9d898d9691bf2e5f1b468306a2e1a4ff6663f357257647529d08

    SHA512

    0f3e7df50dafa5d994ef4cdcd28c72a1b6fa34e2f034ba36c4a3d7b2bc68f2d45a7b12fd99ede8725af4e80bdc7a2f7365b764c79135dc65340efd69dce011d0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4435895c81ce0d88997579fd19cb8614

    SHA1

    2df565eea5783ac70e34a78edbaf356781416ae6

    SHA256

    546bf69a93376fa56da510f3981e31827c71278239636e2fa2a5f6dc4869aabd

    SHA512

    c11369fa241a1785efa57c39bd28b0b0a639eb10d665f191f94ac05628fa5be5351c20e92a7799e5f28515704fe841503320e776f134a40a706fc2c172bbaf4c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    136e3cae6a40aae5157af43def208ecc

    SHA1

    73a20fe149ce7fedcef4c01784f7c91eacd7fd7e

    SHA256

    875518fccf9c0f5e84a69abfdd88b8e26fc8c3025b667964aadda29080764f7b

    SHA512

    ab1e0bed47b40b9a027c727698aa568efd8d549b2fbdc079c1d8b98d95a8738d6f9e5a7b04867a3cb6795a61c597b2dce1a71020cb0d28ce5040b64927c6ef2c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c0511d85c459fae4e7dc0b365e70c987

    SHA1

    3868fc10f45f9dcbf7e5427660a2af548fd6bb97

    SHA256

    6925537d5654a845eac46bef7282bc3bb643d74d0af821cbc10fcae5cb8cca6c

    SHA512

    78509c5f47a6e4e90ba07d59c782c27f4e1de5c274730bdbbddb51731c78d49e4e6f079f4e2dc080e9bb636c728736e52e423be56c086b8749507521ec07c2f7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5be6609450719ea4115fee01a5f391d8

    SHA1

    2440d263242fd8941d2574005b656dd02d15839d

    SHA256

    6244bf89b37123ec58bcd2cf9486ceee313138c038b6a3dd1000c5cdc476f1a3

    SHA512

    a6dfaee9a40fd4683bdf5e2cfe91dc2ede7ab355fc804fb91da2f848631a91cd90d2cb610dfbd337ed4a1a9d42eee588ad831e8b2d3f1fc32b193ed7a528629f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bd09bf1437c2e82b1494422119177e1f

    SHA1

    43f5b254635033c906cfc36cb0aca6f75efad64d

    SHA256

    71be81fc513234feed868b2ed324dd02488f25093dbe7e0298feac59ed9ca83b

    SHA512

    1769a48ae506efa3a83e93936f9dca35d1ab00031e1c1c5023104c22054b741a85d29772847fe2d6c79a0ac4ae117c73498dbfdc352c3f0d11d26f91c6ddf2b1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    642d4daf536a29ba97a8b15f602ed246

    SHA1

    c56a00cc1b4db98364508b3314d3397a6d76f3d4

    SHA256

    bc70180408424733b7d318b5df4984b4132dc767bfc54807f5526645f62a0e12

    SHA512

    85ccea4c244437ad96932bf8c91402173793ed2c4a794d7bc0cdbf34db579afe4cc9c50905df334ab6359dbad814478a7d20c620881282e408697b7e14c1c1f8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e0b258f914cad30f061037811146b44d

    SHA1

    8a20c1016a84728c54c32e4dca952a9fd72938e2

    SHA256

    e79097e55c02d80f9e0f57500543587b09e190138f956bcd95b9916bcc021be7

    SHA512

    cd8b7cd3db823b5058c0ab624cf4bafdbd361665f367f14600422484b8e88c5dcf86d2e0ddb0d6d583c4c5264fb3e3aaff00bd789c8acb874c6deeab9602f58c

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\jqfjk0y\imagestore.dat
    Filesize

    15KB

    MD5

    93c01131758b5f2e188af34e90ae5a70

    SHA1

    8daec964fb0d8f044fe3776fa0ae77ebfabcd55e

    SHA256

    9e32222a2b69ad67a0d60da93ab9bb1058c43c70f688a6e9a6b063c1644fafb3

    SHA512

    fbcf1b5f8a37707942aae5d5c481c6fb78a5f98d814d69a7a2599e99f10018afd928944ecd9db9b1cbc470fb7e90e8016a02e187577b0c489dadabb1e448aab8

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NXAFS242\sedo_logo[1].png
    Filesize

    14KB

    MD5

    def00c11b1596db4efee6a9fbe64fc27

    SHA1

    bd298981e6d8d7e4ffa18abcf687041f4246672d

    SHA256

    95c427fa3143b1896faf42a6406686ce7602cb39052081bb32d12b51c9e047e4

    SHA512

    c056e95dbfa1aab3a50dff18c6d577dbffea72c93316ffc53b6b7aa41dcc7707a810d563894589a7305de0b76610f88150b2034670de368773b2b356f14ad30f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab79C5.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab7A63.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar7AB6.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit

  • memory/1724-0-0x00000000001C0000-0x00000000001D0000-memory.dmp

    Filesize

    64KB

    Download