Analysis

  • max time kernel
    136s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    18-04-2024 00:49

General

  • Target

    libstream_out_bridge_plugin.dll.html

  • Size

    15KB

  • MD5

    b990fd149dc3989f251bcfc0d0f22a2e

  • SHA1

    424d1c4517584f5e8ac892744468a54c6b115855

  • SHA256

    b75ceb1f5bd22e919a0f91c733df19ac89315e1feca07a8093782c768386a092

  • SHA512

    d6f05892b8ab0f7e94fa639578134d322382dfc7dad0e408197933b82b740dff085c8e24fb63309ea3cb927f4a328bda5f8de9659e6576b1911bf216976a803a

  • SSDEEP

    384:zePMcMHyAcaYpdgHcvXkvDZ3empmLJzl+Cq124kbrBZFE8uI:aPMcMHyAcaYpdgHcvUvDZ3empmLtFE8B

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\libstream_out_bridge_plugin.dll.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2180
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2180 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2056

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1db59b77850f538df79c60e959acae9b

    SHA1

    a5a2c2363e2e3cebe2ccef2e68795b23796f44ac

    SHA256

    ecc9dbbb3fce959fe4340078dd93edea1b947722a11af0dca3a1b10bd87afbd9

    SHA512

    2da38a96a8ca944e89a0869ccfff624832fa1edd03dc44310cc92a181085604ba57721ea49eaa78815634ea04907dcefe0505821c06ba326f728c62b1619e517

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ba64a3ba293ecb7634caa72d7ff090a8

    SHA1

    d77b08a7a895bfc8339739f76f6c900b626bb21a

    SHA256

    7c640bdbb62d917dbc2ebdf45a1622f749b8db533f20220f0c1e75bfb264724f

    SHA512

    e343f3a013b1b17e1a3e94d600f1e7da2b61832ed6687a2f9df1f92084192ca14a9128cfbcf30f755ceba233eada8806bba830398f23ed606f4266fc49b18ab7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9ebe3359b125a127ecd0f8549dda2974

    SHA1

    65523ce1b143243f4bd8eaa0962066df5731d179

    SHA256

    8b509d57c5bfeca7999f42d7e817d0a0432ff08adbf664917b68c19da90ee1df

    SHA512

    1abc0b28794e5c9773e7c098f12496989fc7598d820006d6f26d2ed0dfba3f6c21acd5c29368c9039fee7b978b192f515f5032bd393332381cc75f9266b2809c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4eac5ffa67c1865b403f81c25551c19c

    SHA1

    f319e38994a497482666e0ced4480139e3eb89b4

    SHA256

    dd19ec93777f041be627a563e32534adc702ea28a1af0f7bebfaf6fe5278e739

    SHA512

    7c7030d93cf73e9387e81de2e4461d4bd6803f758e9348bfaf6975995eca6e6f7f8d427f249087f02e0b6fe772fe0034bcb24f8603b746ee9e598623b794c0c6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b09c913556e9b8512f9cb8062d067c07

    SHA1

    d7643dad25ec5d47043017b6e659a1a59f814e02

    SHA256

    55b1a204980b7fadae2aa2c6f632658cabd81d051e700c528b7fa5ef249b8c94

    SHA512

    47e90a9e22b23282e374f5b9b7f23a4fb1b261a5094195dd47e866039e94a6425d646e862f9844a712c5fb6e61217dafb23f0b5e213c9f444b0c88795721360f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6e6434e5b91b2a90cca18f287c61da29

    SHA1

    c290c7bfc360594fa1d38bc31cb49820f96a206d

    SHA256

    a35c9377cdf221668c1336dc6ec831fe0d47b67c258133848166fe5f4aded90a

    SHA512

    417c8cea3bcfff7d98048078a6014b4b857ae12df16c68863ee02b1e662b6ccbd9bf8f642f64ea632c7a4d7f2b88987901f15f1805d0b81d20222e960e8284b7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0f8633b32b162a2cd69a078985f101ea

    SHA1

    3a251d1a0caa139aa858698568d9e7d861d8e4ec

    SHA256

    5ed509689d2e9e12c2767e3c737646ec304d1d3db7a334b9fe57b75f72f21070

    SHA512

    c41dd5a4c21fe54f2d6c9307b14b3d40c3b2df15c962b027c979491c0c122a6fc0855c7d416b507b55db86f24fa06240e126ab45d49faa4b9846f0666e80925b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d0a7be39fcacbebc4227ae977e2e5f1a

    SHA1

    352dcc46913e0df170bfc50dfb0a6d20813c1d6b

    SHA256

    3a79280754b9ab237e09b13c26b34cf722815d983d3fed3bbcb4f95d7781132d

    SHA512

    367b7944f68fa303eeb3dc9ab77335e6b9bc40b0f61b851a3c5549d6a9c986eb847a258fb0c53307d37e4894443c9008751f8c4bf855360420ad04866bb89555

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    502a5436c7a6946c41896aaee32c5f83

    SHA1

    15a941312bfb958ed1210042587d93dfc18b4a21

    SHA256

    3c4fd3f4f1d19e59f592ec2236ffc0642c5c69b1abbef692ea9f3be55df45ec9

    SHA512

    a784f28134a252b26a61964ca896b2e97739a1062c7e19555d7d7863ddffe44b7734e0308d72bc7e253c49a250cf73833d01a786b47112adc81d04e542f39f1d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5d159a4b264d19b50e0eae5b1f8ecbcc

    SHA1

    83f2e7e5a174bef5a29386436bc9c33d3787d159

    SHA256

    16f94ee0e31fa46f168e722dd0169971fff93776c41756e333bb0b7e792ac43f

    SHA512

    dfaa066e4d33ff6b4b42bf5ed706a122697aac8a58ce982f98ab4db23fad9e6cae28d34f371699f674714c7ff5e90002bc4c6e022d25a84da74c88f261a02741

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    958dd72cbe4bf48f0e21bfd2d5b1b12c

    SHA1

    15098d15d5385a38980b245fd9790ac5eab17697

    SHA256

    db7e14ac88eebded7e78bc847dc742592b36f2fe23b5ef8c4929e5f63a05760b

    SHA512

    029ec25c0940f8c067e39cc6824ecb559c9a871c8135bd01c757bf05d9d08112c7b7a313239a0f4945095422980848406fb43f511403345461052447087f17f0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ed0eec649198062dbbf13d3a053d9f12

    SHA1

    e2226c99cbc806d5ef7a9e46d9c9875196c31247

    SHA256

    bbfc2e8bc84b6a5d02725815ac52ae704cd9c3f41a41613589a3c51f74d513a2

    SHA512

    675da533c56274a2c495ba2e1e62da5f03a0ded4ad3b73335816a8c099360f2227e6a82496b423a782780e3f6acb6315bb837f5f87466f0036c818875a02dbc8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0d9bc592bad6d3b7c023047287c4fa6c

    SHA1

    afbd0e94cb694f7ca167cbf97e6474184fb4d334

    SHA256

    2b38d5378b9e558898f44f34decb5f36d318f33d71ef464cc8340434f184847a

    SHA512

    a8bb6d681b70dc495c7b5c5ac072214f62562a9ba81b0e49f67f6fecc9364c79b2fb1aa45450cb2a867a9ae7e1594b2c380e0e50f041e2aefae02ae1727c2a69

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d7104cfbabdaa3a4ce3985b61c1c6731

    SHA1

    4fd4f542f7b2dc76c034b2fb59b629192c3d9d57

    SHA256

    139b7004715344a31655faf7ccb44a2dcc6bc2ef0d5240e24094c8ebe4f78217

    SHA512

    8c0b6aac74af44c8d2a5fb0fcb26a2f4dda4616b43bf3d4d3e0f5bb6fdd036f26ba8eefa8a8b2d6e71df5319c263fb6b5306605404f780c8d9757ea76844620a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    092332344eb9301455e0cfe9a783d206

    SHA1

    a8f72170dbad26457b2ec048e9492ec16b69b301

    SHA256

    83742fff8d0bcfa6514e5bf4a434dbaadd81a42b094e4254776dab7552855a17

    SHA512

    606e62ddd364197a0411c94cd09cfc1426477247011af6b40f12c863ada7a086f226ef31ed40db70f1982263aa0548c2f44301997d5786213cd123d837e40687

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3efca13c91d35860f1b3476d857deac9

    SHA1

    932d614457dcdc11e2eed7758da57286cc8afbf1

    SHA256

    0bfd4fab8d32193147779d7422b12bcf5f85d629b9b63602f69feb9961211682

    SHA512

    f3ea698450933fc549a27fab2a17a2d086d8a6b48740386f484746cca848a5495553676b73aa99ad62a47f35ac6fd7d998e65383d82454114d0d0f07304617fe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8481dc86d08c565020ddb4074791586f

    SHA1

    be43d5e18b81d940b19f637fdb6d9655b9671523

    SHA256

    37f4ddfd59a97353fe1c7e5bc040343830272068121975add1199f084d5950b7

    SHA512

    448a90f0fcfd9b5e7ac9f9e50392be12ab64f4979a7f0de051e89447f51fb6110ca75edb6925012d75a014dc298cdb996684ef3210586a0eb6e3581b361b3bcd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d53a9cab623e7a097a89719e896b182f

    SHA1

    6b7ef1f31392b942346926b2dd5ce9384d868d94

    SHA256

    8c981bb54c20eee37e04b369f700bf9bf553f06b898fe4454d15239be60ee186

    SHA512

    d5c29124897b4aa8ca291ef6c93476eac5115d882a84cc59ef0199721369bac350fb57e3978388874fb1226c80bd69d6cf66ae4d3017e943fe39976207d082d3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3837c5a32db240b5f01bcb4a30c20aa3

    SHA1

    13a79f46aa2d34512cf2a68058b035b8bfbd6566

    SHA256

    fa58c6762bbddeae8180de10863c6e010b09d099badd779b75b72dddd2b3a51c

    SHA512

    dcf6e40046b4861bcde4a5f4df9a623f6f7a1a8749a2419efcd9e3f35849e2d468d23012609dbab0a6f81b03367da75cf510313e0a05b40fb318681335122cc9

  • C:\Users\Admin\AppData\Local\Temp\Cab4991.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar4AEF.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a