Overview

overview

1

Static

static

1

libtheora_...l.html

windows7-x64

1

libtheora_...l.html

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    18-04-2024 00:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    libtheora_plugin.dll.html

  • Size

    7KB

  • MD5

    8e5eadae2cda75355733f3a14b174a4f

  • SHA1

    8028f59c9f1e205716f482c4e83ffd3e3805aa15

  • SHA256

    1820d496301a56a5d3dd7d99b7cc285129712a20ef7d4f1bb7710132d9758ca8

  • SHA512

    1cd40a6457489f04d2f89909dda4598fee8668f7110c84f52c09a9a280913b492c43b7888f32db0f266cd17100a46210e9d40ae747ce700b69997ba031522459

  • SSDEEP

    192:ZkvTPMcMHyrvSvpviCvSvC7vMXFv3v5B/lo3cvsvnvnovXvYrvnvdUQE8uI:ZUPMcMHyzRXt/oE8uI

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\libtheora_plugin.dll.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1740
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1740 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2972

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    72593d471f66e7a85fcf271c2bbf099d

    SHA1

    e49caca90b74d5e61066956565f81e461faece49

    SHA256

    3efb62ae3a4ca9979550fbb2951a592bf2bb14bd792ff1595203b53092a2e756

    SHA512

    9f8c7fbac9392ff8460d8f3bc659640ff36a8889f0613cd31855b8877d0681d03b57d9270272909bc159852ed69c0789f8191e00037d705f8555e2287a67701b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1cab33850d74aa3680eed1b55ca05df8

    SHA1

    c033ae9febbd1d3a8b72d565148f19ef1ff0799a

    SHA256

    b9a82d3eeb0ba0f1ce9396f9bfb283af5a404f62bea56522dca210cfdd1c009f

    SHA512

    6e67385324c18b83f1bb1209c7bad779062d111b7afe4699bfe455d3c9f01bd7ec6aa5b7fa60e9ab934fafee0b38d14e6605a01b00691aa8bcbc1818da7fc38e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c61018e639afd9f1bb46078b310e8577

    SHA1

    2742720a63fa283b5c528973d32d13456488564a

    SHA256

    50974f2521404e8c2b2cdcd3867f44216dd3d2526f845fe8e92092f5b3a14a33

    SHA512

    93d89cf0d383e6fd76441b2e4df763eb585b5c510d9771728eab81582102f3a31d31b548a28d7bafc922c21a88b9204ae6e3cede1b4d97615499913c0dd9a7e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9d25c2456041eec684804d897a92c05d

    SHA1

    d223525468f721c4001eab04b705081f42312338

    SHA256

    2dd1553033b97781268265f4bd6f848f0997d896e05ff485bc28a049e4aa23af

    SHA512

    ca95d413812ebe30daf0d5391a2e5096505f107c1552878dbfa0fcc7e434033e2ee57b6ff0786aa6a7289b858b6c8d7fb27488b3e09184f1ade1f6620da6437b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7b6647e4fe2e52107bbb6bb558a89dc6

    SHA1

    2516b44fb996621cf5806041a8a3658fb43116b9

    SHA256

    bddec1b2dcea3b00afbf0adcf7df7d6425eefe057e9681330c74c01b89bef3c3

    SHA512

    816520414025dc2a5c63a40569d14f93a0bc0fe62f0338c41affb51eb4948391d41f9576e7b0110b44b7971875d3e72320dea2924d190f5e91ae829a6bc0f798

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e315f6608ca3f81b8797cf508017d0d3

    SHA1

    d5345e59eee36c19521cc9996001e59d44c19ee7

    SHA256

    66d111c4b2766c8c254bdae2e1d4b1e9e86224271836f8d3c130274861b36617

    SHA512

    7974be6a1c9bea23a25514d2ea84d604b2a4ad976eb15e8bbdab3470fb3c02ced7541e980687808de0228c6e52b7c8484b59f3824d313141d7f463f5e4df98f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9b5c777bc674dfe1704abe705097413f

    SHA1

    537e9fad508bedc1a867615cba8271bd4ce07a36

    SHA256

    fe8099a2dbfc90dcb6f6a44d35b90f8df047d95ce93440eb10154f6731fb6f4c

    SHA512

    d0e3cc4832dee927641d95fba36b53bf7127dbaaff0ad5dea4e761480541c9d15a99a66c9a9f7c9d64e792c0cfc1085d668b37cff26fad7f75c61486193729e9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    40f7fa7e1ab6f6290314cd00651b85f9

    SHA1

    2221969dfc101a06e5aa1b3001c371610fdc830a

    SHA256

    c539ff753ecbc8199a687c004128d2e79071eae35f76dbbb138bfd6fb094a40c

    SHA512

    27fe72b46db76bd21a97972e6873258f65714197d09ee7f683e06c11a218eadc10401789a35e2a98c18b5bdc20b3e8de3a070d5ec66984204a99769c7a72c5d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    349be875cfed87f40f1d12964854f3bd

    SHA1

    db764c6ab898d6c7a0872d90713dfdaee23ea335

    SHA256

    8f76462ac556410868a38ede763b024f7e58db994353dd72d1dc6fa147cb5043

    SHA512

    f41f80dac691c829f719e5b1ab3527775d0489831387d974559c2b95740968d24bd4848072fb8d90521f28fdf53640fef25d76c4b4bbee909a3e8411bc72c1ed

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cdf8f40dd8dea3174df460cf183f5862

    SHA1

    be9984fbda270067051fd62ac603c03fa98d6bc2

    SHA256

    fcee7ee69b10b5155b08fe4c38466833321101c0b1fdb852b91827f1c1622ece

    SHA512

    a7fe9a1e977cf6c03afba84b744bd3ef408412b131d71e33bb5f776b8d9b30a172e1f4da21af9e64e0ac7ad3123a2b5c0a6eb106150f4dbbbc1a54f8e31a6566

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a4d0d6245b82ce5d64749d95c6914c8d

    SHA1

    2baf742cbd1cdffef4b21b2ee72fb173b58ef09b

    SHA256

    b5b0c042e186847aa7937ef2dddf712e31ef6da223f07e72c050a94fb89f50fb

    SHA512

    899754ad53da8cede54c7e1c65f3d7e02daa437ccae9ff704a9b3edf01a68bdf8bef3ba7574bb41b9e585a1dfb71db0e3c02be5e3825f4a5e51e1ea6ba5d762d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1e24ec9bada459640a3f781500b70937

    SHA1

    feac50b2aaa76f9f25553014d1a5311eae19bd16

    SHA256

    5f8849f363397202231bd6a87c20c2b2ee09509023d5b5229b3b8cf1ffecf1f2

    SHA512

    5d1044fff667d151b7b8f56c0adc7ded39b89895cbd2e2c334a4c72c58695a391a039ff572c17e3eeb2abb8abb1729bf42ae410863db210a05fbc9cc36268bef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    332b8f91721a4ba53cd56c9b45a38a6d

    SHA1

    cb2d58b8885cc6661b7843ca4193ed2f73ccbaf6

    SHA256

    cddcb11633765af427ea42293d39e81a8ac7db24211e42935d2e486146a3ee4d

    SHA512

    dda3cdea258ded5a98f5a16e98e11b49f7ff4c87d6cb4c8651b0c9d39c9df5d62e310acea2fa6b12a50d68b9c74d285453387f4d90649b670fb175db94a5eddc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3ac18dfad964b74960df496ed2a357f9

    SHA1

    d1bc92fe7bc87fb770da571e7e366c5af8c68958

    SHA256

    526f3aeb38489ad9dbad5cc3d78a715625e3458b9dd91dda9c612d2e5fc017ed

    SHA512

    4acfdc04c40af6d3d5b2a75befe21ff1cf95759926c17899b3cc2045b81fb1c08e99d124c304866cd73f11d4d5c8b6b846ee9f834beb7a95b40fcdbd942d1d2d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    49a184b4e5d0422b08be14c560ba1e5a

    SHA1

    667869239204dd7eaee4949dcd0b0084a1ab73b3

    SHA256

    0d476d003d140fc63586a31085481bb36e18873e882abfd8d0c0359acee36523

    SHA512

    c7fb9e59c8d430d45e5a58e3238170e06df7d80fb57b6e5d3810f542d529fe177a09b7131c7ffefb875a7dde815ed56e9a6ba75ad2fa364168730b92f3356dd5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bcd8a49f212edb6f365b19a7e2a9e957

    SHA1

    fe7854693486cdfec872fbffa7660024700b465d

    SHA256

    b8c87ea7b6ed1d6ed248d7cc3f72ee747f52b46729114ffe2be57b9d456896ca

    SHA512

    4b84e90dce213f2dc4d1ec807f74b2ca95e9435e05279eff38caafcfb92ddd4ffb7154feb4874d43f99606caac0bb9095f397a64c907e96b476ff3a289a6122d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2f4ad1bb622892c12cf05c69a4b0f6cf

    SHA1

    649d2965047fb776704113140f31087144c117e0

    SHA256

    9481c773393057578f5ce28962838fd5e8ac414dffafc7c1a8e9e1748b79f6d8

    SHA512

    dd0034c9c16388138f8e879b03a371ce2e55707803a1c2b44e95f1e9c508a5bc0e44131da4f721f6a640f9065c801ffa480b926c924ec13228e8d46a7c745cfd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    be3324b1a9fdeff46546501bb5af81e8

    SHA1

    ffd26b0aa7c3fb474027fa40b9b37a7884954aaf

    SHA256

    cb5dca29da61d6aaf306f8c36c0d6375b8833b7ed8aa7bf1d032d423d24eae60

    SHA512

    74656b04a0052d9f6f02a69a0637c34e346dc96d05d7c5365046e7916ce53e0e5d88706abbcbbb46a207d4bba45ab546edda57e00d1eeed45a307e83fc7bd6d6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a25b45a8bb4783b2da33544eafd6080e

    SHA1

    5bd2833b9c2d598658cd9add5028830e60996f3c

    SHA256

    03c7a235bc7820969d7ddd83630073ed5f7308f774bb1c9f2cc1e32bb0a7feee

    SHA512

    5bccc6607137ef1746206dd779f48e83c13cbf4e73bfab06237462f3e06fd43d9109d97ada6bcf6374e58d754778dea06fe1ec593c9c108af60cdb646f4a495e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab194E.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar1A5E.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit