Overview

overview

1

Static

static

1

libmono_pl...l.html

windows7-x64

1

libmono_pl...l.html

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    18-04-2024 00:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    libmono_plugin.dll.html

  • Size

    15KB

  • MD5

    df564b5d235287340c0cb0105b5126be

  • SHA1

    5629024db2b2f3ab98e20af0976899ba34924150

  • SHA256

    0d120e73b85157cdd24eb842f15d123b644d3c3d0f0b403e2d6749a59b78d1a0

  • SHA512

    4bbe8225dbf1eb9b2b8425b81bf733f408609f7f48bd5c7a4b2cfccaf4e0435a4cac2565bd9f851d4475574e906bc6ff9c08827698103f99ed27ac41cb070063

  • SSDEEP

    384:niPMcMHyAcacPjcJcvXkvDZ3eaVaLJzl+Cq124kbrBZFE8uI:iPMcMHyAcacPjcJcvUvDZ3eaVaLtFE8B

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\libmono_plugin.dll.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1808
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1808 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3012

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2141f85bd83c9cc6d4bcd08b7367feed

    SHA1

    e9c63bc72a55b90a1391e4972fc0bb588728c3b8

    SHA256

    d96956453351e03058adc7602dcf68eb0b5af9a946c78c03bd6fb231f8a0e115

    SHA512

    e712c2270d756a65e7a9b0b78a6d9e0fe0cf3083d18d2ead9717d69dc24690ad141393fccdf2556569788614c08098e05375ddbfb6608c7ede697047ff8340e8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    aaaddf736e3789d201803ad15e1d1f81

    SHA1

    458a4b59565d47911d3aefdb84c53470a2d04de6

    SHA256

    985d859ca8413ede17cf8973f1434d6bc232f3a0f9ea47abf4207d55d3cb9e39

    SHA512

    7130d3a2e0b3f0e7f0de10398c94c10b8a8f3c207be2e50655a5d555a94394a9a6e8828a3ea3a76ac3e5b84d127c4323deec0f6dfacb9e103fbba30665165310

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1a487d75101d5c05deb038e479da92ba

    SHA1

    28cdf289c387937a755311706a83f2a04cae7678

    SHA256

    7dd88c2da93819c15d21b9fa6e7cc4d420c9a07158f09b580c281f4a04cb0192

    SHA512

    17e10603388a0f30bd1a3ca6015bd133c6b12420a5a69ae310bfa6f968f2bdd67d1d8cc6bc4df196839d901b02950dc9305e230875a7904e9f4e30b01fece577

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0fc9296dc202f631f24464c014a8ea51

    SHA1

    e7ea6ad375ae75f73220fd2dbb294d9871483353

    SHA256

    d6b9fc8474d15586a9ff229a633f16d8704ad985617210312b723cf852394b01

    SHA512

    03fef15bacb41d8260d5fb3b4cdef6306eb63460d2ec892f717ae450257be22bc3c673a00fc9323a1b1a3e5b6d9051cc059f530d44e4e331bf64d1df078f8469

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    abfc28e6c0ec1b658d22b1a59905093a

    SHA1

    d6724171cf861ee7bf8ea100ec8d2b4748b05164

    SHA256

    56805c8adb5205bb6e8815663f1ed1140b055175c45e2283c6651a54690873b9

    SHA512

    c7def4b1a6c4c4080d68862ce9cbd39911b0229833b2eb3c1b9be6a6c73861d4bdc31f40e967f6d1e6ca2834e56ffd30a82145b5d242b02cb105f4d296d48f41

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f4ecc44c566e07746e97ea03249ca79a

    SHA1

    094818251e48928fc46dbde2c7fde2dcc42cd28e

    SHA256

    30bcba7a8fe7d947861175d2e9fd79da4dc399f92ad8303c413a7bcd345da802

    SHA512

    94fed95859f9c779e868e10e98780343529dd8de9f845a416446662002c7d8346fa64cf6f82f8403278fbdf34a701a2dccec5e210bdc4f0a76e180e40806f3b7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    323cae0981770ebd9887fd3752bc0bc0

    SHA1

    91033f72e11a6c038212e49834c4a0ac95cf5bd7

    SHA256

    20ec3d40700ce67acbb1c172d8346f65b7cdc23b1496fa8c9453bb79122ebd1f

    SHA512

    2902035c840f1eb8d509003314a032614cf7262bce81b01961ef34a39751a944473a31c457bc686b80dbedae0ed08ec65fe290ad139a3bc660429532a9508e15

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3e9a1a1decabcc01b54fad8cbea074ad

    SHA1

    6170d8e12bc0ea1491f7cf0c6df356dafcaca080

    SHA256

    53bd5a9e057ab06d871baf948dc8272652b0994839d37bd6ca72b1a9ba058bf3

    SHA512

    c0f791ccd9b20489300ff1b87e72219d3dc8adb7aa8bb805344640c87707b81df37fda1a7c0c731429bdbb7c606bbbd91b6dd410764970f0f7ad5437f88fec6f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5c6f6e6c06eb8ed1756adc11810f5df3

    SHA1

    df206ff9074139a3364900f6430ec5e203b4cb5c

    SHA256

    3a39a21596fcf13d017e1999c34fead8600443647043bd79de2f51512873ccb5

    SHA512

    0a4cc3dd222826683ab086cb26a2c3798f5545a7b3ca0bdecbeae34e04916a2ff5589874a4f90301144a745bcce3e62e9f5a51452e83c45f88b7f839a5a2dbc9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5f1b65a190d2d24a6b3893e0764c5d8b

    SHA1

    4435a75955fdd61e7dc3f2cbb07c3f9cc57084fb

    SHA256

    ca7fcd3f174e344346f601ea267acd2c6cc951933b063124e47138e1e9fa9b52

    SHA512

    a29802861231865f126c5f7a3cd3a290dd121564490ed30599b8a7209c7df4d2002161e5e6ff0f028203229e70280786fe66ae157084bc5f419f027c0a2ab4a2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    210399434a6a5a925f3c221f887cdc6f

    SHA1

    03b0c7436e54374852681a3eb41b624709159cf9

    SHA256

    3b41282662d5341cea7423c08e659f5199e74e97807856cba235e788bd3a2688

    SHA512

    993012354a93a48173e7f7cb3cb78389e1fc64448def54d64706210b5d2d8fe18419cef59d402d05fe3f2b2981ce2c3808620c0ef58bd3ee8a5b9af17b893fec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b49c98cd3b3d406011b737aa9890e373

    SHA1

    6e0ed55e4f02d905c25b5c41c1ea86f040be59c7

    SHA256

    4ce31fd5dffca1ea1f4fddcda2f6a07ecac18c9271fafea15adf3584e3880ad7

    SHA512

    3429911f0495a28380aab6983747f18b334a7865d0627cbe4d604aed2d524e8a0d31e4c5bed2eceabf19435ceda488595f663fe65ed1a7dd775f65cf807baf4d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0c9e480aa0b901d9c16a1afdd60f13d9

    SHA1

    82c8b07369302479753ac83696416d330d7da977

    SHA256

    c92405997afd8c9214549bd4cf8db755de42e6baa861cd137c0f2476f545e78b

    SHA512

    14bfcb693dd50ddf744b85b6bc7564dae59a11398ac7308c4e1a87e2a996bcee1942076f7ea4c99ce636a404be80fd0ae4d6823c9167d3cd2a477ef74eb08286

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    88cb5c0ba07606e5fcf22af1a6887b4e

    SHA1

    22a92989e86c1bb0161cbc91d016c0ada411de8e

    SHA256

    20ca322298931b6a20d2a8d81b4f3658c8a6a2d5da7c78050d74aa313bed6dfd

    SHA512

    caf88077389f35690caac400c48063e58dcee079c147f21d9e4c9ee79daaa0ec3876d510858bfad4d6397ca1a83c0d2256cadf0a69f7cc91344e3ca491cfcf48

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1e284bc860508bd7abe0fb977d3671d1

    SHA1

    1914c7d1f698bf6925660e533573622fb900457b

    SHA256

    2f318a69bd0179f7b06d3274c3da1159858731e46622d6923f56c6dbac1779ca

    SHA512

    26c5e8cb6153c5a4b57f6d401b9f4d86a15cd79e9f15097f1e017be48101add2e76127ae0ecb122e99c5e77e5116cafc4bfc3f94c5d713c4bb6316cccf913699

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    493485b4fcc9f849fe5e0dc7cde3ad28

    SHA1

    edfad5d955c87fac1d2e0ac25f3807a5b074221a

    SHA256

    f84f2863d73afe7937f058ac9cee0f45fcf321daeb763b807e81140594bf3330

    SHA512

    c531e04221a8244b9318ce9971ed8f6470db45c3b1678c29071c1b65baa39a5a2cc9716198f15da5b825f2de486c3723d411e25a7c90233e5f1f50eb888321be

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b5be9a5b0e15bbe848f63e3da0d9098f

    SHA1

    40bc9b1d7cdd31e943029b4f94abec37c3dfb893

    SHA256

    f56857338a96817d290dcdd5301a444e5cf367f07dfb66a56229f5c0b6af84f3

    SHA512

    5f8f94345ce9abbcdba2dbe5bd9ffa027f9701fdffa7fdfc0cfdab792a36dd18efaf5a5a6092e95f5f5b169bc0d036f36bd4539666409e7a2d7962d2565f9665

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ff8e6e18448386887054f06341123f61

    SHA1

    dadc3895f051ffb3322c8f9b8e69701a13abde9b

    SHA256

    c12843216fca65f3efcb834478e80c1372d9ea978bc3e4c2e737a28515008fa3

    SHA512

    783edd6346c9609d1efa4cf856dd03326448088d65331784fd02cc0322c5d09491166fd3b1e776a7260d86ff42718b6b48d91adf742aaeb888330e6a7dfbf321

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5d29a0c7d1bdfabb62dcbc033f8c3f51

    SHA1

    5d7e98a9bc643efe5450c609dfabcd1772253038

    SHA256

    7c07dfc36a1b437cf8b99d28aee1214a83a1955955006b38f0a95a97f8886af4

    SHA512

    7f41aa2a06471be394a2148a55dddc56ba54a951d212004b347df381366b0ea58fc524e17cb3726eea9c617accfe4b8ebb7aef1054f802f156f1a58f2c10914f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e981ff11e56a3502e8bcee3e58e67e2f

    SHA1

    75f4c486acc8a73805d515943a8bdfead3ede075

    SHA256

    3f12ecf09d0eecabc10ab27b7cd6c9c97a305bd0e59219cfc3e6667d401bacd4

    SHA512

    d52b2e1b5b180abc212b5d0a70f39bb3297d9ec6b1c206fa7513be56266fe4b47c1cae4f87bab4196ac51360265de685d59516f4a33cd3d5096f9e12dc581857

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0d7102430b6d5b15758ed0c8adc8cac2

    SHA1

    377e73fc36b3b3d7b5b7e16fff46775c1bbfaa5e

    SHA256

    94251bea2503b6e344be933ea6a8046da07885639cce4177d77580224ca86f9a

    SHA512

    66a47639033a405d70b5bee0d4dc28e68ca08485823e8c8b66f8e67e68848da8e9a570887b82ff5f2e641e0ece21bca648e2248cae598e831e8bbedd2dfbcf0c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC084.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC1EF.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC202.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit