Overview

overview

10

Static

static

3

0577b7e8c6...49.exe

windows7-x64

10

0577b7e8c6...49.exe

windows10-2004-x64

10

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

EpsilonFruit.exe

windows7-x64

10

EpsilonFruit.exe

windows10-2004-x64

10

LICENSES.c...m.html

windows7-x64

1

LICENSES.c...m.html

windows10-2004-x64

1

d3dcompiler_47.dll

windows10-2004-x64

1

ffmpeg.dll

windows7-x64

1

ffmpeg.dll

windows10-2004-x64

1

libEGL.dll

windows7-x64

1

libEGL.dll

windows10-2004-x64

1

libGLESv2.dll

windows7-x64

1

libGLESv2.dll

windows10-2004-x64

1

resources/...dex.js

windows7-x64

1

resources/...dex.js

windows10-2004-x64

1

resources/....2.bat

windows7-x64

7

resources/....2.bat

windows10-2004-x64

7

resources/elevate.exe

windows7-x64

1

resources/elevate.exe

windows10-2004-x64

1

swiftshade...GL.dll

windows7-x64

1

swiftshade...GL.dll

windows10-2004-x64

1

swiftshade...v2.dll

windows7-x64

1

swiftshade...v2.dll

windows10-2004-x64

1

vk_swiftshader.dll

windows7-x64

1

vk_swiftshader.dll

windows10-2004-x64

1

vulkan-1.dll

windows7-x64

1

vulkan-1.dll

windows10-2004-x64

1

$PLUGINSDI...7z.dll

windows7-x64

3

Analysis

  • max time kernel
    119s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    19-04-2024 01:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    LICENSES.chromium.html

  • Size

    5.2MB

  • MD5

    df37c89638c65db9a4518b88e79350be

  • SHA1

    6b9ba9fba54fb3aa1b938de218f549078924ac50

  • SHA256

    dbd18fe7c6e72eeb81680fabef9b6c0262d1d2d1aa679b3b221d9d9ced509463

  • SHA512

    93dd6df08fc0bfaf3e6a690943c090aefe66c5e9995392bebd510c5b6260533b1522dc529b8328dfe862192e1357e9e98d1cdd95117c08c76be3ab565c6eea67

  • SSDEEP

    12288:/7etnqnVnMnBnunQ9RBvjYJEi400/Q599b769B9UOE6MwMGucMEbHDuX0YnpWQZb:sPM95FCWStQj6ERs/mfMl6H0skDpS

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:808
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:808 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2120

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eb5b43530150a5bf79a62bafb14d6acd

    SHA1

    94ba86dce1a3170f5c8785d32d3f980c91dc0c2d

    SHA256

    e6a5eca2ed772e1664f70c48f6d830cfebdcfab8b4e8964edbf828b5c49364b7

    SHA512

    d0807383a15e4d6a39fd9897b8944ff0602ec43e1240c46f3fd2e13fc1a0983aead5ed3ae97ee1fcd4c35c4a3b56bc48caa58f05c0e83d223639ee7b9de693df

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c9db023be579e8b6b545bba641280dc9

    SHA1

    c032f771dab55ff5ab640e3057d5d39b28ad31a2

    SHA256

    e383c061e2a27827fe71b050fe94a60c879f5ce5da968785054339b341af6275

    SHA512

    4ccbc390a82beb0edc75d1bc97b466a790c6d29e62df047afd7006160e830034d83657d21841599a993bc893fe85898a8f6d102fb9a75983149a028cb06d06f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ba143df0ad5ce551db705f975eab88ee

    SHA1

    f8d33781a1dcc4d074f932a09b0fda4259b0411b

    SHA256

    c624e98367043e6a470aa597ae71c79a3c3844431ed691fb82d61e54f899b2f5

    SHA512

    affa65230dd8a505de7d6d8d458ecf0168586d3372a64f583db237ea5f017a5395c7a79a09aab62e1df7cb4016e2645fe7420756707af56377c144ca5f9f132e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    19bc65d026dfd2bcda9decd523e1bdaa

    SHA1

    a7b612baf3fe2c1353ba5d4de4e81eb09bd04e8f

    SHA256

    05def2243767bae77a7bcaa37be4f0dfaccc8866d100dc7745a5d23ae9de1aec

    SHA512

    90f7ef12dd6ba1511bb0df2c18eb287511c19d55c6e17459c02eaa1de61bd601048aaa72ecf8fb11934a8386730fb92196dff2bae2c3d2776b972726c52dff6a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    412827abc162c776deb1fc7daa5a0a29

    SHA1

    08ae845ae8cb6aa9f7d9c90deb6ebc65eff4353f

    SHA256

    4fffdfb763d871dd87d96c89513eeb80d9fae08f8ea3f9d515089def85901ada

    SHA512

    0e618d7674584fc1b3853530fab5b5f5e14ace8d659e19f4f01c56843bf6a4e743578f5c19d618f9903f3797ca430367fc046daaa70b1e3a65bad0cf8b7a4ff5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f7fa288a1fc6e60f6ecf7da7752ce127

    SHA1

    a2c3c54d36314e04e05713c87f69d841fe0a4b71

    SHA256

    30fb3aa17ceadc81d1155b6855eb947c9dc88f11f43a3016ba393ff95c1c8fe1

    SHA512

    2ecf81f3b79c993f4aef585f572f16c205fb40488d44bcb4cf956a528b5c566d5c5d2b64c754f72c7787487dd07db9c4645384bfca1b1b744201b037a0ef0ba5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5d4a4f3f69b96ec521500f3f2e61ce21

    SHA1

    7e395de0985cd87e8769ab05bdfceab21d353327

    SHA256

    996557b05d93e019d1a05ff2c90b008f0e094ef889febc67f4a4983f9597414e

    SHA512

    93772c8c19196fa504ef7ff963281f2b5fcdcea0cc40af62ea499f01046dede22d7bd9bc4e7045e82d54722c5c60acb7e56f8f3bd37ec4876f21190f83ba70d7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2dde1fd9cb1e42b1b52d4f7d6f4fcc14

    SHA1

    23f9a8a6d070bb47c4ba3c5958ac021d166680c1

    SHA256

    76a782654f4aabd9992f77e6bb71fb50e0931d86058d47ffd329cbd8e9ab506d

    SHA512

    93ec450d2d92fdc244b71fe8b49f0af8f093c448262f9699a7aa7f92f2db63f10e55fefefcf5602b6e94f092eccd6a8f191d31f2528743182886c9821d829e9a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e6ea941d949177cd107351421d478478

    SHA1

    7d9f9d46863abfa13ba789813879430ba431c765

    SHA256

    ef024bdf0ed1b0e90a9e1f120feeb9b3246eb155a2d83246af366ea9963d6fde

    SHA512

    ba5cdfb995e3c6cb692443632f191b874f01c212186ec29867b630ad78f6ca270b24559736bac5a28443e5f2b058389a4f05a9ef32b3402aa56970429f683f19

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9f28f541d5560a8a2fbf7d88ad256ddd

    SHA1

    d7d07f8856d58e2edafc3b2a7b246a6cbd40ac19

    SHA256

    8dbcf3b06a6c89c0c846a58706400938ba10a06625a16a5b5867f3369c1f79c8

    SHA512

    df0bc0c4a08e00be971c9277f53518e8624bd2c54c0940f988542a4cb4b0c2c665fc451ddd05d81b4b73f4faeae949ad7bda02ba31dce9ee39ecdaecc81f77f1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    03ae249bc1583de6520f30771cd7b823

    SHA1

    049a29823746da854813c5f7c2ae1371201e0f51

    SHA256

    9928347fe6b68128e04549464df4e354d206444d89539647d50ecfdce1c554c2

    SHA512

    f9bfdb5db4b486c05c9e3a7017c03631b901b7390788cfcb31ae86ef5584aadad6d23f4cca76c09542c08233e0837d4b04906d6a7f2b2594c7424e158188902b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    540af86c493aef3f8da6f9f61be73c0e

    SHA1

    657c1a78089a90a954411e27a3d3f52e6dc23e41

    SHA256

    e0eb2c74314944b3d212d1b28e1c8120ab8621fb5d40092f40675b272fd8e16b

    SHA512

    503054a0d130fb729b4f9398b34050c4fc5b8165fde56ab88646843d6e68e8dad10f6b21a7829f50f170b966f565ce246d907bec0bdabbbec208e6a40cf6392b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    efcccc3f3a0bf042418432e816209933

    SHA1

    1bd790f2207d8208da22cc487b285c0ca0ef40fb

    SHA256

    c3be84a1ed74bae7cc20c0438ab8c7901de79540d0a8d2773c2dadc84935460a

    SHA512

    c0071495517ea7e94a6df3b5ac1a083658ff24307da78880782fa94a1fb689726c54f7dae7785e807105a68770fb1737e13ecd1bcdf6691b93c125ced53c0c48

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab4369.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar7411.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit