Overview

overview

1

Static

static

1

libvod_rts...8.html

windows7-x64

1

libvod_rts...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    19/04/2024, 11:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    libvod_rtsp_plugin.dll?id=8328c31dba7c71ee20ee32f1a735d639f9e43928.html

  • Size

    355KB

  • MD5

    69b083e630549b58bdc9e38b6419f0e0

  • SHA1

    84d96e88970e96e3ddd5c2f24ebb5932e50d4d04

  • SHA256

    aa0e575d00d87373034eec325db145e8343fa7508562db6362f9623bb8a80b17

  • SHA512

    ea884315763d88a27b1e9a03c2c2d05505d581cbc91a1af82a33acfb676baac1d8bdda698df4b4c4f5f64cf75dd0d0f4ab2205a788273840fb82210b6d28bfb7

  • SSDEEP

    3072:2h/vv346yxDDgeJEknfwDYXlHysV4FSUpxh:gwDDdJEkncElHysV4FSUpxh

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\libvod_rtsp_plugin.dll_id=8328c31dba7c71ee20ee32f1a735d639f9e43928.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1724
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1724 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2540

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    39dd3b52c37db3504e0ca938e7f29ea1

    SHA1

    40c04c2b840ccdb574fcd21ab8b8b71a10fb395c

    SHA256

    048c239ff69d3e597fe2459c96665cff1a8359639113f961fd0afb42e3e615e8

    SHA512

    cf3bbd2bb0d83ff6e50c4ef9fbca35508aec73a2c3ffe0b60901bcfa6d3b192bdcd9d5bddfd1667cac39a86c3c0bc98d4a33c43161476d30fba22dbaf2d1dbba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c041f1bd51f2e4675a445e2d561adb6c

    SHA1

    90585463dddf5ec83650b99cc9f0333dea7750b9

    SHA256

    238cfe316813915a8f47e92b8b276aed6eb4b8d854ed09d432af2434de19b178

    SHA512

    ac98a9c5c0b2cae9630e13a0dbea73b318d0ae574c867b7e026057944660171a1130d152dd687a06f7991a6b6e30bf09460f992dd485cb9057b467757059716a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d924fbd7a6b7f990fb6c248a4d6fb386

    SHA1

    a3592b1996dc49a785c55ffc05288d381f8903dd

    SHA256

    b787d22ab21c80c821b5c00b9d612b202e2d5b39d30133195e4c87daf119aad4

    SHA512

    b556f486ae2f9c4e17bdb94c04d3066b81922d76ec4db7027461425e545f1b5370aa730fc1366a77c7f830b2e77b46f4f44985ae12ea39475090f609026a1d53

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    841344879d9c4bc00ddd6c55c3580eeb

    SHA1

    98c1976c588d8e183340516d015ad5c881dda615

    SHA256

    edef7ac37e7a3a39c579ccd28ea2b4d9048dc47f0262bf60ef7ac7eb27a8c55c

    SHA512

    5243c373989fc36a5131a117d2be48e57eea874881b780b8e5bb38f9bd452a7e76edda62e99135d9c98f2e3e83b7406caef368933429b4db5753faa52c14e38a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    54090391c1900ef825899b54ad0a4236

    SHA1

    953dfc27915e88f5025dee8293e5219737a7de3e

    SHA256

    d921e41bfe56ce538d0e65b7cf7a1f0c0a23ae71d4c61d7032e902e12d72dd16

    SHA512

    6bf4ef0b38127e33a013ada182cb4d42a1e8cb97306186fcd8dcbba305cf3e9aade1657d3105d7343137299e7c849d0db17beed8e5abd8d7382dd6062e8ce502

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1c66f4d84c75d463787412dc5b779cdd

    SHA1

    94e4f651d882404b1d92afd91f66025e8681d28f

    SHA256

    669abaecbec2d221a567300e1ea152706a5b7ab2e86bc21e481e72568b40c557

    SHA512

    fa8a799df840e40044c267ff15fa0315ff4ff4e6d6c2b76ad85b79c87f6bd5f6bc980a47a61e978419d8d93bd8e7e01a53fe41b917d7a5ab88a0244fe9a28fa0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8d2f4b148757a5ca63fb78e329356d41

    SHA1

    c29e461d3fc9e265dd9c3fb03adaeca44fa5fae9

    SHA256

    6888c92224bc4de0af25f16c738dce6b4af4c79365f6664fcf7f2d3ccdf84dd2

    SHA512

    32718c01e12a4441120dda842855ad62f2b268c7f156b1fd9b860e6c1d75182c7967ec7d258da2fe981472b5781ffdee19da3554bba50a02d1d7f4cc83c3379e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d84201de509ca5fb6088fd1555d011ba

    SHA1

    f79a81e8cc497c24f851f60c692ac5c08b83a96a

    SHA256

    bf1b5412e95ce2d4aac03d3ab6148ed6dedd25e85625c8c9ef4e646696f55c39

    SHA512

    6b6d15a7ab1d00cb59f636747e6f9e064bfd750048e4b493abe304871aacea74f8e83738233ea55be223cdb2b142a46653fe36ff5f2be946e08a8c9c5a11d43d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    912d2b9d7a7ed5741880fe77f5b5d8c1

    SHA1

    e00bfee9b55df4774643a8d08b351d090c27e409

    SHA256

    aa1eee5049499842ca99b9a582785e36705242f3bfd9d27d69a9c52d293220e1

    SHA512

    6bf4c67d98cd3ba3f49aaba76bce031510ba4e15d7ae4665bea5c961ee4aea9617aa7b269dde9744c341e7c10dafac08dcc404405ca1f7a9f9f4af2dd4850370

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    708189d66d692de06a86a12ca44dfda5

    SHA1

    439220e54b1744cfc06632dcd494cacebd543583

    SHA256

    406d88eed6dbb692cd6080a9150677cc400f16d2b68e3ea7df59d8d0375d2077

    SHA512

    e00876d500d0384605f6bc32e4b872f91c1eca04d8ffcac7141e07641bb18e5d6e3f4d8eedbb5565eea52b3acd3022fbf60dbf12587bfa75467878cfaba5dbba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d2bdb710fb551621d57ceb25f18b3aba

    SHA1

    604d4a766b45a3cb0025491100c91785470bfe2e

    SHA256

    8f35b40ee70f7bc804c0b2ba8062d2a7ffa02919dfcd58877fe8581d899d0ce7

    SHA512

    0952fedba40032ccd9f15b8e4a9896b97628d221640b7d6e09bcf5b70209ee08f0dc33bddb6809303fb111d2d4d24598d9c758db10104a53cf534303cc55fa83

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    08e16937ba66059b05a2563fafb35544

    SHA1

    c0c4e8c074c95e2da987c8590df6790be0dca924

    SHA256

    059ad5b53b002133640ba44c9a50eee995f08038ce9d95bcf1598aaeb484310f

    SHA512

    47b14c26966aaddaf235cd8a29a7e02c9419891860541bc21744175697160b52aa7be407ca21cab133f16283baa4f113e84a1b698068a2c2a19c4b9d474bfa96

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    75cca9f2294831e355bdd69e5c571c72

    SHA1

    a00d40f611a369cdfb872b01cc119d43bd777188

    SHA256

    8e4ee825d51482756fb59dd49c04501b7259e5bc7e2f9230b9e0c137fca4f841

    SHA512

    a2139d1e909032b2134f8702a7e94b957e98ec5c9b9f6af2f51888b032629e7529a43acd7ec39b338154e3c073f7115390c57148c074cdc7c748e364e9f16d31

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    74c298015d5e0b9d47fbe9c87c89a258

    SHA1

    e5fddde37248d75cffef998d381bfda285e234fa

    SHA256

    5f84f6e30fcbde2f2d1bc6f3176334bbc931389ed0fe2c003c19bd58b11942ad

    SHA512

    2775f517cdfc6eb4203951277b4bff460ef0390dad037a27f597b3a5b15294f6348fbf12605c45fa93824d57db13a4bcb4cd6087f54c8079e22262a3930c0ced

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    799739f293c8d7485168cb7e0c4b4f7f

    SHA1

    33d51f044719b7491658e11b598109f7e0437445

    SHA256

    16f1c6a244d563c4e0e3365e1797bda7c1ba7801c0955991bff08cb06f255775

    SHA512

    8310780ab49a4a207ac19f5c8b075195c46176eb4e8f0440c0bba2dced356f9d56bb3ab993c8683ba06ef1ade17b407f1e66c8c00ef0154c3814f059fafd372b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5d7aa0752b4a48ff1993f7286cdced5f

    SHA1

    3d26d076ae9f664af63c6b3f90f4a4903db8dea2

    SHA256

    e232adbd7b30b20629ce3e697a6ffe3cd2f3f9c739944624abe0a6e805558729

    SHA512

    91858a00a0dd5ebfeecf7a8cd9f076f45e83b5275227c9af5d413eb5e9203bc158fe0e6ca58c35ad09547aafb32c8110a644780cb380dee43b740d74e5ff9851

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ec730d2e5ceef7f8c1d9a3e993a859ba

    SHA1

    b673c0e09547993c0e07ea320fdc41a71c3effe5

    SHA256

    14bfffaaf38e9fbb2d869311ba8276ffb6e1f901ac7301718287f5c948c2b12b

    SHA512

    2765025ab323cdb76d836d9efbd0a655b1520559a7c93aaf5fe6e6b221d1968067550f3ac0cc515a9e0115b9392cf654fb8598760e2de6a18e42aff1eb9a7302

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e71897561cdcd63bb2d64feb9649b935

    SHA1

    0776404486c41767f56e64a0b1df1a0195c6a9bb

    SHA256

    c4d1f875389b308163f2f17842b8fac393c31b9950e37119d91b8e07ffafe8f6

    SHA512

    2cb10668c68cbdb34657956668c9a0d930a57f83ee91e15835b0fe8d3c70ef4503f1987651b078e6ff7162eed1737f0ca62a2adb41fb739f21f12ec68df453fc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f4e257d98d62f98c0d5f7e00798379cc

    SHA1

    f4555527c7c786f81882bcb6f8a7a63b967616f1

    SHA256

    30b2d91175335df39493f80d4dc355a68b1e247529bcf212cbb577de833b5448

    SHA512

    080784a879b04dd6c79a7000ba13158ce5ea54bfa391e5676ccee4c68538d265381477abc96c44de25ef442d947fe746fa401a3058aea385fa7e55a615cbe7c8

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3CE4.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3DC6.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit