Overview

overview

1

Static

static

1

libgrey_yu...8.html

windows7-x64

1

libgrey_yu...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    19-04-2024 10:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    libgrey_yuv_plugin.dll?id=8328c31dba7c71ee20ee32f1a735d639f9e43928.html

  • Size

    199KB

  • MD5

    c9a9908f69ad06e0f57fd24d368c7e53

  • SHA1

    4c28112a1f2d9fac4c72785e37b385e7311c768a

  • SHA256

    0e5346d008d85b557cc4431e4544af2d10631729d60fa14f5f00f4d98f902da1

  • SHA512

    a8f058aaf05f0b44c12d46ecf681b2db0db85a09e1488adb7e39f6fe9aa90e7999f6b3d407ff85ed4c39ce988a37ad84a6ab3d5cd6814ebdb631dc0e97cf72d4

  • SSDEEP

    1536:Eh/B4y+2sFgLmSF3JOksuMm29VpzJlIW3HOe8LLN2DgkPE8B:Eh/BDsFP9B5BfT+1LUskF

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\libgrey_yuv_plugin.dll_id=8328c31dba7c71ee20ee32f1a735d639f9e43928.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2240
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2240 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2340

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    37bd5ee82de764a9593229cf7c594424

    SHA1

    bf7045a5f8d0add3f9421416fe8d7d03c3debfd8

    SHA256

    6ce76e8c37f7a4cfd87afbf0333008e6469c93ff6074876e8165e5be5bd2902f

    SHA512

    83e066391bfd07488ad7a5e14657c07ae60e699699c5ffbd25d228bce5b41e90c0ef564da7101c2ca44558e2b86df9bfa5c182fe0503b4713607666a1233bc3b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2e9dc43178c4ab3360009003c0a7323b

    SHA1

    a8c8f809679a4cd4a993d3ddc7a0fe60c76bd788

    SHA256

    f3150183fc40346ae82c4526fa1f0719a02b5f6d9a1cf345d641826b6f8d1fce

    SHA512

    7f7c09dd70a3d446e648278263cba836a7c7bfbe6fbdd0f377acec498dcf4e6024cd9bc3b92ceb1c699f924e61c935efb7c15c6c2f166249f6d0a9af6d4dfa14

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    08bbd42d9d654dbb9c0e16561f94a09a

    SHA1

    739b6656c028c8389ef4c0549d24a66c7d4e0133

    SHA256

    774098c325835db4187a39cd05b82a682f52074a36270f8749d9fedd35a7c734

    SHA512

    e532885a26205675897b7df7747cf8d6d84b7c0abe4d7e836262e17b6e2448739a97c4d389d26e371132358c4a07b983a2a4cc51f5cb64245c40e665973b157a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b62008b5e8625e1190efa74b2163f962

    SHA1

    aa1210f9f482396cec70dc68306d2d8a4511f173

    SHA256

    a7ebfeb0f97ab453c06574d13062d3132038f075c085c8f7e524845d2ea413f2

    SHA512

    11e5e545586de35e250b9c7f245c52fc409605de88580e5d12cfe71e4ca4aeb902bd9117fe8a05ef18c2a892d5b211cd92d26ee2fe4cae2ff83aac7c5c895e03

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    86a19fd4147ea5d3cc0d0414371f8cb8

    SHA1

    2f0f2ab6351149a92619997eae32d1761180662e

    SHA256

    cbc724df7c30a1edac9df489b2ae51277dbf83ba0f229c0c3cc08ba602d13a29

    SHA512

    adf3c2112602728d2296b4864e1ebf86eebc61eb2926afc6561f885aa4e365f73403f7d6c5b7cf3d0a5588554effb5d3e70b779661989d01b3b55a737d2de481

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2e03fc23bf6da453c9e39cf6beafe6e0

    SHA1

    49b4756bede8cca4c9376f2469098c078938f899

    SHA256

    e5c4170d4bee5251fb790cb02e00dbd0b0878cec16b35428a25bdd301e7f105b

    SHA512

    d2ccbf49f19b69bd7ed03feb12fb30f774df6f49b77b9b76ad3bf966b600dc2a4099094f1b09a12f0bfcaebfb807a9b868c769f7915a3d0d5671544a3476afca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0416186233d4eeb3523142686f712e3b

    SHA1

    f5f01516ec4c215a22d80aabe7a3b7a3e9090c1b

    SHA256

    a52e4b104640e7a1bcb591b5769b8e007bab10cc68645a08127f63283cf8ca33

    SHA512

    afb48a478c8197fd0e9ec3fb684a887b5cfbf636d736bafdc71386b6a23733c3e1a932e28fd161897da1314a6106309a54a66be1a35258e2d4ef312b4ef0edc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    add9ec44adcbd01b83de46711afe9bf5

    SHA1

    43315645ee9aa5b284c4b6c8a148eb8bc20526c1

    SHA256

    73e322e4f2c2e236c3fe9308b6127009db1d88c6bedc8656d72cc932c93d9970

    SHA512

    1e4971f843b3d7331935ae3ad080117d5ba60d4bcc8eea88e611997ee6eaf2f039431e659c84e32492652a234947c63aed2566ec672bc3fd17c47a8fc3fc5872

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c5c50d9427af1ac972e3ff7f93240fc2

    SHA1

    2f598109b9e7f2af60864d693efc1dbdf93dd405

    SHA256

    242cd56f19745eee1ff5ece71828d81426e5cf30ba53103ce45ca9ce69ebe1f5

    SHA512

    a05d893d1ff6d949c56e4ce5289cf6342287b7e873364462c0b5cc9157e44629a6df30ab0904b2e80d25d1cc80a56f8bf1c3b7e8bea9e1f28a45cf28894ff9d1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b3727c93ed3bc3bffad9a291b3a2dacc

    SHA1

    b17259f0bec66710ef6ab75d387cf3d6d18dd4a3

    SHA256

    0dc9e210fdd6ad4bb32c1223962f96381d68e8eb993d8a876779f53f8c856d22

    SHA512

    8afd0b1b9979fd09e3e1850a84695ba2a7f4bb964bd0f7148f986c970caf8d45c1966e8cf1627b471c9f110d0cf58382ee4c661a32b02d2ee17852e01e898251

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    61037cb2700ddd7d99964797d417ada8

    SHA1

    692636a9175203352cb7b1a2bcf49230626be811

    SHA256

    bfb581e09be28192287bafc9c2b5ff079c1fbf0d30e6209539a30ffb56b1446c

    SHA512

    ee5e2dee0fe447ce31d8ccd56928476d9790ef7064f24904c510cd7a9f4281c2f4772267a015f6cb067135c9ac8099b18e31a3fb1b6cf89c50800411a9cd3945

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b4255b540b37372d132fb9a1747dd23f

    SHA1

    f3b8adae89174b7c15e5f96c2d622d8cf717c17e

    SHA256

    bec95353aee0c02c749a48e9b0fcce5343b8b257c911c69959fef389924209db

    SHA512

    21be9bd6fc84975c591b99091cb420731f90f33dd22fb425f523411313e3648cba824c68ea26bfca7b3a316affebf9c56e11757f4628ac3e0a6523584d323781

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d7ee29e2ab5ffad91d6f18d9f78a73cf

    SHA1

    b47237ffccde0f028419036491cba68808d74b33

    SHA256

    18b8f087b674624add258470b99043c3aa0dcf828cac230b49c93c3a6b2dd04d

    SHA512

    8611bb5e5e6552263027317408c01b50aa12c70ca44f64003e36ab142a775f0855e8679df5cf8d2bc3c57602f765fa55c16e83422b203f7eebce5817c86f17b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e7ab666e2f9d3a48075cd09aaa291875

    SHA1

    b364ec57cf892701f93de50f4f94e49b6684669e

    SHA256

    0c0f9cf300f79634a224b6d71916950568d8edf28fb5e0c3f980fa59e8c2646e

    SHA512

    64a634588b07d9c8ee15ec1ad5aef50963418ccd1936c99d2d7bd8c47468c2267d3a13f21113022cf7a1a5445f26676ca4154ada9b89dd31934eac8d93c3b524

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab788B.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar7AA6.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit