Overview

overview

1

Static

static

1

libps_plug...8.html

windows7-x64

1

libps_plug...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    19/04/2024, 10:32

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    libps_plugin.dll.svn-base?id=8328c31dba7c71ee20ee32f1a735d639f9e43928.html

  • Size

    325KB

  • MD5

    b2d8de56066d75820069b9b674481e5b

  • SHA1

    872c0045605048deff01b2876e17db0e2b1b60c8

  • SHA256

    77d987e63e5124f9c1fdf6be32a076d89aacf720c050c29020f5921c40174103

  • SHA512

    f991df91e25bfff2c3be54793cf544b1f644d6450acadbfa0239a9b0d4b809c02d75373850f52985534d9239a6d7c687171e696eb55d29279e333d335fe24951

  • SSDEEP

    3072:wh/h3wHcw30OMLo03mQceX3Z/S6B6i+5svzk7xMLLRPrSe6uY:Cwlw3X3Zb6i+5svI7xMLLRPrSe6f

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\libps_plugin.dll.svn-base_id=8328c31dba7c71ee20ee32f1a735d639f9e43928.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2180
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2180 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3040

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          f878b1237673cbf723a90084ed444a29

          SHA1

          387fdd473d298cfd564cdf09765d7b6e902f2ddd

          SHA256

          4ecf262d18a213da581469024b867065a3b83117bb78bc762ee740900be1b9e8

          SHA512

          f951b723e9865801429ffaf6c0988a4a899faa7568dfdd8cfbf52f2c908c36826a851ca4812e6a1d383288318827fc4abb724690143098f755a8efd7be8f7287

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          37a4e77c1e380f0b859bfe5bb016b2cf

          SHA1

          2bcc87f08f6e19281937d9cde65aa1d450ca632e

          SHA256

          8999111ad3cb239c319d8ea308917d6a0ddb5bc3981ec579d87a7362b72e2896

          SHA512

          8b875002e4b2e079344da4c835ec5ed23d83b84df117e60f7308cb7a722ab69dcaea1c474c39764438980fe930ace483055f1317c67c2ca86cc0606631be618a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          0a0848bac8ccbc17735698566716120f

          SHA1

          dc540a51ce31f60265231ff9e8df66e8efc74f74

          SHA256

          db795141ec59715cc86965efd9cc667489dbbd06641f344e608019ddd44bd5fa

          SHA512

          a5effd9cc836603ba2c936ce4746e92957404647ff32fb7d8adf3f78c73b9c9338006aadd9e441d9e79a03acbc0872cfa70489c032b6755ea556f1a3229cc2ac

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          9c9589092f2ca54ef5c853552c7632d4

          SHA1

          98a01043a55cd3aa8a807c32305bc33661031e8e

          SHA256

          f821982dd19b3e47cc1b55b30f6483fa506e25a340ef5feda5ca67d4ebb231f2

          SHA512

          7ac4f051005c4c971eff9c032ec86750737550ddc3414cc35dd48a248e295a16adaf77d787581474d83f13ed8bf35fc50091482dd3dc4a59ceeed21dbd1deff9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          9fe9804dc6ea526bb813eceeb5d0f9c7

          SHA1

          5eca7bd87b54c7ed8203cb85cdf2c5151eff3db9

          SHA256

          a0ed95ed706860c7c3f5239665b0b913d9acd34be51d8073d3250b054c1e5444

          SHA512

          0604049b037073a264530289ad4c809bc21784782e4f562f3501ca6cec375a40b7bef224a279242f5e33813ffbde401156089ebcd728a5e637915dfd04810e82

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          e0452e9692d7eee1c5368afcb9b49538

          SHA1

          f8a31914e21861261415eca22c2355d0e3997bd5

          SHA256

          42f06753821a0226836072c0c6ba0482ba02f9323a2db5575d03b8cc472e322c

          SHA512

          226cea3bcc5014021a1064ff33a2860dd550ac234db0b55593952b4e0e5d7e92cbd575083ae8f0f95a586cf5fa85cbf3e570150971f7ad4c41d51ddf85272e40

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          8db3b05a6a0980309aad06028c9834f3

          SHA1

          bf7756c1212b261b517818946f971d9e51119d0d

          SHA256

          29908a92d5dc38d82b68c07420e6954ff4fe6d9074170f9e19a0e6ba30a509b6

          SHA512

          87872b12194be3413f8e8e74558e1be7c0100d3d10494d655c4e84874c3678edbd9f1b6ff0a7a5256fe3d2750488d9309d4f724a862ca975ed0ac276619c88d2

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          08f1555063dde6c909666b2af7ad4f19

          SHA1

          d6451148db892eef0f98e3cfd0de83f91515c3ba

          SHA256

          e440ea8b5c95234c10411783901226b7aca88b588060210bef9183248be88051

          SHA512

          76a2c7d1e92493f3cb6e216e1eec204870d8cdfe5766048bcef93ee38649096dc1fd0513b33c6e73a720aa3480abb4289b6ebd9b91ca7f9381fa42e34c7de01e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          8bbd7d36b7e720d4bcf73eae8c3360ab

          SHA1

          58d2de77be41a80166f5e82d8f2ad465dd968e53

          SHA256

          e89c6b45b87fc2e9d90bbf257cec410a9346cd801156234881ae21fbaaae7dfa

          SHA512

          b72c779a5cbf95567430023abe67ddcd93c6f7f5466b4f3a3d2a8dc587be01d4ffcfa0d92b6b30c31cd65c58b9266b73728fef6aec2e0d58909cedadf59798b3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          86eb61a9fda44b3f7d24ae1dc1fbf581

          SHA1

          a4d2f118c7ed141e92b9a32f1f58e7d738446383

          SHA256

          e9294d2866e1d0870b01e549d65c7c6891b5711775a8011356f06684dda56d88

          SHA512

          41c83cb921912fb5564a3d9c359153f6651701097d777f9f9b5fa46c73c566723008e800b1b5777d0473de6a2ffe2cac7348997c15894b84fe69341d248f11cb

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          9f560aa7dfaaee4a9feb52e7c8d59d47

          SHA1

          d5c59d23d1d765ba16d54ae7c0ce6635935ec6bf

          SHA256

          05084bc0f1c688067df2200448ac50d7148bc29395f4e7f753af1170b1f9b214

          SHA512

          d3462ac3d45d6e9120a9ee5cf3375786d49d88b03a558ef8dad4c337ae7374273445dad0c7e5a65ce2f1013fcb0cb4769815dcab19f6c39271b4c7e546ee2231

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          931a5fdfdc101260d3b00ea8f8b88e00

          SHA1

          0a21576cd02e1cbdff954ad7decbfe74dedfddce

          SHA256

          2d5ef8c30f1eccec80d4eda4fc3a048127903d7e2387087357e5ebd78af9fd35

          SHA512

          40377e687eb89b61bdf41321cf775eaeae30f53580fd74b4545b9b5b26acea99c4c34861ab3010adb5b7ed41031f74af15cdde7328633a166284980bf6b01243

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          7e13046b81661b9fccd989720916f5cb

          SHA1

          2db83ffcb8a2a6e4c0e620655dcd1aab6ab982dd

          SHA256

          31d2085d6529143ec96f919f12fe626807f848096fa879ce81a8b14b5603f23f

          SHA512

          b0582df62a8c473195f63ff4627bc51bd9abbe19afb8401e3e0e3b721b4f3c1fb2a4017c2b6ff9f6c9fa8e873e71ab4cf1e11e3aa964ff867608b1492d12568c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          189cbeea645a812f28fbce5a50e8c850

          SHA1

          9f6b8103691201025e55981701f7c98989116ccf

          SHA256

          54410071e47ddb4e09f61694d1b9df595601cd0ee361f3f6e8f9c232fe334955

          SHA512

          c05cd66a0b42aac3093973e247328ff65f90c01bc38914fbde3dbbb1f2c871e3e04f4a97d6220cac08e04e099d65e6026a6401b213354687b01a392c2bb83662

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          6a58a636708b34165a98d4604a397cac

          SHA1

          50d94a7c1a111f4570a9b14f96c854764e3d863a

          SHA256

          0f09a4627a03f39e40017436b42799d50712e118935688b11fcf89c2723f1e7f

          SHA512

          c999de4b2bab6f6e7567d433d8bd1093df3cbcb116a7775fec94142187316e46b5ee1499e5431ef745e5698baeb3bcd013610b22374ad99c8ba743348dd53d31

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          d71b9ddd5c382ce14da54da8d938c6f9

          SHA1

          682d760e0fa468dd557935139b8ee2faee0147ff

          SHA256

          e52efc73093615a4f9e91627369271aae4b5cf88dae45e8f6ccd55617a8f120f

          SHA512

          610d2bbc729ae1bcc3daa1e03416eb4a9d6fe399348fa3857486bd73f0f0e0500d51d2dc770a460c13951ef5f2b446dfe1ac42fba3148456ce278538caa0dc71

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          92415ba276ebc48c4277da19b85f107e

          SHA1

          d9bff7d46797c468e9e5f815f50687678465ab9b

          SHA256

          907f658697e07ba6ab0bb28bcc6d6711c144616bedfbe1e0de8bb59668291bf5

          SHA512

          15a039a96364d98202487a2875608cef2b5c11193dba2b21c08880f6616ef0ecfc60b31ff51c1f432dfabef21a47aabd833b4ad4dadcb2c11ed02eefbe0d8844

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          796f823c10e4a70892805f45eb1a1fae

          SHA1

          d8720c02f199fc8b77c37ea0742a68b85daf0561

          SHA256

          5d4e554862bc7e1a56c7cc8cc2d2a599cdca867319dd4722734f2e1125d7cf5a

          SHA512

          e6300806b6b78a56609b37415ace0c6ca8a9ebbcfbe0da5bd0a3c0e63995fce194d76136bbe13c5307d6ef7ee81937bde4c54aa26ad3db0bb62d8cfb219f75ce

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          4157cb7aeacbef8955dd9b4df5e7890f

          SHA1

          0b6d1e9b2cbe5521fa07d1709c20b8732afcbc8c

          SHA256

          84808cb2efba01f39248ca85a2ad44d25e8db099fcc598007e2353cde0a643a8

          SHA512

          295474f211d39f240d03481d03b1d70620b4b61484b7f212de8e76aa05ff7bc4a3dfc6024a5d38a0477280da4c02f88a8aa125335978e3ee7d7a1fea3c0bb4e7

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab254F.tmp
          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar2630.tmp
          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

          Download Submit