Overview

overview

1

Static

static

1

librotate_...1.html

windows7-x64

1

librotate_...1.html

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    19/04/2024, 10:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    librotate_plugin.dll.svn-base?id=e3b43bd36fd50840467669364014ee53553872c1.html

  • Size

    229KB

  • MD5

    7b7f815e4474de685b448994f633f840

  • SHA1

    a4191d9876ebf6ffbd776342ef06034a78fbfd5c

  • SHA256

    2cf6ba45f69720d96cb176d6829bef91cb95409082d6c0f1a20cb5e237c61103

  • SHA512

    76f7d81a2df7abe1d3877ee269795fe49439b4d709b5a642190702d244913684016951f90261a53ba7508e47acd5572d9c978c880a54b563895d44f38d9a2cbb

  • SSDEEP

    1536:gh/A7Ynp1l8u2mRnwAl44JgDtjs7SE46ZE2RKRP/B1jn+dumxvE8B:gh/A7YR8oh8Zgu6G2RKd/Bl+ducl

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\librotate_plugin.dll.svn-base_id=e3b43bd36fd50840467669364014ee53553872c1.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2204
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2204 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2580

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2726aa6455178d287cf8e614eab4b859

    SHA1

    c9bb09bc95cd6283e759875f7dff88a4a101dee6

    SHA256

    a809c76d262ac910a9efcf4ba0308a080b0f878aa92105f6790c1d12d7ee3d44

    SHA512

    e83445e5e6bdbecdf16dfb0f1d632dacb63259aae9fbd967a5533b8126cfa0a3baed8627af66c3e8d6b95dc0907158bdb447e2a5e5020b03b1886dba082b790a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    43ccd48e48633f6e388618b0bae4194c

    SHA1

    865bb6ecc617d57019cdea73e937c2ff8a10b712

    SHA256

    198a8b15721378d7c5b613708cfc11f62805d842f0ee1aaafe8bf55cf9a1a94b

    SHA512

    637f5ea11e22efb707bf4c1d8f7e0e6f69623c40095f4e94e2ccb9bde0ef18084b69a9d8946b1d97c9a04f26549d4a7a434418e9acc51f5eaddd53405e064d7e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5fb634069f774d0f3b7049b406c0cf3c

    SHA1

    d640674462c97ecda75efa27a5b703930fa963b5

    SHA256

    983b7f8ee9aab339dcc5161171c13d105bed235c054c358ae102352bb6658cc2

    SHA512

    cb0158aafe4f6b88fa965b94dd21b5cef54bcf086957b08e245accfe5c3d0bcb38dd707ca044d92104edc5607e4254f3547c4be2ea82f9cea46260aedf787c69

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5ee1349bf705ca8edb113eadb142111d

    SHA1

    825326ba342961b502975243eeec671462623446

    SHA256

    85e589454c18fd01b7f6337d41e66cfbadd9df8733648f262e1cd63619c422c2

    SHA512

    3209c51d5550fd74aa05341846192469131347342784535305bcfdb1379207878f5233d8294317eef6c86d0dcc52252b56703dd1cb90e3317aeaba1f0cd56222

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    af55ab9f7bd1f6e59a678b29384bc8de

    SHA1

    656967eef287974aaed31f92745616b5473c3feb

    SHA256

    9d0238df6a9e3adcc45246c0aabc83dcd465a26164da21105a0ece94dea9a288

    SHA512

    12a8cb35d0d1131ac27950926ffb629b42b3b4ff08a1fc1d02f20a6f482de0ed79e5becacff0a46993ac6234242c05eba3654a41df229db5d66e3b1e6edd2ca5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c60baedfa501dbf2471ebca710790856

    SHA1

    b8a9fe1b82f2db21f7eee54c32873959a9e93edb

    SHA256

    ed1848b7b82ea53a02e5aa457fdaba86971ad5369b7a23807cb649f7e29ca5a0

    SHA512

    861c4bc6085bf425d94f9b3edb5abd59699b74c059d2fe107c3bfdc324bb899e74d69d1651743755e0775602f82410b96c3cb3e9e52ecbafa66033f988fcc6ec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    38d59410b3014db14581bd9f94cb1836

    SHA1

    e3457c1e36d3e2d9daca87608ae3022e2c4de988

    SHA256

    c8a8a5c41c07bee20319199fd81ea961f9a3a202fe65f40b672dd4b23a8b60d6

    SHA512

    b64144a146baa697d06b5feb68e17aeb1ce23b42a78cee9259e2721082ee063e4611b033567e3c04f6bcf68cc0ea13851fd38ad75eb4ff72c984464156bf2c63

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    017032db39fdfdbc406617e49e869b0f

    SHA1

    86f1758ef06fcce7861790c6034012adf698b31c

    SHA256

    8a8fe0519fbc522a53a5f3de84c1ed2ea981fab27b0a7f3ea5f20b48f8b15b8e

    SHA512

    9694945ae34ccec9b55f41d16576e366a2b1020a7aec6f39882519d80a10c18128186967d2dbd3cba126b2b3654f1269d2e42d95d280d848da32c6940249e501

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    729e21e29197d09de72dd8809cdec25f

    SHA1

    986e96719068f2b3fdcbcf75803caaafff1ce782

    SHA256

    6062a963e184db2700cefcc688c71da547c0d6afda954164d33b4d249b706c9e

    SHA512

    289d85aa3d5608b8eb6685cfd1def2eb9a82d73be144038c35343e7af20eb3865406c0880ee07f5ca17e38c4f913e98789daaa755bcfc336db02de313ceb4e42

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    843052358ebcd269ef1624373bbf8608

    SHA1

    a2a4d9f864b80acd669fac2d5cdf23a4b714bd6e

    SHA256

    98ec7f26e56b0f108d96b577284f27dd47ce1f11f7ae0bf7b8c5d1ac6e69f6a4

    SHA512

    f460fd8736db0c404f48214bae6c7de2af8e33d61088ae87683f07aaeed8bd0b656e078ef69650d7b2e9f102a7f198e236f983272ef559d6a86f11abfe7b58e0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c2dd753612540627a7d800d5659fac59

    SHA1

    dbaba35947b0f344d0bd0afd2bf1658ff66a00d8

    SHA256

    290b535370ee6269e02bc9eb438a32db9ff7066c594ae79831cffa7ac17423f4

    SHA512

    37fe5351aa4220eb10c8585de1ef6b8041774797eb87946addbc07c8cdcd675ea1ded477e1ddd4724fbfe64318314365ca0753cd51d14c577d32a6e17f4c26d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e67a6ad2fa9f332f9a46f721a2f1bbac

    SHA1

    c8785a63f449224e6c60348e125f9299425dc00d

    SHA256

    35cba44da64ffeafeb097ef5ae5a1218f372e08eee2d0ec23164b5e651c30a7e

    SHA512

    b8e309300044e4b834e6a9cbba5e1be28e30f9f2209cc9fe97fcbbd55bd90e1952851217f40a0fc485c30e357c7ec19b9402ce4a4898abe59e35daa2dc60ed55

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4a9bee8f2f189262bf8860e38d6e5138

    SHA1

    042ccaa98b3ef0a23f17a279cfac865748b126d2

    SHA256

    0c7a61f9639bdd620ded2a22f951316faf55cc2fb5bbdf5b9d7961f868bf6dd3

    SHA512

    b2732546e1d550cfdb27fa08a05909e5b851b5a1af762fe05955af5c6aeba13461e609c6976c0cf13bfa87f299fb661f3dcfc8899f27a1dbcefe753b1923e4da

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    931d4420cd89bda1d4e9fa24aa8e0598

    SHA1

    7e0d4bb07ee7e859b10db226f4100357d45d5feb

    SHA256

    1dd52025e272d7750da9be18dd03158add3a55e3197cd0d4756d0c489e431927

    SHA512

    d6823b7da7a49a48603099264fdb5347dee51db8ab7a7615191f179fdf9e66f800437eecad316e4d107b5aede406d7c81c32fcfb47f3685722583711088f2fe8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e6176c3b60fb64a1372cf935d887bc65

    SHA1

    20875d6990772f9104d55d8f2dc4cba04402657f

    SHA256

    754eef2ae6b46713fd40bebe1d77b95498c55b6137ed20190ecf91e0f5c3b27b

    SHA512

    529f6837fa8a9e11132bf16c4d94fbd3453b54634382efb275e38d9a6d3e68323284da664e8ba99669d370ecb9006537b0b6bee8906ac916322c8633c4c1f34d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7ff8592416bfb7f2cc8861e8bf7f1129

    SHA1

    ab88b998515de13d7a168251d84ce0227db51310

    SHA256

    408cb30de75a24f3f1d37a7cac83352868f0c6b4cecc0221ca1686b5bfb93d46

    SHA512

    e19fab0f6109c64fbced978cfe7dc4031f1778c607e536a54919b9b1c57e27167f5137a40a907e1013e14e11c58b5e2d4f55463d7f322ea2c03b6cb639087a25

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8599ad3a206a1379d8fe363c5bd97835

    SHA1

    0c07fb0dd32e4ef483890e80d5ce52cadb02b767

    SHA256

    eb6357cbc9985cc2c052ff95b625e06087924418c258e9abfb8fc57bd14518cc

    SHA512

    3ee048d347c085d6b8bb7f87ca76a0aaedc5de09ded0ae1e4d7e98a9dbb04d3c7d95b0d0b97525bb4e70034e58f0d017fe686948d55fa6ee5b2de716c74b6ea5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2cec949dad60db3d6cafaeb91a1161e8

    SHA1

    3c12cf390fe5a6f427a83d36fb95c690fff6d115

    SHA256

    148529b8796410879a6735f789fca856415519b8152bcdfec9b78d9bda8f65a8

    SHA512

    1b722394e40480107353bb21715a510d92c54cbc1ff17fb0063cea3f7de28f3e5eefda37533fb09b9d81b0f7b3d51903311881ff6d4cde404139f27895edbeed

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e79dbe17084b42054bde83c9b06fb324

    SHA1

    c23fab5b7cd60270794458fc51bf2cafb5dc09cf

    SHA256

    6ccd777e73f2b4929fbeb689834f8f471769d397e975aa62c08a5ad94f68fe5d

    SHA512

    a04e4423567a1697b4c282ecdc82065d7c5c22fd34d90098c860aea7146bf325ce35a0c67dd8bb4501fa3c1de9adfcd63959371c61cf6bec3191cc3d499864a8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fd76ee836f14d242de37e49b5295e064

    SHA1

    b9d2de915976540a2cb42f2cef2165840121db03

    SHA256

    e2382e13a254aa17d1f48566caf6e89d33c08888b91c6c5b833123d3ca408b66

    SHA512

    83b702efec60eb01d4cc67439e2e701c81475c3c53d68ae8519fd7a0e2def537e91563f670b76c7eaaff0957ce73d84b398f7e9e09d5ea617665ff23a209e167

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8326.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8476.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit