Overview
overview
7Static
static
7K-MeleonCC...al.dll
windows7-x64
1K-MeleonCC...al.dll
windows10-2004-x64
1K-MeleonCC...lt.exe
windows7-x64
7K-MeleonCC...lt.exe
windows10-2004-x64
7$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...fo.dll
windows7-x64
3$PLUGINSDI...fo.dll
windows10-2004-x64
3K-MeleonCC...icy.js
windows7-x64
1K-MeleonCC...icy.js
windows10-2004-x64
1K-MeleonCC...efs.js
windows7-x64
1K-MeleonCC...efs.js
windows10-2004-x64
1K-MeleonCC...col.js
windows7-x64
1K-MeleonCC...col.js
windows10-2004-x64
1K-MeleonCC...ils.js
windows7-x64
1K-MeleonCC...ils.js
windows10-2004-x64
1K-MeleonCC...g.html
windows7-x64
1K-MeleonCC...g.html
windows10-2004-x64
1K-MeleonCC...b.html
windows7-x64
1K-MeleonCC...b.html
windows10-2004-x64
1K-MeleonCC...s.html
windows7-x64
1K-MeleonCC...s.html
windows10-2004-x64
1K-MeleonCC...ty.dll
windows7-x64
1K-MeleonCC...ty.dll
windows10-2004-x64
1K-MeleonCC...ps.dll
windows7-x64
1K-MeleonCC...ps.dll
windows10-2004-x64
1K-MeleonCC...ll.dll
windows7-x64
1K-MeleonCC...ll.dll
windows10-2004-x64
1K-MeleonCC...ig.dll
windows7-x64
1K-MeleonCC...ig.dll
windows10-2004-x64
1Analysis
-
max time kernel
119s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240215-en -
resource tags
arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system -
submitted
19-04-2024 20:42
Behavioral task
behavioral1
Sample
K-MeleonCCFME0.089/AccessibleMarshal.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
K-MeleonCCFME0.089/AccessibleMarshal.dll
Resource
win10v2004-20240412-en
Behavioral task
behavioral3
Sample
K-MeleonCCFME0.089/SetDefault.exe
Resource
win7-20240215-en
Behavioral task
behavioral4
Sample
K-MeleonCCFME0.089/SetDefault.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20231129-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240412-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/UserInfo.dll
Resource
win7-20240215-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/UserInfo.dll
Resource
win10v2004-20240412-en
Behavioral task
behavioral11
Sample
K-MeleonCCFME0.089/chrome/adblockplus/policy.js
Resource
win7-20240221-en
Behavioral task
behavioral12
Sample
K-MeleonCCFME0.089/chrome/adblockplus/policy.js
Resource
win10v2004-20240412-en
Behavioral task
behavioral13
Sample
K-MeleonCCFME0.089/chrome/adblockplus/prefs.js
Resource
win7-20240221-en
Behavioral task
behavioral14
Sample
K-MeleonCCFME0.089/chrome/adblockplus/prefs.js
Resource
win10v2004-20240226-en
Behavioral task
behavioral15
Sample
K-MeleonCCFME0.089/chrome/adblockplus/protocol.js
Resource
win7-20231129-en
Behavioral task
behavioral16
Sample
K-MeleonCCFME0.089/chrome/adblockplus/protocol.js
Resource
win10v2004-20240412-en
Behavioral task
behavioral17
Sample
K-MeleonCCFME0.089/chrome/adblockplus/utils.js
Resource
win7-20240220-en
Behavioral task
behavioral18
Sample
K-MeleonCCFME0.089/chrome/adblockplus/utils.js
Resource
win10v2004-20240412-en
Behavioral task
behavioral19
Sample
K-MeleonCCFME0.089/chrome/buildconfig.html
Resource
win7-20240221-en
Behavioral task
behavioral20
Sample
K-MeleonCCFME0.089/chrome/buildconfig.html
Resource
win10v2004-20240412-en
Behavioral task
behavioral21
Sample
K-MeleonCCFME0.089/chrome/ietab.html
Resource
win7-20240221-en
Behavioral task
behavioral22
Sample
K-MeleonCCFME0.089/chrome/ietab.html
Resource
win10v2004-20240412-en
Behavioral task
behavioral23
Sample
K-MeleonCCFME0.089/chrome/plugins.html
Resource
win7-20240221-en
Behavioral task
behavioral24
Sample
K-MeleonCCFME0.089/chrome/plugins.html
Resource
win10v2004-20240412-en
Behavioral task
behavioral25
Sample
K-MeleonCCFME0.089/components/accessibility.dll
Resource
win7-20231129-en
Behavioral task
behavioral26
Sample
K-MeleonCCFME0.089/components/accessibility.dll
Resource
win10v2004-20240412-en
Behavioral task
behavioral27
Sample
K-MeleonCCFME0.089/components/appcomps.dll
Resource
win7-20240221-en
Behavioral task
behavioral28
Sample
K-MeleonCCFME0.089/components/appcomps.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral29
Sample
K-MeleonCCFME0.089/components/appshell.dll
Resource
win7-20240221-en
Behavioral task
behavioral30
Sample
K-MeleonCCFME0.089/components/appshell.dll
Resource
win10v2004-20240412-en
Behavioral task
behavioral31
Sample
K-MeleonCCFME0.089/components/autoconfig.dll
Resource
win7-20240221-en
Behavioral task
behavioral32
Sample
K-MeleonCCFME0.089/components/autoconfig.dll
Resource
win10v2004-20240412-en
General
-
Target
K-MeleonCCFME0.089/SetDefault.exe
-
Size
76KB
-
MD5
2270dceed17d8fa7d7c2387fddb83c0b
-
SHA1
b17fc36cb8d7463536286f95fe56fcc11d6f9a67
-
SHA256
157067b5287f73be460d7d0163b4479668af7303240cf30d23b7b41f1d8d07ad
-
SHA512
773975a39f5c8c9814031d0ee4f040cf599d8faa8a9daff0b3ada12ea965b83ace0363aca4477036ee72602d486a29e381fe4cbc98a755e0eb29fd4782ce2b30
-
SSDEEP
1536:dXwjCzX139sZDM4y0DhmJq2Bc2oRb6FYPFhuinFJcW4A/BX:BYU94fDhmJJLoR6FYWo4GBX
Malware Config
Signatures
-
Loads dropped DLL 3 IoCs
Processes:
SetDefault.exepid process 2012 SetDefault.exe 2012 SetDefault.exe 2012 SetDefault.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
SetDefault.exepid process 2012 SetDefault.exe
Processes
Network
MITRE ATT&CK Matrix ATT&CK v13
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Local\Temp\nsdFCA.tmp\ioSpecial.iniFilesize
815B
MD5bb94fd5fb674ca154addcdd877911387
SHA1ec7028b364112eb673310ca30fcf964ba847b7c9
SHA256272c9c222f3287e1f7c0ae07aa819e8bc39c8e05dba3211a04cb46064f37f1ba
SHA5122ce6a480db02bce2e33400ba4e51fb2249616c9e7b0c0611aa0816877c4ece47d367fea3b675418a6b57ffa2835db00f57031bd158847b7df53a21941259f9eb
-
C:\Users\Admin\AppData\Local\Temp\nsdFCA.tmp\ioSpecial.iniFilesize
828B
MD5b6c6c6a6deb3d15e77276b00e961ba2b
SHA1f80f1ced6a893bed61c104ac52ff79b264fd9fc9
SHA256ae7cdd3f8f0ac85d87fbfa9c5020ab8cac9d852b01b867fb2e146bf079feb1f3
SHA51257ab3458fac124d11c820f0ba4ab7704abc192941921f78ed5fc7f0853f030bd47e2955c33cfecbcd0b2949e61671e80fa78f757270c11705a8cf2ff5ae92de4
-
\Users\Admin\AppData\Local\Temp\nsdFCA.tmp\InstallOptions.dllFilesize
14KB
MD53809b1424d53ccb427c88cabab8b5f94
SHA1bc74d911216f32a9ca05c0d9b61a2aecfc0d1c0e
SHA256426efd56da4014f12ec8ee2e268f86b848bbca776333d55482cb3eb71c744088
SHA512626a1c5edd86a71579e42bac8df479184515e6796fa21cb4fad6731bb775641d25f8eb8e86b939b9db9099453e85c572c9ea7897339a3879a1b672bc9226fcee
-
\Users\Admin\AppData\Local\Temp\nsdFCA.tmp\UserInfo.dllFilesize
4KB
MD53691c07a4c5f9e12b96a61bd4b28002c
SHA1831ea22da1971be4f33e86e96bcf66fa051739f0
SHA2569d0b769ccf9eb460304302e2ce1958001089718baa58d9cf71f4ec3fce8f4922
SHA512435de907053d68c970654992f1b4c8bbf651e722c1c206601fdfea7001bf15fb465d97127d90fbc73fa58a99e4e511fff2c85cb866d0216e80c518cf175eb5a6