Overview
overview
7Static
static
7K-MeleonCC...al.dll
windows7-x64
1K-MeleonCC...al.dll
windows10-2004-x64
1K-MeleonCC...lt.exe
windows7-x64
7K-MeleonCC...lt.exe
windows10-2004-x64
7$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...fo.dll
windows7-x64
3$PLUGINSDI...fo.dll
windows10-2004-x64
3K-MeleonCC...icy.js
windows7-x64
1K-MeleonCC...icy.js
windows10-2004-x64
1K-MeleonCC...efs.js
windows7-x64
1K-MeleonCC...efs.js
windows10-2004-x64
1K-MeleonCC...col.js
windows7-x64
1K-MeleonCC...col.js
windows10-2004-x64
1K-MeleonCC...ils.js
windows7-x64
1K-MeleonCC...ils.js
windows10-2004-x64
1K-MeleonCC...g.html
windows7-x64
1K-MeleonCC...g.html
windows10-2004-x64
1K-MeleonCC...b.html
windows7-x64
1K-MeleonCC...b.html
windows10-2004-x64
1K-MeleonCC...s.html
windows7-x64
1K-MeleonCC...s.html
windows10-2004-x64
1K-MeleonCC...ty.dll
windows7-x64
1K-MeleonCC...ty.dll
windows10-2004-x64
1K-MeleonCC...ps.dll
windows7-x64
1K-MeleonCC...ps.dll
windows10-2004-x64
1K-MeleonCC...ll.dll
windows7-x64
1K-MeleonCC...ll.dll
windows10-2004-x64
1K-MeleonCC...ig.dll
windows7-x64
1K-MeleonCC...ig.dll
windows10-2004-x64
1Analysis
-
max time kernel
148s -
max time network
156s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system -
submitted
19-04-2024 20:42
Behavioral task
behavioral1
Sample
K-MeleonCCFME0.089/AccessibleMarshal.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
K-MeleonCCFME0.089/AccessibleMarshal.dll
Resource
win10v2004-20240412-en
Behavioral task
behavioral3
Sample
K-MeleonCCFME0.089/SetDefault.exe
Resource
win7-20240215-en
Behavioral task
behavioral4
Sample
K-MeleonCCFME0.089/SetDefault.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20231129-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240412-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/UserInfo.dll
Resource
win7-20240215-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/UserInfo.dll
Resource
win10v2004-20240412-en
Behavioral task
behavioral11
Sample
K-MeleonCCFME0.089/chrome/adblockplus/policy.js
Resource
win7-20240221-en
Behavioral task
behavioral12
Sample
K-MeleonCCFME0.089/chrome/adblockplus/policy.js
Resource
win10v2004-20240412-en
Behavioral task
behavioral13
Sample
K-MeleonCCFME0.089/chrome/adblockplus/prefs.js
Resource
win7-20240221-en
Behavioral task
behavioral14
Sample
K-MeleonCCFME0.089/chrome/adblockplus/prefs.js
Resource
win10v2004-20240226-en
Behavioral task
behavioral15
Sample
K-MeleonCCFME0.089/chrome/adblockplus/protocol.js
Resource
win7-20231129-en
Behavioral task
behavioral16
Sample
K-MeleonCCFME0.089/chrome/adblockplus/protocol.js
Resource
win10v2004-20240412-en
Behavioral task
behavioral17
Sample
K-MeleonCCFME0.089/chrome/adblockplus/utils.js
Resource
win7-20240220-en
Behavioral task
behavioral18
Sample
K-MeleonCCFME0.089/chrome/adblockplus/utils.js
Resource
win10v2004-20240412-en
Behavioral task
behavioral19
Sample
K-MeleonCCFME0.089/chrome/buildconfig.html
Resource
win7-20240221-en
Behavioral task
behavioral20
Sample
K-MeleonCCFME0.089/chrome/buildconfig.html
Resource
win10v2004-20240412-en
Behavioral task
behavioral21
Sample
K-MeleonCCFME0.089/chrome/ietab.html
Resource
win7-20240221-en
Behavioral task
behavioral22
Sample
K-MeleonCCFME0.089/chrome/ietab.html
Resource
win10v2004-20240412-en
Behavioral task
behavioral23
Sample
K-MeleonCCFME0.089/chrome/plugins.html
Resource
win7-20240221-en
Behavioral task
behavioral24
Sample
K-MeleonCCFME0.089/chrome/plugins.html
Resource
win10v2004-20240412-en
Behavioral task
behavioral25
Sample
K-MeleonCCFME0.089/components/accessibility.dll
Resource
win7-20231129-en
Behavioral task
behavioral26
Sample
K-MeleonCCFME0.089/components/accessibility.dll
Resource
win10v2004-20240412-en
Behavioral task
behavioral27
Sample
K-MeleonCCFME0.089/components/appcomps.dll
Resource
win7-20240221-en
Behavioral task
behavioral28
Sample
K-MeleonCCFME0.089/components/appcomps.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral29
Sample
K-MeleonCCFME0.089/components/appshell.dll
Resource
win7-20240221-en
Behavioral task
behavioral30
Sample
K-MeleonCCFME0.089/components/appshell.dll
Resource
win10v2004-20240412-en
Behavioral task
behavioral31
Sample
K-MeleonCCFME0.089/components/autoconfig.dll
Resource
win7-20240221-en
Behavioral task
behavioral32
Sample
K-MeleonCCFME0.089/components/autoconfig.dll
Resource
win10v2004-20240412-en
General
-
Target
K-MeleonCCFME0.089/SetDefault.exe
-
Size
76KB
-
MD5
2270dceed17d8fa7d7c2387fddb83c0b
-
SHA1
b17fc36cb8d7463536286f95fe56fcc11d6f9a67
-
SHA256
157067b5287f73be460d7d0163b4479668af7303240cf30d23b7b41f1d8d07ad
-
SHA512
773975a39f5c8c9814031d0ee4f040cf599d8faa8a9daff0b3ada12ea965b83ace0363aca4477036ee72602d486a29e381fe4cbc98a755e0eb29fd4782ce2b30
-
SSDEEP
1536:dXwjCzX139sZDM4y0DhmJq2Bc2oRb6FYPFhuinFJcW4A/BX:BYU94fDhmJJLoR6FYWo4GBX
Malware Config
Signatures
-
Loads dropped DLL 3 IoCs
Processes:
SetDefault.exepid process 3980 SetDefault.exe 3980 SetDefault.exe 3980 SetDefault.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
Processes
Network
MITRE ATT&CK Matrix ATT&CK v13
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Local\Temp\nsp5FD4.tmp\InstallOptions.dllFilesize
14KB
MD53809b1424d53ccb427c88cabab8b5f94
SHA1bc74d911216f32a9ca05c0d9b61a2aecfc0d1c0e
SHA256426efd56da4014f12ec8ee2e268f86b848bbca776333d55482cb3eb71c744088
SHA512626a1c5edd86a71579e42bac8df479184515e6796fa21cb4fad6731bb775641d25f8eb8e86b939b9db9099453e85c572c9ea7897339a3879a1b672bc9226fcee
-
C:\Users\Admin\AppData\Local\Temp\nsp5FD4.tmp\UserInfo.dllFilesize
4KB
MD53691c07a4c5f9e12b96a61bd4b28002c
SHA1831ea22da1971be4f33e86e96bcf66fa051739f0
SHA2569d0b769ccf9eb460304302e2ce1958001089718baa58d9cf71f4ec3fce8f4922
SHA512435de907053d68c970654992f1b4c8bbf651e722c1c206601fdfea7001bf15fb465d97127d90fbc73fa58a99e4e511fff2c85cb866d0216e80c518cf175eb5a6
-
C:\Users\Admin\AppData\Local\Temp\nsp5FD4.tmp\ioSpecial.iniFilesize
816B
MD50f90ee236ee8e582daba412eec2e16d4
SHA1d46f058062b6789fe5e3911589b03e9bb8f49599
SHA25630e8648c30607ae9b28ae128726bfd3ab8282737b387b67b159ff49f13666808
SHA51297805568140669624ea4149da72053dc3697bdd9894648937d20df2b398d99ac2f9adc5fe0ea509e17d7dd0fdd21ff6fd90b2b0aec71ee576057acd22006c4e7
-
C:\Users\Admin\AppData\Local\Temp\nsp5FD4.tmp\ioSpecial.iniFilesize
842B
MD55d0af87eddd66e4e206ab132b0169c0d
SHA16f763cfc8f6c23619bbe70e6bf1c5ec240e7c354
SHA2567226f4485695fdc0bbf891bd63b4dd57becaa9e5bae5e5d72f900f60ae8435c7
SHA5126706ede0ec4c1dea19426c685efebe089687b532fb9a92fe20be64eb2b5b8036585f7469ca71e498ac27b44388d14cc332f11988643f544334772d2235caf862
-
C:\Users\Admin\AppData\Local\Temp\nsp5FD4.tmp\ioSpecial.iniFilesize
855B
MD5624a646aa8571cbaca153f9760d009a8
SHA1c624bf8537fd48a76c4a20f484ff9089fd4e13d4
SHA256f6dd2bf2e72bc9d53b91725335af40d35861ec6d668b46f41e7f50084a68fc08
SHA512f3194b293b45f04cc7e3e58f3a6d41f1d2baa58bd098a847d31dcf5a3fdbd79b85c2617694e0cf6aa7c3a537a13003e7e1191d6ba863f1d212095d4bcb339b70