Overview

overview

7

Static

static

3

UnderWars.exe

windows7-x64

7

UnderWars.exe

windows10-2004-x64

7

$PLUGINSDI...er.dll

windows7-x64

1

$PLUGINSDI...er.dll

windows10-2004-x64

1

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ll.dll

windows7-x64

3

$PLUGINSDI...ll.dll

windows10-2004-x64

3

LICENSES.c...m.html

windows7-x64

1

LICENSES.c...m.html

windows10-2004-x64

1

UnderWars.exe

windows7-x64

1

UnderWars.exe

windows10-2004-x64

7

d3dcompiler_47.dll

windows10-2004-x64

3

ffmpeg.dll

windows7-x64

1

ffmpeg.dll

windows10-2004-x64

1

libEGL.dll

windows7-x64

1

libEGL.dll

windows10-2004-x64

1

libGLESv2.dll

windows7-x64

3

libGLESv2.dll

windows10-2004-x64

3

locales/af.ps1

windows7-x64

1

locales/af.ps1

windows10-2004-x64

1

locales/uk.ps1

windows7-x64

1

locales/uk.ps1

windows10-2004-x64

1

resources/elevate.exe

windows7-x64

1

resources/elevate.exe

windows10-2004-x64

1

vk_swiftshader.dll

windows7-x64

3

vk_swiftshader.dll

windows10-2004-x64

3

vulkan-1.dll

windows7-x64

3

vulkan-1.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

Analysis

  • max time kernel
    134s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    22/04/2024, 02:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    LICENSES.chromium.html

  • Size

    7.9MB

  • MD5

    312446edf757f7e92aad311f625cef2a

  • SHA1

    91102d30d5abcfa7b6ec732e3682fb9c77279ba3

  • SHA256

    c2656201ac86438d062673771e33e44d6d5e97670c3160e0de1cb0bd5fbbae9b

  • SHA512

    dce01f2448a49a0e6f08bbde6570f76a87dcc81179bb51d5e2642ad033ee81ae3996800363826a65485ab79085572bbace51409ae7102ed1a12df65018676333

  • SSDEEP

    24576:dbTy6TU675kfWScRQfJw91SmfJB6i6e6R626X8HHdE/pG6:tygpj

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2276
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2276 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2800

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    46e7e9e52eb4728b2b2bd3bb1cccd06b

    SHA1

    3a64d414b480ab344953bcd08535a96be3545169

    SHA256

    bf3c8171efa7f7f29d88492f77d640fa8faede96c4ca33fd4476e8920eff12a6

    SHA512

    4f77a379966d5929de7c7fa45329b94576a62e3167c135e65578ed33bb64c8dd6d494e4d2768b9ef260cd2ee93eeeb80903ec11831c0f3b96f494e515a350b54

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f1c120866181fa7de1c6ac39737018ca

    SHA1

    236f0b0d2da79814d0e3522d05a0a005461f0624

    SHA256

    6e71ff4e2b926d8594c4d93037509015b790211ae2e7558d653c8c34aede523a

    SHA512

    c9826e1e68f78a88ec8d4bd2c9db8e7ba1039e392428154f0ce1ec5e7724797ac64a3eda66a741f10c967e0f07bb7066610a9670c3734a28a51b3ecbd08847e0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2195d7acd817ea075d2d3c16dcb3005a

    SHA1

    59d50d9b7e96fe76f47a0d40485bd7c9ed78abd7

    SHA256

    e636fd5ee6ad3090da3648b8518c75b9ed7d62e46e9dd5b7d786a778b1358fad

    SHA512

    2ba44a9b2f74f0c1eb014fdcabbf957e4eb25bbf9e676008a186d2b055b23f73c5817c1f305af6fafadac354c4b7f3589253b845f6ca77d118a7365ed3e975b8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f5ed3b20715bb0069d740f20e9aeffd5

    SHA1

    6a9ce1cc7999d811562038335cc0f97d15d3d088

    SHA256

    97de1e5cb109414e7768bbbd3727fdcf245980e02a8c9e58ad6b11451218618c

    SHA512

    c47648e3463d58dac8d0cee599289daaea4b861c605cd80c973e660e1d6f05178c8a45408ee67ddc9429a77a89e90ffa249487c500ad00ebf5317377079254cd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6155a12c32d91ab402d6e0a106876930

    SHA1

    ca72518616ccf3e90b256a6a69da1e79349dbd0c

    SHA256

    99d3ae449c7e2ac6b8edb0316cef1c982fa4dfc11704957fbf4818fc0d9d1d28

    SHA512

    7c41579ccce3c9df227b4e7bc2377487a05ce1c533d1cadb8f2cdb3b274977a0c72978d68dfc8927fa41e9c972982ebdb99ae4014b2356f310958a7ac15d1bf8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7eac95c5b9fcc943629d791fe4f11f93

    SHA1

    c5923516efc8f2c6f52d45ac7c40da5c670e8129

    SHA256

    fda059a4cfdaf47561fb85fdfe1b7437e4007aea96ed2fa6263b78f00687eab0

    SHA512

    96a769dce558ca133334f966e70bc7599ba20236c264ecbb58495c03353e76a83e9adc9ed4bd1fdcd51fb7e32783d30dbce0a478fd46a54e872ea892ebf01aea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    03621be577183393bcade83baee23715

    SHA1

    87c4cd8d087e3be7152014f40f01d2e31bfe8067

    SHA256

    0fbdc7e803d238a9b6fd4379c97bce6045c088436a94c99261c61bb969c13644

    SHA512

    9aee21495f8eb08855523b4f89fa6f730ee2f7d98212c987b1005ec217b3c7225ba1d23ffaf248207fc8fbe593cf8e195b38dfb39a7af6b10cd4f315783d4cad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bf278694fee8bb46af6fd266e145a6b3

    SHA1

    7d5e67d07cf56855df5e36cda4e7cd2b3d99a4de

    SHA256

    55678d68921726e29f00ad07817bd60da0395fe46f163917fb8b5d4f97aecd22

    SHA512

    00efa5b5fb18ccd3e2689a7e719a8febc71f5167b00bc7caf7613f2b593ee57cb4d1c4e0e6d1a7250da3600bb7c5be12332dd513db7c80f2b22e471e6067010e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3e90c54b86a8f85e2f7eabc25da371af

    SHA1

    e37d4f3285bdb40ae59f164a616d96c8cd6b469d

    SHA256

    435903cf1af9fbbc9665954705ece86beda2b12d5ca51a262acb489f429e30a0

    SHA512

    2b22ad3bc7514be5210ef0bca7cc8827c1fcdd99eb431fbb549ae78db910b9add570a3f49aaf468702568c70e29f15c9205b9e3f29990b4b5c439018f261125c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bf91ed398d287f6c351c7a4fb4c2288b

    SHA1

    68e1a624f90629419fa711175251926b65fc623d

    SHA256

    55896efced60b0d8ed275015d9e74b95749c5567b81db6edd9b2b5428103221b

    SHA512

    f41c107daec0a62d1d8b5f79f3122314fc401cb701f70464a774b72a18927eeff3bf4c5acf277478f06e7dfd814604771accf0cba60bd8c382024170dca2a98c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7ac046c08df27e179e105239aa858e3e

    SHA1

    6c49e462325b68f8ff01e4c2c47e3f1ab08545c3

    SHA256

    629152e80d830caa660a82857e68990573f0e222b2e0255660e37aa6c7284a6f

    SHA512

    9bb74e47455b6bd0839e6bb5440739a787e7de89cc3da3d565d159864cbc91739c8b1665a392242c4ee6d653de3da85ccc6eedaa3792e2d27619b74c9f578abe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c5794c5298a0a2abb51f6cfe72fe617d

    SHA1

    1d515c1c9ecabfd1ee0bf03cfd77eb8a8176e7fe

    SHA256

    3230641fc5c4756c9f24df537aa6d519118bbc0a43dd6862d85d0072c9ef61c1

    SHA512

    357e968dad69c2570e8cf6e88a08cc380490afba1ba4e1451da80395181e20c1d082d97b68e093f47a8dcfc73fe2c8185fb5c86ae23711042a4cf5391dc984fb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a73b8a2f81f679e371fe687b8a470cc6

    SHA1

    2eeb8f93e4813d1802f905b3516b1eb03c4a991e

    SHA256

    ea5edb234373508abf44033951a5ea0da5b8f1bc389cbff9935debce25054f60

    SHA512

    36a6004172368decae76c6cb0741ccf29648cb4c45cba731e73efdca5dfb932508b09aadcf40587e3b6a8ac9fe952641cf79556fe8896b7830f20ac4b908f846

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7a73e17448aa2c08e1992159f6296856

    SHA1

    1cae99ad141b49e6e638998fe39d3357aa19bc51

    SHA256

    e507977abdbffade35f1ce74007afdbb4c4f22618503e89613261ec4545f9c38

    SHA512

    5fb79067f32bb405d18f2d423ce97d2462240407d1ba04fc0e87a30060070ac730a320eb64756b66df2c3d7343475bb5c46215325c418f7b3edaddb8068c4fb0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0b76168bf0cfd25eb62e619585de5440

    SHA1

    9abf2f097f930aa87ab948a6fbcd1f0f8520f652

    SHA256

    b259b1f6340176fa563630d6280382d4fcc96407a8a0788da7e08a138e06431a

    SHA512

    7b7766ec7380f724067a71a1178a738050201dc4e3d67721b68c7f87fa9b79a411bf9109f1343c3be8e64be0ef000c9e9f1e69eacf1f49e4b96ffb3cf8e65ba6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6d1cf5ddd5595de84a4a81af24e6d13d

    SHA1

    1935d47f1517e0f220158ccee14e585837046d8e

    SHA256

    8dec41fd7bb3edc390169e3b589dce36f282dacc81a199bff5d595f9c7bd8a47

    SHA512

    7f992926b959158e62c7121babc30a3ffba742be1d4020460fe8388ebd49ea2926e3b22a8b77c4a71e23bbf734af22fd76e66b84b09bd44276925366945c0449

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    93676bd590f9c4a650a5eccbee1185a6

    SHA1

    3a0cff65f7faa649a3d0b5412db8bfd6e3e9ea27

    SHA256

    e0500a4d60f37997d8fbba831a725564ce6f051b0afb4afb8b271b840991dc43

    SHA512

    16ec7cfb8dfdb530acdd0f6db4b5ca2b28410227c1a9821294d944d8dbcd5b1e312291d45efc647e2fb02997a4699987f2064beeb0dbd23305b095686fc98b58

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4789fb86257bae40339a1529f0c561b7

    SHA1

    b41afc02d9c0483317ac3d313bc57228e90b074d

    SHA256

    981a666b7f74ca7c95b136152f076dd5bf87c39ba86f192daf956b338840a0b7

    SHA512

    8a3df7540f66f4883d160e5b6b7edc616a41167d5d668706036b94ff7584727b76671df040f9d5802014b42f3a2ebf2c403f269905a5406be6829f1a97ab7543

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4695c95e79f4a4f1409757775ff8008f

    SHA1

    55651966cc7e2065945bf462fbd6bb54e5646726

    SHA256

    3ef52f98f5c3d1e99d27e24d9b537dce561c834377e4efe40a0345073b73e3c7

    SHA512

    bdd6dbb5e7d8fe1d5e38c0bafd3b7b6690614a8980b34810f89ac766b82494be7d27c423c9ab751dd2b9b95b3e8146673904862d3f668cb81870c6eed0af7313

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3D4F.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3E53.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit