Overview

overview

8

Static

static

3

Paranoid c...ON.exe

windows7-x64

7

Paranoid c...ON.exe

windows10-2004-x64

8

Paranoid c...er.exe

windows7-x64

7

Paranoid c...er.exe

windows10-2004-x64

7

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

LICENSES.c...m.html

windows7-x64

1

LICENSES.c...m.html

windows10-2004-x64

1

Paranoid Checker.exe

windows7-x64

7

Paranoid Checker.exe

windows10-2004-x64

7

d3dcompiler_47.dll

windows10-2004-x64

1

ffmpeg.dll

windows7-x64

1

ffmpeg.dll

windows10-2004-x64

1

libEGL.dll

windows7-x64

1

libEGL.dll

windows10-2004-x64

1

libGLESv2.dll

windows7-x64

1

libGLESv2.dll

windows10-2004-x64

1

resources/elevate.exe

windows7-x64

1

resources/elevate.exe

windows10-2004-x64

1

swiftshade...GL.dll

windows7-x64

1

swiftshade...GL.dll

windows10-2004-x64

1

swiftshade...v2.dll

windows7-x64

1

swiftshade...v2.dll

windows10-2004-x64

1

$PLUGINSDI...7z.dll

windows7-x64

3

$PLUGINSDI...7z.dll

windows10-2004-x64

3

Paranoid c...47.dll

windows10-2004-x64

1

Paranoid c...me.dll

windows7-x64

7

Paranoid c...me.dll

windows10-2004-x64

7

Paranoid c...me.exe

windows7-x64

7

Paranoid c...me.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    163s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    22/04/2024, 20:07

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    LICENSES.chromium.html

  • Size

    5.1MB

  • MD5

    6b84319ee8a0a0af690273d3d2dcbaf4

  • SHA1

    857ca353e0582d100dcbc6cb6761bb4430d0cb90

  • SHA256

    fc2a256467fb4d4ff72be6c423e5961e98b418554deeec296aded0e757b9a585

  • SHA512

    26f9842bfdb429ef132cc1a930da9187071a339927eda402e8d54b5eb9e03067612cdadc3a2dad3d0977f8e6af18c05eab6ac91720221c6a0104f96638f85a8a

  • SSDEEP

    24576:yd97B+mnLiLsrDy2VrErjKCqzkU98wwg3QeXuh:0P+mLAqHBCuRoeS

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2076
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2076 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2888

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          521f39302c3f4b4a90a01201336e9f92

          SHA1

          47979f41677719703711057e2b3d6f108d1d2faa

          SHA256

          156749c20dfa9450b915ddcd0d8746a261fafad35cba08561b125934f1923e4f

          SHA512

          707ecac9f3ef786f3774c160a1d1950e57bf8ba00109bf95c7c52547ec9a0a7e05eca7358450a936a8e13058102749a940ab2b8aa5df6d55590609adae13074d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          b6e99b2bd6c62c48fe1826833d02c388

          SHA1

          06bdd4ef99846a73af1545af7bfe215e8f71e825

          SHA256

          d4367ec4051ca4525ed4b4c9750b325d727916d9f7ce23c8827a5da1b3710248

          SHA512

          bf3c9950e1a38a839b1a98691ba8df631233b421d6d1c4166eabcf5bca86de01d82ef4b2f34f2bb1d07654f6caca41b703eca9548022baad4ca46b33d46e769d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          96b1040833d403d5e25aa3eb3c8cad92

          SHA1

          0b825981d23765e81147f81f2f3403493c8eb9a0

          SHA256

          cb21f7b2748cdd281c7312992c36e2aa7554757b82a926e510d4e54ef5caafbd

          SHA512

          264e4831419941dca6a4cd094afeef3c0cad1b86dd0d6f51f34584f2eaedceb8121e9d5ec73fc6f21e9524662b4d38f7ced43c85c3e7c396301ee719b8e7211a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          8d9a1d7d258f2a0a6d9b2616e937f82f

          SHA1

          1a7b430ed16a4600e6513ffc828fa4cc785a2568

          SHA256

          d75cb6988beb16575793f328a41d19f13269e5d37848af51ffc9e8cbdc3e156a

          SHA512

          53aec325c2fa4603a0a4a11f28e845cd7a3d9a8bb69d4fcf6499daa9a22b15289eddb74760c1affc948da1ab974716fe77fcb74562a01c2827c3652c0a85cd79

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          510df4ffe0c14f68a3668d9a7d6ea613

          SHA1

          f9f66218addaa52b9ed7a688f9a572b54b3b9131

          SHA256

          236aea615823ce87305716601738617cfaa46c9223ba5c99df0dd6421e39b347

          SHA512

          72e68e1fe8df5d1e483f1e6997be950125af0f4cfec48831cf64c0b42b8f76cb3bb8508704d7e2936e6198379a5e112cdb5b06e4b8d527031e0ba2034963023e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          05f75d27dba7961bebab844426290821

          SHA1

          8f27f79251276ebf9a6bcd206132cacf7b118832

          SHA256

          3439c5b889b51078d0f839d3e199a6898aaedf13bdd8c2c77b62a8efcd87530c

          SHA512

          4418778a6148e0a160c34da108b832ccccca2b00103c3bf11d6c71932c396f4a3ca5bb937ebeb728a8a056edfdf9bc5004f9a056265b79921827a70c4f102eb7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          a95e3eeefba9c77073f8e3a82d6d9b08

          SHA1

          6bc283ea0e4ee4200bd58138319b29fcee0f1c4e

          SHA256

          f668310abc4ebe1037d716526a86add7d355b5c87b2212f31e059fb08c98a946

          SHA512

          d271ecea5eb449319362374b7f3dfaf4bdb8879511b3e85cf185dc814417bd378a0af4cbdd121e269205b170c6044e2e8859b4fc48972d826a6ad677c4fd1820

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          0ed07e97c9873c8b0bce1b973e81f636

          SHA1

          ba259981cee1bb29d6f3c819cd08b29754656c0f

          SHA256

          f0f5addf14f451b06af83065f31faa438ccc852929f4c2d3f4131598f50a4287

          SHA512

          999e81a937d921096d6e8fe96c499cac03f6f83666a6be86fe2d48e8d6c9645051564b926a5f88686021c993fcf03c39ec7bfc3b35e965d01a3158ef67e2aa9a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          c95a346629bc471443b89a1c2efda04a

          SHA1

          533567d98d7eef26db722103deac3201ccd8eab2

          SHA256

          8f61721e38111458844d0c8fdc6044e9a94da7ea21555a32512c16511861e101

          SHA512

          a9d7778d4969b6b959bdfb2390cc2199458786bdaac40a71e6d9bb64af1bfa43ef470bd6dc0b8875ea6d531e039f426bbecb3c9910ba3d2d6df7703e506624a0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          61e28436e957f7d4c852f90148812dd7

          SHA1

          45f411e40228c99913047cec949a090aa2fd20af

          SHA256

          12f0653b50cffb60ef1a578bc631fc0dd9f3f2a25742a0edefe734706d90c165

          SHA512

          7e35b651a994920740a36c088a218f3d89fef3b9e5e9367b781c0d904548b8553530dc1f4d14f69237f6341fef0e8345624bf34de2100a3dd5a531bd0c9bf621

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          456bb3605a6654db7fc515e043fc29e4

          SHA1

          8a3271408a7263494407c3c3180b5c654961fd14

          SHA256

          5b7dc0e0a054876dc768387705467209201b510118c3af624885007a6c1e76e4

          SHA512

          fd8080dec79a113cf9c42564d5dba3eb4678361ab3c4b16b3cf69b4bcd47656962567a5fb722740223b29d5c1e4b8086cfa7bc6b11289056b917e8ec02ea5fd8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          fe9ef64da6e9c90d2bd8bc6546040a4d

          SHA1

          1b2359e4fb70b8bff8c98923c22370f8d9e22cbd

          SHA256

          5ec0d5d8b92301f0db8490c3ea71bf172d95d9ed74d6c95281d46bd38af14ecb

          SHA512

          a246bce3f7f8943687c2429561fae73eb579084703689600485671a16c347858935acaace5ae746df793d4c910a4b72ceca706118b7056b2182983a93a748648

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          f955b9ecbeebbcc92b78d106d331b809

          SHA1

          477d30b1e1633070f7082661d1935f4443748c66

          SHA256

          baa4e3090104f0191b9b329c60e9fe6758fed7d6ecb0050887ca2ed3cc9acfe6

          SHA512

          d078f809ef7a41a6ead86a6e590de1a46b2f3a83d2508d9bf0f65937491e3c901ac6df5e4a7dc366cf921a963a7fd15db95ab9d30cb3b68d944e108816fd19b0

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabE7B1.tmp
          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabE91C.tmp
          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarE950.tmp
          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

          Download Submit