Overview

overview

4

Static

static

4

DONTCLICK-...LC.pdf

windows7-x64

1

DONTCLICK-...LC.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    55s
  • max time network
    62s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    25-04-2024 22:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    DONTCLICK-USOCEANLLC.pdf

  • Size

    141KB

  • MD5

    11d4821af3a6b4b854a25489abbc12e7

  • SHA1

    7ac3a935d41da847dbc28b39f8b7f89c6aa14de1

  • SHA256

    2635f556e7edc200b3c1af5494127adfb66887368388be5cd838f7553faa7ca4

  • SHA512

    e6ad868de320d4b77a9a954e3303ee3f36fcf0513933c050d51cc20e0fe922a538d0dd08544f22d5b2b9a9ae33af93c6a134c5ce1268ee0102f4a74c0b29ef50

  • SSDEEP

    3072:vmUyNNVOqL3Fc6jc3NQuTa3zKipRC4qLsIVjK:zyD3LyOzzKWhMY

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 10 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\DONTCLICK-USOCEANLLC.pdf"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1624
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" https://ictemplloyeeee1876456.weeblysite.com/
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2408
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2408 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2848

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1199e0a3af705261d695c601689fcd70

    SHA1

    7404c640e618f206b685e0d8db018382603508f9

    SHA256

    ebba98c02683240e6f15c8d8be97673a2e6b712cb96cc06029fa9cb65c8b441a

    SHA512

    5868066db47a9d067723aa39c1f6af2e957dc802998e0d416a79c4e4306f186317c300208450b6bd45bd368350189e20ec0e92601166831878bb89236272c1c8

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e27f39099d5a2cfbfdc66e02f9fd3686

    SHA1

    a4b493482d8990a9455c1c948a2ee0783b9a29e0

    SHA256

    44ba249c09f0bdeb28215cb96bf17406a23ca64ec61c88e753628f10bf088f16

    SHA512

    17ffdfcde0a40aeb2aef4617c8cb9c546513d3c199873c633f678eff66dbe06559784eae14376a4ca02f651a34fcee01434ea512b5019536d46f213ca593a89a

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cbeb5173d74b2e727784255c50d8e659

    SHA1

    15421ab8e72e62ff2ee1b2daf339bbb75b110bac

    SHA256

    226c9eef20d59e59180a58002051b8a49f4037dd93f52d2e95dcdcdfe4bce834

    SHA512

    fa44faa9159fe624171ea3fe97933a19d1753eee57afbc07dc0e0ae7ad1782efa558a84b471cd70a9da2d2e3bd832034e1068eb33a2e004c1e0606d6c43d1395

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    405f7a0543d9237c6532b8c6472ac216

    SHA1

    a0dcc8da895c80050045cb7ece8a1b295c46718f

    SHA256

    9a6dda0e07815656a6afe18a3774c73b46929eb506157bc83f088b6515654359

    SHA512

    5ea52773f0d1ec5430016c3cb1a6f6a6b19bfc2df67329f3f8b872dffb0160a81dd9f353b5b173ebb89ff65f934fd8f2feff40d7d871295a08fb7e75980432c5

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7a8bf0917f518f2b1331bfb0e7763cfe

    SHA1

    e527b57a6d6e61516a3d0daf3e64a779b3272a9e

    SHA256

    7796cef7f20bf9341000061a4fcc797f2a20e5c335954d52a2a902b6e9ca97db

    SHA512

    9aa661628e896368c885f98fa8be004ed8726422b911268521fd0e92c59dc58e764428523c8a96122c4e8fe5dba0237cd5db27953b1459de9d474906c35f6b9f

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d8271449e1a7cc9cd2d691dbe51f1725

    SHA1

    c78fdf0cd00007ae3083ac9fefbb861ff8937992

    SHA256

    1cd687c9aced40d774d5dc30edc9feaec5863523ffcea4cf887b7402cffd0318

    SHA512

    6276276fe7a1dfb904192365dd20b760c9e696f75d6ad8ab81312da9a78f70e70f82fd18ddbb55ff2dd4717bb5ba30bbe5c5ad8e0c3ad0d0c6efad749e81db3d

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6ffdb51b1733a216b89fba466b057db3

    SHA1

    af789efc4e853752ebde4e2f978aef148935452b

    SHA256

    1a46f10ff4e9564614484d0b4f49cb138ad17532a6bd58b578622019fcaec9f2

    SHA512

    b2676067f8c8a1516edde3f3ef82fe59017bcd55934b1410c9d51e3706d67c9901934fc8b3b79b17c56defe69ca784d03c021a0eff02fd6e374c410c08cb955e

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    07d4f1d62100e793153078233ba64ce0

    SHA1

    33dd9cde4176b7a47c09b9c3840d2458ba842213

    SHA256

    7627706e3c80c2687e8c5500a8da75260b189e44ea84b5e51add5817f5dd402e

    SHA512

    967ac77ef825aa353a3a51c06a54f903a61709481dedcac0b03c0c4a49a3a0abc648733dbae541b0cfcad9b4e2f05d9cfdb70de4f1b8f951ad1f52a64b313394

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c548a6fdc63dd2897c42197d3489cce1

    SHA1

    00193ff7e597a6fc9db8f423547de0bd4a890ea1

    SHA256

    800f52a4e7c622ea7e36d896c58b200c81c905c74c3971e7d51b2376519e9dae

    SHA512

    e438a4cc4937a4eb6395f0f10bb4b86466df41e458c1c395fbe8694280bd596b65f1ddadfab6210e569d21c168c234d6c65369535eef1bf2cc6ea6bd47bc4d51

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2ce14664990abfdd2873da16ae21a301

    SHA1

    554fa215a792c08be39db9b7fcc33a97c574e13c

    SHA256

    bc1f250402e3b045d24e6f17f1aac4f32e1f008e323d2343944e4852c355fc2b

    SHA512

    a7c379ad6763256acd49d5c9a401b8261fefdab2505e4528b8b3f314f8e0871b07a390ad7f55f25b116ecc51fa76c41755a6f34b392979bd5b75d6faf8f19530

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1f61aab63a84e165973f62ca9d4cea9c

    SHA1

    973e21e21adbe847020cec42f943bc6f3daa4b6c

    SHA256

    39fc911df09e661544d21cb104165a7d3a1785e254eb3f30ad28de23da135774

    SHA512

    8fcc8f8bebb1df85ff26b3fe18c8dffd1709769d043d15a142f97d1415a495dc5da4f875aa4324a2ba8118ef33319280d27c614b444e2a9ffe4c34c6ab12da28

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    13b1e5e5342d1d4df1029fec75fdaebe

    SHA1

    469c0c11cefb62c6f7367b4ef66e588cf0e67386

    SHA256

    30f698b73bbe1ddc60f9886b99ffa46bbde81dc8c2b4a4dc5987e6dc99ad19a4

    SHA512

    4fe2c4c4ff7b9805d573a43c376ff799bc0e2b14d7730403e0bcebf983365ff9947d07afb5a0ef28087490a5428ba35fd81d6380ec408861f35df3f825245efb

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\CabCE59.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\CabCF74.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\TarCF98.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit
  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    4a7dfa3453729a26cdf309b59f4e679d

    SHA1

    58bfa732ba0b0d3244dbaaca855b526ed080ed36

    SHA256

    4dbec5ff4f2dd0c3725400dbc36d889283c9deb569504adbc2094ece74c336dc

    SHA512

    8d3dbe9e5a0f82d250de180a0e6c39e29d62778ee59d1b73c2de9da69b12d1b66b8e16fd2f19fec931d5954888ebb4e840670c6f2775af500be24a3c80253a93

    Download Submit