Overview

overview

7

Static

static

3

app.exe

windows7-x64

7

app.exe

windows10-2004-x64

7

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

LICENSES.c...m.html

windows7-x64

1

LICENSES.c...m.html

windows10-2004-x64

1

app.exe

windows7-x64

7

app.exe

windows10-2004-x64

7

d3dcompiler_47.dll

windows10-2004-x64

1

ffmpeg.dll

windows7-x64

1

ffmpeg.dll

windows10-2004-x64

1

libEGL.dll

windows7-x64

1

libEGL.dll

windows10-2004-x64

1

libGLESv2.dll

windows7-x64

1

libGLESv2.dll

windows10-2004-x64

1

resources/elevate.exe

windows7-x64

1

resources/elevate.exe

windows10-2004-x64

1

swiftshade...GL.dll

windows7-x64

1

swiftshade...GL.dll

windows10-2004-x64

1

swiftshade...v2.dll

windows7-x64

1

swiftshade...v2.dll

windows10-2004-x64

1

vk_swiftshader.dll

windows7-x64

1

vk_swiftshader.dll

windows10-2004-x64

1

vulkan-1.dll

windows7-x64

1

vulkan-1.dll

windows10-2004-x64

1

$PLUGINSDI...7z.dll

windows7-x64

3

$PLUGINSDI...7z.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    147s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    25-04-2024 05:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    LICENSES.chromium.html

  • Size

    5.2MB

  • MD5

    df37c89638c65db9a4518b88e79350be

  • SHA1

    6b9ba9fba54fb3aa1b938de218f549078924ac50

  • SHA256

    dbd18fe7c6e72eeb81680fabef9b6c0262d1d2d1aa679b3b221d9d9ced509463

  • SHA512

    93dd6df08fc0bfaf3e6a690943c090aefe66c5e9995392bebd510c5b6260533b1522dc529b8328dfe862192e1357e9e98d1cdd95117c08c76be3ab565c6eea67

  • SSDEEP

    12288:/7etnqnVnMnBnunQ9RBvjYJEi400/Q599b769B9UOE6MwMGucMEbHDuX0YnpWQZb:sPM95FCWStQj6ERs/mfMl6H0skDpS

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2752
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2752 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2632

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a789182dfe4d25a97d3a7e1170572795

    SHA1

    172c2b1f59713cef125f200bd7caf0cfff721953

    SHA256

    ea2ffdc0f421390c9809580e134498bf35bc7a517ef13e0b30f3381bd3fd6546

    SHA512

    dddaf07d3fb8ca1b349ffaafec37cc1860618fa6a5f3f154cf970610ca733d4d4ab33888bfa4392245f47821f93ca40b5238833ac97c6f0e7b52876c0f649020

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    96fe43caa1d90fafe65a0f1f7b1e1975

    SHA1

    73e889845660708ca487380b3efd3fbdf89dd9a7

    SHA256

    323a81b6f18027a91f70d40cceb330e1b06398c297c3597cb096aacbf4171db5

    SHA512

    2c3ae5a7fbdce52cf755dd38e7a175a530f7e8d3ea0f92a6019d778a23cba6cab9306f8f610d28f66664fb8ddc693c3196bee199c8b93ef620d62202327dbaf6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    68a487e8b1617d08f8c41c694c7e0aa7

    SHA1

    6538088378d29452717bc08b07de9bc797da1c6d

    SHA256

    3518331d1885a981e7fb60eae91904980576f6f47bdb4f0107701ad8ac645663

    SHA512

    28278f25df539a73a8b9a1cbde334a95a7edeb539eec0fa859a26ded744e37e5e3c1001f32622e2b3188c4a539753c1ad105f3b24f2a0393fb588a2d5b6820bb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ec3892c15a2f5655edbcc56a6740ae99

    SHA1

    9fcdf27b674cd1a83610b4f3cd57b0d674cc444d

    SHA256

    caefa1d13a12af6fee44af22ed7731adf9a7e730a8444c0fdf976a72f8b9e398

    SHA512

    267f915e003e89d689bda00e47ce83125c770d473d968749bfe95dc3af0df7840c25c7b45d6aafaf6fe92549efa68535d1ef8079133c607afe1247e99bf85265

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8d66ff548333c21817a4a1b14fa741c7

    SHA1

    ddb24379454ac4beba163c21744bf205bf2e2c70

    SHA256

    d6b9a8231d190a94ac1d59e338b4445125038eec4dc0273e10f19b942bcdc95f

    SHA512

    416de57ca0cda9904221625766fd078d4885b19c303bf8f4e78e313dd27ce5170dd05c30da34591e02c063cb944616d4d985d2804697f8d7c1017314cdde16c7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    85a1ab194f520b0f1fbfb2e8b1fa860e

    SHA1

    0f84ce1a6a88f06b907ec424eb810aa151b6ba19

    SHA256

    c5a6fe2108acadd4897a8e46580bf97f521f41dab8135b8f3701a39be7fe55b5

    SHA512

    9a4d9198b25487889bd49ba93b112ee2a670971430af197d380839826d42766f170fb27cae67d24f0e3c033566d1685148c5ca5a207c5e6a8fae16de021b961e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f20a2f42358d63a32e7fb4beda50c4ff

    SHA1

    f8a8c403bdb6a8a610594d75901cd15d302a1a51

    SHA256

    908a06fac2dfb94adb43a6e5e54a3dd8d50da91ed582535515e2fa2984701ec1

    SHA512

    ce04ba370fa93b73a6e02403a463e6c72f0d1529483aa4db4bb2569d4ef505ddd38b6f3b586546443d98ba1b2882d3cbcd4f752a07130caae27185110103cbcc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    21ff8f6fc12ff9c2d09f16d48dc3bc60

    SHA1

    ce4d45c03dfe7663373b7cc32f5a69518b1100d7

    SHA256

    ef77c38c3d931de3f2954a90a7b20a6123332f10e3e6f36f57f02487215ea3c9

    SHA512

    73231123cc24e7704044685f956bbb8b5865e1a0678eba95b4398812fd87be5b60a6bd61397db6bba4910d65a203498a46c933c6a7d4a29d82f39fe20d76ad0d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3814bad4814d279646f397de9e6e767c

    SHA1

    4c06b523612ae18a9ac57fc7484644949f1f3c97

    SHA256

    97941562d9215afef844dc7ccd9d6316a21568384ec2715f305d9a9868c0a859

    SHA512

    13c5f0050ef2983436c75a3863975c6f7563872f51029220271c8623052af8f464c8e78cf8ac00019fc54706a06ba7cda3f4bb0b8d038841f58c9d95eba38b5f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a43f7d54989c956f178985bbefbeb3fa

    SHA1

    d63aa78a22c72a31e04f7c824468111f8c8a3e17

    SHA256

    9cd3aa597144e9b3026606e068eaeb99cbf35a54df227904c65409783a1e0c92

    SHA512

    021bd7b2e7776dbe3854a2fa6f2874eade37b0518ae78ace5a3d8f3bc9a1004c66fb22501c987d21133f77699bd76b574cea5af8d189a7478dcd4ff50375e16b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    122788829703979b25d8f4abcba2aa0b

    SHA1

    d403c89fc124a0bf7287dcce27d9ae5d9c154761

    SHA256

    1179a853d7ea18a4851f1b6d57e8e5183a3ea8fd2139e3c9b2d69abc1e77d3c5

    SHA512

    87867a575f856ab417a859a07b215a7ffffb38408a06502d3bc35c24736464c804ece394552fcdc0f25722f800976d19abde6d3afad4fc650984fad68e40bce0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    155e9251e259d34b5d66abb82f14926c

    SHA1

    bc4c06dece3e5b817547b8653b45497590cddfbf

    SHA256

    e6dc056e38c8d99954dcb1905b6494b2dacc4e42c2337d9ecf42384164202437

    SHA512

    2b914aa8fea610bbec4b1217d0cc7a95a016bfdbf06d129c02ba1a896f97be35b3c1f11c7c63579074a2b0cf8abfe87d4b7e45b3cee878f369ce0a6f831ea194

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0f402923f7b1851ba638f13f173416cf

    SHA1

    ce73ecf86af7ecec5f9cd744cbea3daf7d2998c3

    SHA256

    78d795a0f798a0472c854e34f8d790017351d116256338dbf030c63744dc0c38

    SHA512

    3db59104be58874b7b5a64591d6d928b9b89dc3c08cc9c0605b361dea4b6b17ecff2d3ccc585d161048d7e08262a1b5dbf0ff4830d717247a819bb8ce9de6e2f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9b153d8d9bba796655cb8ef41cca0ab7

    SHA1

    98586f5a21b28e3f34a55bdd2d60a75884ef28ab

    SHA256

    66f4a3d075a0c79fe6b2d9f22546f91c612b0da522ca440083136ad3e4da79cb

    SHA512

    99b1c7c3f27d6b3167f6a2c670720ab6e2b96a8fd159e093e970d4e1570bbf2e3797137a07beed5c6e335035d7c73a6d2a87cb3886619cd27566f96113913842

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    34ab80bf41c3f5fe020128a8a32b8d2c

    SHA1

    33c5bb289a9e4355742c8cfa0e1add4ad5bafb56

    SHA256

    63752d7c5c134ad752b18c55a100271014698b004fca8541858f9e98723c5532

    SHA512

    757b52a257f99b6e4d417f0863c9c7fb9661cba3f04bc3740099357f1eef7935c068164c22ff05f79882bd3763ab81be30abd9feab62abfb5f5e14b0f935aede

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a4a20b93049b910c9756e8c306124e11

    SHA1

    b7982ed0912eec48d7450b1fe1e0db8101e560c5

    SHA256

    da9cedf22e8d61075d80ba65c6e78c08b788693cc3b325e2c003848477e90d3e

    SHA512

    b2f2809fa66ee466cdface85ac8888855e681c1327eff1d0606b825663bad6006d11d94f18088428d914d73968f3bed5a99357bb008f2137785d155e310e2bcb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b433f86ad1826e2b61a03f81933962ac

    SHA1

    e2417e71580b5b848d28af181d1017a16a8cdf41

    SHA256

    1261bc48b6b8d155b8c9a14a5147a4db8274bf511946d146e58933108f2b67b6

    SHA512

    3fd9c4b187ca7c33d127dd789875e7c6c1b12b8394162760ad18bb7aa713302db9f6e7f707615430d461a0fc6b70c52e48b9ee8e83fb59ec07a0f761fe4df5c6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0f0339ed30b1f248cefd28991842c537

    SHA1

    e089da9a844e4c606a17bc4759b60b3f4f597a2f

    SHA256

    46fdfc62e47bc97a475ade900ba15402ba84dadfdac4ff96d6331d309c13b878

    SHA512

    043e27aec966e5bc2a2ac3d18a0ac3d1e73f18d8fc2faa2d64b2a0abea2f6400da0c47d7bec5b94d58ccb9c556e1791670abb10f670b0bddfa9aaf8e4302d32a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ca365a25f019643e29e9bb2338f3e874

    SHA1

    50d2ce2b9ed2cd9ee15d49430bed41641d63517d

    SHA256

    4025ae19013e66de9897b7298d16f00255221e0c83b3fce52e15d1d1ba585b18

    SHA512

    85922811ed263a0f9c4aadb403e8b779faf9b0241e97ff0c801d44aefe4fd934b2252b494213778d3c233617291698ad4c24b00a26777810acb59d5db87f9321

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabCA53.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabCB40.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarCB64.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit