Overview

overview

10

Static

static

3

Epicgamesx64 (2).exe

windows7-x64

10

Epicgamesx64 (2).exe

windows10-2004-x64

9

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Epicgamesx64.exe

windows7-x64

10

Epicgamesx64.exe

windows10-2004-x64

10

LICENSES.c...m.html

windows7-x64

1

LICENSES.c...m.html

windows10-2004-x64

1

d3dcompiler_47.dll

windows10-2004-x64

1

ffmpeg.dll

windows7-x64

1

ffmpeg.dll

windows10-2004-x64

1

libEGL.dll

windows7-x64

1

libEGL.dll

windows10-2004-x64

1

libGLESv2.dll

windows7-x64

1

libGLESv2.dll

windows10-2004-x64

1

resources/...dex.js

windows7-x64

1

resources/...dex.js

windows10-2004-x64

1

resources/....2.bat

windows7-x64

7

resources/....2.bat

windows10-2004-x64

7

resources/elevate.exe

windows7-x64

1

resources/elevate.exe

windows10-2004-x64

1

vk_swiftshader.dll

windows7-x64

1

vk_swiftshader.dll

windows10-2004-x64

1

vulkan-1.dll

windows7-x64

1

vulkan-1.dll

windows10-2004-x64

1

$PLUGINSDI...7z.dll

windows7-x64

3

$PLUGINSDI...7z.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    26-04-2024 20:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    LICENSES.chromium.html

  • Size

    5.1MB

  • MD5

    f0882b4f2a11c1f0c524388c3307aad7

  • SHA1

    c8952b4076167de1374d0c1f62b1fde8fe69f4ae

  • SHA256

    1b8b8e268755376e95aaddd0a6881f6f4a4b96787af1b2db158e51958410da5f

  • SHA512

    1e5cd07637e213d3f77f8a6204b5bb9a6e16c343790dda4ed677b081e8600de912165bb3436dacf56ea2e5145e888f5964deda4ee4b7dd3516ae2cab42e2fa0f

  • SSDEEP

    12288:FetnJnVncnJnkncnpWQtnwn7n9nJnCnZnGn3eQSnqnBnununFn/nwnJnqnvnOnqP:nPDt5WXWSNkbfwVR8mfjF4HyCohp1

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2324
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2324 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2532

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    164ddd0373922026a583e201bcef0fec

    SHA1

    998c112483f92154db417811b183c0877d0c53c7

    SHA256

    d2c1c8cd5eae5507644b345e3a7e9517883ad6c2181b34f693062bc6f5474d7a

    SHA512

    caf0136ad7179bf42a84b4cb13cb86e8ee413c7a3cc9407489edc0eae069fe19433c9865209ce26fd124a734fa1daf1dfcd17ea84e568a896dad508a45f38cee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    982fe77b040e4db93d69e39700d41a62

    SHA1

    bf9a57892c32847e532d910a417ea93ddad4dd8a

    SHA256

    31ebfbfd5027a39471b1229d57b420dd2b1c4ed1cb2689620beeb8406c452c3c

    SHA512

    66ce7a54c2a162c84b7fb67fe81d4c4106f53fb31e2a70be182d877ea327d0daf2fa0e1e122665602b80f60e19d9e2098092f75ac9e6ce1ceba1557ea53bb24f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5f39bece848073508e6710127171fd84

    SHA1

    af139e77dba2e3cab383046a65e77b3f8a696b34

    SHA256

    832cc6819b5abe5884c25a4464626d4219bb680c29c797563a3f173cfceb4efe

    SHA512

    bac4471ddcbe9e472fb95304c014bc4523716bee36d7f0c7a99d7e47861a0ca7b625282e252f2b2d422caef0f2a52dcee7fe08d364b1cd2c0fe3d28860d998dd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b94973e9153f79725fcf77fa5e282d39

    SHA1

    d14eb0405966cf90049441483fafcf874f41297a

    SHA256

    4217f5ec0c5b4946c4c08ce0c53b05ffd13025ec07cc9454cecbcec8327ef6cd

    SHA512

    b4533b746ec5647cad5e506b685b9406a0efda76f41bf1a45d345749c8145111f38bf57b2b5f7c93caa9ca14bb42b72de1d2e97c0357529216dc8869d6a61318

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6b99641667f33f0b2f9c4c71a4d9175d

    SHA1

    411e37be88790622c2f2df8953bb791bafe44a8d

    SHA256

    d6944d9e59c487749cdb76474e4c26cc19ac5f03b1aa74d881b94328d565cad9

    SHA512

    2c82d9a46e5c95a7da3762606880354dd4fe12508277dc223d0b3031952b4bffe7a99286cefd3eb40098941fa025338508fe73c5a3385ba86dc207b8863aaf72

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f6619dba14f27088a27795b6a95f96d5

    SHA1

    0639f7425b4badd77c48f5cf453f20297ad25f69

    SHA256

    18cb7ec4c26c21c270e2b453d411252f75ca8a96a88ff213edcb46de9818439f

    SHA512

    70fd2e55a8da422e059cb125d8a7814f1f7e58ab262541e94eafdb41caf5714c03dacfd8053e466f33dcb4af3f33784d38718a69916ebe968a154b1cc1bb8a50

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a2280478295190241a022e2053af222c

    SHA1

    889e242f02a568f291636fa16ca7e4fbd70bf398

    SHA256

    0ba9e3579a51527eca8f8a515735b7ceb07288a0421436d6c65cbf19b9ecb32e

    SHA512

    dcddef2bd8879ce7594f34f4a1a9bb14da6668fe51ed09d451b7bddca7d445f49a3768f11498f406af2f0810cc98722d720137cdc75d78506a4c90694c089249

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1944403948e7197a910feed00f562e42

    SHA1

    f63b9869cc00639d183c68f305d32ffa0530c4c5

    SHA256

    ec476218e748b7a0c75c7d7b486662d369d9c5e18cb91354a7b232445d7f45bd

    SHA512

    d208b48cfe286a0daf5aa84bf652212f0869f435fee90484997a61a75eacef5428e2c087ad516abd949bdcabc4635184cbf131c45da9ebff3557970cfd863e11

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ee4800f4c3cecc9d28a8836582590fd8

    SHA1

    7513c4ea865b93c92e7bc183847d1fb4fc08055f

    SHA256

    7ff7f38c8046657e1922fcb636a757354e1164431dde239a0451973cf3d765ed

    SHA512

    ad5c794686da18003cabbd6e3c43b5e089243dd4fa6421f570ca8787bbaa2133af65d2b0cb5d89261654af8d7b7dcf5b1749ef6ca7622fd242d4b02494058ec8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c684a1ea7a0cb824930f50e27bae5639

    SHA1

    a64cd7fe6b4a24331c3c9ad981e25f7f2c3a0787

    SHA256

    1ff9ed03e326cfda062493d95d0e1f849763200a44d0fc588ff1d07a30ddd632

    SHA512

    3228dab0875f165111a9399e22b2138b4bda8ee489780702e144ed24c37ac8341aa920173045d0a6935ff1b7cefd62ef579fa48a4758733c0f3a2c605e9f8ebb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5e9e8924a861cd56fcae4938939f6f51

    SHA1

    4e62b94190f52a0ec8a12290234b904a15d4a34c

    SHA256

    8c85b30205a8bd99f8a078393fa1e2bd217954d442f2f8a57c54e5fc74a93cc7

    SHA512

    8b673db6f69e8532ab61de7c76934d870597b46c84ae812fe3de23251ccf8a693827710c3d33ad01fc9b3c60c7da38e3f294410e0119492458fba55c0d9c90c0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    860aeb6297ab81448944c7e9ce1fbd7b

    SHA1

    a7f4f020cbc5f5d1cd94c8e06b0f2ebe813f20ed

    SHA256

    e284b70942fc864aa7ad9a00767db6107d6d091734d334c68dcd21f0cb459029

    SHA512

    d8c99f67f1e6250046209eb48698b3b7b4d6a825d8b1e20381bfd7aa6c66f6e9e68869e114d1ff35c252e9424717f40aa3655c48a401c838d89b45cc8e5f313b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bc205527561d41ece6cbd835c5f99afe

    SHA1

    e1c7ba7d2385211aa72f68158747635403756348

    SHA256

    dc251a71bc943946412229e63950caaa8c61c574519ea2bc263b285f3c9048a8

    SHA512

    3ca30069316c98a4104fdedc1a9777fb5591779e0a89d777dff4f944e5f93cafa9ffbaaa904ef68bea352b453df7d52fd966050195c2e4e5942fe05e6ebdc3c8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    167c20cb9f04e80411e86d7f06832ecf

    SHA1

    6de3d1958d0f8a72c094cb34bcac424a806f989c

    SHA256

    5b02666d950eef124aef0eef5de3b52fc1b0bbead5ae007279c9d2b72e9e7b0d

    SHA512

    96d6670f1c7aeff878dbfd960b95dd6fd220b7689a773ec06c8aa0a931270208ba5c9405718be7f77d0e50d29ac80b1c8b3938763182ce33eaff8ec4bc608c8f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e608b4e7a333bcda083284ee14668940

    SHA1

    47761c69f1576b6fcab2864cd7322614a9c5937d

    SHA256

    6d42d207be9b9e56d1224fbfaa9baa4baef66ff8b397ba419eaa4cff6c540042

    SHA512

    8e83dedc066ff3f92d54ca2f7027bee62be20153c4f4454b8ea37a4ac2503c4757eabc2b58b6f813c3a6a05e13046cf65932cfdc7c35197ead879c7683e8fd10

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    76af0a543c70c68031c1853b7f5d5cc9

    SHA1

    78025bf20a45b77b40aa9ed99a68ee765bdaab78

    SHA256

    3a2c059c0f88db687975ee1838173e8ba20c8dbd336e6bfcb2a766846832edf7

    SHA512

    81c20b97294a88e0eb8253a80298fa52f6777ae7506048f6b280ddb2dfa434f74e31e545505ce52592b74663cae352359135bb992acca15cbd089fbc8f8f5df5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cf1e1b33f5bf922a024a4104aa70e8ef

    SHA1

    679f18790a79b0474bfd6572d655379bcb9d5865

    SHA256

    c07e4f41bef54422c3ecf4feeede821c5a52700283732a6d6023895fb068e0f5

    SHA512

    184f6bf4b80d1c5db259feab07b228d67e4950f8f83061fa0911cdbbfb72c4b1cf72f455c7bfae202fc24c486cf92a09bd55b3f64052e14ebe0c0ac99a43f0e2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    319d83a3c63d07df8e25530747a72d98

    SHA1

    25cbc65ea118de42b1e2955c17d736248bf692d1

    SHA256

    1ac6fde7072bb8307f58b28dafb2746ef72d818ed7dce3a660571eb32a081605

    SHA512

    cf5df9ec86903e5178710ef51227c016313fd6cd0556c0e80af77a547ffe63b52aaefc0ff974251f690eb16759705039af8e05aa6d283f15bf98ca99b78ef976

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4eb99f6d9e70b3298a3feff0cbba5f41

    SHA1

    11caa99b2be15e89fa3318c2e0c7ddd0d09fc93f

    SHA256

    77b28250aaae0f239e1558642470c2d2691ffcd9c654440cf705309279ae6f35

    SHA512

    ad8caa4023173f9e43636001c3f27bb799f5336e03cec6eea3e507ed8011372990321e71ef2e2165c9744c980bb4bfa23fc156d998f78bedb06b54ef0da6c54f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3F91.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4055.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit