Overview

overview

10

Static

static

10

AppDFSetup.exe

windows7-x64

10

AppDFSetup.exe

windows10-2004-x64

10

$PLUGINSDI...er.dll

windows7-x64

1

$PLUGINSDI...er.dll

windows10-2004-x64

1

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/app-64.7z

windows7-x64

3

$PLUGINSDIR/app-64.7z

windows10-2004-x64

3

AppDFSetup.exe

windows7-x64

10

AppDFSetup.exe

windows10-2004-x64

10

LICENSES.c...m.html

windows7-x64

1

LICENSES.c...m.html

windows10-2004-x64

1

d3dcompiler_47.dll

windows10-2004-x64

1

ffmpeg.dll

windows7-x64

1

ffmpeg.dll

windows10-2004-x64

1

libEGL.dll

windows7-x64

1

libEGL.dll

windows10-2004-x64

1

libGLESv2.dll

windows7-x64

1

libGLESv2.dll

windows10-2004-x64

1

resources/elevate.exe

windows7-x64

1

resources/elevate.exe

windows10-2004-x64

1

vk_swiftshader.dll

windows7-x64

1

vk_swiftshader.dll

windows10-2004-x64

1

vulkan-1.dll

windows7-x64

1

vulkan-1.dll

windows10-2004-x64

1

$PLUGINSDI...co.ico

windows7-x64

3

$PLUGINSDI...co.ico

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

$PLUGINSDI...7z.dll

windows7-x64

3

Analysis

  • max time kernel
    134s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    02-05-2024 04:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    LICENSES.chromium.html

  • Size

    6.5MB

  • MD5

    796505037e030807d9ddd01c93eb353b

  • SHA1

    79a1eac3b505e6d94a6206d4a5198d3cc11ab038

  • SHA256

    9f3f2b4d9bbd3113486839eca85de119fab766450cdca08a4574b80748885708

  • SHA512

    9435273a4541a579a427a295be47af8b81133896f50c97bab1d8ab391089f90186a7fd057b53e8b74829e4747e98428d8b4d242eb6854b1304a94a2891c2fd11

  • SSDEEP

    24576:8Pjy5WjWSpgDrAV8gmfwN6i6w6C6g6T+gH3BMbp0W:oJDN

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1712
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1712 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2968

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1971fa3da89ab4fee32fa74db433ae37

    SHA1

    bf18ffe28d64052f83868da2783df27fddc3e1c6

    SHA256

    ba3ed760db955c88326da4e3a423a58b3320bbb8ca0d2f82872fdd59490f75d5

    SHA512

    20ae5d86e6045d95e931fe5f94c076f68fcdf2dfa448c2871ab28989ae6a0ef61c74a345a8f1646e5756fcaa663a100c67068c09cbb64835a92b67c1a877b236

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b3c5af1b87c9a608e6743ea19c8adeac

    SHA1

    182e291e8c40fd7b93644b131657aee197587a57

    SHA256

    3152e4cd6fbcd578bad10f883e4bb03356bac3b170cfc522b65631fd8226bff4

    SHA512

    fbc6d6c389cc8b58f3b720cfe0ba0232f89a02d47dc80fad12ce64c30d023fec8ee139c076562084e0df3d6f86b67eb859708be693a4d6cd7b5c7bedd0b00843

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    28d889dee26783ee9f7f270f18d22474

    SHA1

    72e28c8aa8968d89f77fa57eb39dbff9e4c89bf4

    SHA256

    2eba4ea4a7276344cbaca7ab8259adf1138634f436d66f1d3a36f2247b83a6c4

    SHA512

    6ee74b1b74d9dc91661f556d8d93f5be94b8edd5292414e8515ed66965049e01708159c601da2cbfa23171959c96a2549a989a35e084d4b1826166ff957a17bc

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    51b1a3d33dc8e3f8e21218f6373ca84f

    SHA1

    87d21458244898d724a4211bb02e813048d3a89f

    SHA256

    311a83dbb5e226af72a26fb87f2c2c2899e355252ad7ed3edcd214b70aa1afd9

    SHA512

    a0a228f7a7c9b8d71c7277f8a721722274e69ba013a4f2045e4a26313927f0528b638b5552b10103b26be8c2b44c52e41cd49af1630ffa52d6119ac194835155

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    09cc8cf211fb54c994acda00a64290b8

    SHA1

    5acd35b849865c33515c93c14d58bc3427d9de04

    SHA256

    83201ebd021e2e2664f24e6fafad5c084d97917f51ed38c19ca2e696d39b30fa

    SHA512

    164c7814b9961e84a9e8b9ff0ff1b802dceaa5c1e82177ece2a571a7508d529c2493376248aade6421f8a735935dde59c20b66ed9a501db287cc462fd64b85e8

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0054632f20e24697a20715dc5daff773

    SHA1

    cfcf11e3efde41132f860b07f297dfcacd2273dd

    SHA256

    69fb1bdcb09fb2c9ace53b4d8de7b1055e68143748f07bc2c33ec71fda432bda

    SHA512

    7f7b7e3b6cd7cfd786a211a786683875f645096cf435e0fab2f663152f54504e05e8799ed5cdea113765ce31876efda1cdfadd88be9769e8fa9f6efa3da1eb3a

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f2d8a9b1dd52aa008ff0acd76eb1dee7

    SHA1

    486aa5bf4adad4bfa98433611579acbfdce6ad80

    SHA256

    afef596ad863b4d8bfa64c28615ff9197a01ddbcbe4a3feedd2c50dff54687e7

    SHA512

    abc530ee735cfca1b152cb7d4b89215e4422524ba4cd1f3fab81c13cf9cfb0f184f7e2bd61e136e9abc20bd56110f534fdfa2f674ddd1ea1a7afb1c2c320be3f

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2b6c8126c9228a16a9351b546f87a46a

    SHA1

    1ff68357c04136695ce83f10a81a5b838bdddd72

    SHA256

    565ade1e4878d6d23c23f27858a1bff086034f6dd9704d6166976d168d5838fe

    SHA512

    e21452a090bc753d1769d27eb70685caa5068ae58bae86888c63423bf14c507b62439d7fc95cc617c16889d092a836721b24a1d5c39e8b8d0b303e8e16e53cc7

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9bb8f9828176067dd77fa471c4d06381

    SHA1

    9b4db335ae42d8248a4ae1c7d873abdbc023acc6

    SHA256

    074028eff07fa921eee74ad4554bfae526171854709312ab3c7a3fa76260bbd1

    SHA512

    058b924959864d8867941172605892e8b0337c610c7ac9c7d82f0f89b11571b9e17ed43d463e3d6fb511b691e11140992bf4c84fa8350a152779b8de87924a74

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c8b6d122173a04fb5330bde432811cbb

    SHA1

    0c89580514652a440e3024d3e585ab388fe3f80c

    SHA256

    dc5d478d5959e5dd4feed2d97699ac5e526cc4b845a4d58118d2c815b483d129

    SHA512

    2a66b6c5c6c15d65380f9fe66d472e62c88c4bb5063f1a586faf32803f27aacc6fb4ec4afd18f20899c7a275a0fa356a14a1f36689689d1f96d5f5c8b9930781

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6740599dbed13a757af58231c00d1ad4

    SHA1

    af232ee08c24a37abf5f6eed92575ed40cebbb11

    SHA256

    2d10bd4296931dcfb460f44887ec8e21b240c3a6279d09602f52cda46973412b

    SHA512

    820ce38585bf706983f8da270a8d75aa6295829ad023f39cb0f8928042ddefc242b5ec73acf9f40bf5d00ff708a84c6def5a07670a97f557952aff7eac3c7723

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    80e14c2f5bd567c8be836d768c8bc078

    SHA1

    b95021cc9e5a22276f813ad79532c040e59e7a86

    SHA256

    ab759bb3e05d241f0578243a2f12acc0ece5d459269c447ba619e79d79250460

    SHA512

    8afaf1e8359e775d7207cd74d691c4fdfc1828bb67c57d8de54c28f766152e0f00c78b21b556b73ffcdb40dc8e355f36751a9c84d0945644603f498793e02043

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    12bcd08ae306bbaae92abe1cbc81e238

    SHA1

    c1816ad112edcc4deb39f6bff6af0af4dbc478e8

    SHA256

    f543a38b40328bdea2effe0bfdf198ddb6e1f0c64a20cb0b9e62cea0eb766b08

    SHA512

    059c255ae574671c7ec1b6b3893daf669cb00ff5985b7f09fcc2ddb743d3bddb2ab20cdd7b38170e8dfaf0e520559341ae3206442973b22abc627e1e58cdc943

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Cab3989.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Tar3A8B.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit