Overview

overview

7

Static

static

3

tomb_raide...ra.exe

windows7-x64

7

tomb_raide...ra.exe

windows10-2004-x64

7

www.mogelgott.de.url

windows7-x64

6

www.mogelgott.de.url

windows10-2004-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    05/05/2024, 05:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    www.mogelgott.de.url

  • Size

    136B

  • MD5

    0a5f8eea6156e0b7ce43ff0b8f5f022b

  • SHA1

    68addaac60ceccbd83ca372c7101d1733056ea25

  • SHA256

    23e7b406580e2a38d8bba25617362cfca0a1a94244ecc3ca517931d0ac38cefa

  • SHA512

    118739882cd790ff9ce82e746c4620abbecc83edb43fbaa133cd43151084df4b19e41f3e3b3efdbb220b5995deb9891a2e6137bb50bb0582ff8cdec46ba7dd6c

Score
6/10
evasiontrojan

Malware Config

Signatures

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Modifies Internet Explorer settings 1 TTPs 33 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL C:\Users\Admin\AppData\Local\Temp\www.mogelgott.de.url
    1⤵
    • Checks whether UAC is enabled
    PID:2068
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2768
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2768 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2580

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cb2425ef1c495f8d29c395c26fef60ea

    SHA1

    130655b0053f02ba0cead556defc8f9af0643272

    SHA256

    ebc55883406945dd1949a57584a966b7db8d0df7bb05049b51ac9eb88c9b8adc

    SHA512

    bd20be50e891cc2135a9503c12594b807c35fc9f122680b17d4f5dae1dd9f538788cf6b8b17c74175cc9c0d20af83f4e4d241e1c41db5917006a35325a580b69

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ba0effad9a8b289894f105e93fa6fa7b

    SHA1

    99247e31467456d259bbdba4b41b9bcace559b40

    SHA256

    d519d0f513dd270bfcc13f443e862a0c71670128d57c7ce731003514e073ef6a

    SHA512

    7d2190e255fe87d9077ac1e0ae50057424f81869576e1bcf68c86da581ccc00fc3da23f70997ad9a1be0e149e09a691c020d9f691cc21d6bca362c8ed764d9f9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6fbe7500db208f6d0653d7fbe9d2f6a6

    SHA1

    560df5e0b2899e8a121b5951c71d704b238e9de0

    SHA256

    409f58df7cc33d98cf872cfcf00c9915759592d2e3f1e84624b14d1a9dcba690

    SHA512

    b744537082f31e17685a2de4047e8c4a2447963cc21bf18eb4ecc3786ea7cfdbf0901b28fe64e717a581adf3675d199e7b181294570c05f34bd004bd5b3be80b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dee023b4e6e3f34ef2b44094a30e0944

    SHA1

    3ed2f4693efec0759f0ba3f5fa672868085ee7c7

    SHA256

    16821beff5d2c0aa50321727d1883b46a97a81ea9dac53ff315bad665b18e923

    SHA512

    097ca9416e882a0d7f46b002433da93d477d8ef00269d662a0050253d9474e32f76b7ae8f550c2a4706a8c456b7953da92111e66cdb977bedc85fc96ce6501f7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    08335a683e9fb30bf183a4864fb8030b

    SHA1

    f14e0c635b6ae4c5fdd1616aefd721344672962c

    SHA256

    2b8bc389653c4406c6e2a10f982daf7733b8e4c7567cf9e5f00beba9320a5e81

    SHA512

    581a6a704c0a1f8b6e091f833ae847e17776d4a5e62fc3227bcea9ce1bb1d3e00ffe22c67dd1ef2b0e278ecd19aa40be14a20ff5efb98988a99a32f7c836e87a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    27e08b3dd6662fdc47016e4766b890fb

    SHA1

    c2868996c9a587cc80c5a763327636f583c35d9a

    SHA256

    997516a7ab25fa6f85234a49a9890facac54c860ed98b75780067e0d098f7674

    SHA512

    16fd12495fd19bafd25055e76997e629d5bbcc070d3192a8ec242a61f1273322e76561e965c8b77494bb2f615624b89ef97b498381575ba236902c08a6bf94c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ff478270abd0d5f8b884287173425cc2

    SHA1

    b92a74a4d94254dc6ea89188c2b4fd9b622ffded

    SHA256

    ffa74a8387e76e88fdaad66308745199110ee789dfa33761f4e893c6a82bf0c9

    SHA512

    e690a5434e1ad220eee93ae5c63abe63dedb16ca5bdd00091e253e039382769e83942ef1eff49d04d8a5a1cd4e5fdaa75be3f986204240071d0c714be9bc7967

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    24ee8bb453501e22257535fb0ffb4dd5

    SHA1

    a10328364cd62fe06c795cac69652d1dacf9efc4

    SHA256

    6a6d1763e69e06be5364cbc488b8e26c92e27c19d250be5874cca5c83c363201

    SHA512

    16c9fe4ec5cccbd5fabc58e7ef6ca9fc20f565492ba087b2d23d3ba361f54d35366032c205c9024bd4d7d54d8b190299e382ca462830bf60c53cb2733ebf8deb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a6c1e09e7fa6f2047010a9d4e414b080

    SHA1

    d54f2379434cf5ef5e8c685f9e69f5db22540a80

    SHA256

    6e48004ff42d4f1c6462561d9f6ff8f8c5537d60c365f245c6a158ad82f866cb

    SHA512

    86ad97ff9bfba7be7698afd2746a1c449c734f0f295082077df47a3114acd8aef9cdf0a15abd491bed3fac5fb9dfb70e134b39d1649109565664cfe5fd3f9531

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    52f4c83d537a3c2e24a4a64eaa55c410

    SHA1

    025ab4b44c6925f54b04583ed405b5eaa91669ab

    SHA256

    262d34d230e1b60f14ce25be089713b3231e0adc870b40300c4b631392a44200

    SHA512

    aefa90ad3a8b35b333a4bc4372f7af986fd446242c52d2abab02217171841106ea5c61bd43a561785024d42a4cf068b14459118cacd1f91ae57ece1e89942ac2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    74e7342ad4b6b4c6c1d119621d8541ca

    SHA1

    00f7cf902ee86edb998f01d6a32f853dcf9cf25d

    SHA256

    fa0a1acdf1c52b80e5d28970e8a4cad05c72d893b90ff001e8b4b8d16fdc91b5

    SHA512

    7c806e5811f2bdfdda9ac02357fb6a40d5977f7b0b92a033bd53ac8cd3e9205ca5c0c3ee4ae72b48c11283cc016a6039eb5a39d128ef9839465ca182b44ee6e7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    23936145be6df8dbfcbe9a8c89c3417c

    SHA1

    0d8cba9dd96164d545dcfc671d7bbaf218cd19d2

    SHA256

    164b6bd791b3ccf27d0461d1ca1ab2506de14b07b8db00346a4c86a94d683230

    SHA512

    aa5213b6d98f6758f79ce19c888dc48b85a752492899999b8d91ff0b7b34b1964d966c2c4b25fff65f2112536f77d7ecc4a08f2dd75dec4c472ba66c45d025a3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f9f334990a0b78166f4cb59ad2258dd3

    SHA1

    84de5c968bd13695be9968573d8585d13031ed54

    SHA256

    1f5ea0c541ad31a6a276d71efe14dec219302a7e24ce6153942f6f26daa20dab

    SHA512

    157579df7377ba01d93beba2891fc7a0ea4fbb267ec6189f7e28fac7ddb5f80c0fd11f450bb9fb73747b399d6ddf5fa4f898067b98bbd50f6abb719ebe0e1682

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    616aabb2d8587a831c5968c733458ca8

    SHA1

    73d70cb37a1fb8806812085ec2c2a892748f832c

    SHA256

    7347691f1bb5b1c983456f368f8da293ffe0cf7cf1fecc0b89fb2e5c30c4efa0

    SHA512

    4b501c92cfc7c6f7e583907afd8757dd8ce8eeaa2a929ba806ee506b9670b0db62fd016ac75012644ec119b79d7296c30a00c5baab29b05753d027506b3fab0e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4ea3a7f8dd9d5336384b865a817f468d

    SHA1

    162796633d97b6755e455222943b872b2cac0de1

    SHA256

    c4730ba0abe12db921a862180e17a6294ce4b10e9007f07f5b06234de550f1a6

    SHA512

    abba7f91897f8ddec494e8d200f7af89903cd316336a2bc1d9385304c1f27f7cf6f74382a61be3c4684d6c1c23e6b3d1882184c2db88391a62fb11a2c5a34b52

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cac0d5300249fabb79d8a3c5f5c5016a

    SHA1

    ed2f21b6c5e675cc3857284eac4a5778222ea3f6

    SHA256

    14b29165e326ad27ccc06ccdeda0d7c561951136ee72789be709ca8a3cb19b8f

    SHA512

    5fed27b44b1e9a3057f46a090f56415441f90fbfae21abb589de8b48f3cc1eb7bea6beff3a8d25aecf682efc96d7faccee63189fb5f311803795ca67e04a1a55

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    52c50f85892efe129c8dba090f49ef8b

    SHA1

    cc762d8c646a3022d215806b4f159e0dcc594f6a

    SHA256

    8165db581ef6ea6d35d0f6c36204c674739c5a75f49731baf7df0634ca081836

    SHA512

    cbb9eb2fcf7c3959d420d6fb0b20cf55f05f22dff3f157ee7ab26c1d12bc5f047f9a037956770156e2f74c0b2b74645871bcecd518f27114a5ff20729e85adc9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2723878705b061a8e63303f00e4d30ca

    SHA1

    30cc2ab8c0d1b5f360fb0d3a0d719e533449cdf6

    SHA256

    07f768c640a52b2da35753fe200eee4ea9037954f35af03d1433f23b06540117

    SHA512

    546b65214392524745d1fded0ee25879391c9761b1588dc009c989615d146dddfad5d519d326d9974c694e600e026cc2e2d7601cea83ed1035c6dc2e7a41921e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    73ecc0d752fd195b66728636b91e072e

    SHA1

    196bbcb3a611ed1ec15c3b4772123eda193b1911

    SHA256

    c9090e7a1147d3346fc0dd3d83307ba7d941f79dfbd59f289a6a993c41c4150b

    SHA512

    64c7bf69e4eb08dc980e08f7bfb48615e93902de8444a9f51d550aee110b37981facb18bb62e9ee8ae6ba41ef1b3c848d9d59872188213921ab7bc6919e7264e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2E91.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2F64.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit

  • memory/2068-0-0x00000000003D0000-0x00000000003E0000-memory.dmp

    Filesize

    64KB

    Download