c833554be59289d60a3fcf7fdbb7bc02f022175779ad0dfa31b2da23174ca0bc

Analysis

max time kernel
120s
max time network
121s
platform
windows7_x64
resource
win7-20240220-en
resource tags

arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
submitted
07-05-2024 01:15

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c833554be59289d60a3fcf7fdbb7bc02f022175779ad0dfa31b2da23174ca0bc.exe
Size

629KB
MD5

44367fb1579ba1a40c1e95e9b82b0e01
SHA1

463d47b713514262e1b7778aba37e6fa616f275a
SHA256

c833554be59289d60a3fcf7fdbb7bc02f022175779ad0dfa31b2da23174ca0bc
SHA512

e78d6a00799fb1372cc0bc0867ec2cd93b27a0f084fb9ea4c4d02d23522a0a5ea8bbe466c634fcbef1388f2016692ce08bf69572380ed773ac23693c36a5fece
SSDEEP

12288:QYW3jRKDVF5jz7yAhwDYtmaF0TjklTP7C3fZM4LrCoUdvifnfd:Q1jRy+AhwDYtma4gTP7C3fZM4vClwfnl

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Modifies Internet Explorer settings 1 TTPs 3 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main	c833554be59289d60a3fcf7fdbb7bc02f022175779ad0dfa31b2da23174ca0bc.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	c833554be59289d60a3fcf7fdbb7bc02f022175779ad0dfa31b2da23174ca0bc.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	c833554be59289d60a3fcf7fdbb7bc02f022175779ad0dfa31b2da23174ca0bc.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
1636	c833554be59289d60a3fcf7fdbb7bc02f022175779ad0dfa31b2da23174ca0bc.exe
1636	c833554be59289d60a3fcf7fdbb7bc02f022175779ad0dfa31b2da23174ca0bc.exe

C:\Users\Admin\AppData\Local\Temp\c833554be59289d60a3fcf7fdbb7bc02f022175779ad0dfa31b2da23174ca0bc.exe
"C:\Users\Admin\AppData\Local\Temp\c833554be59289d60a3fcf7fdbb7bc02f022175779ad0dfa31b2da23174ca0bc.exe"
1⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
PID:1636

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\SmJMDk3XBc.tmp\js\control.js

Filesize
1KB

MD5
7a1aa3d3071bf2df5f4c4b67b48305c7

SHA1
80ba577cf895e73af1fd3c1daf40a1dcc40b5e1c

SHA256
5e4fc8ef788d82cb8a6de7cc4df451f0129528e2bb76b09c4f86f43ce85d9508

SHA512
e4f45c37e770719b4fca3238b326779948ec2f807a262d8e1bdaa776ef48acccd7befc0604cfea89fb41266ab2fc28909ebdeaa2f7259f639e10665af7acae0f

Download Submit
C:\Users\Admin\AppData\Local\Temp\SmJMDk3XBc.tmp\js\jquery.min.js

Filesize
92KB

MD5
b8d64d0bc142b3f670cc0611b0aebcae

SHA1
abcd2ba13348f178b17141b445bc99f1917d47af

SHA256
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

SHA512
a684abbe37e8047c55c394366b012cc9ae5d682d29d340bc48a37be1a549aeced72de6408bedfed776a14611e6f3374015b236fbf49422b2982ef18125ff47dc

Download Submit
C:\Users\Admin\AppData\Local\Temp\SmJMDk3XBc.tmp\js\jquery.tinyscrollbar.min.js

Filesize
2KB

MD5
1cffa7bc4e5a9b981301514ec7226331

SHA1
f52021d8c2762b1ad88173124f54b2e62a4009f9

SHA256
e4363db5d48bbc5c7aca4877483bc903279b227d7a03493033b3fa7fd8d13269

SHA512
8161f88bf69883576cb20c8db03dd7a7fac4eb62b4dfd90d34a5b2028f6df124549f62b6878179956c40cdbfc2bef024c3379e70afb0aa660e513e567b219ddd

Download Submit
C:\Users\Admin\AppData\Local\Temp\SmJMDk3XBc.tmp\startpage.html

Filesize
1KB

MD5
83c69c5ded8a958b48052e38a8034bb3

SHA1
aa547fbd05ed38ea4b9465ddc42af4a3c6ac633b

SHA256
a5c73407d1d95a202d56df19023a59bf1290bfbbd76555b697beff9645f684b0

SHA512
34812f673b1d0eb8386e6a7fe9455daea5cda3fc39ea5d67ae7a52678fe13c8322d80c73b7064490bd7c4befeff574b5e3e50bdbbb7e0e19241781d1e7e745af

Download Submit