Overview

overview

7

Static

static

3

35e10c5323...18.exe

windows7-x64

7

35e10c5323...18.exe

windows10-2004-x64

7

$(LSTR_76).exe

windows7-x64

5

$(LSTR_76).exe

windows10-2004-x64

5

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDIR/INetC.dll

windows7-x64

3

$PLUGINSDIR/INetC.dll

windows10-2004-x64

3

$PLUGINSDI...nk.dll

windows7-x64

3

$PLUGINSDI...nk.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$PLUGINSDIR/ad.html

windows7-x64

1

$PLUGINSDIR/ad.html

windows10-2004-x64

1

$PLUGINSDI...sh.dll

windows7-x64

3

$PLUGINSDI...sh.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDI...ON.dll

windows7-x64

3

$PLUGINSDI...ON.dll

windows10-2004-x64

3

$TEMP/NSIS...Ex.dll

windows7-x64

3

$TEMP/NSIS...Ex.dll

windows10-2004-x64

3

$TEMP/NSISTrigger.dll

windows7-x64

3

$TEMP/NSISTrigger.dll

windows10-2004-x64

3

CrashDumpC...or.dll

windows7-x64

1

CrashDumpC...or.dll

windows10-2004-x64

1

GOMProtect.exe

windows7-x64

1

GOMProtect.exe

windows10-2004-x64

1

GomVR.dll

windows7-x64

1

GomVR.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    11/05/2024, 18:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $PLUGINSDIR/ad.html

  • Size

    191B

  • MD5

    8464f87975aa647c253e5403534f228f

  • SHA1

    0a1d2571a454b76ff43ade320631853650ba448d

  • SHA256

    85af9fb1cd755893365f5b0eb6fdb37533084dd8fea0245a12a83a4c1fa69540

  • SHA512

    d3a38b949eb81fa35fd7d3b9af65093fc70c53348d7f472bc2bb6a2af3fb9d0a45604965e06c13d365b82838f85d24bfd7bd5ced6832bd3b9572a2adf7845a4d

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\ad.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2068
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2068 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3008

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8281a7fb5e11b1a2e42fea844108f930

    SHA1

    8e5ef60bd8a5073e04438c70aa538682885f69a5

    SHA256

    d7f368d42a44100f0481f6c3df5fd9b7f0594c2b38d60d48f65d768871af4e65

    SHA512

    779d75e3bc3da6c45a058554784bcca1d66b55a63093821aa53216a42f6471f816c196afd88faad821609dffa130b0a60cc5faeb2181b130c3025b7f29e3c725

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4160cc812a990caf1b927e68c7f5145f

    SHA1

    472975c722a4024ae4ee6f7b5e72071d434677b9

    SHA256

    83b457afaeae906b1ad009a10679e90a0b9361af3c79e40157806b110b056ce0

    SHA512

    c843d166c8f52e784ad201c2207255b786dfe97f02982e39e6c2e9f1750fb450da836ff16d7b5fd26789f418dc0895d04e1c38d8332292f62fa747505d5d5ba8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    992e29264185f722b390b4f182d21226

    SHA1

    dd11e2269ae50c6ec5281de7ccd4ede69766d6e8

    SHA256

    94ec07ac6bb728e2da278da80cd8e54f7e1022cfc55110f06524774446b6c80e

    SHA512

    e62696c1111703b46b9d87dc418aa27189d0250355dd16c2ab6cef9b0b36ab33f8e88d33991e60cbfe92f58ae3dac7581a7dd921d23b06177d553e55fba8d658

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c4f55c5015fa9d447f733e6b97b3cc78

    SHA1

    203ef53131f343e23d182a8ccffe3d58d0158975

    SHA256

    6e54109a97b1dd94e022776947d04731c596ed50d41b311f71d4c244af9f3004

    SHA512

    335f7e12f197e48ebf459618a8a78f1c0eec307d118af1567d50e26e1888ca95f9aeb65024a4497eb968134cdae18bba1f34849cfe285e5ffaf5ed690335c8cf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e9f027094a933b088837c8be8c215a18

    SHA1

    c6bf04e8ceeea0634e851ef5d736e99e343a67c2

    SHA256

    0aaf923ab1cbb752f627e10f59e3915ac08ee3b1c296af23f197854845916c96

    SHA512

    cbc8d79c0da51c3e113df374d794408707f0ffaee8f7c299e0b95bcbe53000c0525bc79328dcd8c26e9b8c850d4b76593daf9574ea92548cd219149213a9ab22

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0b6258cea97124fe48cf8ba9fe9d753c

    SHA1

    b0fe197c6b7685923ebca7dd6c2a6a8a0f24d3e3

    SHA256

    71f66867e7a869f0cc873892a7eb958a7a2c3b4eb5b08f641175fa7e4dadb19f

    SHA512

    888ab54cb9a447728148cc648861871d2601aa3e81b903fbb5fd452bc9a8e3c75bb1347e443082433a48604292c626f3f2abd1a61884408639b02151f625c70a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    90937612ecc8d300abb62abcc0a2da65

    SHA1

    a8e07f71af23d9b54376a87b7257d7ab88041b35

    SHA256

    4e1a048f790d8e1f53564cc0f4e7e75ddd34c19fe8e7a44c3fd1f5fbbc985bcb

    SHA512

    a219a29aea8b823a2a48dc872dc244e554a5cb1e963ca019eae4245e62145d20dd23e3d0f4e7859384805f9006b4f3f7ec55191ef335f4dff3dead4ef141a224

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    321cf0fcec9c9f22b192095d2803cead

    SHA1

    a308860ae32d5b1e5a0c3247b9e9a430d8eef48b

    SHA256

    5c39538dda9f9c25be476e8fda4026c251f18d55bcea7e6569c5235b22a32524

    SHA512

    1320185cd36c61c95a257a70bae470000ead7bcb44a9d1e7963c9ccb9fec02266b8cb7322901dc7c0827b7d85c7748c0a6052d71bcd68febfd51558805598227

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b68fe45db02dda82da28e8ba7c3398bd

    SHA1

    c19ffba617b591d4286fb11a0c973113f454afd9

    SHA256

    672aa4610e9bb9e7f59e7f42bcf592c6c12ed48654b1329831f3c62e568a4153

    SHA512

    dc90ff681a9d850c5d6bacca7e8b65ac58a3a9d0cecebdcd366730b7041ed606f60daece2d25d633050e7ead0d3ac31e6f22c9b0f9ffec409a116216488857a8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ad39b2fab8bb9ed647da58fc5efcabd4

    SHA1

    851eb5ccaf3a46ac4a99149c2569bc93f614c0dd

    SHA256

    110831cdd51e88d206aff4881676feac43939a770ddffa32ceb685799aaef63b

    SHA512

    3e915687d4c3ef93b0cc710f9ae937022a31c42c9794f7b796033baa6c4dcd6c4d0f90758be3e7e1e32e143ecc7ec9e81667f028f31b5e0427a65f10bb9c4733

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3D30.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3D93.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit