Overview

overview

7

Static

static

3

SplashPro.exe

windows7-x64

1

SplashPro.exe

windows10-2004-x64

1

Splash.PRO...up.exe

windows7-x64

7

Splash.PRO...up.exe

windows10-2004-x64

7

Splash.PRO...r].url

windows7-x64

6

Splash.PRO...r].url

windows10-2004-x64

3

Analysis

  • max time kernel
    138s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    12/05/2024, 12:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Splash.PRO.1.3.3_(www.4DOWNLOADS.ir)/[4Downloads.ir].url

  • Size

    207B

  • MD5

    f6ab98eacf79d54ba648dceae929d1e8

  • SHA1

    01917a516c92e5892401403f0ab9bda4ce13d1ea

  • SHA256

    1f65a2c4e8cc515543fbc5356d4cea75f59958faf8b76a6c18c241ab287fad2c

  • SHA512

    1381b04ae55e1970023a0c657fe2996ab825b36ad537634ad4f83a1952ee4bcca2ef489cd1e0d9eb3620d6bd4301546bb827d9693eff73628c697d8630df4e42

Score
6/10
evasiontrojan

Malware Config

Signatures

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Modifies Internet Explorer settings 1 TTPs 33 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL C:\Users\Admin\AppData\Local\Temp\Splash.PRO.1.3.3_(www.4DOWNLOADS.ir)\[4Downloads.ir].url
    1⤵
    • Checks whether UAC is enabled
    PID:2744
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2208
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2208 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2548

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    94c777212fc5e401fc6fe11df950e87c

    SHA1

    566d1fb71f9003defd9e9456c2ec9c1ba50c001a

    SHA256

    002ca895bf8d8aaaa2a6e666568347c44e1c43b289b248a6fecdc238eeed49e6

    SHA512

    6d2bb307e65d8838b914ead1fcdadcf3fb820f7e008092068d8c9322b8bd14bb0dc6d76ec9f567c19b4911f4347d5a5ba0b5fd312234fb1a7327348a44a90f7d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    82f8e44669e1aef026ae086071c0b328

    SHA1

    f02238260ea3d119366f0bb2a5757616984fb897

    SHA256

    28200b5ef611e6fed04b3080afeffd17564e1a19c4b8a5632e526f50aae37ad2

    SHA512

    2dab1348eecf1e2b8687b997fe59b4541d3dea24265bda80c8ae07275b3f65d91611f3b1cbb566fac20596e2d2ff8d70b6e6345552dcf4f3c5b59c14bf6b9d7d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ee5f0f1c836332ef899852882ae3e7dc

    SHA1

    032d0215b6338ce1579e328d8a17d6f91528f8cd

    SHA256

    4cdbaac94446f4dc3897ed7aba2f681cf1b9532c148e2a4870e927f29231b730

    SHA512

    ca72782875a6bc7c96604378178417a66c6719f93d21a4f346f73067fb3049e65ac8e075a73d044b0e7cd2c8fc039fe08376b2ebed87129bc528f43d4e6e0ac0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8d5f69dff83e7353535e434f69518dd9

    SHA1

    3b33d6fd8124007425a324c25f02098ff5317c6c

    SHA256

    a6d8e7765ef0d6c2da30d889783583f5a2fbe0d6becd504b3478d233486e1f46

    SHA512

    b799964c60dcaa399cf862e8ec50e027cd18015aed4ea1dda2181a4f62498ae321482be902c3c176f9eb9a99df663e2e9059178fe374e8db69b2f5eb3bee202b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1e4ac95218c08500e7a0c9362409b8c9

    SHA1

    732e3c8adae12962395d9db4f3ec263c96ef2ef4

    SHA256

    dd9563318b496ce5845c535e4c99ca4aa38fd40ee66895570014d0e4a10779e5

    SHA512

    2f2e2b722d8496ebc80aac802f1995d57bf28baa77130629249ea8ad46f07bbd6309c8876c77171b105cf39063b55c97b18e3778679141b62a4d2ad7cb5151fb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    217a9451a1f3505afbdeaec95465bbb1

    SHA1

    7345e91630f4846b39380e124784a1009bbbdd8d

    SHA256

    6f22647dfde6a34ac126cb58d035098291a446594eaa745504265fbe0d6d39cd

    SHA512

    fc84a65a43e9e362c3a3b70e7794b70c202d6c01f4b9e7016c3d3da1c915b1ade3bbbffb25112cb6fe2c4730445156e2e7be9f5af27eca195e34a4790c4a5771

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e9d8b77842205950df1f1d8f68b5f68c

    SHA1

    70dc482f4b6b9c38d2b3b97552ed14644c69a54c

    SHA256

    6a21105fedf85ff3868c4983f72b713e0b928f819ec0852bfa56492300492c73

    SHA512

    cd3b041a678709f0e51b1a9f436cca5356a61bee3324e8ddea5de2d49b5537c3fcb09a9b97f9ec835609b9911613b0b96f973d821cb3ada9ec199eb25321ade2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a524662c699e0a837e2dd7ce582454ee

    SHA1

    ce42983ed87a28c4c2cdfb9f612364798a69bc4e

    SHA256

    abdbfd45ea61e4bf49532f010b4dbb199a7f5780dcbe1e4fe7293d31606a757a

    SHA512

    490d25ef5f2f3754604b490d2164320099026a61762c74b6217b68329c4d8c88cc6b9c030cc118a480dd185a86c469fc76427a9a55e526a70b4c68630f061677

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b4a31d3bcd410248d632caeba73f3947

    SHA1

    31c43970e721d40c97d0c47f41148a4f75320a34

    SHA256

    813d9e68087c61519c69bee55198a54fa94c21fe5154f7f55a5575bb97ae2e87

    SHA512

    63bf909026e22f4c9429a116ec8e3dd4c6eb681e8e6527c5a279a78da34eae7462c14c453033c4b55aa74bf98b1c7fa40d64ee946964db60a47e8f39d867c349

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    922cb7207f86686232f78070155dfde3

    SHA1

    9be07210afb2cf5dae66b372eead529e597b26e7

    SHA256

    6f58b54cfa74bc952d23ee64ba560198daf92f4fbf822a055d708ad3959e49f9

    SHA512

    f5eacbcf09fc42dd46c14c43f4eb373a19ced2529d9b1a8c912e112e8758ca4415b43029c70ff3b24eff6c5dffeedab0d3552ed98bef5b57395be16e649dda19

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4188fae6c95b762068d3f07991ffa1bc

    SHA1

    320b00457c2ee1c60927ab150693be3c8d104f56

    SHA256

    576a50e51b2d4049bf0267900d9d9b0231b85964a20631421baf4e206f3abb41

    SHA512

    8dd6741a5936a2f1154cbe422bd5740860586324fcb8aeb29d2e0c3086651cb9b5017ebdfdf7d406f6933efe861f81e2ab4e85224aabf2224b9f80ed8efa6025

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f3cfb61203631e4eb07927941fa9e19a

    SHA1

    519d874a98908ee4169cdc7fc9d49e80f02b9594

    SHA256

    a145c17589370e3d27bb9177c848c29a9c0a51d2580d0c24bb9dab01bf47932c

    SHA512

    1ca2a57a89618369f04b3985434a6268981d8f6c26e709491e3196156e681d4e91a8ef609fcd827b7bdf0028f78c92a3a2eeb8db07dcd9285530f06779170489

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    811c080ae008ba0f37fd5a459f4a8f5d

    SHA1

    ec79bf1887ff8d73f373c78fa3fbd70ad86e8857

    SHA256

    9896cdc180bc6faa7bfa5e3b720d9bd4a6dd8c4b9fdcc287c2f91111c9f4e1f4

    SHA512

    6a1b95aacbf0ecbd57bb58558d51662c21bc65989e871a158b3fd91c7669bc7fe62f12576e0c09c74ff045499d77975ec8aeeab4995815e91249ec70498ffd36

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cc712f7f1a365fad4b2311e061c0ff8f

    SHA1

    f5f40fe384c317b3f0971cee0425bb77ed5c1ce6

    SHA256

    54ca61bab8747fadcdfcf893e402f8599639be5694439989e3aec875128ebf1b

    SHA512

    8f285948297523bdb78caad9e803fc512707531ac6f048620f30dba76b837c1959d88796dff16440817501fed1ade3c3af1cff5c3ac0fff586ee80c7672bcdc2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b36164de5bca092e604f72188ad07685

    SHA1

    eb04ed2a562e56b1fba08dbed8b98f92a8eb68e1

    SHA256

    68a7f86d0f515dfdaba6d65fa332bf8c9a625b8cc72ab6ed8b749b8da90cca6d

    SHA512

    2a5049b4ef9e540453587e925b2af3f2e8f2c1ea1658d9b4979ad78b474f462594cdcb6a19b44ec33c88501402084ccfcc9cd737e06c6b75e783a15a666b4f1e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    35eafe7af135547b78cb40f79fd082d5

    SHA1

    cf127151b53367bb7badb6ec010b63a85452dd37

    SHA256

    3e43aca1b66e020054f287a23fbf67562ff1c923e16422a20e160943a46ebe34

    SHA512

    0dd08fde38d0d942a87ea4434612578015ecf99a3b075b432076bc6a231e9ae54edd51b8d66e1acd9ca861028adeabd658323d35b6295718dde7fd02e78b9cfb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    089ecbbe2f882fa45a418b997f58fcbf

    SHA1

    8cec913cf294deaaa753f60a53d102a41eaf4388

    SHA256

    f05b189f0a0a54aec0983a9e523835c57d3f047a866f033df8086ea73916d271

    SHA512

    5f76409ff2acff44942dafbb9cd8e61f43e7fc8393c55e393edec97fdc82a1538f85687e5daa37010247dc6ff3975a1df0427a96ebd626b2e0d8661f254580c1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6f281aebbb3762da28e233835e31b80e

    SHA1

    f928101839a6672fc97940a260ff00014effeb97

    SHA256

    eeb9b6da22c252936bf771c03bf6e4f10687542393cff788699a7dcfbae48f15

    SHA512

    eaf32cdb2647870ed3875515852f7225364b8c0666abf33e3f3a677c5fbdd0f3cedc64f0e966e1e845c42e87f9efb7f991f1fbc00371004f3f2c62b6367d62eb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b8ac1f9b785e172c345b58d6a5d343a6

    SHA1

    59f53e265167b96f5f385bcff5478a9629f61a05

    SHA256

    fa29d6db1815fc0e8f1a537275c7ae624104f7dcacbfb1c18b422988049494ae

    SHA512

    03b7ce0cbd41530dcf844a5dce10a7933ea69be1256e754638a62d06f7ea3d94e78ec359cba4c3021affa55bff3cb810c29b65bb2570a3922f16d60e3186c482

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA22C.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA31D.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit

  • memory/2744-0-0x00000000001C0000-0x00000000001D0000-memory.dmp

    Filesize

    64KB

    Download