Overview

overview

10

Static

static

10

Installing...64.exe

windows7-x64

7

Installing...64.exe

windows10-2004-x64

7

$PLUGINSDI...er.dll

windows7-x64

1

$PLUGINSDI...er.dll

windows10-2004-x64

1

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ll.dll

windows7-x64

3

$PLUGINSDI...ll.dll

windows10-2004-x64

3

AppSetup.exe

windows7-x64

7

AppSetup.exe

windows10-2004-x64

7

LICENSES.c...m.html

windows7-x64

1

LICENSES.c...m.html

windows10-2004-x64

1

d3dcompiler_47.dll

windows10-2004-x64

1

ffmpeg.dll

windows7-x64

1

ffmpeg.dll

windows10-2004-x64

1

libEGL.dll

windows7-x64

1

libEGL.dll

windows10-2004-x64

1

libGLESv2.dll

windows7-x64

1

libGLESv2.dll

windows10-2004-x64

1

resources/elevate.exe

windows7-x64

1

resources/elevate.exe

windows10-2004-x64

1

vk_swiftshader.dll

windows7-x64

1

vk_swiftshader.dll

windows10-2004-x64

1

vulkan-1.dll

windows7-x64

1

vulkan-1.dll

windows10-2004-x64

1

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

$PLUGINSDI...7z.dll

windows7-x64

3

$PLUGINSDI...7z.dll

windows10-2004-x64

3

$R0/Uninst...up.exe

windows7-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    12/05/2024, 12:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    LICENSES.chromium.html

  • Size

    6.5MB

  • MD5

    d18c09a075cb6531d7ffd7c3da77bd4e

  • SHA1

    571f29b6004007111782bf5727c4bc9510cca286

  • SHA256

    86f5222580a4ab03dad8ea62e6cea22b23454dccf1c77e74ae0e0410a13b16fc

  • SHA512

    091cd68e12633919fc6100b606f3002b16f4b9c7c6d7c820ff20e31a3b9ea690c8a1fc90529ff3e5c21e8d778e254743a8708049830c3bb046eda8f2653000b7

  • SSDEEP

    24576:8P5K5WfWSJiJjQlaCmf2P6e666A6o69/kHPZQHpuQ:UrYR

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2416
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2416 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1136

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    a080629de0a89e8abd28ecf568d353cb

    SHA1

    440d5e305990ab55d9ae4c9baaac7d970afc7556

    SHA256

    cd04d0ae2839af7fa1b19ef70accf220bd56530e447b7da8694d53d1267a66a6

    SHA512

    2b8c726b010a44ae563344308ec1176b8100d485a909463bedcddbc0a12aad8e7d87098abdeef15ea0c4824dcbca510aec246e4052b0f53f3e5e5b03d8137aae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a8c22e9172e5df3d73c57c66c5559a94

    SHA1

    08dca53bebd4db71e8c54344c68ba71455053289

    SHA256

    201311f57e7d8182e86e164dc4304739cb20d83f2c9342dab58a45a2c8af92d0

    SHA512

    9543e9227263fb21bf6d44f9e10356918707fc5cc361622d0f6009e00d8063e492d29f368ff440b7d9cc68432b446b11f873246c1e780b30c02a197dc72e1331

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0d410c50bd5ccb838e80c17b973538b0

    SHA1

    7411751efd8fc841d28fb262cf3c68626eef3e9c

    SHA256

    6b9c899d1e1ef0d3394741b3cafd482ca283204512458004d843db7b21d4ee20

    SHA512

    b7bff3c8ad42e0a55d2b0410896c3b9787d605c7eebed23aa8f6a909ba46e1e07ee3da662d34ed3541ea6b522ade9620d762af570442a0e2a5f636fbd583f53b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f7218971d43a0735f984252c264a994a

    SHA1

    ba65a648339c1d70b08eaab1f2938a769527c7ea

    SHA256

    f7e7f6a89fc9c094f9b29c57d9aef95e0f2ceea947748bd7f1419be06c49f724

    SHA512

    22964cdf31941819ccdad17cd737770cf40317023bc3d075f07364a7ece5891936a9c88d0f0e1c7b14d3b0c742bdcae63baf8ff9286f0445be661cbc91a7053a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a1de06218378a3dd93e1ab66869d08b5

    SHA1

    b71d83bd5b8162bc10499651d471dd00d6a29c39

    SHA256

    feb58e26097bf194baa47427c50111aa3c7dc0a14047000800a36c2ae4bd2f1a

    SHA512

    14587c56392f705351aa57e3b937bc3972c5a3bd6b17d9de3306bd573e21b16b8b3a289f220dfa8a144b3c55baf17c41528d52e1554514b7a9c46365ed02802a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bee1b556c40e490aaff19804288c4b4d

    SHA1

    f00640f2325549c70e740c2e18244f20f9f5a159

    SHA256

    5e461ff55c0f659009682964878663cf3e75ddf6147dfad2f12cf847d9b43d5b

    SHA512

    2894ce4ceee132fee6e5dd5202d317441ec906e39de3e467a2c76a1cac5ed5c0ba3e576c8e2d2cb707ec850ac08419a36ea39c39d0a90ab37c3511ba32bdfa16

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    94581de7ee6c0fe1719133172f19e1be

    SHA1

    59d6394c0b6a6df32577139f4448ac6a590de007

    SHA256

    1fbab6e8a666b6510d4647a59913b61471988986144e97939d8a570c90779650

    SHA512

    264923e71da69f906594133acc55302b616d95236733eddc470d0effe0238aa89a2c1e8aa985d4c541649f7253806fa045b94774dbe77f1e7da9077c49e9c15a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6d40ae9ef676adb21f6164de60ddaf1e

    SHA1

    b82b62da4d71e6a232b88f00ed69c3fcdf9c4e22

    SHA256

    71dc973e88fbd4072669ca6b1daa1dab8ddb3e8df622ced7d0f5f62bcd03a9d8

    SHA512

    1231041edee877a31483cbec96003106265d5ec5a1c5a2faac10e582fb5ba31ff8d80609f089ae8c7ecc108ca90d05f943648e62617d465293785a0cc299feed

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    57862ca9263fe718c0c9dc326909dadf

    SHA1

    8de1997de5eec9a9ce1d06cb536022b4ba3a52b5

    SHA256

    b00b539cb830f20965fe9cfa4a5796297310d5b14fe1b0cb8146edd0b7d77f6b

    SHA512

    547e83d58223e72e5ccd1743a336caa13dce86f34db744863a3a35e480d04bccb8133c550529ff825052a431eb78705b1cb1dcf68cf28b37793bb3f05032a740

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    caf8e1d94d29eeb4e9c800fb9624d95d

    SHA1

    8100d6d3ab431f5b08d976ef2914b6246905fc97

    SHA256

    f7f65c4b95c7e2120ba6cf22924225e9a7323eebab04dfc98487719e508c1bb1

    SHA512

    8bd4b39604f869f43caa34e9de3b419eefebc54c2812fc9d87c45028f0308e5552651079441d6c4dd9f5bf48517da9636345aee3848b7091fa41f4f2bbfe06dc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2c86bb6d8fabc0ccfd0f2623469f5f46

    SHA1

    952af87e792ce8415a72d25ad6c85c426502aca7

    SHA256

    cf10ad7713961563005bc0d25d56eb5833596c71b71db6efa905516fe42495f5

    SHA512

    ced4e73c0f3dc74315836ef5030662d27c4dda2e3d25eb6855e35f3781a0e460b67974bae0b830d21aac976846b4b742c69f2df6988c2c7a3849e3356c6c00b8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    606f72a10c0429beab7db248fe093a82

    SHA1

    365e97045115ddf36e99e847e5c962b5df082b2d

    SHA256

    2006c0af13c51ba3f705c38f7fbceebb36b0b63dc930724399c30a8b24273216

    SHA512

    b6c5f95c738758ddf03710e87c86315bb1c04c318ca43421f0e7cb887b8cda2e2aff905f7cd0fe62e673a73a1d20327c627fa270f506fb2dadf195471b309354

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    92796ff5777a1e7a189a7955c82e4db2

    SHA1

    ecb6f0e2aff8966c40deb94fb24ac5d3f5e29426

    SHA256

    9dae1e0c8018ba4049f6718d13d7dbb755ca3719ee2feb42a3be4443def125a4

    SHA512

    9bab8c430ef0822d09c3aca1f81ac67ffa2eeccf90778530158e4356b099961a61191125d01e2294580e1c827ba8893f866dbb7e43a1ce5351c896b3a122c760

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5ad47be9058707925e9d2e32ab76214a

    SHA1

    e259d990fc7a730e649f440974cc10d008639b3f

    SHA256

    3f43c24911eaa061b2f73b0de7ade30a7e0d81063d934b3ff73933f11182747f

    SHA512

    bbf40bfe318b5379c9a60c36e20c6fb0c841fcb7af3e3819be7c992f43a8280ea23ab6e9765e0a765f28e7335fc955bdd1de269e09d33ee4b51e6e6c8c39919a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9d4b047e38443323f59244e649bdec28

    SHA1

    3c35face6f47ee5ef3b231d885dfcebf50d363bf

    SHA256

    92daf0fd96f76c32dcca571f10d6911ba4085fbe1d1531a665be1760f54992fb

    SHA512

    31a77c3e7f7e70a7fbc5657dad0c3f161e0876e5a2c2060252d0670f090dbd59b050530f416c65ff004f9db2ba1363ec6e4ebe94ca2dedcbcbff3e0214c8b3ef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b495c938542f0d9288de95b4f2bcf1a6

    SHA1

    761b984481bd24a7fd66ce8290d7f1a8669e914c

    SHA256

    4679e9f4fe3f29591141a3c98f9b4f0443949167afdbf04e9d1c52f5214843fa

    SHA512

    7ddfe496b5b2fec1dea18a7baa587fb6f3fff41e88773b8d04cf69bff0e29105db3b8ed7b6964d0570cd96e7c7d1780e16c97be08192c969347ceca4cb5de9c8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    23be14a6cc777477d41496f807c9964b

    SHA1

    b1b23fdd030234849e06bccb3f50c6fd47a566a4

    SHA256

    1b08796f351b925f0ad67dfae08b3b1235a2c7e8484cd61f273275c2c6d9576e

    SHA512

    ff6c1751c06467709c0d3d4df60ae47add22f81c5ee6b017f14136b41cc3bdca9a016b6ea031ed0ff182f9d05b3eaf3f5b9b4fc10c508acb548df62e2de5652f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bc11fb1aec53041af626bec0182a9bf9

    SHA1

    99b87bc54f7d619301304a77f3557dd5ebe36551

    SHA256

    7e10898b85fb9e5fa0e829467825a02c67bdd7ae96bad891cf79b39e71a104c0

    SHA512

    de6471519401f14d9a8b574a56f86afe9da867bcc0ce205e50eb194959d9b91977ecc336f85741a7f2a34849d6a0af968fdff3d6cc6882149a8f0c037829b100

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    903f7fe1bc43220301b35363b6cefc3d

    SHA1

    951b6e025fb7e45d567a2de57cf3b3894bf3b9a2

    SHA256

    bcd412a8bf4af78398355db19c4ca09e71b906522e0e59c5d0b5accdf7743c59

    SHA512

    f9eb4368ab1eb8a4cef4cb7cedf23c6f2a73797c13745d4a2a837255981e8251831dce03243f3f1384815d411f8c960278e37c42f68fe5071328425faab22b3c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bf98a4f103e32d40da40abd043889323

    SHA1

    4ab099e999f0606718b111a9be53980a847876fc

    SHA256

    96c862f3fd7222f6dd9b10fb7e50e31c675d14105ed3102ae3b7b52e6a2f890a

    SHA512

    948ef1467e1b5cb260186d62460ebfacae4e7eb7d0274cae9143cd5f7e6f789f0accc0540d8b3cb93f6a729e7a43d0a931f20983de420e1ba1224f22317540dc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    c986ca808606d09df91158124cbcbbd1

    SHA1

    773f89e8d0e2cfbe452636652f81e21fc9d20c57

    SHA256

    6837acf85e4a7106e285995837a6fbaf427deb59b0f2579084365271588d2aef

    SHA512

    3d8521a2d34b0e50484f31772eb228cb8a3c61ba0140830752122c00386bc6467e4e0a4164327f1743d58eda123bc2d8c16d4c007375b1e294c0168fd11ad3b0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2FEC.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit