Overview

overview

3

Static

static

3

Omnia9ptn_...1_.exe

windows7-x64

3

$TEMP/Code...64.dll

windows7-x64

1

$TEMP/Code...g.html

windows7-x64

1

$TEMP/Code...g.html

windows7-x64

1

$TEMP/Code...ry.htm

windows7-x64

1

$TEMP/Code...ry.htm

windows7-x64

1

$TEMP/Code...al.htm

windows7-x64

1

$TEMP/Code...toc.js

windows7-x64

3

$TEMP/Code...up.htm

windows7-x64

1

$TEMP/Code...ab.htm

windows7-x64

1

$TEMP/Code...ab.htm

windows7-x64

1

$TEMP/Code...es.htm

windows7-x64

1

$TEMP/Code...ab.htm

windows7-x64

1

$TEMP/Code...ar.htm

windows7-x64

1

$TEMP/Code...in.htm

windows7-x64

1

$TEMP/Code...on.htm

windows7-x64

1

$TEMP/Code...me.htm

windows7-x64

1

$TEMP/Code...es.htm

windows7-x64

1

$TEMP/Code...ts.htm

windows7-x64

1

$TEMP/Code...ra.htm

windows7-x64

1

$TEMP/Code...ls.htm

windows7-x64

1

$TEMP/Code...le.htm

windows7-x64

1

$TEMP/Code...ry.htm

windows7-x64

1

$TEMP/Code...lp.htm

windows7-x64

1

$TEMP/Code...te.htm

windows7-x64

1

$TEMP/Code...er.htm

windows7-x64

1

$TEMP/Code...ux.htm

windows7-x64

1

$TEMP/Code...ac.htm

windows7-x64

1

$TEMP/Code...ws.htm

windows7-x64

1

$TEMP/Code...ac.htm

windows7-x64

1

$TEMP/Code...ws.htm

windows7-x64

1

$TEMP/Code...1.3.js

windows7-x64

3

Analysis

  • max time kernel
    134s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    19-05-2024 17:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $TEMP/CodeMeter_Omnia9ptn/Redist/CodeMeter/Runtime/help/6.60/CmUserHelp/de/cc_importing_updating_licenses.htm

  • Size

    9KB

  • MD5

    e8641667dce3c4e6db7a008a32d57f37

  • SHA1

    83ee0cf956e123002a16ff79e8c43bae35737152

  • SHA256

    0fa1df68351ab4e90d7e27c3b88d6c6ae8d84b1de52d049abfde76e3a05e90cf

  • SHA512

    d210a710a13745c7d2dddbc8390059d949cc850c26636d868caf743dfb4d60df3bcf3546ead8f044c66ee36c34b9a7104180c4609ca38f98bc058d71341b3cb8

  • SSDEEP

    96:8Hhnw7chj+PvuHvj7dxHSP2jEIFm6t+pjUJZTGb/08anZii7KZA4oxQ8rQ9/x5JW:8Hhn+vyb7zHgIFyp4rQJ/x5O99

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\$TEMP\CodeMeter_Omnia9ptn\Redist\CodeMeter\Runtime\help\6.60\CmUserHelp\de\cc_importing_updating_licenses.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1516
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1516 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2856

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0de0b095c42864a58bff841aad147376

    SHA1

    d69ca312e630e4bee50e82cc7b82b09442d136b1

    SHA256

    90a3986673bbf6f264ec2d38af0f232a8d75d7089a6b885ab9c158e205f08325

    SHA512

    08ebf660606c2b92d34fc0928a30bbde3bd184136c990c86bd5b862b6e31ab6d0702eeed5f0134dac0b6a41ba32db5d6cb75e507df0147b5f579329e1cf15d3a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cf8510f34e363ae585a8fe7be1675bbc

    SHA1

    afc01cac51b5b320c59c1afa5c9ae2ed02f17fe3

    SHA256

    7d45fd516590f33f1555a9345557e2fa353ef011fa4638f74041da4329f44a32

    SHA512

    ee46780b080a778e4b7f6c6d78d91726875ab4e5df21046635d225f1e1d0e412200b20b55bd83c9956b2a20ab8f341e02820549d5846bdd8848c98ad85802807

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    75105ff071a2d9396fffad2e6cf0f9ea

    SHA1

    b26a9dffd4eeff171c612373ce751f8ce0f0b76c

    SHA256

    d3503ef60ab1b8be07d0cc59a528dc06ac55659998f27c8a91377ac10016f19f

    SHA512

    d175308542447910cd1f3e464282037b4b3392a43c04fb4d557c3a73b8a48cde4a73a9cb24d0459760f9ff2527ddf2f9e7d19e7f3adab0b9661117582bcbf9eb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    52de8cb9c477a8f3a80813a9f57792ae

    SHA1

    443ef64db2aea2dee65be73bdaa4064dd909d812

    SHA256

    f9ba9aa1c75e24fc09733208a2c6d88d6095994ea1a2ccd20b5d1638061ad0dd

    SHA512

    a452d352c54a23f146df0f00e7b47f9cd5667aa0392311b612cff2b88eedee62d4587028325f9144ab89f0e591a8f07235e9d36cb0ac1d7cd98c36e90b35920f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8fba19bc9b8c0632cc05b8f202ab5b61

    SHA1

    4af21310931c379cceb236aa30be32829170deff

    SHA256

    1723690cf1d756ce87b1e222f12bde88a6b78cdc28ef5873b12d32a292c636dc

    SHA512

    89e94acfe8b14a2c0d4a47188a1213716d92073caeeccda13cc40a63941eb33f773f2c3805f573f9c926494c643ae63cfb9c18b8ca4af4dc756d752670dfec42

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f77953e213746b43e45cf2642bc54e61

    SHA1

    7f35c0c17e024114b6db2cbd5438579dc84f61e6

    SHA256

    45f9f3ab31e09908dc6b506c9ba82f33eb3339e379cf8c5abb289d388d5caa5e

    SHA512

    9dedfc360f038261898728004ea4a7167d0a4192f3e47ba09e5d0bce168a775eec16eddf84f50e6ab465e50b1de9fac9b4f0dedb89c047783430ee8128605ad2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    895d41d1189b6d923e3de2384821ec61

    SHA1

    93b52ee51b9785eb3c5506030d9ad88b51de5b14

    SHA256

    7864aaad7eafee59c9adf558b0db2d8bfb536a99ff9b21cd08cede60f54ee876

    SHA512

    54ada7e2b36a4d6fb4daa0e3363ab34eec4fd56938cd9fa443f98a53304ba856f91c7fe0bd35d6863ed77f1e7345aca5b23a1c20b7172b7a80d5de25170ff7e8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e1e9a9932f45fbeb5871019ba8a30201

    SHA1

    22d90a0c79e514980ff75abd0683b1a2ed9bc391

    SHA256

    1b34535a75074ead6c1cd7c546a9b767d512168fcf77ab035ef2e07a40efcdf5

    SHA512

    53fbab43d44d4bac8d58bd33072b3192df3be289a2025c12bcc17b2c2ea4a2229904e9121b3fec9886f253cb28aef3c5712026df9b77aae5b2eb1629f255fb7f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8cf6bfafa32e00cd73a401bc681e8fb1

    SHA1

    854a2cca6e9d49e1d1b9821ffb9b2281c2ae8d08

    SHA256

    287e67ede65a43fbe71144e51c0d3ac324a2e0afe2ce35b1e4c6e98572620b2f

    SHA512

    1ae479bc2eb4ecafc3830b8fb9d940fea1c20ffc5feaeffa91ecbe4764d70dac4d7e8c00c5634a2692de9e57106788d177fb0d54cee5b3115001d9081fd66410

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bd0df3f5c9d27572f47f2ea39b9ce070

    SHA1

    bfef7f9ebe056bbf6994003c19eed18579960721

    SHA256

    2f947551ab09a0852171ee23b7916370a1524551edb634198c6da74df503a7dc

    SHA512

    2a5413c41750cc2068329233a595fecaf6d7c5d3593be643a67f041c812e7485082122003f0cb33e1f48d540f6eedf7389f9e6002564fa38f85c84b67dc50d80

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    88c3a029671a22d54a9ba465dfebdd9e

    SHA1

    c77f96669ab569fa486efe64e1ba277fa740cdd8

    SHA256

    76154d7bb2797dfae155658b99f2d3d86c000ddd5a52b32129bd5c60f609fc13

    SHA512

    3d0dc095878dfc1767f86f817e6934d2356aa973949e515013b93061d53406a8175d22801417b3964886a6dfd05a401966528eedc3bced6b22ff91ad80432405

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8626c3e73aac06a23077e992c6da6137

    SHA1

    30eb4ebac0d690fc7be8626912f8cdf10eb837a5

    SHA256

    72476f559b35275a9086a2d0e3e3daf41df100754cc722dd1423f5d71df7cd71

    SHA512

    df98316da2b319c10fb5de501aaa426d43a58c0923920fe92cc971ba0ad857f02f5249e2bec5b6a786444d480f95d4e170733965a51968fbc1bf87c2b7af4b6e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    151cfcd48928ddea3466496f4e26563a

    SHA1

    caadf200dd31eea9029fb02ea2f71ff724774d70

    SHA256

    a58180e09cd4722aa28e2201687b727f35d45010667a1e626f19d8d7e266c730

    SHA512

    8b1800c827e4b8fb124253b008d368523d778e117c37d319c8be669d935424a852ec070851880177bfa583e30bd3b0f3b8475c39249118869563cdf59ae1c3b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4f114e22846b4bcc530bb93c840e78f4

    SHA1

    dda703507cd635059c7543f7b7b15f553e6bd382

    SHA256

    aaee450d0eeb290e9ea1b18ef9b94a150b3fa3f91324bbaee6f8cc6d755c5a78

    SHA512

    cf174688ef0bbd5f45b696ac72f5c7894b98b71a93ed0ed2dfbc916278f139193553e6b0b27721c99cede282385b0cc95826a0cc002cbbce67bd70471e2746a7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ec538338f886b7085512fa113cbc13e8

    SHA1

    d33a7a3e4f34e87e347fcedfe34dd81a70366816

    SHA256

    79938c726b025100297f1294c839bf3708ad48182557d3589ad66117d7ee4e8d

    SHA512

    8f4d51811e26d62bf0212d2b2a4cb1d45ca856dcbf3b781d7362f947ade5a497427748938872f2ab9a40b8b4c7d6397324c4e30cf683e192856804e4887e30cb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c94f92347317906b4feeb88c4c3ea20a

    SHA1

    0bfec1fb18ecf4b7f116e7e8120dd6dcc57f15c8

    SHA256

    e9267051e15ca1521b257773406ae6796c6fc07797bb51e9a23f53b7cfa20e31

    SHA512

    a1a546d2471f37fe1a770aeb7b7898b44e9dfde240c00d758ee2aebf9ffa36cc2ed73604ee8953668bbb6eba7dac1acc1d3f0f3f9688e825597b7d29ec27f11a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    da1d4ee553bf18d975cd5c232d164e09

    SHA1

    0461b8f8a817d6e2f8377286c36cdcd27af9714e

    SHA256

    0a46d081fc8c8d2ea179525f0c2212e8c0bafb0cbced89ae3f3e4f02ef56702d

    SHA512

    1ab2be8fd75a110ce1b61059d0586512bd92950526a626621f5f4d4498a0fbe80c3689549decd0b381518de96e1df7967c90b608a4c7cd434a065317cce32c1d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    95aa4450a57b6adde224af97c767009c

    SHA1

    d58e740fc8a8246b95a10b862ed81a43caa5afd9

    SHA256

    c2a0dbb928e0c5cce18f272386d2b4be1f8ae84f2a48cf37fadc271141d16d83

    SHA512

    213011feaa1befad7c1e0d6718d6a26d5eaaa02b7d8050766550544d945dd7eb052d7c86b594ab1f9cc9413daba9318c01e9bd6448dce287cb66fd61058045a1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3e9df370ca1a092b77bde58480ac799f

    SHA1

    cfa47ef236485b62a2168dadf489a08ceb7c2729

    SHA256

    a0d8c742ea58bf7c338d4e5fdcf25b42a300646107f6bed43748d4204665e46f

    SHA512

    369f48d606260f8bbb36d474ed94e4aa196b4c99600c92ac6e4d0eba53a3397b4fa6569e14a468109378e3dc5454152ec058b42f627b4244d38aaa0f37f80418

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3363.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar33C3.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit