Overview

overview

3

Static

static

3

Omnia9ptn_...1_.exe

windows7-x64

3

$TEMP/Code...64.dll

windows7-x64

1

$TEMP/Code...g.html

windows7-x64

1

$TEMP/Code...g.html

windows7-x64

1

$TEMP/Code...ry.htm

windows7-x64

1

$TEMP/Code...ry.htm

windows7-x64

1

$TEMP/Code...al.htm

windows7-x64

1

$TEMP/Code...toc.js

windows7-x64

3

$TEMP/Code...up.htm

windows7-x64

1

$TEMP/Code...ab.htm

windows7-x64

1

$TEMP/Code...ab.htm

windows7-x64

1

$TEMP/Code...es.htm

windows7-x64

1

$TEMP/Code...ab.htm

windows7-x64

1

$TEMP/Code...ar.htm

windows7-x64

1

$TEMP/Code...in.htm

windows7-x64

1

$TEMP/Code...on.htm

windows7-x64

1

$TEMP/Code...me.htm

windows7-x64

1

$TEMP/Code...es.htm

windows7-x64

1

$TEMP/Code...ts.htm

windows7-x64

1

$TEMP/Code...ra.htm

windows7-x64

1

$TEMP/Code...ls.htm

windows7-x64

1

$TEMP/Code...le.htm

windows7-x64

1

$TEMP/Code...ry.htm

windows7-x64

1

$TEMP/Code...lp.htm

windows7-x64

1

$TEMP/Code...te.htm

windows7-x64

1

$TEMP/Code...er.htm

windows7-x64

1

$TEMP/Code...ux.htm

windows7-x64

1

$TEMP/Code...ac.htm

windows7-x64

1

$TEMP/Code...ws.htm

windows7-x64

1

$TEMP/Code...ac.htm

windows7-x64

1

$TEMP/Code...ws.htm

windows7-x64

1

$TEMP/Code...1.3.js

windows7-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    19-05-2024 17:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $TEMP/CodeMeter_Omnia9ptn/Redist/CodeMeter/Runtime/help/6.60/CmUserHelp/de/certified_time.htm

  • Size

    11KB

  • MD5

    c9499c08dbb8ff317ac10b6daf9448f6

  • SHA1

    1888700b6b5d75fb50399ffc1c4bda5bed140053

  • SHA256

    eb194977a1eb43151da4dc92984e60a10c9acc497ba4bd4a45301b0ff2740c33

  • SHA512

    b4a5eb74abd2a3f7e4db20f5f5bd87a27838f6f32446e9d341578b3cbff41776a459e8bce231a036e11f6e701a4979f913e79dc0da4541ac5b908590a1ff1a8e

  • SSDEEP

    192:nHwmn+vgd/C7VHgIFFp0Y8rlUOSdnpjPVb:Hg79gIFFG3JUOSdFPVb

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\$TEMP\CodeMeter_Omnia9ptn\Redist\CodeMeter\Runtime\help\6.60\CmUserHelp\de\certified_time.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2864
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2864 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2632

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    806221e5960b0866dd9488272018feb3

    SHA1

    dbf9151571c9f50d61e0b50b20515010ea81dd83

    SHA256

    5dc301912eb15c48827487ffa567b66a16e983ad6109a71d90f0c0f903d44725

    SHA512

    7684aac7e1a7b3d05016e99feda63c2886e83192be8d05c2c85c78bc6b7e1297eefd29d9655020107ae089dca66dd76ac777f8f5dcf43188ed112681fb3ebc1c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    59f7d3b981c65f8d36f3a05154cdf21d

    SHA1

    13078dc7dfc62e829fbc9ea6bead6338b6b8cea8

    SHA256

    cc3c01ad8370b5df516916301bb8fc7af686e278dcfd7088845bf5488b29ebc1

    SHA512

    2458fe7414336bc52b96b2e58305da0f1a5d2be886e53d68d6d59a43281cecfa405757c5407250cbc6ed9889d679a5920c277b127799c141f8c499271190b2df

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    81ccc4ea1e2c131dadd7521fa2e7c2a0

    SHA1

    b659f59f9a857552f49ad70d6d994c313f3e609f

    SHA256

    1ef3d23453d67ff5827290391a75e4d4de9177d7f6e2f8ddd7bd98e2d0b06f22

    SHA512

    608eb6bcdf65773c9f7fba851dd3ee8bc49b2e06c88c873e06e4c4e374270da8b91299412348357658a0c5d43acfdd59369c9aa4e9394c9259a6e3aed3585948

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    882c7e61c6c44ede64eabaa60e11b775

    SHA1

    e29d9f8c4fdd38842ac164e2a7e9227a340030a7

    SHA256

    065cba97a497b9528c983f6d00d3fdc552c93159304f9c54600eb1e25db123ad

    SHA512

    dcefeb6baa68134c3eecc5f3c0bb54ab74411ebade311e14fd21567b96fb4df2d06cb63e7f3465ee203bca785032627bd981bc9e80fc6a6b264719360f3d0c77

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    459861562edc2a5286c04694dce33c66

    SHA1

    cb5c0c2c253297e8ea7123e68276a6cc2baf400b

    SHA256

    5a0838fc885444a5be030cef519fd969e6c79ea78b19a8fb9bedcf0f19492eca

    SHA512

    0428cc3f96c5a36b8346bd44a317a691cebacf836a827a7a8868cd063179dfa9fd25ece24f292661e93be8d2c117e1e8ed4a063a87891f1124088f0259b14ff2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a6ba0fc67b793823b1aaeb74950a08ab

    SHA1

    7659279ad6da996cbfff0f92f556412b7e67d2c9

    SHA256

    e6c6d079abb26717e1a1bfea9006df71f96e560e91e85f951721b527efa70fbb

    SHA512

    f1e99c6193b38ddc1110b1532af114faad910b62b81b9a990c36c33d524d7ac53226a756f5f766f6e3b7a94a4dc238a0cc7e97c50ad49dcf8a37aaa681aa0533

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    deaf1648310e637b7300c11785e417d5

    SHA1

    6afd3c91aab4f4e450594018997639e553589b7e

    SHA256

    74b5e32df3eead1264b1aed9ee05b6d62a529cdb86f4c41d1053154af3f01ec0

    SHA512

    37f7f5cff59034d4e8df73ad0cd50f8f460363f052676b02d41c56a36e72633b459d9bc65affa00d76fd68d4a6f1837c0715802906703a6ec4a23ae5e97081f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5ca436f7eed23d31a7a3d9cea872d194

    SHA1

    9874e7c9a78d0ee90fc0ea31e9dff7e1e69c4d35

    SHA256

    191d4cfbd035935ddbdf6933d1bdaf76f6c90bf7232a4ee689894b11f1deceae

    SHA512

    8a50ef1eeaf1d0f0645fba404c8cf4c83e340517cf269b6f00c6e2f534a005029df67da076d8907f3ba0edb48543c376a6fe9e99f3803e03fc118091d76faf8c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    329cca008432de1da30e1d26f33e2fbf

    SHA1

    8abb3017cdfa073fe474e3a6fe1348f442c4f538

    SHA256

    1829f6419f6bad1ad04fea4e8250f424ea5b46043ee45e9402195d62a69696eb

    SHA512

    6e988ed53d39d8ce764cb502a1738f354d9451bb6c7477fdde83f24cfd70a113bd47cd38e9451eca10c02f633d498a795a77d188ecebf5ab43c5cb8fbf144072

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7c0b1420dca0104a853687711830d3d0

    SHA1

    cd9655713e1904bc80a27e36a273e0274df45b07

    SHA256

    c0790d98f51dcea09dbf0f204bc1255cd33245d64754a1c9840fb0f30ecf508a

    SHA512

    e0c05d2f05f687ca4c50db636b427a7b08d5f9b8c76561c83b031946079f40c9c3ca5fe591de5dd2d9bda9df9cb131757c32701f658049a50a4172a7143de9c0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    621ebab96af677b9d12bcded5d826d02

    SHA1

    c1da39d97feacca56fecf609c1be9333e120ca09

    SHA256

    8b96ec1894858da9e962bd774de1ff1ff55ba28ee2cfbcde6e957b9bc0663220

    SHA512

    8fbf7ba2428921a5ce2b328649d85432920c9551180c6cc24b34fbd19af5446652a0734e2cec7433da5c962155e25cf3a3a3eba34b674f303c6245447bd71e28

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    414c47458f55a92d7dee912392e63e60

    SHA1

    e586030f803be877413f5a392f99211ee90ec975

    SHA256

    4d97856f716548a3f4b6bb5d003702936883eee47326ef1933ace84cc5ac30b6

    SHA512

    4eaaa1aa1426155f821a81b42ba5290b9d9608cb2d5b549dddbed220e50519cc6a2b02c8fd7e3cb2fd57b1a90c5a75812197100ee66bbf3ff69e2b0a998f1b31

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    93e43a2b56395358b707a5c585a4c0c5

    SHA1

    d92d7ed791896b75cbbe1ff5ea7fd7fad3f78c05

    SHA256

    59f0c54242642194c43ac642325e25abcfe07b9e33419bac1778e35356dd760d

    SHA512

    7df7b40ff387d5fa8ea7e216126f936cf2414315c41383e6526f42d6e31ad2571fc1a290279d6e2a2c95f6133c328134e6455c6e166d6777e3154c027b9aff67

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b2b931c3d5d435ac26dc6a2a915e0e7a

    SHA1

    8e3e8168b1090200c0f0761f443b65598a7aff21

    SHA256

    ad42bca0291ba1e6ccf7a50ad55ade2e762e651d2ea4d33952b4162498504c96

    SHA512

    e8f6664524da6e1322de235209f536f3e06f530454bd46c4b1560ab45188a9668aef7993754cb04c15ffd0216339d9cb9909136f26526df1ddec557b441cc1f9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b24dd11ac60874073e2ad27f7e35d8b6

    SHA1

    0bacb5ab62be4973e2d24984c930605fe81f3a4d

    SHA256

    0fffb6ea55e3ed07e0343cc06ba79241deafd695fa20db5e2ca0efaf99e1d3c8

    SHA512

    a9a5fc82492fe16c9274f5536bbe08cef2eb2f9e5e3edee1ad266a8684d6325742b96402e0498f8d396b6c211a5dfbcfbfe7ad786a5a16d4337a4675857200ca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    43cc265953afc862688c555720074015

    SHA1

    bcc735d9a1138d724f81ee8df8eea9fd79fea5cf

    SHA256

    21aae55146717c7b078cc09a910f9d5439e7649c621d358194d07bbf07382cbc

    SHA512

    a3d64c625355e4571605bc25cb3773855f4207290b9878b7fbb5e9f45836a8e4f81da1f479958d06202723dc7523c532b993f81a4e6c559af6cd7e2567b05bf6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cdd430fdbf82ec173d820602da0f3ceb

    SHA1

    fbf52e293404eda28cb9e81b28900796f321c228

    SHA256

    88b5bf55f62707f075e25d79a8cafb5cd33b36977d66062cc03216110f9e3436

    SHA512

    0924db38a318540e67fc86dd046751f5c5e06a59ab339d4212d0cacf836631cf83bdb26f33d1954eeb03ac75b9e73fc3622afe89fd07d3bf6bcf82b55933d310

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    173af81f8f599cf9a52097ff67ccaa39

    SHA1

    07e941e057891dfea594707f0359fe7e28e4c94f

    SHA256

    92ddc006b246536ebc60934f3940480554718f4a9754f2df4f1d1c9536349ce5

    SHA512

    f639d8d081241e5f9b61471138e065cd67c4197be7e308b769cf81e8cffed16927dbcf2687fece7d9e08958666b08a0508fc15e1caff5e86f8b133885df10b34

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3a75fe9cb89d8785e0646494ac29ec0f

    SHA1

    65b929f8c7a64f12e14921d8ef794fe90292b331

    SHA256

    2ce9cd42b15d80e330be37010f10068dce432d170fa0ca0f19b6dd48938186aa

    SHA512

    b560b15b376ee76ee994f5c760f3f4fa5fd782ad82faf756030cc9271e8a1d25d01d14769f0769a784dfd111987f85a9faecd25b6780bcce8074627411ebd667

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab401F.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab40EC.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar40F1.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit