Overview

overview

3

Static

static

3

Omnia9ptn_...1_.exe

windows7-x64

3

$TEMP/Code...64.dll

windows7-x64

1

$TEMP/Code...g.html

windows7-x64

1

$TEMP/Code...g.html

windows7-x64

1

$TEMP/Code...ry.htm

windows7-x64

1

$TEMP/Code...ry.htm

windows7-x64

1

$TEMP/Code...al.htm

windows7-x64

1

$TEMP/Code...toc.js

windows7-x64

3

$TEMP/Code...up.htm

windows7-x64

1

$TEMP/Code...ab.htm

windows7-x64

1

$TEMP/Code...ab.htm

windows7-x64

1

$TEMP/Code...es.htm

windows7-x64

1

$TEMP/Code...ab.htm

windows7-x64

1

$TEMP/Code...ar.htm

windows7-x64

1

$TEMP/Code...in.htm

windows7-x64

1

$TEMP/Code...on.htm

windows7-x64

1

$TEMP/Code...me.htm

windows7-x64

1

$TEMP/Code...es.htm

windows7-x64

1

$TEMP/Code...ts.htm

windows7-x64

1

$TEMP/Code...ra.htm

windows7-x64

1

$TEMP/Code...ls.htm

windows7-x64

1

$TEMP/Code...le.htm

windows7-x64

1

$TEMP/Code...ry.htm

windows7-x64

1

$TEMP/Code...lp.htm

windows7-x64

1

$TEMP/Code...te.htm

windows7-x64

1

$TEMP/Code...er.htm

windows7-x64

1

$TEMP/Code...ux.htm

windows7-x64

1

$TEMP/Code...ac.htm

windows7-x64

1

$TEMP/Code...ws.htm

windows7-x64

1

$TEMP/Code...ac.htm

windows7-x64

1

$TEMP/Code...ws.htm

windows7-x64

1

$TEMP/Code...1.3.js

windows7-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    19-05-2024 17:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $TEMP/CodeMeter_Omnia9ptn/Redist/CodeMeter/Runtime/help/6.60/CmUserHelp/de/backup.htm

  • Size

    12KB

  • MD5

    d378f1b9fda900f9cd4096f7ab90c544

  • SHA1

    7f6647330051be4874832e72545b75badffc448a

  • SHA256

    b86d1c75d7649897a6933f1da006f4a47dbda0023b172add29aa7bb9fd3a2664

  • SHA512

    6803c206355a82bcd58f892d1f569b8a7966da7fc8fc1e4138ba0d31827b7e4306f1f6f355545556791b9e3c2f5cad9a4718a3d9496170b0c3064e75a22fc239

  • SSDEEP

    384:J+yEQyoqT7klgIFCnlTjDuSJUOjqg/QsDtJG9HQ:YvYZC3UOjqg/QgtA9w

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\$TEMP\CodeMeter_Omnia9ptn\Redist\CodeMeter\Runtime\help\6.60\CmUserHelp\de\backup.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1456
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1456 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1828

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4d99b178e573eb834807d37983304dcf

    SHA1

    7500d673fc7c9a982e83bcf5184fd4686cbe057c

    SHA256

    cbb4fe49eaf468b695b15b5db61be381a7d9e6b3fe531837e2abe86242c07f0a

    SHA512

    619af3db2c0f5b27d108d85abfdf324c5cc19292aa5366321e9389c78e904b273e0f2498d1aa436228b5727769adeeaf23d71d78b22f47cc8497c8830d0d8d24

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    54b1012796054ff6649e912c0e6245bb

    SHA1

    b5b94f769b36a366e5ab94a1257b303e430e29ac

    SHA256

    98d709027d6fe66c93eb4d8d3d916ac2f0536416375ad7938bbc8e25786e133f

    SHA512

    69845e6f12763dfece2d762db7fa5a18b36ae7638908bb79806580ae5257bb212886a745aab8c0a1260badd5cf18fe9e68efb2285ff83169b81503481d51117d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4807ab72359498de7637db110241848c

    SHA1

    c33074d3006abd43727416a4692a257594d4b4f6

    SHA256

    906cf1fddff2fca1b12ce5c38f3d79093e739cdd4da3c5aa8491fe1d87872c48

    SHA512

    fa605e303a070919a74330b7404e461b03b25374a29834aea5c1a0e046ba1bcaa7bc2c593e88fc3eb27132557eb9e9ba192cb57df3d8ecd0e068e98223cf62d9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5fc82aff495a4fc16dbc4b95f5a558ab

    SHA1

    4adb62fd211fa92e0f77295b0448cd29c93eeb62

    SHA256

    211ad45e8aaf0cea59bc3feda058a3c8274e1c30b3710be663099802426e5ead

    SHA512

    2e65c675680bed2ec6206be71a85b70d3ab4b4af61b1db050427972723f72b8aac5dfeb876ec844d5f001079b3297308a60ed7d6b9ea34138e2b41b8a87e35f6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6a58b41501cc741dcb4eed0fbbcbd0e0

    SHA1

    26afe3790fcf481fbea8b3016baf997a57d4d8e8

    SHA256

    8ea1173cfbcabc8559c091c9d6d42d167ace0408b241e7fbeda5e0b1c6f9a500

    SHA512

    d2a4687fe55099cb06c54d42c4bfdd0c0d0be89e7317d973a3b0434e1d005e288df2a1ade8d1b55d917db374795ad01771eb5ee1453b6145b987950d2567081e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f903476a8542d4e52d88e336c9245755

    SHA1

    9e152fe1678780e9d80898569a341234e565310a

    SHA256

    5092cf5d474dff47e3b5c77f22768102bb91ef9433813695fda7e3c0ceddfa2d

    SHA512

    f922dff27678239098967b3831e1ef7186a210a0adaf3160586956d5bed1c3cd34fd89f642402390209d4f1ed9ec103f0a189b78c12c308843e15a27301348c9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a6f194ebbc4d6eabdec70f37b9c0ab5d

    SHA1

    953df8248da6dfa20b1428b0563031fa692c62fb

    SHA256

    ba492c9c848604fc7b076602dff46743fef920207d9fec1e543b3720e05a0c34

    SHA512

    6c2c4eebf32d799378998589a77011d61ad0cdb104a5046403c3d8e09a353cb2436c6b8f9e4822b5f38b0cdc14f3b455aa1c34c5d48e913dc49f567f5f6e795a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    17ec274425e18a1d01f1af5a7fc8cd79

    SHA1

    06bb7398517f3d0b708cbb4c06a640f2b4957bad

    SHA256

    c584d19a311fd7f8e76df3dbdec6566e82930406d1756566c7d20ceca1cb25fb

    SHA512

    d39d10f17f571e78b4c987bdf9d9d01bc33e8c9c61a8631bdf16f1333fa79a213e33a7073e5518fa46e2ebb705a5971febf8f7214f405e657a7b562993be9ded

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    978754943a0633a163ab15bf6f539d54

    SHA1

    ed00a4bb7b9f86bac32d89d75c1d0a54b3140b74

    SHA256

    c5009ba33650c01dfc021f1ef1bd5e080f6a4aceceb60d060885e4b61d6c44aa

    SHA512

    1b77b6e0bb68b09b389e16e8520a8ffa607d2e8ba3f6ef849d06e5d9555dd2fc9f92bf49671df6b0c902ae209b790a0bbeee05bf5ab8dae428441d4ed4df207d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    705c93367e1e6043971d91662d26b4ae

    SHA1

    bff858c74945fae8210dcce4aca750135296b75a

    SHA256

    a06897deee92969fdfe0a22cd1d7447204eb88e4ce3745ffcb26b97171b058bd

    SHA512

    d5110bc999aee3000608a5d43fb24a1938f4e1188938bc3eadf11983b73e6dfec9f782500c542ce2491d7f9395d312f714bef31ffa422e3162af1109f331a39e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8414e6f393f759e2c121bb156ea56673

    SHA1

    99fe606502ec59726d9f63b81086b23adb619324

    SHA256

    2495d6a8d706255a026e2254b3b504a7ef25e7d8bdb94a7e44bae1a21d31e308

    SHA512

    89e0e5e98a7b327cc893efb679e749b6fcc25d25b6fbbb2322d93500bfe1d3c14b39bc684cb28f58f9e85a4a984a67f048dc45dbb089a9a8df67db3d8afc049d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bd6b16a59dfcd0013a939b644a67c2a6

    SHA1

    2d8165851d53a72cf0575dd53503a9e30b828198

    SHA256

    80e5f3b33a84b0f2c3972285fbc5d85f68054cdce7328e86771f8f56ebd21a07

    SHA512

    9a0d0a7ac0727ffc2caf24d22a4bd3bc1857500df137a358bc612a2bd026bb21a5eb044ce2473d1545d511ba56b6d5f05029aaf1ec94ae9a77faeb97e5108655

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e31ce0631ae434465f1fd2e951439d5b

    SHA1

    c813515e7c517d80494e9db0f21f1a9064b41709

    SHA256

    870f4b5e5c0f9b1bb942a26ca6fbc421b0ce292812b56ff7d836c977d396586b

    SHA512

    f689b56829a6b4205c31e53a013a3a926e5ed3a201dc73cdd6d37379f1b5eaa29e18b1f5bfd32eb10cc58948bbbf0598529403f1978f4f84651af7d6409392f0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cab4b110a030cbafd9c21f8168692132

    SHA1

    bd1975360cd5030c8a0bcf3aaaa6d53c616dc1a8

    SHA256

    69c32f8be0dc26c18cca869a72513aabc781f325a2b89f0466cd1ede8705146e

    SHA512

    db26645281cba3daf40f63ae47ed5fefe3b2884d065e2a404e9f277ff4f3b8e000ed408b20ddeacf84d4bddba62e021c51888f915e7c6def1be47d12a615a4e1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5e1ccb8f235fe54fa9dc1a4b4f0ee745

    SHA1

    24e23881c0a977a87b6694ab246337f7fc155321

    SHA256

    9f619c075903bd9694b490b7b4a6968ced21e048b2ac2c5e2830e87a9eb39305

    SHA512

    c9f4c9fee9f81022d87b86376d7567c0de65c9df21760f2acede17d333623884e809d3ee8d202eee61c8fe4314d696ec185f357f17f957512762d8ad5b27c98c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    46aa5ade74ba35ca472e80864767e0f7

    SHA1

    872277d3421e80553ecd915acb2de98a79a62fdc

    SHA256

    90086bad4837dce962d2b09e4a357fba60b9fac3c3c0be39d65af0175de32681

    SHA512

    d00cefb441858a679c3658cee8969a89f66dad00424796356fa1e4888741618c988d355e21e87fe4eba10667cf087804f88e8b25eed873a30e101b93eb847e88

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab4EFB.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4F5E.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit