Overview

overview

7

Static

static

7

20240402-L...5a.exe

windows7-x64

7

20240402-L...5a.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$R0.dll

windows7-x64

1

$R0.dll

windows10-2004-x64

6

CefSharp.B...re.dll

windows7-x64

1

CefSharp.B...re.dll

windows10-2004-x64

1

CefSharp.B...ss.exe

windows7-x64

1

CefSharp.B...ss.exe

windows10-2004-x64

1

CefSharp.C...me.dll

windows7-x64

1

CefSharp.C...me.dll

windows10-2004-x64

1

CefSharp.Core.dll

windows7-x64

1

CefSharp.Core.dll

windows10-2004-x64

1

CefSharp.O...en.dll

windows7-x64

1

CefSharp.O...en.dll

windows10-2004-x64

1

CefSharp.Wpf.dll

windows7-x64

1

CefSharp.Wpf.dll

windows10-2004-x64

1

assets/ani...x.html

windows7-x64

1

assets/ani...x.html

windows10-2004-x64

1

assets/ga2...x.html

windows7-x64

1

assets/ga2...x.html

windows10-2004-x64

1

assets/ga2...2.html

windows7-x64

1

assets/ga2...2.html

windows10-2004-x64

1

assets/ga2...3.html

windows7-x64

1

assets/ga2...3.html

windows10-2004-x64

1

assets/ga2...dex.js

windows7-x64

3

assets/ga2...dex.js

windows10-2004-x64

3

assets/ga2...min.js

windows7-x64

3

assets/ga2...min.js

windows10-2004-x64

3

assets/ga2...ex2.js

windows7-x64

3

assets/ga2...ex2.js

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    158s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    19-05-2024 19:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    assets/ga2v/Rain3D/index2.html

  • Size

    2KB

  • MD5

    6e500fbdb26f26481163842219b5336a

  • SHA1

    49a174fb7356dff04fd58332037d61948c884b96

  • SHA256

    2c978744784ad61d4ec7045caa60e82898effea1d642dd1f15a1646e7fef33eb

  • SHA512

    6b6463e067b34a00b744e5d64382358d5771190b405b75513283cb072c8ffa1a9f5ae2fa17d5f88366656e09c3f1a5145b9780f9955d11fdee5c0ff18b2a2f19

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\assets\ga2v\Rain3D\index2.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2988
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2988 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2752

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    965b8d5bbce33ac54370ccbb578a91e1

    SHA1

    76eb06f0dedc3ad3c0f06f9fa4c251ce518d46c6

    SHA256

    83e3de54d4625ee34bdca6856009e5506bf423c9bc6b13d808ea49e067dbf33d

    SHA512

    73e91c669f415ba17feed1d2dd78d9632bee7b5763d11448a48f08fdedd8817f97420a8f047fa25981f831f5b950d994f6f23802dbffb6734b5de63a94441f7d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5ceab86c83b7392357f2fc06187fbb85

    SHA1

    f548ae0c065b5152ed4fac70a1e5f62665d48e07

    SHA256

    23fa48654b53f6723412ab6cf6c43aca9221ccb3c986250a2a4e1f5869d77628

    SHA512

    42350995a905bac4225a511519f80af354e90fd014b81c4a68ce7719ba7caa875ed092797747c25f8b86a7d770ce2b59dd06d15d215497649dc765bba5b9ad52

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    141aa3d193daeecb84f7fa14ecbaa36b

    SHA1

    7272ed613297172334a86b2aaa45af425c9104ba

    SHA256

    eb7acc3481764b8b7319bdca6e733cb5286eff4289d4d3bdef10eeadbe96c56b

    SHA512

    dcc9abca7f17dee616e01ee286884f2b36611909a18379b2dcdcdad4bf7af1ca8691d29c56fe03f0b33aa21b4f54e1776947809a585233aad81f2ad99d5ca93a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9bbf2f52569f91e93c71253e1cc1c56a

    SHA1

    1fe991939798e65bcb15fed0e7fde201068eb79a

    SHA256

    6b77df2299cfe2542434d44b72b598d5aaa007c4782053e47eb3bbfc96892b7c

    SHA512

    95757867cb557e2c5c4c7c7a09d7347ede036ede5cca0834c1ede4236ed14f7aecf7de16b1fc8124e47bb0b50e93f91988029f92afa16314e1cb910d46162fb7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    027278a9431e692838556103eb253466

    SHA1

    bde1714c5bda8a508760396726b2fb7369045e41

    SHA256

    3debc61314ce76717d998a4810bd45a0d18f43f475cb9aef86c61e698114b40d

    SHA512

    8ba78758cf89957deb3895bcad3cffe61d48ed8d1eadff682fb601a0c930878e6933338dabdd284889122c36f4d4f9d176edaecfd924852854285d29a839b489

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d94af49af156f37f58e09105a61b5c28

    SHA1

    832e94f0065d785f524e345bea091fe2029cb73e

    SHA256

    e5e28491b20a8e5aa52c2a16004fa49741e4df7e6a92f0764c602b99b452b14f

    SHA512

    b5c8f3b2d0f4013705697ea1e1cbd22cb0c2d78767a850f92c2d6873af02f8cef4ae08b91d561ba9f51cf54abe516ecf02b99bcd8b9220e59ae7fe5fef240cbd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    922a0552fd5d234d2584dde41a05d0f4

    SHA1

    7a851a4365b7caa72e20876cc0d8c077e4e61e53

    SHA256

    bfb3a3631fde67fdb99083683d944abf3cfed1a7d6cbeb419dfe10c010a001de

    SHA512

    17758fa28084273c0976a976d0b478e1b514d990c15c1eef075277717e10efa1277829e589d5cfc4b90a37425318d2152b0e7f9e7bd48f29540838ed4ccd8a2c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fe010671f7ca3c814d11d57674461a8e

    SHA1

    89409a4f2e3dfed1ebf7dc2dbdf3716522c17033

    SHA256

    cfb5c48f60d4b53e91850352cfee02db45529fa47c67fc83db2c8037a4a6e86f

    SHA512

    c5d997ccf599924a4824b32915932ea3c27cffb8c8551069bde7e136ff316a4af12058c787aadc0fd11d23fb569c11ee78551c6eba2cfeb2ce7a9e3dceddcf95

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bb9fef9448b43d52a2b8a6c7798f7bb2

    SHA1

    1c80007a946f16c59462ab871aadd0efe70dd513

    SHA256

    88ad59cc7db3e691669ed7dbb40706d26d9727872afe6e185df4ebabfddb4c0b

    SHA512

    b9980efe614383b03266fe68e062ab290fea3ff83a11b2d87994bfdc4db5797547578bfc27f810488d24ae0331daff53c5e4266832e1100c8ff76fac7b488b96

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    af32bc51144da7c4382210a16dbea2a4

    SHA1

    e1fc355d33bdaa792c0b373b6f7e2dc9a372aea6

    SHA256

    a9277508e6d31e73d510380053e52e501ed29cba4698d851fe337d794a5ef6c1

    SHA512

    7a5660041e746fd17fd8d677de596a9a9f0a993baff5f3842880cf48e3b0198106d4aa9d672c0d47100c8562b7ebb0386878d684739e5df026316383ec881fd5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c1786cb3c1cc363c0952cff7910f4075

    SHA1

    b98705eea5168b680f0e74f1b1d80e13a85ddf8e

    SHA256

    134186835c17299f08972115991d3120e75b8b52a68e2f280495558f2f156846

    SHA512

    1c9474f7f2c305de9cbae753c178ee0e142233ceac0f91754d7e99a7f5d35c60dabb2c05b109dc66e132507dd54dab58a90a7d7fc0d868289378ff7f29b4fa56

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fb3d38c5cbeda6c3aa7dd58ae3fc98d3

    SHA1

    d92752d06443083e64c19f2810746b647af4df82

    SHA256

    bb5899d66556c45366887fac050fa07f1748b147a6e22e63538a71dc778a40b5

    SHA512

    1ef13707598d3df63288c43745b69588ba6d70e560df3ddbac8722da1c19c48a0c5e1518741f6a07f4dfccbb1709eac618fb89061329a6df72eab6077b25c98e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    18869e0a0fc067601d0f7f28e8bcf62f

    SHA1

    c368e4bf9467dfaab33e015d757b1eed1c359c55

    SHA256

    81e2631445ac27778e474d3072421cb17db2c483cc857ae2f95ac345284ec5df

    SHA512

    f380f6af171ed1b30e253b2233628adcfeffbc94c936d49caba141af8367e693511107fc58b5cd0abc8ea67bb7f429e94a058c2ac0a465fd419948d4925dcb51

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d1ba5350b9100e996675aca436170434

    SHA1

    8ee6499e1442a69a3e7386da016821a33edbf516

    SHA256

    1f707a67846cfd45e0a7b7be049904694c2fe5849eb3eeaf8c5be64ba4f118b3

    SHA512

    897748eaeff2df859c2da692098ea5b846a5ef2a3f6440026bffe7c55c87ba1259c71ff52285c1efb23db9948865df3d6f3d01511cbe767ee9bdc7152915f1f0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7b5e23f4afb37a6204238f92559b519e

    SHA1

    0d4e2124ae19713737c98a5ffeecb618a10d629c

    SHA256

    b3089e09d8f4d834927476655ec2f938c29dfb1d1268d9fde71b4bfe67456509

    SHA512

    6dccf7c404a3c97b1f95a463de7d1821da3b091c74cf911b4be33cfbc49f5814cb72b14c7e4dd95577ba07b4f38e227b7bf0657322e6e4eafae9e36e4a40891e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    71d062f2a79a2670ceefeca7517132fe

    SHA1

    9020806e70d0f560117d700f0e1f430047cf7688

    SHA256

    2a0d4aab5cb49f0a00ca8728aa81f8c1f95e87c850cd5171a541505657c0d171

    SHA512

    e0f87903bf440a8595d4894962804f6b9988af47a5f4fbff669d8adff5e73d05a55585dd5b360960e8a1df09a90196f7225877ee6d8d45d1b91552e6a3b03b20

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9F2D.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9FDE.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit