Overview

overview

7

Static

static

5

3DMGAME-He...DM.exe

windows7-x64

7

3DMGAME-He...DM.exe

windows10-2004-x64

7

www.3dmgame.com.url

windows7-x64

6

www.3dmgame.com.url

windows10-2004-x64

3

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    22-05-2024 01:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    www.3dmgame.com.url

  • Size

    122B

  • MD5

    49cbfed4fa9b3fafdc9d499b6163fa62

  • SHA1

    28decd9138bd3f7b3ef38bf9e40cd0d6305d1cdb

  • SHA256

    03df27e82600098c34c413cc2e45b43638d3ac33666960cfbd913f1c3f9a0b11

  • SHA512

    64e91ed564ef64d7687599012c4728b811fec2661dcb7941374cdd3a8450563073c67c452d97d43545f49182fbda2c26702dd35088723ace21717282d1233627

Score
6/10
evasiontrojan

Malware Config

Signatures

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Modifies Internet Explorer settings 1 TTPs 33 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL C:\Users\Admin\AppData\Local\Temp\www.3dmgame.com.url
    1⤵
    • Checks whether UAC is enabled
    PID:2168
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2600
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2600 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2560

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0f32a9205fd64a0931800d05e3c9c4c3

    SHA1

    7423e798dd8102965a11ec63287feac2c8e36a0c

    SHA256

    36a6312f4f66c92d83a46a48b6a91ea8edac30f4e639252fadc8e0f12d4017b8

    SHA512

    045920c23779996ba53a9e52c4bb36d101092f66541ff596b3f14e5b82bc0e6e9dfc0ebd9c23269880f723b23a8b20d069d670ec0103a45ca9b6b9dd949f6b20

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c4d043ae02add38f2a2d35c74aadeb19

    SHA1

    bd6826fdde1f16b1e97dc38942b4ec251ece54dc

    SHA256

    e4cca1fb5b5ae643d7e01a1602ad1f596b50fdb210572affcf995a49c577a963

    SHA512

    955cc0ababa2a636ada3498461a2b8e9a033fcc92b78a96f8f58edccb63aae429e6dd74776480e0e960fa43e540d1023b39ec4c7ad11bd3ca0e800be81652b7f

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b9656f84fe10392336f44b7d2c184fb1

    SHA1

    c44908cc1966cbc27f89171cb3fcef86a330a067

    SHA256

    950fa5dc70cc5981dda8d0f339b020747c48000e54feada1291f756338cbcc7b

    SHA512

    40d827f35ee746238ca998ca6b1159530921d0fdef1e062d312e00773242c9128679960b1a5828c6ffb9bbc50833d363ab06ec120f8cd381ca074758924d3fa6

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1df056e0c86d575d15d411700bb819bd

    SHA1

    ca73061ce2b24420ddf86667ef796c1bac80ac75

    SHA256

    506e0b8bab3c3d1ae58b8b28fb385f1e937c57a71f8aee865837d7bf085d7ce1

    SHA512

    cf69702124338461551ef0a39de65b3f70ff96057abd4d6ee355bfb58050a74ba04cb87d5c24b3ad9056548c86281c3b087fe1d6787cd0b065bc7c7a84c28ec9

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d5232293788c3313bf662491ccc8d26f

    SHA1

    39c8be7b8af373f37b578124a52132d55eee02e7

    SHA256

    089f50f558cac834bd7e374ad39ac5641609ac480fb28b1499d7e40c0b18fa58

    SHA512

    bd0479438f72e0ea10f3d289513bcc9819510aa6faf158e7bd720bca50c8deb2f0c143c56999e937f5e05462a6abc43a037678ec492715f5405a256ceaa2340a

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    204964bac9dd3e6b34d87bf6db42dbbe

    SHA1

    a7ff15e8c307584172d8d6bc1c03b0c3fe5c8a7d

    SHA256

    3cd961f9f72eeadac73a0b8395d084243975d6d405aca21b3e191ae0bf9e415c

    SHA512

    ae71a877b90df2a4c81a045df0717d436f477362147bffcd84d3d9cd0ed6ebae9e4d1dd573c3085edc680cbbac44ad3fac963a0a282a16bacb8f2653f120b371

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0c693c24bfdcc9d91f44bd8d5fa4319c

    SHA1

    a708a2a6457efca8071a1162219382cbb80a1adb

    SHA256

    bb0ac2c1888dcf139707e3e5f59c9cd3043e967be1530ac3020a85af83f14a4e

    SHA512

    eec499b790c1e6876f31befdd3ae1e93a6455aa67f574ed36f9e88e150995b2a43f62a9d6430fc0672c13285a40f255a5a26e1cb973aef927faeb527178c97bf

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    97b461fa733baf097d3edc1e28c3ef6e

    SHA1

    fbdaee10b0a8a69039f23c03a66fe1a3988b27ac

    SHA256

    2e77b10c528404fa43917701fd3aa446f29bb4b83a883b99ac75f62a88a011bf

    SHA512

    8fc35a7ddbe84d401b8c07a3986568b001818458fb1247383de6d93a41027286761bece8f50f2efc57f3cca2606e8e0fc96dc975d38662f16f732ca08dba88a3

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3b241e321810e19d7b7bc9d02d3983a3

    SHA1

    3e54c6d23a8582ba59e228ccad8c9c98fad92e59

    SHA256

    f4ff0ca77c3993671318fcaf11782828fe8d7e2a7e14d70a4a90bdbb617a794e

    SHA512

    bc9d92bf9f545795c85192bfa49167676b3bf07576658de30a20dcc2a714086ea0b1662ecac4fbaecfc37bffc8bfa97dd5f3dfe87656e39e3996ca01c5499984

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e5fa323fd731a1198cb4aa0be68e54b3

    SHA1

    ff0c5b4ef5ea2b41fed3d601e1e6cf8bc3f88502

    SHA256

    5b33971441c060a104123542ec09591acca9344bb19b30ad62520c05ecfb3dcb

    SHA512

    355a0fd8c889afd7a71cb8129b59ae3521f36f6cf1ab322b098b7e5be702034fe3c4d3da30c59455a5603550defb9db41d68a40dc393fa92342704ead900e097

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    04664a5a14538a6678dd70b2f084e0f6

    SHA1

    b051c7499f41fd432ecc5ca1699e63ff04388ec3

    SHA256

    b6768d393ef1669f86b1af7a902f45e1166b93942b9af68c5a70f572c5843649

    SHA512

    3628ab6fb9ec2e06f52f0652d325f3da681552edd2d4ebceed1f1a7dfb9a2f9687fcd525056fed437634b3ccc7657191705bdfefa25fa8777a622bed9c4fe9ed

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    12e78afc59c4fa156b4f15fef95810e9

    SHA1

    314f8130b1e44f791272f1fd493d24de8a69aa8c

    SHA256

    38bfa1722995eeeb886cac1546040e9659ee9176ee712f9c32795079b9951acd

    SHA512

    981a882fd43a851916de2480fbb735ce8e425a4325e0e38dd693862764e1714a57e8aad724a896613ecbdcfe715593aaa39858655616a0cf7c4605412262b453

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0cbe232e8f8afc0400de98b268fdbb44

    SHA1

    e09cc968e3832a843e0802061affc0ebed685aef

    SHA256

    6f83fc3cb560781f242021322142182256de1619f5633bd0a4fd517519bee17b

    SHA512

    3d7aa676ee6f8ad51768c00f1676629f490f94ff94390351e7ec1809a26167525d6a9cbe6a41c19da3e7a94bab98c36dd77809e33dcc17321625834c208be11b

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cdaa4ce13f4db167fb1c666c931786b3

    SHA1

    15736a035d4ecb17789cb9fb9f0f0aa07652343e

    SHA256

    4605ad62ddd5e1ccb293eb7139509db4ac333570a14b68d8882aa95acc483418

    SHA512

    b12f632f216c5e2ae59f16eeb44a68c4c9572f63e1e5936786179212ea63508f271911f909bb8fce4d3cd77802b054332319d53b3d070fb4531d0b4bb85be30c

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    22eda835f2ff42e97cfd85ff17a7e8ae

    SHA1

    e71db6b32fd519bb43fb0cbac33c85dce5f03789

    SHA256

    f3100ad0825a5ee9ca8b4b8d7b7152f75a80f36915dd021ee85bbcc377155206

    SHA512

    8b2a9fac34e900dff077095e8930d94594ae81dff79a856449b4c81ed77dec519b0079f7f54ddab1252bcbdbbc0e9906800984e28b8ac0e9ce018180b14a8e66

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2ff9fbc83e47a6a859c8fd1e91e71239

    SHA1

    28099696facf11129d99dbcb803a65e1b279bfc5

    SHA256

    3542860063771f3c757addfc223374d1ddaaf458336363ec348ebd5436205927

    SHA512

    9ec28855907aa075341e6ae61c74bcc53739cf37253635e4d10cbd7602f5d26ced94a372990af1ba4636fcd4736d6fcb978e571be173328ea80b7e66ab4d0d67

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Cab1103.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Tar11E5.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit
  • memory/2168-0-0x0000000000160000-0x0000000000170000-memory.dmp
    Filesize

    64KB

    Download