Overview

overview

7

Static

static

3

65801f6887...18.exe

windows7-x64

7

65801f6887...18.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/inetc.dll

windows7-x64

3

$PLUGINSDIR/inetc.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

GameManager.exe

windows7-x64

1

GameManager.exe

windows10-2004-x64

1

Microsoft....ll.dll

windows7-x64

1

Microsoft....ll.dll

windows10-2004-x64

1

Microsoft....ck.dll

windows7-x64

1

Microsoft....ck.dll

windows10-2004-x64

1

Readme.html

windows7-x64

1

Readme.html

windows10-2004-x64

1

Uninstall.exe

windows7-x64

7

Uninstall.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    122s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    22-05-2024 01:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Readme.html

  • Size

    2KB

  • MD5

    d904c589e9808938fc8accabf6656a3f

  • SHA1

    62f95ffe948e8ca430fb46757592646288a3c28d

  • SHA256

    5c6a6baf2a5cff95557e90e697884850d32552a03b1e3bae7bb18fb8afcb1651

  • SHA512

    1481be144e653af8a5f32f038b459c820a67421b920b9af7771337a506aaf1288f96ba5b6225b4e17830dbbf6a6e16d5a7862499211b3b6827b1d392b8e6ce6e

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Readme.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2988
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2988 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2484

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7cdff0aff37c5b15e7dbb9e143cfd83a

    SHA1

    dc85bee09c9f221c753b9b0453053eb5fad9322f

    SHA256

    1bdb30b1f1e768af3ea64143db1f4c702d64888ba05be1863429124ac27f3e29

    SHA512

    a9833d10d133b0999836f4dd6c31bc356040f12e93b6c1034031fc4e043b0edd1395671aef9bd69e0cddfdc0a4b8ec130d7c58bdaa8e1fcc8561243e252c001f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    705a6282e7cc4cedf92d48eacb104539

    SHA1

    74b9767d9e73ddd817ac62f9447ec20932e67a4e

    SHA256

    f9970e44bac45cdb4c587d1e3f2a0da47e4405c58f14c8f53172f63f41fb641d

    SHA512

    2e446b3f1b45a6eeda118624d48efb7d25ba61838c95a457a8632ed11fbcf023f0fd25e2f7ff83895e40b5490490d007ea8b7005e4bccb05736173b30957c2b8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8e55a9d9ea000b412a6221400bbc26b9

    SHA1

    2a1f8b427641cf8a4633d421fee61e23bb9e44b2

    SHA256

    6068381e1c8d7153bd6938b0db1d15147fa928e01d9894d48dc909892872abba

    SHA512

    7519e7d5c2e238085d65b0be9b1760919d07246226ebf79018221a01306be1d91de43881379459a06402cb5d910265f7f34dc2021c44d99d6cda6dcc6f489f10

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c005252c63564e2aca67655c90388322

    SHA1

    d9ac613ac1de9cdc3b049bd46281c21b19245f15

    SHA256

    50ee8042ec6ce8ae7ee112730a024c49d95e31d0f01234637c5768f93e26db2e

    SHA512

    04670742f526fc0bc039f886b99484d4a3543faace47358d3a643c853333bf35768d9e8acd80d64c432eb91def6231a53049d43b1a6db2b8d5f8490cc2cb9367

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    185176ec116f8204773c2c69ae37d13c

    SHA1

    e0fe95df5444d7b1493c053bbba0e74de9e6f139

    SHA256

    b45aabe6169b73d3c339861e4ca1e820b9ac836f3ea0e26661bf39bf121c0fcb

    SHA512

    3e7de21b436a10050686c0a057dcc6a89f212b7b27883580e5c88b19fb682ab309639fde4d0a07c6ce9791e839645f79296010f9e6d9453dc4cd137c719d28a9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4cff760427255e5df4ad2cd476841cd3

    SHA1

    ca5235c68d16abe905ce6fce1e9e69e49800d4cc

    SHA256

    39fa2a57107375ac358e9265a67b8450eddb8c14009a043c4c30338ba5ec1c9b

    SHA512

    23ba854396df0c229a4c257e1632b1ebc14012447b7dbfc6daa3a1f75424aff0aa5346bcbdf1028267ad828ca72edcf8b2c08d17b94c402142238fdd0ebf3736

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    af088b9e95e795fa99efbd228f53ccda

    SHA1

    3a0d6858e6d467966cb5ee684416edc34f9a2ed7

    SHA256

    737c200a6bfccb456f9cd1b5323e058451278c8ad96d79fe8cbcdc4719b9ebe9

    SHA512

    109b23d083a31ef67906248afc6556377bae7213853d8ec8fc382cb849909451234c6f3c73ef4e290bb77ed47a6121e62c0b2ec27309fe0fbc0907db0fe1e56d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    044b8912a0e8f131ed7e5c4471c40006

    SHA1

    1a2e1416e2f8688c4f5b01fe7fdf6021b38ac870

    SHA256

    71cd6ff98961bcfe5b7c18c8ce380212c39efa812696cd489f76f52385adc187

    SHA512

    d7833209db63e70b1e872a5f0ad1e9996a52e1c1534dd8c388ba88337b684df6782e32a19389cd3014a14863a3fdf619f28af6ad08aa5039eaff4a46eeedc7f7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1a626e76652af06ab553b0743be33084

    SHA1

    e73154dba938f41c1a00aa58a20692675920d241

    SHA256

    0ce7061326ef2211e560e554316052de11a82c281a6404341c9dc285324f9749

    SHA512

    d305b60b67b28c0a72914597d3a6f4c5f15132c2bb9e16674b5b90a3f1fac6eb2059c04eed17374ae10d5cc4e6a90bc0db287cb6519905bcca1d6d26f53d8fae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    074685f5d4c4d9e29bba0fb9c253ac6d

    SHA1

    6670638493e394ec9f853afdb43a9fa5693cc8ff

    SHA256

    226bd55d384696d8479c9d45ce9b685a88c8000b603c6de96003683f784a02ca

    SHA512

    7e26d2c17a78a7d0f6e5d5088c6e87b8f28231ea3e2b7eb38d54a8c976cdfd8212610e52ebb8c0835461b6baaa68ecde0874f6ce214e3c1e8a61b06f9bcad853

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4f060a61552bfc16c3bab188da90535a

    SHA1

    549929124072ac7b56e46787ba7f01ba89c49154

    SHA256

    31821e12c09382ab109ec7e2252f5acbad5b76ce2431d7a8baab6e218c56e29a

    SHA512

    5452bdd45195b0e2344ce2d145018af8ac7f649b0f9dfd53dc3b8f84cd9588bb4f53e495a3b385d593908c68dfd29790a06c889e2878467ebac894426d1e8e9b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7f534c7ceb5acbae693b81f4d653b08b

    SHA1

    d0101dc3cbed2a3ff1f8fb2d718ddf894928e0d0

    SHA256

    6c3e59e1c22ddbff277c53eb9bd49d5a43de4607229ea760884c5b91ff0662f1

    SHA512

    a8057f1b46ccaf6ebcddfa657dcb44077faec5343db7737f10b369d0a2c3735f8a48bf7d3aa720f12f2f2bb0f415024a2d49c3a4b545adb39b63d442aed24d3e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2b6c2276fa1c75e61daad61f6783b7ed

    SHA1

    97f2413e0a1e0bbde98328b43b89cb081bd682ba

    SHA256

    8ea7dd49bf634b0c4973be5efe23240f5d82e4278b594dbdeb517312f0a73eeb

    SHA512

    c37f9346ba22695503a9390460a8cc88a2a114b328dea080b600260ce621ec8badf7fe095e9b2e74604ac76601ec5bb278f321dee594b1401c22481bc14f2bcf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eae21c7eb1d3c2e83a390cbafab2d787

    SHA1

    9ce5a32aaf60163ca44bc720648c3885f9105c3a

    SHA256

    63471d5f3c2691f759d83e6d9ea017d8ef7ff1b7058657e37d4fdb892ff2ef5c

    SHA512

    a279cc8989010652623b260642d63af5c60394badfcb879f823eaa8d795456d8d869dcbb59244d004d6e2c88764ed73472788fb963543d48c48b1d6aa3833b2a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b365bb4eb06b326f42dd9bcf9af0e333

    SHA1

    12d40256a25595199f9f71313892e7555e0244f7

    SHA256

    98e1ee11261524427fd045130b1d9ff9daf0799fc886d889899d66c255a60f41

    SHA512

    3984a87571f79ca2b5946e46c991d16534add31b2818bec0dc8529ce6ba074a3eec62c81a7826d6b4bf7b0619a018bf870c0fffe9444c12ab44910b86d662e18

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c204ba21d5c35defed25306459593c1b

    SHA1

    cffc099fbe621a5c48cae75cbc1ae24f0bf28edc

    SHA256

    92694a742ce5933beae2af494368ebc8904e979c29a593f13378390c0d8de2c4

    SHA512

    7392bde6bbc3822998f49071a5c31300b9d8ce70dfb15dd6069e714305a57f67bbd3dca1a9b4f6d6920e6b7a4e24c72875d4193f3645b13b236be9de00c57276

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA861.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA973.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit