Overview

overview

7

Static

static

3

BetterShad....0.exe

windows7-x64

7

BetterShad....0.exe

windows10-2004-x64

7

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

BetterShaders.exe

windows10-2004-x64

7

LICENSE.electron.txt

windows7-x64

1

LICENSE.electron.txt

windows10-2004-x64

1

LICENSES.c...m.html

windows7-x64

1

LICENSES.c...m.html

windows10-2004-x64

1

d3dcompiler_47.dll

windows10-2004-x64

1

ffmpeg.dll

windows10-2004-x64

1

libEGL.dll

windows10-2004-x64

1

libGLESv2.dll

windows10-2004-x64

1

resources/elevate.exe

windows7-x64

1

resources/elevate.exe

windows10-2004-x64

1

vk_swiftshader.dll

windows10-2004-x64

1

vulkan-1.dll

windows10-2004-x64

1

$PLUGINSDI...7z.dll

windows7-x64

3

$PLUGINSDI...7z.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    132s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    25/05/2024, 07:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    LICENSES.chromium.html

  • Size

    9.8MB

  • MD5

    b620990ddbd932d6475152e5a833860e

  • SHA1

    70de0b3d7ffa77900f685c1788b32997a61ec386

  • SHA256

    921452a09f92f10da4cfef0521acd6ee6c689c630661ed35189e793de2c99fc5

  • SHA512

    ba84b5e6281dd64d5da41d0db35942b6c0b1ee6b47d24dedd5006be40b2d22d90f58dc653e17893347900fb1bfcd37b0f2fff5b532175ccacc3b63d98fe42ac7

  • SSDEEP

    24576:K+QQM6Ms6x5d1n+wRhXe1BmfEl6k6T6W6b6f6V6GeGj/3BIpx:LUcBeGdY

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2064
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2064 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2760

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    78219240553ff8c4a5fafc54ac3a4749

    SHA1

    3d58f1eb12a06f412da06a3e486791617e06044a

    SHA256

    507e54a65bff839ef3fc9bd46e2e9e2fa88a2f433431dd9f624a24ac9ea93877

    SHA512

    6a880f09eb46f73f5afcae21a14f4238b065cca6a5a49a5bda1f6118031ac9d1db1d34819899cba18de6586eaac2595c7b2736642b83bd190e26545b31ec0792

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ce5202ffff2404887cf1db992cc9af7d

    SHA1

    7c976ca342e44710ac7d7704fe754291799eb419

    SHA256

    8f9f954b04129dd9147ea530e8b5ad827f9f98ed546eaa345bea6c083df408a1

    SHA512

    ed56825d5253c4ed632301c162a519c7a2d9c76a2c1d2b81f12d1b97506cfb8b21de269f4afa435b218be4c54bef0cfe0018fed17b9fb292cec330a236ba34be

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ecf41159bbd404aaa96116b85858aa60

    SHA1

    f50cfbdf346fa3f50d9d325d057b86b5ebf776f7

    SHA256

    01c6ef68e68df5a37ec39e4a998a5728719e7d305104048306d4821737733631

    SHA512

    d33684cb2bf31616dfd5e130021918c0c4bd8165009ef622c7547676e6bf230dd0ff377433354f0de1531c2d55b5035465ccdcbe4d31cabd126507758f2f4a52

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d6c70418a92fae5d0c9448f3da936aad

    SHA1

    deb9dad98c074163f768762b3b031ac613010730

    SHA256

    acfb56d44cd69720fa65037380258b2a72786345d1b7875a1dc5bc58a99782e0

    SHA512

    0bcece37b7973406f1204d4314d217d7d62b2d4d06e1f23a1b10efcc3867948daebb96472f74a269ecd3d5becc297a898bee3d6906bde73f73d71cf350be28b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1d97044bf5b39507eb3638191f01382e

    SHA1

    0b524b30ae7d6425dffc8ca6f1f360c953be690a

    SHA256

    5181acc51f7ea5c5d3860f0f9bd55d44b57a75dae30e96d7478eb82b3b5271ad

    SHA512

    fa30a596623e117fc29ef0c3b970fd2e2b208f511a13889cb02098d6c75fe6e81238dbdde6c1207c521eca7020e354ae595c249c9403a4e6f6d0ce6d95e51f2f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5b7b6a53fe7cfd91981ce0116a1c2f43

    SHA1

    cef1761098978ddc6a76a0853fea9d7e42d9419c

    SHA256

    b8667c96c219046b5d4defaf2c5e2226ae79165b33588c0e21149f9776739baa

    SHA512

    ee527e97dcd281af89be289ac570962b99029457d1c2d22147695341ff06278f895e5e3aad7c28316a2b0c2e9abe78cc937380460aaebe8fb641a3ddded961c2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9f874aabc0a0df179aa4ea94ddfea46e

    SHA1

    c5702933e7f77a41c30adefd14899d8e981857c6

    SHA256

    7a633007fca25a670b55a9158c8d4f38bddf61ecfcd0e735943f6087ea87b452

    SHA512

    f9f225fed85c54582837ae52d7b764533704d263f414f28e5d3f810c58d42fd69ad45e6e21799f4543aeaecede1c64a09e6b7e8f2a72d56a44ba56aa6a5f7c62

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c8444cf322502316e4dbc7afc75dc89f

    SHA1

    40cce2c2632ef235888312684e32d24db8060610

    SHA256

    6a7efa6065f7c287aa1fdea45f1619d62a01d8c823cac61384c7989f9838eeab

    SHA512

    4e0b26ca51a5d3a738c4506f8f65cfcd9491a38f7ff4d557dfc30e37161b3e51e3c9d79dfe1e6b8946f06bade2ffeb58e5472aabc69ca0b8657f4f750c664f30

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fe25b22099c729e546d89b8facd20af5

    SHA1

    f5208fd10e9a3e3479533afc5940b091df839411

    SHA256

    b3d1d609100b462eef12d73b696ca532164b9ec714509fbc4951ac67682b88ea

    SHA512

    75162054340a307ce76831ffbc5c7be81288d9bf56d173f48654e466a94c7fb2969519475b4749b51125384f838845304682cc0365dcfcf13b00d44203b5df40

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a52b8a9158202386a26b71caab97c651

    SHA1

    bd7f98de10767fe0e39ab8d0af089da3d605eaf6

    SHA256

    40bebed67a6df738b15d207dce0040cdd19f690b107b9aaf5b7115962ab5f539

    SHA512

    208c16ea6c7d008c7243e9cb8bad8d498999595d08101fd9a999b3d1542425d766d924cc38413275c8387cd13602af0dc5a77c5cbce4f5e82319fe7597a690d2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e04d365dc183269a008c9f29566ed538

    SHA1

    c03abc65a6198d197b7db7647cb63cbe083e36c3

    SHA256

    12d55af07a0a626de2b8c0252e6e710e89e07b531f16afac91e423d852fe8df5

    SHA512

    6dfa108ccebf467aa9384067a1f31041c1126ac857428d2958248545928d0276f180b4e628404edf0e702b6e6e658cd2c737c91e07ebe420dda5f11ccab27edb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    155a5b6e0b1458977935119e5ffb1160

    SHA1

    2fe5b93aca8cc98e3d46c4bd7ae864103456c1db

    SHA256

    f5ad04425d7d53aabe60bafb62f694ba54717eb86957f151f129715f73a478a8

    SHA512

    48659d2241d9f64025e71da3db095ac3d8356b4f1de00d2636055b19aa0228a74af3b0fa06c890957079d167fae8bce48e7813ad098afca07a575ee0d6bf2090

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fb66e2bb375f611528ec3447386fc60e

    SHA1

    fae1f5dfb02e5d73687ecddd450a294649576011

    SHA256

    ba91c14c56f33de47dfb47287270cd8784a994bfb3c0c5977751273321bcf9d0

    SHA512

    d6ce105c2a224be51d2b0759bb56b9d6db9097b8cd24b1ff3434f6e2f496c69c5bc709ae63d3439f5de557153695213ae8841370af599ef7c58ed5c7af3f4aae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0238782d2e23f942153f3cf3aab8f2ff

    SHA1

    917a1805fae668600b3eede5e6ef8a3a5858a151

    SHA256

    3a8f36dc860f368410cdd7b486f5ee6eababb40c6f31c7ba2e84b56393e89f76

    SHA512

    5431559cbeb54927a7d9412a91e26a3f6c69827d0af11e4e7d25da5953e06b6db624d542f6b4e4ee74ac1ec72a28d5a432cc6952df302acaa0a9a94f502006f6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b80c617fc577ec4c4b1f0a98c1b12f68

    SHA1

    3097396522c9f0add355df9679f8c58741c87a10

    SHA256

    dd44a6c59e432c4b00bd128fe43e0ebf23215507718f8644b08a3a95a9fdb5c3

    SHA512

    d9153794a32816a943562182f37095ec9f7a0bbbbcf83e8806f3617cef7c1b295913815da11915c962574f946bc73b4ee69c890df64a177773e8ec830b4d0157

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bffe68860e5524d2f99fe4f22f20bb38

    SHA1

    ab397ae00fa7aa186d29c21780af9c5f078042b9

    SHA256

    a3cce492a560a0191c6a61dbfcfffc4151bc0227a9ed03b4bb1c3be29d07c581

    SHA512

    f445ec2d7786977ea9dfbab5a029595650597c667cb65e2e2095cd180b114696ca9b285d25924c1f182ed70b7f62ab6c98dbaebdb99b07e2659bfe0df675e311

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    21111a62899c5f2274992982a8acb208

    SHA1

    f596c9b436641616f4280a0d4d03348aa84ca25a

    SHA256

    c4761abed07a9b0d95552f6508f72f87fbccc344f027aec0b3584110a61637c0

    SHA512

    562ffe02fad4e57aa53e53e74a696390ebf9f3a6fc62cc8d82a4d84a05f0b3e2159cd2bf0c7763b5cbac550139e729c2400d1f83759eb1c51d34bab572b1fd76

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    913cf66ec6c5492bbae47f4d6d5dc0fd

    SHA1

    58fbf6a534c91c9c7b7eeb06467365cb1364dc74

    SHA256

    cfbca9b3357be927a36280f35df0d063a2991e6d29a0caa2b3cca54a2fc44463

    SHA512

    ebaa871a166be606aa819cfde6655c513f465ad8b09eb17e282685ffadc6811108113b7c3177be08b5b820b4dca4a16158116dc3d66d991a9c28c7de2a6c34da

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5775.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar57B7.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit