Overview

overview

7

Static

static

3

7c351dbf29...18.exe

windows7-x64

7

7c351dbf29...18.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...se.rtf

windows7-x64

4

$PLUGINSDI...se.rtf

windows10-2004-x64

1

$PLUGINSDI...tn.dll

windows7-x64

3

$PLUGINSDI...tn.dll

windows10-2004-x64

3

$PLUGINSDI...ss.dll

windows7-x64

3

$PLUGINSDI...ss.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...oc.dll

windows7-x64

3

$PLUGINSDI...oc.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$_47_/Web/error.html

windows7-x64

1

$_47_/Web/error.html

windows10-2004-x64

1

Accelerator.dll

windows7-x64

1

Accelerator.dll

windows10-2004-x64

1

Basicsurvey.exe

windows7-x64

1

Basicsurvey.exe

windows10-2004-x64

1

BoxDoctor.exe

windows7-x64

1

BoxDoctor.exe

windows10-2004-x64

1

MouseHook.dll

windows7-x64

1

MouseHook.dll

windows10-2004-x64

1

Socks.dll

windows7-x64

1

Socks.dll

windows10-2004-x64

1

gamebox.exe

windows7-x64

6

gamebox.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    28-05-2024 07:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $_47_/Web/error.html

  • Size

    2KB

  • MD5

    9085af5c4c8fc9fc7c83ff132daf4970

  • SHA1

    b91dc15b71fb30e923761b89c6a9ef85635bcf2d

  • SHA256

    7dce7e40633ab511ea62e62943c71981e5e91eeb21ca98a1bcf5338bd3ceb3b3

  • SHA512

    8465e6d1c5cca1e690b4c3889ffee61d2816c6fe04771fab75c9a463f73cf9bb2ae3e0b47aff9b9e30173b2d25d52bb9c4ccaf9d380bcf5d78a6e039e873722c

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\$_47_\Web\error.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2228
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2228 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1700

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    74e3140f223bde518160cf3f7715c848

    SHA1

    f85b2435493e29296aa52a072126dc45c8f9fc1b

    SHA256

    a946424871abd4f370e6faef4c98f70a548f715e1f910c892da5670b3a293264

    SHA512

    4899cccc6c9769dbaf3555f4f732106eb96191a9a3c03aebee8cb9919845df6f654fd69ec18be3baf8a840817d1707fcd11e81c038d1d1c8de359bee387330d2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e9e929d328bbba00612dff36acc67384

    SHA1

    ebe1d1840b25f38a25b156eb3e438fa6246b5a23

    SHA256

    8a0d1c9b3fcb3ce1369022aa51032394d36a4936183dc4b7f79414223e2b2c8d

    SHA512

    ce40ab3a1b61abc23051b36c95df88383162a41989e6e9329287bc3c85863806442e15d2d69b01bd94010f27bdc9c523f40a764d184eee5721b36603c6ba2065

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4ae143be8c657eb1ed94490378b5d8bc

    SHA1

    ebe82d3d67b7e9ebd0f5bf4abd906d2ea9c5cdaa

    SHA256

    a29c773c1521c8d55ac8cfac2febc3b4a18818414df244a41ea3972bf561639a

    SHA512

    eafebe73e0eb6ec8b49a69cde3879efdfac67c4ade38a43508edf695df1623d7195881449e2e8ac3b18d948f5dd6d8ef74d94044f215d2519a85f3b6194bc46c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f6d63aea330c0357360b843fe6a8a8c2

    SHA1

    5a9171d7d93111815b5ff9611415fbfea7d65718

    SHA256

    ec79127cbb614911b3f8eff649722c74596c7631e869f138bd2da455390812ec

    SHA512

    f8ae716e631a143855df12e4d24959b7a4138756633cb3038e52275b5cda0995c1c5bc73a17f72c0983dc9319cf05b8d469aff9ded088e36b17ecfda037338c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    915528e102543f6d6f6ff471f8bd1d6e

    SHA1

    8d3e3f4a43cfa907fcd37e8bfa02399cce027b89

    SHA256

    8e2bb2ec1665f2252bdb6854a61c9d1531024c3f2bf299ed86dc1ba3fa630111

    SHA512

    f9e46ef96eca4aff7f0c1406e98c5dfdd62428f01da99f8c6b82ed7a71c8eac7c3bb6b7f6bbe5b7e3390ae4418e9cde734a11890e5fb348dd3b11f36fefa8102

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1cbc45eede9b73847e2e48d6ec13f6b8

    SHA1

    c23274c938947867eba640a767e4c0848bf8b388

    SHA256

    ac8cfda57e48fada7feac3ff994c830df83a881d1883e6b8d0d1a2911906edca

    SHA512

    854b03f0a0960bf314ce3d44e649610092b8719ea85e603793d22e7e934d7d51e8e808b8c0e23506f9e0a098c0f5fb33f333c887889b4094977c1709148d4805

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e8e4fea61757d746e16613afbd10b60b

    SHA1

    3d560b21880b62a942ede8beb0bf9bd9e48ae0d3

    SHA256

    10baebc3493887765fe8d2540daa3e856645734a3c82a2b870fb7c5edc547863

    SHA512

    d7c9a135e439a673eb611a17ae90156df68fe1db89924494aa1b2008dc26c2f9a339a1fd880703e869f6cb1448bbc09a1a271997426e729b9b08ab08a3836d4b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    87612a29f2100bc6ac9c27e2b35ea8fe

    SHA1

    5199aea62246f422e28ac67ffed5dce22cdfa379

    SHA256

    cea8f2032f79ef6be901211a79eab45b12b4a2bcc56ace9ae996fe5fe0060fcf

    SHA512

    3833f7b4c56da0a2e92b4e0215a363bf66113ed2babd7337b07f6492f80e7c8f92f7d20d3ad9a88dc7cc765e26b3820ed393929718e299c2e6b638851e0c328f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dcee4c9e600556a7986fc15034d3fd14

    SHA1

    e37c71092f8a2ac99d811923683df808955255af

    SHA256

    f219b614e7519d0be9a48894161b9be90f74e4157213c3a9e4b654704fbdb337

    SHA512

    e5f9c87c4f70de7584ec2a3af064ac8abbae00a4933d1d0ced78e08bdb969338c938dd14c96ff2aa27fe3f41acc3ee1c6cfff20c76149071a3f6ef03270e39a1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8e3ab4f4cdb6d3fb792dcfb23df4d08d

    SHA1

    ef5808ae863cabcefe52a38dc1d8d27118ca8de5

    SHA256

    c4a8eea0ffe15fa02ae340f603fc22b4a5035faead5c82d3b3006af8908763d9

    SHA512

    11f99b5dca2681581f1b0a2ab3a131837afa5b896b17e0af424d2bbb377bc988c6f419ea53dc7edd89c69b4c8fb5ab0a7fa9b29f875093a05a0215ee20b4766e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab395A.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3A4C.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit