Overview

overview

9

Static

static

3

setup.exe

windows7-x64

4

setup.exe

windows10-2004-x64

4

$PLUGINSDI...sh.dll

windows7-x64

3

$PLUGINSDI...sh.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$SYSDIR/frapsv64.dll

windows7-x64

1

$SYSDIR/frapsv64.dll

windows10-2004-x64

1

$SYSDIR/frapsvid.dll

windows7-x64

1

$SYSDIR/frapsvid.dll

windows10-2004-x64

1

$TEMP/beepa.bmp

windows7-x64

3

$TEMP/beepa.bmp

windows10-2004-x64

7

HELP/help_fps.htm

windows7-x64

1

HELP/help_fps.htm

windows10-2004-x64

1

HELP/help_general.htm

windows7-x64

1

HELP/help_general.htm

windows10-2004-x64

1

HELP/help_movies.htm

windows7-x64

1

HELP/help_movies.htm

windows10-2004-x64

1

HELP/help_...ts.htm

windows7-x64

1

HELP/help_...ts.htm

windows10-2004-x64

1

README.htm

windows7-x64

1

README.htm

windows10-2004-x64

1

changes.txt

windows7-x64

1

changes.txt

windows10-2004-x64

1

fraps.exe

windows7-x64

9

fraps.exe

windows10-2004-x64

9

fraps32.dll

windows7-x64

1

fraps32.dll

windows10-2004-x64

1

fraps64.exe

windows7-x64

1

fraps64.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    30/05/2024, 15:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    HELP/help_fps.htm

  • Size

    546B

  • MD5

    f335e9e4e8a45c7dcfc30b5b8b61d838

  • SHA1

    cbaa325097d7c203d7c875325a79de76f60e4d3e

  • SHA256

    b1419a421ea79de26a910c941c72d8eef7f97f42e55c28e8f7df9d31be3a0889

  • SHA512

    4f7d27ede6eb61ba7d656d44d1c442e1ac9db016f1278c67afcf6f4674ea3786d1f77f0cef1930f0f07e0db587c11ba79f652916b96b2e1995ed89f27762290b

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\HELP\help_fps.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2928
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2928 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3052

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    27482387a28681fbeabb4884f41b2dbd

    SHA1

    07911dba6d847cf07bd5fde79ccb0649fdfe6a39

    SHA256

    c61d12d3643c726aa0b028cd5481f35af27149df180e7877623e96dfc3a30302

    SHA512

    00349a15cfcdf9cd463d56fdccb5c2130257c342deb0b84f2bf37e59b734f40014de5b78cbf9e13c901496d468a9ad8a7e83df4e60e111cf5a5dd042b395b1ec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d06d0c12abbac7c545e4094871eca16a

    SHA1

    017d8997eda52ecfb935eb73cd325931808079fd

    SHA256

    0de5eb6d56179d56f7a497fb2376ccefc690719967766e3184e61614b83ed8ef

    SHA512

    59e05737f2d670648e72c6d98cd000037bf27007f4e75b23121e62828b2423e014f920b2de1ea4d4cbdb3d4a816024b5201efd4730614c873cd2e4463dae4071

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b4eee901502b12196fa3de8e8cb87e86

    SHA1

    38c4f1706a619e46c70919111669b7a8f5a86688

    SHA256

    00128c031e98b79b9159c1b2a2d5e5c8c8835414b3f634713d9422a53d55debe

    SHA512

    8266f92c70add682663999f782fe3d534067d6004fc55077c197839d65a347ea7f31f5cbd34a0368acd290f2b90cfa7324d8f761d133e55fa949b95e911ca8b6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f959c9d8ea376d3080502f0dc58630fc

    SHA1

    0489b959ad7c2c8d6f6b744734d3519e6a812ba7

    SHA256

    69a146162b25b71ff35f02079b16df5d4fe7e2ae93916159f79ec396fcfd4d9b

    SHA512

    a6da89aff80cadb890b7379240580dd42c2bdb14976292a2e3e81d885ea1b7ffc43b65a33e566aea44db3688065593a73554a42734c5415534b43b4216ecd4e4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    12ca66fa3749783cde68aec5ec266481

    SHA1

    cd8cfc7aed244a2a08efe49d66eef9b7f7a35720

    SHA256

    64663a3e9b827d09e5ab935a5b2c18ce45e7ba6e3efe0ec2e8b9e71335c9f043

    SHA512

    5a878da7c7fa97cb1b032cb5f73d5b8374faa31408ab950c59f3e8d81c89f69c9480c44d6248920b310892c57699f1ee9e9324dc05687699ce34d1bfe32ae9d7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    165342655fe4ebf342026d114c4c47eb

    SHA1

    1e6eb4e12f10559efc5cc65263c422d8eb91c3e3

    SHA256

    74f5bc3f7521e06e4661cc12999ba59ad40e0cf5a9a25c7ffac5b62499af54d1

    SHA512

    92803aaf0921b1d6c696c1809e0de6d4a62d7d743a11be00ab92b31ca8047f14c02d4c1744258c4ccdff70b14654dce4b35b7009d476703e91af38f46c0715fb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c7ae45605e079e2d01e1b4f8dd71928c

    SHA1

    4dfe6bd1867b87866378d55bc82c27e868c168c0

    SHA256

    f3fd379be74b7f705f9ef0fabf12765170de53a3d90b87e005314938d1b3392f

    SHA512

    d688239ed2f5ffde59bca70aef48a67b105d756c3d5e8fc2f6038df34d9f840254e87279a63524c80a1cebb76ca8766e244822ac6d1330493d081c1ae0b1b09f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    098a157a46b3ee34ca22e39855cdbd28

    SHA1

    dfa9acf5195c13cd7017e5a492f02f6481581ad4

    SHA256

    8de636f86d0057a303a0492b6248b4781583a8b932f8c0d4e003fe7b12757ca8

    SHA512

    dae2eeb8a6e3eb3b2a3807ad38e6818cd98ad4e6651161f93374ba7c925811411d7775af94c368f3e5f67b077f78aa9edea0f9338b20b09dc28c8436fbec54a5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    01e6ae6da51540352900901791797cc5

    SHA1

    0f832667a39894c87f9b2cd9980115b03a765d41

    SHA256

    cdd43c885f56a83e2ebb61ccc2f6b79904e9685ed438a83e4c800bc9da0eb9b4

    SHA512

    1ba72c7fa69d45e61089c0d4e9cab3453444e435d55085d985cc86957c71e7d90dac66bb780844356c4e14ede62cbc0cfc019c9e9567c59975a8ece04dbcab6c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2921d1fd85325bd742d29030eb49b63d

    SHA1

    7767e53e320deb7894b41b9295452a51f5db01d9

    SHA256

    fed2ed0ae955d79d2b27938f7864daff576bb4f135bd77ac4fc69e9cafdfede6

    SHA512

    042e68734425694ccd8ec2b5403d75c3c4cb5bc2a301cc1357f0c9d8187ce8ca8dc33136c426e46a3d09db6c6caeb37ee57a3194152486e800f8576506f3648c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    910346bec93c3bcb52d4fe831f53c707

    SHA1

    766dca4673159b5aaf2edf637071a8430c44f82a

    SHA256

    83295377c173b1e426c1dc0f0413fd5b39ec31dcd59600402d4e5608a204cbe7

    SHA512

    bbdb9ef16c32cb0603a55236dc268f557142ed543725db199cd97a7a46ca3ab02b99a69795b169d4fecbe6084ad6731ea8f8f5c6335b7ae7a73b4b42af05da2e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6584ed06b4e01f067dd712a0dad1a544

    SHA1

    affd6feeccf2958b3086d21c065386fa511e50f6

    SHA256

    bfdd0a63762a929fa169e07a32170e0593456acd93f53e19f8f5cd7e87021dad

    SHA512

    e6066ae94e9da1ebf1338af3af055233277f365fc4d8f830591211caa152e7a834a39767a9b961661980982d54474bfb05c42b01693cb4cbefc1f7ec1713730f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cdc6fe2e51969d52710c9b17f06dfa20

    SHA1

    51ff96d40b02db9bbeefc5113af0a00f7c1b4bd4

    SHA256

    3643cdb5c34bad3321899e825c230ad28dc897b9e0b77df8b5a3c58a99641e3e

    SHA512

    5a72f04400629cb2e3f9ea8efe70d3e9df2ed92cb07511b005d66fae4849939991797a773f966d44ac34d895e22d3d1154cfbf6f3b0f1e7d2264f00d0c5c9866

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5502da89848e0d17c4e535ef8540f5a6

    SHA1

    237a2f41afe2103a8ff66883d75cb76458accad2

    SHA256

    4f6b88f7ff12cb23253d6992b046608faf3d53510cca219573968d49a74a7bc7

    SHA512

    ce40a4d6a6050be69bbe5c0a393f3a8f4d103e81f3a4b4826100a91303c90cc829189a70007f8bbecc622c013e008675690561c08ec089d033b1c2db522d2d43

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    de8a9f9d1d05d66ad3f9dae2cad819ba

    SHA1

    4fd268687b8a352c8c220f384c8d124699482a7e

    SHA256

    d8efe65e7c38ac06347d2070762709e7e8e886466f5785d880a76928a8d18bfc

    SHA512

    b04f49581549e313944f4e5417e7f9d96d69dc733a966097e6f8308e4330bab4471e36ee80e1f93a847424201cb25c4e77bee50cc5a626374e0008a7bda040c1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b30b25906be8ea882f4f1366ab907670

    SHA1

    f8d1d226946d62e957804174062d489cf5bba6f7

    SHA256

    bdacec4fda6195369779734fc6f71f279abb36588e7b701468ddaa6e33e29fa5

    SHA512

    cb28e3a052aafc2cb46f7849cc51822d83bea8a7b402d28eee3a5227c9f9df42c6ff38692164ff2ddf0632599868fd028170286a58dc15c996e7fbbdd1eaa94b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d190f5eccd8c1ddb637c30e7ba308383

    SHA1

    d5c8a81fc11f991f5ae435434481562cd3071514

    SHA256

    812bea1e45129d2086c6d099cf0775ab5c4baaf26995491a9d0ca0b270dd2d71

    SHA512

    302d73ed79e54382383518c38760d774a2edd324fa493908fe69dc9e7a85300655a1f01bc308226a96cd579eac66f7279fac3b444c63750e4540bcf641b21a6e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3B4F.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3BED.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3C01.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit