Overview

overview

9

Static

static

3

setup.exe

windows7-x64

4

setup.exe

windows10-2004-x64

4

$PLUGINSDI...sh.dll

windows7-x64

3

$PLUGINSDI...sh.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$SYSDIR/frapsv64.dll

windows7-x64

1

$SYSDIR/frapsv64.dll

windows10-2004-x64

1

$SYSDIR/frapsvid.dll

windows7-x64

1

$SYSDIR/frapsvid.dll

windows10-2004-x64

1

$TEMP/beepa.bmp

windows7-x64

3

$TEMP/beepa.bmp

windows10-2004-x64

7

HELP/help_fps.htm

windows7-x64

1

HELP/help_fps.htm

windows10-2004-x64

1

HELP/help_general.htm

windows7-x64

1

HELP/help_general.htm

windows10-2004-x64

1

HELP/help_movies.htm

windows7-x64

1

HELP/help_movies.htm

windows10-2004-x64

1

HELP/help_...ts.htm

windows7-x64

1

HELP/help_...ts.htm

windows10-2004-x64

1

README.htm

windows7-x64

1

README.htm

windows10-2004-x64

1

changes.txt

windows7-x64

1

changes.txt

windows10-2004-x64

1

fraps.exe

windows7-x64

9

fraps.exe

windows10-2004-x64

9

fraps32.dll

windows7-x64

1

fraps32.dll

windows10-2004-x64

1

fraps64.exe

windows7-x64

1

fraps64.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    30-05-2024 15:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    HELP/help_screenshots.htm

  • Size

    554B

  • MD5

    834e553c909b7600700f25fcdfe8046a

  • SHA1

    3d8a844cd24e519f73e6e14c83464ca801188aa5

  • SHA256

    b2bebc38395e4678c78af793b1c5ad214a3f832fbe860dedb0d8db36118350fe

  • SHA512

    245dce23051e67dc786ef07bb0dcdc2c98bcad859bc4b4bc522a64b72db28a7d0fb657df7b27a7d0f3ab7612a11275ba04307847eb7836917b39d25517221205

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\HELP\help_screenshots.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2040
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2040 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2036

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f5400e7ccad793dc9b1d54bdea16b79f

    SHA1

    104c421b9d150cd3aa408dae19fb1030607cf0d4

    SHA256

    4d5f36c11440f64bd6c2bf6d3e3569e8870c83c7acfb8611528f0b5806a9fb8c

    SHA512

    cfd2fc6abc741656e424824c4580bc836c138a290e1d770ac8f4aa62ea5f497f643db5fe0807f33144a6c6dca8b19a4050bc8a31c95df302867e33d8875a2486

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aa58cd0b0273787a2f9847bbe10e8e5b

    SHA1

    09f4e36c57244052cbf8405127e693c7da88787a

    SHA256

    53d355e5be876345992b06254feeb65402db64410c661ae3c6474393d027d003

    SHA512

    87d126e441a2b753af1dc8ab6bc599c7ce440310da3f39a759ace6368fff60b43cf7e6d0b075b5b4dfe121bc231b258afddaf0a4f5a2a40798c5e6cc7a0006ed

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2a11574bc17c7ebd3cfc82706abd9989

    SHA1

    165d8bdcb64d8ffa0ce8f6a3266a5f6cb3f24982

    SHA256

    7302f4e4e56cb33af0b6f6d23a1dbcf35c17c1878d40f83edc47f4dc79e5e18b

    SHA512

    c14819aba61ae322a3c8c39911adb8e9ac9fe5cffc2cada276459f12fb28b8b45cd9e4a213a0ee7ef4cd85882ea8b35172e6167d2a68b2672b6c2e5385bd45e9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dd2215c05856df28f58720425e01913a

    SHA1

    c1238ce72ea07736d62a177f6f5f44da0baf3985

    SHA256

    de5aba32c9d9060d52846159075e96c826482fe57e4fad5a2785866d946b364b

    SHA512

    3d20749131905a9b0a16d59a71e3fa867bbf80de1bd90d2117a29e76cef32abcc79f5f00256c11ff23bcf020c8e39d3bbf5e4a0688273b7100a8a89055d60b55

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    892d88dc8ed77f0ee8cbdf1f473e685a

    SHA1

    0d96c6e9b0c68167630814dd4912e76753396ff1

    SHA256

    a3fe36e796d49c587695e6fb03fe97e564ec023b5f6ccec5585e54b6207be699

    SHA512

    6b2a63a6373890b348db7a59d1caba20b26afeaa876d611d0a379af779a604775a19dffb2a4fd1eee1a2828ff5af71798893c374d967ac3bb0b84b66e0511042

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    255714d102cf053583f3433efd0643e7

    SHA1

    5bad4239ad11068f688c0cce97427238d85ab7a9

    SHA256

    b6330dedb42664bb081e8bbc87d17edf4662212b611c7e18060b9805b3d72f83

    SHA512

    7fac629ae5b158d3dc43fd02974c002b424046d3e68f17068c026e6f5476d0473181d7c04ffbab6afc87d1a176fb1319fcc68abcf2405fa7ec1d3e3c30a3e15f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b326ec30486d7c51321aaa1cabbf98ad

    SHA1

    c5bf07a572e220a83ec1a605a7bbfa657dde0978

    SHA256

    8a53019ce1c289e13009fd3bd773952fda78fd65665dd2d3c98317df6441dd6a

    SHA512

    116fe4464492a70f4a9bb4675164d0117086e5c6a4d32cc0e19310f5bff6c9a2e3c09b1b6fd306834c3d26767a72650cbfb7b78583737afe519a0214c4c238aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0dd19cf67db4176b871a672498b6ffb9

    SHA1

    e5b1085f4dde37b5887b7b7e0abab53498f5c696

    SHA256

    e4a4ed1e24d2b911fbd9cf046512b4f65726a1548e7d25753feeb49be68d74df

    SHA512

    17f7acf3a6822f0125da335d11c80aa0e024c0a98befa49e069a7537956acfd48abbb620ca44eee3f200076fe146f8e2dd813308b5d9dd1ad7d4b2708347ffce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    88548a7d3963a8a6f3da6edcd6a1bb68

    SHA1

    a11a21e5672e00cc9b95b6a93623e42d409afb6e

    SHA256

    9b7dee8ee318fbf3ae9e4aa1e5e690bf9e0818a4c341dd7e0b6363565c03bb75

    SHA512

    359d1d7ae534fa4e43a6e7fccb7ab33546759847ec2766bd5a25b9c4604ff44ecaacc474d978663ddc77fcf393e3b1c43a08c2529fa032b47215c8c3e27553c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d344730d0fbc0d3d8c11ec42b4d33629

    SHA1

    49124d4ee8891f0a42926bcc470f5b3854ca1980

    SHA256

    b3f1e1d2c2fa60905a7266c4b1bb7142178d858d5547bd031a46059e5529c4d6

    SHA512

    2850dcf9406356c8e5febc2d83115e3f0edf8d724c2367ae1b6a56770ad00577b0e808d0e2993c7b1917bf8d205c435f1ce90976cf775a33edb468a9d1dfeb7b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab27DD.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar294C.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit