Overview

overview

7

Static

static

3

nsis-3.10-setup.exe

windows7-x64

7

nsis-3.10-setup.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

Bin/GenPat.exe

windows7-x64

1

Bin/GenPat.exe

windows10-2004-x64

1

Bin/MakeLangId.exe

windows7-x64

1

Bin/MakeLangId.exe

windows10-2004-x64

1

Bin/RegTool-x86.exe

windows7-x64

1

Bin/RegTool-x86.exe

windows10-2004-x64

1

Bin/makensis.exe

windows7-x64

1

Bin/makensis.exe

windows10-2004-x64

1

Bin/zip2exe.exe

windows7-x64

1

Bin/zip2exe.exe

windows10-2004-x64

1

Bin/zlib1.dll

windows7-x64

3

Bin/zlib1.dll

windows10-2004-x64

3

Docs/Multi...e.html

windows7-x64

1

Docs/Multi...e.html

windows10-2004-x64

1

Docs/StrFu...nc.ps1

windows7-x64

3

Docs/StrFu...nc.ps1

windows10-2004-x64

3

Docs/Syste...m.html

windows7-x64

1

Docs/Syste...m.html

windows10-2004-x64

1

Docs/VPatc...e.html

windows7-x64

1

Docs/VPatc...e.html

windows10-2004-x64

1

Docs/nsDia...e.html

windows7-x64

1

Docs/nsDia...e.html

windows10-2004-x64

1

Examples/B...le.vbs

windows7-x64

1

Examples/B...le.vbs

windows10-2004-x64

1

Examples/FileFunc.ps1

windows7-x64

3

Examples/FileFunc.ps1

windows10-2004-x64

3

Analysis

  • max time kernel
    194s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    01/06/2024, 08:05

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Docs/nsDialogs/Readme.html

  • Size

    38KB

  • MD5

    04ab42a3e3eefd9755ec65dfb1a426eb

  • SHA1

    ab5d3a0721461f57c1a3a959d9c1e4969539b857

  • SHA256

    d31c6a356b6d265d805546bea5800921d6ba94d685830ee586cb998f6c3d7e0b

  • SHA512

    813e253b826de9dab3ec7b8b9e50bdc074fc6c328fd19f1c1cdc0f2f5d9fda059c30d0b55cfc724d7c219985a24ca011e420717438d5629a5de1f4a741ed35e2

  • SSDEEP

    384:DRou/n/tbF07O4hhIc6DjPLTzHUwTM92A7myhWH/xPyDcAyHiCR0nsgZLGcooMWM:1ou/U7O8hxGjvAPoA7PhMzMEO5o3zxcC

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Docs\nsDialogs\Readme.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2320
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2320 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2216

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          4e82bce64be956ffee951f488e0414c1

          SHA1

          87522bcf2377ae9807997883a6ddc66559fabd66

          SHA256

          dc1671cc4036b04f3ad469be02c4b4161bc0052f090efa51234d3f1d8645e1de

          SHA512

          5acc5fb02cda9fc1efb3a618626041906ea62cba76be31f210612bb9944650f48d66b05648f8c59027f08512e0637b30e8ed81414a604bdf4f0e429a61c966b6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          d9428127f6cf00319b90a381bd12b8e8

          SHA1

          0a2f5edc8441dd45cabd4a53b75e7969f7ce87d7

          SHA256

          f55070b9b8f9ad4052b656afef93e34dec97e68864bfa697d8543bba8c7b583a

          SHA512

          7574882cc375207d4c50924b0a320a752734d00fd7ac3596e15db274b3d8f14c88cf06af09dad07ad9a07adced073a797313c8f3f733d59a32c129fa7a7125a9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          054da773e8580508a780c182606b673d

          SHA1

          81dae15f1da7cc86cd975a15850681de6cbd730f

          SHA256

          66da2f67765b37cbd2ce3af955801ad45fa22bb3e36ca212cd66a96e6330f05f

          SHA512

          809bdfea0a26de15011b3b0d08441d248a823341d9bf3dc808ee9384b373ba6865aefc3f68107a7ac82e23dc7a2e1d1be71e0e796bca3610623154415d8a8091

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f2bde06ebfc2c2cd6df3b2633071f473

          SHA1

          fcdce920c70d84a04a5470253a6e4e077cea1054

          SHA256

          d80dc2977324171a976a726294aeca63c889399c2f207e6751ce4de139ae475f

          SHA512

          f30ba705682df6121778d0b71af30e2d85c30f8d9dc57d16010f1b03867b07156f2ce9ec3a75f3289d7ebcaf9086d894c3b34ee265c43e61c7a44ceab282e243

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          8b84d8f0d714a26127ab20d060a2a16b

          SHA1

          648bfce99cb2677db6d92a487121245a042e8afb

          SHA256

          2e329a0b132855e441e7ded182029d3ef4b4678ce111504737c73199a42a12f0

          SHA512

          93a0289fd572e26e0b83551337fd3e6801e011896bde07555050796211d8b3229b4374e2bf4e85100394a81008556d6b1940b1641822ad7aee270725f41c4e63

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          482860a015a063568aea8b059fe0c76a

          SHA1

          a2fbf61f02abe49dd9ca76ddb0b43b76f412ca86

          SHA256

          96138eda68e1a9ae117ed47dbc2beae057c4d6602480cecb2cc13529af4c9f21

          SHA512

          6e1c200f9ef8fe51a28f2cfa8a021307094d6ea8bda5d3d3eca1c3a02c891a254aef5012e0c103cf0906de82f4c3efe144eca4419e1b264ca0b75c37c3c068d6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f2e471ea9f569db427d6ebd0b68422ef

          SHA1

          ac70e4a4badb03f01508b3c4302e10b6825970fc

          SHA256

          7cce8c5b032d64bbe0b05f5d436192e316c07f053dfe6be1a9f1257f9b01ba03

          SHA512

          d27d64437044b4b04949e9d68263bc759d91a7e0b54de7ee5c3ebee2255283acead96e3a907eade631d5754004de9a92aae60b3230eb6419d2d2da7cdeb1f8b0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          fbf452340072d0e6505ccfe050713531

          SHA1

          657a20cfc684709dfea535db27a4d50e4a191cda

          SHA256

          e28ae3369adc1da1cb03b72e0f6f5c165f2179f9ad556e535e45e437c5b20854

          SHA512

          43d6f324fac539d3744f2b42b371e930af4013dc6517d3e074a8a135d46dbdbe5d27b2aa8f759136091e027d3504456174d61f2cc6cfc5a8f32e3bf780455614

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b5e0c5b85666c111d336c5db95a6824d

          SHA1

          072611004ce45c0b933209f1beea9d29dcf53bbb

          SHA256

          816275509a1ac7d114b002609c4b2777e48d4fd1c6203c00a9b6632c9b27d9de

          SHA512

          ac1eb237a532a66702fc613dc03529de83807b0d21f85f42c8586bf2c5e410a83ff34b51aa4894e49f705b23627922baa6b5e1a5703beb2db2cbfb20ea69cfc5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b64ed470c6dc0ad1216aa0d62d552185

          SHA1

          2f2168314a081fafe3be51c379497e18d6a5d68f

          SHA256

          9e67ac8b397e6fb7651758e5341f9d0f44f716929a3f391b44b684b068cb5480

          SHA512

          ee03478296913fac555a89efb47d59ebc9a9142a464090a5494901aa298764d6db4b140007243de265015e4a48e05867f44b4a6b68e32153d50e0d01aa147517

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          3a1ed29e5d46de22b983562d6aa3ac26

          SHA1

          ee040554d11e4bde771081c34eb5d065a195be5c

          SHA256

          05d0e78857ad129a77cc75a3c9ccd1abcec3eacd9528df44dd7cb417c8d984bd

          SHA512

          b1716f55eb3a8c0bb86bf222e2e77d9dc25cac4c4a6f2e0b1dd1e88427b3aeb08a03a754444338d8e2e5c7e820962156281728ce3d3c6b242c2256cbd61e972e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          14888869d2ea62e9f464c2b53a77f431

          SHA1

          ec6e836068d6575fb348136337f0ac9d875f1573

          SHA256

          4e04ff323a2236ae5139ee4114b9034f94de5808a6d899f74f64d554fdbe4fa6

          SHA512

          6bd03586f6a46e09b4efffb7e8e13211a54b1637e26292208670d20e85bf304f1a6c38abc26a637ca7c4e50a969ed931ae2bb7037ed57ea7db32aee5ff26c571

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          7e097fa3f1d4bb1d454986ce1a11494d

          SHA1

          6dd8637cc32847ae9bff9379aef0c52f846db161

          SHA256

          1d5afb61ddc65900969ff92888db02774b407bd6036d6e0ee1df2366f9eed8b6

          SHA512

          fd08b3a22b3f0b4c1bb83db39438b822a9bbb80ea68dfd9be681dd3bcef73a7e9f06924821113cdc3ec4d7f0fd0d799066a120674316c667d7727c96a47a7883

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          2c5dcdc16eaae0ca33d8b7d195f75571

          SHA1

          b32ee72394882b0a32c16a27e46fd16a9ecad22f

          SHA256

          6ef29feb4743840484ffec9b79a7fd8840b9a644875287645f13427e192d7361

          SHA512

          fcbd3efbb8f90b45801f93c7dd590d90b139601d8489b91082e0ad49164a8d5b18a0e63e049ff04f0746e2bfb58849b73a7f7d72566e753c7e94ab230a6bad88

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          5fc7603ca7b8ee3a04c6677b5fcd2ee0

          SHA1

          5b30d3cac91bcef96a9ed5bc29f6c3b005207cec

          SHA256

          92ce4a9638448e11873382fe42d3215f522f73d838456e713e4723e2d8aa8ce4

          SHA512

          58eb6fef38148d3bd01b616f7b9ed8843245253a66cbb3f7f906ee6f354c8d3f64f4063c5fa14b2a4b56ce9fe38523b9057d7b5cae6650a4593551f3815af6c6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          9f9a829cbfffad40f0b5bf6220565c32

          SHA1

          ff26512caa86591cc865962f90c2ffa4dd55251b

          SHA256

          831d850b1de1dcde93045c7a2aba5c17b0b63881208a7eee1913335e5de4a8dd

          SHA512

          1f8e646e6a1bd0c1b9df8213f5f7493ea4ae6e2ef3b0c91dd8cf50fbdbb3715c763d39a3cfd92f01c96a1bbcf95d19ecd8f99b7d26444bde2e8fbf26923b1615

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          359503a20975e4607d1219448661b580

          SHA1

          1cf0eef11d0c80bcc94e70afc5d35f716ae570b4

          SHA256

          ec57689059cbb0c904814e9ed7ff769e96dc777223b15df7d48ef5a612d14695

          SHA512

          d177c6a9b737da073dffb1fe199cbcb5323d97cf7fab4d79b83b2913ef3f70f78c3e748ea673ff4ba246350d3174e62fcf1b0116de12b7b020b07fe9a8368330

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          4aef26b0c87e9907c000a1d01616022e

          SHA1

          a03d3eca4c967c42f3463146eeaf722786f7ca38

          SHA256

          e2bf53e50132e6763581c818682af3b7f5761bfafc0a7d43e54e0ca0ec580909

          SHA512

          988d7d2a3069e638ae1586ee23493c1034a7984f9800f00b9ea65684321b365d7296278f654bbda7d85baab58f33fa4a197424efe24b634b5ce5083c6938d7df

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          4a13ae2ea8dfbfa006e762649f2e1635

          SHA1

          39bb4dae483a4c3e9c62bdf6750e893f44d4fd4b

          SHA256

          a26bc61876499834216828c2796cd3475f58caa1f3aa845c0da542007bc3def2

          SHA512

          71573f07a48aa4761784c600d3b5fb4871d45e0779c2eed13d2cd3318f85fa0b9b00217bde348b07f4b390a0add07c8d031b87b718bd0cafe0dfd76beaee5e14

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab3238.tmp
          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar32BE.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit