Overview

overview

10

Static

static

7

9f0688568d...18.exe

windows7-x64

7

9f0688568d...18.exe

windows10-2004-x64

7

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

GLWorker.exe

windows7-x64

10

GLWorker.exe

windows10-2004-x64

10

LuxorAR.exe

windows7-x64

10

LuxorAR.exe

windows10-2004-x64

10

Read_Me.html

windows7-x64

1

Read_Me.html

windows10-2004-x64

1

Uninstall.exe

windows7-x64

7

Uninstall.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

core.dll

windows7-x64

3

core.dll

windows10-2004-x64

3

crash.dll

windows7-x64

5

crash.dll

windows10-2004-x64

5

dsetup.dll

windows7-x64

3

dsetup.dll

windows10-2004-x64

3

file.dll

windows7-x64

3

file.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    11-06-2024 17:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Read_Me.html

  • Size

    41KB

  • MD5

    b73ea6a4f5460a97244ca9c834b8c9e9

  • SHA1

    f2b41aa0747ba3ad8a61f331f8acee0c2e8abb75

  • SHA256

    557979039b153ef19b45d6c405cb099922ebc4fe8dff8c4332aef11aed130af6

  • SHA512

    92b0df76e5eec5bba5c983e859447994cbdbe059fe0ebc9547826ccfca1a893846fb6b534dbc26ef2e5a8c3d99e02203a5541234dc685d7348c595d9a95632f1

  • SSDEEP

    768:hCqMou2vYoRUXTE7pdclzSwnqF7JKnYY8r74pg82WZT4fnBWF3eJ5+HaI5HaHJd8:rxBeE9zJnoF36Pu7J4E

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Read_Me.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1744
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1744 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3052

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    567fabb3a79bd7c9c961cd611c4b0e7c

    SHA1

    ebf374a81b306cb8aae37e67c8c7753ce0aae50b

    SHA256

    e391bc26154cb4cd44566a2d84df23a913fcf7a9bbf607e4a21f3cab5aa88633

    SHA512

    acbe77c1fa272eb31f1c4f42a4ec7725477167af11e46474407e229e93e2f325cd4c78bd86ad89e42f9c9c85c3bf407a101f33b4946ce1ab47b1cd51eb1fee49

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ce16ae1d95586de5cfe990ef70f3192e

    SHA1

    e10b355c6fd7700a351a34987e28f5be2b09201c

    SHA256

    f30de11dea327e8fb721f3cf9a7f9538ac85e338171cb705a3ee3d302f95dbbf

    SHA512

    2c67a35b47393a7dee212964214a8d79e29757b624d49caa6fe91937ecfb70611d7f7c8ca6d062b12ef98a4e4d772aac428e8fed56a8f5f4da4d2b773f01bcbd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dddbd271779de1a21e332d3f4314f476

    SHA1

    79e479af0e0e82d5bb9f9a78bee1e1a1c9972d13

    SHA256

    55a51f556cb733eb1692252f2972e7568b91ddde99d6523bfc8e275bd6e503a8

    SHA512

    01e884cd5f49033a4c34e0a92f97d277deac776206adaada479fa33b9c72892d83a6f8b7953bce87c09be60d46e82e8cdad21c28e44e7076afe5805b7e781972

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9997fc9c51615e23cd1903af88caf962

    SHA1

    8c72f18a9240b9b4eb6143c9b2cc5ea70b0c4f14

    SHA256

    df7627b9bee413558c9054634b8daeecebb625af1aaeca874c6bbf32b82c84f0

    SHA512

    8d824faf2242a4a42b0b8c7847721e5ddb610ab4a29dfb127257361f053e2133c89e6009f608618c5d886f7ea0f1afce69c0200a5bcdbc85be05699dc893d9cc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1c0e7d21663592e19a3d2f078d8dbade

    SHA1

    8fb7cd35ed31b19a030bd9ced3addd1140c704d7

    SHA256

    b0bcfe1f0ecfa802205910441c51c923e041d04959a7e0b291647d6fb6c4fa0e

    SHA512

    4dceade76cfb1e18b3d90d3c1784cd997310542909bcca37256af8d08a0dba29df0eb60e87fe3f9414baed137b0f972e82f72c7ca8d8af08aeb4b38acaa16f58

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f5d0e71deb272b85554c4a1e7b327061

    SHA1

    18f9faa573373a7fbf802f3ebbeace79a4935862

    SHA256

    c02f61e8369c41d1b16fbf8c8870c808d0b85aec0739eb8b7ed0e8d6ff034dd4

    SHA512

    23922ff2047886347abcb6658cd316963831672587bd1aab95e79d11a8c0288923396bf37b227d48a2ed16d3e8b69794dab4c80539a91abccb7c344b747ee300

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    106e34ea94af088c8ce71368ddeaa033

    SHA1

    4567264c1314510acd0b2ea0f34f1693c52cd9a7

    SHA256

    7b86538613b62f0102d2033d9bd123eff520ea3ecad07099ae8a7f2302e671c0

    SHA512

    f87a03129ce56ead43c199036c94fe6c5b4e7f2d7425feeb30b24e02f4679acd8b28f0352bc152e3e57498edddb50728115ab7a1996270e6f693b345c798f72f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7dfdeef24dfb492faaf2f4d91f6e061c

    SHA1

    0c307f60451547255657f8624ef79e814564aa13

    SHA256

    9b12221fb3b40d04cb655d5ba61bffd79e8b33b774238eb8ba7905a9fdd38585

    SHA512

    0d3bbce0cfa6ba53b12b551bc7ca240f09451cbf2011b7eb24b45a366ce2e29cc68c3d359ba1eab547e942337b4442a2ce2266cc5501e3f9b6f7a32a7443d610

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    38326c7f71feac3971518d0ca9a5eb97

    SHA1

    b069def24b8528b12050f8d2de6284f8d0426879

    SHA256

    afe57248cd39405b3549cf38ad6ce998983fcec8d3cbfb25745a2bf20f34892c

    SHA512

    cf8683f142580eede0852582585f1ea77f130f174304bad8d4dfa4a6040ea98ec0e1491e4d41721fb3685d8c65fc3ead844024110f97be4fb10d235704da2c0e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    62025211fa18dcacc98437583fa7739f

    SHA1

    99d050afeac7a69dc3d8e65ee5ca0fe5db3be629

    SHA256

    fe4ea930d25fcd43e3b36931d1f9d2d6b4a6322f582366450cee1524a636d134

    SHA512

    317cbfcff24bd03aaa7e951e4168fc0dcbe5b84eb0bebc58b893838915024712d897277dfbff560d0abad8faab5acb144e5af63b3d43ad2e3f9df1865a69a088

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab427F.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar43ED.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit