Overview

overview

7

Static

static

3

feather.exe

windows7-x64

7

feather.exe

windows10-2004-x64

7

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

LICENSES.c...m.html

windows7-x64

1

LICENSES.c...m.html

windows10-2004-x64

1

d3dcompiler_47.dll

windows10-2004-x64

1

feather.exe

windows7-x64

1

feather.exe

windows10-2004-x64

7

ffmpeg.dll

windows7-x64

1

ffmpeg.dll

windows10-2004-x64

1

libEGL.dll

windows7-x64

1

libEGL.dll

windows10-2004-x64

1

libGLESv2.dll

windows7-x64

1

libGLESv2.dll

windows10-2004-x64

1

resources/elevate.exe

windows7-x64

1

resources/elevate.exe

windows10-2004-x64

1

vk_swiftshader.dll

windows7-x64

1

vk_swiftshader.dll

windows10-2004-x64

1

vulkan-1.dll

windows7-x64

1

vulkan-1.dll

windows10-2004-x64

1

$PLUGINSDI...7z.dll

windows7-x64

3

$PLUGINSDI...7z.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 11:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    LICENSES.chromium.html

  • Size

    8.8MB

  • MD5

    2675b30d524b6c79b6cee41af86fc619

  • SHA1

    407716c1bb83c211bcb51efbbcb6bf2ef1664e5b

  • SHA256

    6a717038f81271f62318212f00b1a2173b9cb0cc435f984710ac8355eb409081

  • SHA512

    3214341da8bf3347a6874535bb0ff8d059ee604e779491780f2b29172f9963e23acbe3c534d888f7a3b99274f46d0628962e1e72a5d3fc6f18ca2b62343df485

  • SSDEEP

    24576:cpD6826x5kSWSsRinoHnmfm646a6N6z68SH4SApTJ:cHSek

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2468
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2468 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2196

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bd224227de55cf7ff6deca3ca180b84e

    SHA1

    1d0e172505b9c71bf84b832be5259fc54c909f99

    SHA256

    0be196e3c50323f792ad4c05122f9d936e48767a87bd69186f03df9aa4f8ae68

    SHA512

    a5f432c93aca2012a9d4f2f0b6cf273eb92a5141299c883847680353c4d304c98ca7695e08276ff942e35ea1d1af48bc46f9961c5879a3d24183293d537137fb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5fe56404e7c73584da530c4a174ddeb0

    SHA1

    1108e5aebfdbea74bdbfd781bc81653a56710974

    SHA256

    88cff39142a2c4980e3301e6da637361dec3b4b9f77d7323b564a0d8e969e621

    SHA512

    0b45a7ff2e8b233634fbdf5ad4fa06e6af32b9dc639a9e80f86c90f700e7686333253fc9fc28775bafe50bac12c8600c212131753788fcfa4cf41e8571deee43

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c2e38b108461c01d1d8ac5b7ef7bd035

    SHA1

    88e645d6c7637c87e9fa4c841d82bb7c7845f97c

    SHA256

    2eb17c9c5ba87a98cef41a94bf9a5291bacc3736cce363e2763bf45072c8edcb

    SHA512

    bdae7293a1198cb1dc39d8706456dab33ce48ba1209dc69f60aa188c4708a19c0814c07bd934924bec7626324219aee486336f1ef2a8751a4d496dcde1e3b866

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    049eb9893185c104e40f3ab58052cc39

    SHA1

    d041d05a4aa9809f99f8f34f3392e7af2c72f6c2

    SHA256

    e87962a8b03d398d817169482f376185f796ae8f040d2d540e7cc5ac162e5d4d

    SHA512

    fdf83d8d88f0e6921bb95267f6a99987bf2def92d0aad8a6f149ffddee95c109b8e07b2a3054c7504b4de4a448274d63e235fdeaa8b1661401abf27940e008e1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a9bbb58846d7f10dc1b476c182ff6039

    SHA1

    0836d08a51716c1cd7f69fb2d5b68931cdb82eff

    SHA256

    8d0bb2c05e005abb368168c3e2155d8ae94d42838e9f002707c36b2df1751e40

    SHA512

    436214851cf344bd1527e12ec20d19f7dd68ff3f62ccc5c076e1353bcf99d86f9f58b0fc0d2ad6f779ed0c5cdb1be0561d9424ee8ec7f0152c7905e2bf80c611

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    69c4fe063dace3c447eacb3b199e307b

    SHA1

    a60327d46a222db81e236864faa90e6818e861f0

    SHA256

    4d71773f4fd19ae3bfb106f7fbfa8075d7d4ce64324ab49b4397aa14dbba8db7

    SHA512

    5089d4e2ef6925327f75a45e040d3c624bb2f706c8b8d08b06ec414de80d512317140a411306f424bb06156c07349e9db6d2540afde4192aabbb11b8a497a8d2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0d1823bc41717af83c6cb55b92d56a6c

    SHA1

    d0654b8851db55b3b0484e0bc177bcdcaafe4381

    SHA256

    33ad76ccc75ccd9e5bf9ed31b2b7db3fac4180ba58eda1c865a04db5c6221542

    SHA512

    9482a427cd43fff297bacaf9b32290a861c48cae24ecc47950391c48ea50e96a627de0441ac5ca52e7607c981ebb5064ab74494c90267789b0dcdad9dd76829b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0ae1329a1ff9a4c12ad1e7a35ca6e188

    SHA1

    ac74b98c3f16b026d2530d49ae675ec24c02cab4

    SHA256

    ee89583dab7301ac9d8cacb9508630773a33ef011a1f70e4f733c8f53203c2d8

    SHA512

    9e8133ab0c75710a7dbd56bc1db3547381aa421afa13c92c34a30dd318e21d12e8162ea92ad654c4a80ec46020bd33a4e34b689f6306def1b7bca3847ee45c29

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a58ec6d47606783091026a8164c5b1b4

    SHA1

    a5f83bdd8b77535cb994a87e9858ffeb239009d8

    SHA256

    7457a6dc5f7c1ed8ed97d926dace1a8ead5ad7bd0bb0b3f04350ad1d0234dbf2

    SHA512

    0d86671ec04b0fd5fa50ce55b98eb6489064707d59341db0bd3a7ef7b778bdd1140c52f77c7bdc16443e7e1243a62f40f1cdc86386beef181dc870aee24c6999

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5ab1e93b381367f0c81aa5f6e0a7a149

    SHA1

    50eca3ed660d749d39a472a67306e68895401ddf

    SHA256

    1a51a6b8d0217b5ae6e56d885ec3fd0ae2391512bb24b71e151d7de2223c4c11

    SHA512

    0df497e19f881849961d103165b66307a31f04c73113cf272df791fa0500b6fb2dc8c87201d0ff008b653c30db3760576559ae244fc90cd4f1b45ff5c264dc33

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    399550ed2b838c140ed8269a559c2662

    SHA1

    7e879f5f317729eebba479ddd8e30fe27b9baf6b

    SHA256

    30ddf80c1567620c76e9fe50ce9a931433ed03c34226195a239465e8eda112be

    SHA512

    798e44f289cf2696133a05d487517fa2676d48c2008382e20c539c15171a10200f5f28efb1d78605f63670efe3534c7375f4b0b3bab881248f048df6f2ced584

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    51a5a43b5c1413e331d7e6159d594e8c

    SHA1

    d24113c883655d88fcc8f88844987ebb1ff69882

    SHA256

    bc1fe93c5e18cb25c085bc6599e840f9ea7e30a5e34d555a06808081f556dcff

    SHA512

    2f00c98a5cfe937f03b4354e230b5381681206e0a47fd59e9fcfa303de35e21ec5bb04f9b0ba5548ab7e06b8a6f7721d2f75e8c4af733be1470894de2c0cc52b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a9447e11dce7e1686bb3c623ff9b484c

    SHA1

    e838246fcdb810bc01f2f2e6f9ee6e35e4ec0557

    SHA256

    46316957d09bbab0d17a13cfa24f2715f12c1369243f10655e85fa98cba38225

    SHA512

    e22d4a6f835095ca5d69df92312815634ca48d20d886aca348ee1938d90caa6a6750235f20389466336a681817bb713fef2f12f1fbef750b3c296931647f5609

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab47EB.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar488B.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit