Overview

overview

6

Static

static

3

Obsidian.1.6.3.exe

windows7-x64

4

Obsidian.1.6.3.exe

windows10-2004-x64

6

LICENSES.c...m.html

windows7-x64

1

LICENSES.c...m.html

windows10-2004-x64

1

Obsidian.exe

windows7-x64

1

Obsidian.exe

windows10-2004-x64

6

d3dcompiler_47.dll

windows10-2004-x64

1

ffmpeg.dll

windows7-x64

1

ffmpeg.dll

windows10-2004-x64

1

libEGL.dll

windows7-x64

1

libEGL.dll

windows10-2004-x64

1

libGLESv2.dll

windows7-x64

1

libGLESv2.dll

windows10-2004-x64

1

resources/...ng.dll

windows7-x64

1

resources/...ng.dll

windows10-2004-x64

1

resources/...ng.dll

windows7-x64

1

resources/...ng.dll

windows10-2004-x64

1

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

$PLUGINSDI...7z.dll

windows7-x64

3

$PLUGINSDI...7z.dll

windows10-2004-x64

3

$R0/Uninst...an.exe

windows7-x64

4

$R0/Uninst...an.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    122s
  • max time network
    172s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 10:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    LICENSES.chromium.html

  • Size

    8.7MB

  • MD5

    1ca87d8ee3ce9e9682547c4d9c9cb581

  • SHA1

    d25b5b82c0b225719cc4ee318f776169b7f9af7a

  • SHA256

    000ae5775ffa701d57afe7ac3831b76799e8250a2d0c328d1785cba935aab38d

  • SHA512

    ec07b958b4122f0776a6bded741df43f87ba0503b6a3b9cc9cbe6188756dcde740122314e0578175123aaa61381809b382e7e676815c20c3e671a098f0f39810

  • SSDEEP

    24576:ZQQa6Ne6P5d2WSmwRFXe1vmfpV6k626D6b62vSuSpZ:ZMfTVQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2896
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2896 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1192

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4b912eb86a5f8cae7cca65ae394847f9

    SHA1

    197f419a94e38099d7b1fb4ba2b4847e19a22b4b

    SHA256

    312a1799fad4f4c01a519d473b95a719deb1334a2f58de121fa71a5be73d00f8

    SHA512

    188465ed2100ab7c0a91a095ef72963560bbbd447c7a8b2034f85a47499a0ec8e60506c4e603fa472aa969938cf6eb1882ec9ef9c874ee46be9513fd11dc06fa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9334db8ecb6556fec7759c91855b5e93

    SHA1

    e40b860935a767e07195ce201b5b1acc52fa12b5

    SHA256

    0a24ba5731e8d71a196063d3c38956a227880b794ee8838ce67cfb90d413fea0

    SHA512

    d69718002001e2d9faa0c0380b66d86202af4fa288acd66c3f21e1967137c4346d88d9a305cb6e3063295d9b93b696c410047b56f39990e35bfd50883dffe0ed

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fa9c6759e6ff31193a75af985ae754e8

    SHA1

    497a20630b7de1791daef9a9008fdc1fdcc0f0a9

    SHA256

    44b4f5f1cea4bcb59bfa72cc63a2729cfff4b3fca5d7361128afc5c413126a7f

    SHA512

    514228b3563db350e884d1fdcf8712b26a7dd0dbf8778b1a807b3d6889cb43bce758a8222d2cd7f43537714b18ead4dd75da07a984cd9dfdb9912064cdefc397

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    23bc570bbf5e92de9d78c2964a49aaad

    SHA1

    ff24fad818132562cdadbeacc8c0bd1ab867b98c

    SHA256

    e14ef4c70b1f450e7f4f6a0e6ec094aa81ef391e4b5804780b6fa0d9e8d50884

    SHA512

    c5a825a33233a19b6a1a5d7638bebb8498e275bc62a9004230cb4aa8dba88977da3deef31953009534218b0bfa546d39f6f8fa208f93d7318e5fef14f8297a0c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    063670006f455da66eed112ed3e638be

    SHA1

    b94a5998fe8b892907abd1af5af838ef0e99618d

    SHA256

    ad23add5532671ac5879b662eaa35fc323e44f305928a7ec69917bf56c73f12e

    SHA512

    970a6ff5d11f700d6aa7db298cbc84d6b6fc3987df2d7327e0de943255f6889931f9bf1abf5344da25350478aaf675c64a76e8494bc2b2b8c17e5c6638df4cf2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a9fa62a6425ff51d14a3e39aad5feb04

    SHA1

    dff5598825e5fd49ddab847bf15a9a2eee029f1b

    SHA256

    575effff9ace981cdc7026ee0364a2e82b1bae5f082693102d7bc93ee39d6c91

    SHA512

    160a10f85458ce9a90151ed174a79522d21848865745b43398ac960c9fb4e4ddae8cd103c8c0c3d5839946352124c674384d438634ce701d435a95d40e94391f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1b13101857a5158f2aa18bc58c161420

    SHA1

    29b23a61c83e00eaa3abeea02a5c3aed32064417

    SHA256

    cebe261a307718cf15a4d4d4d165f78575b839ea4146fd1b089a6ea2dbcd5753

    SHA512

    a8520c64f1d3a40c41f3c24ffa39f0be956d8e76936941348eaaf4aeba4ca038b48b07afe2bfc85f449d608eb5222483269173be53a0656bfbec3106e0c01211

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f5a821898fd3d1bfe0a2e60376e2dee0

    SHA1

    6e73977d4ec094c92b87f1347a15fd5ef9fae9ab

    SHA256

    50339eede91d61cb735d3186bec5d19328929b3cbc753524e4ad559b79d891c8

    SHA512

    6872a747010bdfaa3187b6dc1cc302f95f9515bf726239a1520810a7f71df1d9f366a5a88b3455bfbc978542fdac8ad4c5dacc07335eeef0f99565b6e7d3b949

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    86d8e503a00dfdf93390a4081e4ef1a5

    SHA1

    a04c6a44c044d954e1521e02755f113d0a1f0ffb

    SHA256

    809da72c707bf4bc7e21c48e351523ef29748faee2f9143a401418e04cf9176c

    SHA512

    2667c1d4c79cf703a5a43f95718934b5f690933d36aa68bdd93042b83d9e9b8cd2113e5cbf14b5e346ecfe835d4cfd4db8d97cbe300ab5cbe1b2859baac8592e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6c5a1ec6d9b54ef8dcfe969f5ad99fb1

    SHA1

    5c4a07452f3f210b7a7470102ae56380502e1bf8

    SHA256

    db52f7af08808619f517bcb39430f725a3e17a018984095de911c8c14c48dfb2

    SHA512

    604bd0aeb324197b53cf75b742ce9b6dda6530438fe22b2b8e5bffcec703846bf42a87950fc53d9a53442964edeb977d21fedfa09190342aa9063a624be04eb5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b1d9b02a3ed100119541d1fa8959f99c

    SHA1

    0e35202a0c61a0f3ea8b2fdc12559fd6e883f2fe

    SHA256

    b8126f048c64c430079ec42fb6b915368753a7c9dc58f4f88d0493694e237bae

    SHA512

    0e33ed4fa49164c80b2454eedb44f255e70042a75143046e3d262c4e140fe78ade3ce48d6d38c37730e22f5dd5a821a9803faefd30dcd9a61890355e774b0b87

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    858250b0f80184a28f257022794ffc92

    SHA1

    dfb5e1bf50b3e5b7c0edb081873fe3c1709dede6

    SHA256

    4c626e2e590b76efd11cfacd58769cac72949f5e65903ad748a5b241b35d2960

    SHA512

    20b6361f5a406e51d781ecca19a830e6a9a639ddfea52df553bfb20be74b95ffe81d92b7ca9d200adf2473b24701f73955a0312c6b1f3fec7f3e140ffb373f97

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3a96558d7f05b2720f063c401132af52

    SHA1

    636ecf800c18b6f47c99c689751ed7f729a83eec

    SHA256

    c13767ec4e8a94ff58c2077f00ffbd9db2b44dedb5099decdb8bb5d33f0c28f2

    SHA512

    d23ae9acfa01139f0742228a56c724772c960d278b182a92f5216906d8fb7945e10b3c82e305353f3661100fe5b6807c0477384dbe3ea5495812d30c7b04b115

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    02ef642300b6b0238b279d45f43ca1ac

    SHA1

    3f5cd6a6b8301cb7d93e1f39c4d42b4d0748bafb

    SHA256

    1f7615c1c335939cb83124fe3367f374cbb934d024555c6168d01e7747955e04

    SHA512

    c19b33c367d989cbc2465d71ecd9bd37ca4f835c348114d14d1bbac5d502b5c960ad7e730f972e3a45fef97ae1d65395a319ac1d979ffaf5196fa2bab444a42e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ed0f50228e49402117a0ef1c321cc9bd

    SHA1

    9d9729e95c999d878a338b8e05088342690af650

    SHA256

    d619d6dce947d6864d8d3e3bac80c6e30145a4e7d92e282a0cbda13037c5b36f

    SHA512

    7b1404d066aa3ac95d035cb88345171b1ac5c2370e16aac78b5578cfb05ec1fb83cb7e5c86ff5facaafc1894ac7aea2f4f9e49c449ddeb124a941dce2723dc34

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0adbd08153d0d644562cc830b586c896

    SHA1

    c7362fd2a6d665b3f024cb6c815954ed5cc43205

    SHA256

    9fff0a8bf2d8a0764144c96cdd1cae2740203a8848f01464297091a92cfb6d09

    SHA512

    5a06d40f86a2127faed58119224bc3342a48bf895623e6b490e1642b9821022c76f022b7c3922a62572dd01761f455e8c44c0be2b5b4eb8b8cee4be972a4de67

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8221c0480491454247c51be9588ef571

    SHA1

    5c25e12b28eda0a5abe3aada931ddf8fe297dcad

    SHA256

    f62bc8a78591475ac16d09902c72d7f8c98fd3049b4cac3050e13bfded104919

    SHA512

    61ba11d83389482aee59ae1cb02411c333b584ae3717f3f234a4f7e939bff82be4ea650a225db42ae22e6d53df34693a9297534f61afe80cb82a3e0c03634204

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    90ed116c74d39c905d17e415afe0803e

    SHA1

    6f29112bf2cd7f45e8441fea8bb523909a7a5d55

    SHA256

    c0a279ddf5acd2cc84f134492cd3a95853a7cdb4260cc6e0f33784e1f4fc3231

    SHA512

    19e9a363b2d9264f42a861ac860dd3f95001411c09789267fd17cfc479124f6306f4c02ce18810d10ecae905a182fc21927e654b7dd230802073f89f8adfcb19

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab281B.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar28CB.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit