Analysis

  • max time kernel
    117s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 17:31

General

  • Target

    Lossless Scaling 2.9/LosslessScaling.exe

  • Size

    962KB

  • MD5

    4c8d9566dc1e5f1eae914a546ee819a0

  • SHA1

    8b16f43b0c84a43eecb24aad51d33795752a3b07

  • SHA256

    b5b9671a6e309afd15a595ca96ce2d294f26519c73e68c4909418a3129c6db68

  • SHA512

    5a7ded63ec2c6d3320d14bdc876c4f51c1a7c6e1c8a89028f646c03a2b393262db3b16d66b58903a83f0aa34218a8649aeeec0cf49a0ac9a404d29336bf85532

  • SSDEEP

    12288:ixNRPEDS4MCLSyf6mOuGyW38yHJc+CKtOaO5Z7WhaGwnzE4ZbuRCwmhI2J+0sDw8:irRWtMCLPf1Oi32OvzTo4ZiRlT/vl

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Lossless Scaling 2.9\LosslessScaling.exe
    "C:\Users\Admin\AppData\Local\Temp\Lossless Scaling 2.9\LosslessScaling.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2780
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch&plcid=0x409&o1=.NETFramework,Version=v4.8&processName=LosslessScaling.exe&platform=0009&osver=5&isServer=0&shimver=4.0.30319.0
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2128
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2128 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2856

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3d96d0ce287d6bad7e055032bfe5abc1

    SHA1

    c29514f0f57c8c2be5e1367c66f6aca2bbb720e2

    SHA256

    2a2cb71cc378cf9d04c44e23a50a3da59052e8b1b4f35c7bd8c2fa53012188f7

    SHA512

    c96247614fd70b0167565c7854d7141bbfebfbf0ccaa594b5e001d03e49a69a67f5ea056a4b1e145bf01b7a0f89e4198ff6c917bc4c2c5b22bf226e1ca2afac8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2a5a69a41f4325b40eeb7659572becbc

    SHA1

    d0c514d1ee31649a978b2a3c6f2429a70120372d

    SHA256

    aeb4ec966170c1237471e2663939da2b700c1c270abb95356df3e91f982acf5f

    SHA512

    f58dbccaa7c3a57074533e48baa90195e7b683d5d843482035e4f9796537103f819c9ff52348b4b808ef50af89a562d2e03a67b3d9e6351c2815294add5ef3c2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    baf72129a355c9937d98e50940f0a26f

    SHA1

    08fd9fc50cf3cba320dc4a0198d77c0a14650255

    SHA256

    702712ade9a245647f7c27068b3567cb87165e470aa9ef551dafe8ef8341f6c4

    SHA512

    2ccff41ec25370c3af44b37df2d39b7e2f196ae99d3a253c96c09842fb1409a764694c5102c38ae5a8ced726af20ab3d898b6d3b2c1aa6a098338a023b14f9dc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    07f4633cd0cf32f3d101ce41c07e39a4

    SHA1

    2e2d8fba0ca9b468f7b0183a80ab73168c35ddf0

    SHA256

    ec080038200da5beeefa2a5891dae4161e8f58998d1b58ce5368eaab95a4305e

    SHA512

    55ef972d27484ffc6f26e6b15f0c5ba7997242cec32eafd42c305691756f999219b9d09ee80c058a97bc5e334a5be3c7f4c6557375f2ae7b47c114fb27d7dd92

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2e897973b6a4cd68d991e9527f7fb047

    SHA1

    b1a2d1190b622ceaaf8437deffd84b64541ee6ba

    SHA256

    8921fb10800a50517c8231062510ecfcedd28a564b80976f16acb92ea0a82eab

    SHA512

    216583f4fcf0f0f51ff9ae783f43109f8c893ac1d62933de7c80cbc8ea73ad347e0617616104d7ffae2b4bab4462bea02d909fdb86ef6a50bbfadaba6aa83175

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ac2a92992d466ec42e1b1ee25ae2644d

    SHA1

    be860e342995f9e9e93d22ce52e6a0aa31864cea

    SHA256

    613408df75c736980c738bacb3192f42d3c3355d827becfdc8e5ae4aa2738b23

    SHA512

    aacb4c8edfb18c6bc08ab8f7de73bb9790fb71bf60b92e7f15bf43e11b4ac86422de0a88a822dfa2d89cc36ee909baf091214582184d05ef1414c7daf19705f9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    22e401c80f4d8c9dee9e25f5af331005

    SHA1

    4cc70d533f868ebd3ed5a350e9b7456a4cbbf56e

    SHA256

    4117d3ff796c1b3f39834fa058643db249dcf2f70f4e652d66063a920f99bb64

    SHA512

    a2a59fe495eb2f42a8439c50f5f769248fff0da9514fcf57714b00c6f0951f3aa71dccc8db36ef53668a5633a237c45057ebd83810978392ed4599af0405e710

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6a869220a8e5eb3c28c8939432de0610

    SHA1

    e9d2a2f76ab61fa07e4f487e6268668a4007d00a

    SHA256

    ff5bc5542c81e2d079e225532dd22786b5ca27731a8a0d7d0cc8bb0888e177b9

    SHA512

    68f59de69d122383b17afcee18395a58075040e6dae611ce89aa45d6156d699f2f44d92030b98c452c22a7e8da9455b101bc913ec8f64b946737c4fd7dd696fc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8f5dfec9ab77fedd3edeced0692eb1d7

    SHA1

    5686e411b2344ea6b6bd2599633057f61b72ef7d

    SHA256

    61d6839bc5e8f2e314666f4953f0d3f151bd626394106dd3b19e4cf01d3f7819

    SHA512

    5a70e371987ef0a3e4fa1ff71581025a85f579d96b0a952d7ea28a92e884c081af64b025c010706c53b50f733f919f79c6f6fc054d0166c7c5d082fb8d65b792

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    209a4cad937890d43525f262bd4ba450

    SHA1

    ef3382637537e723436db4384a2c1a4d94b5d9d3

    SHA256

    faa1b039b9758d5902e2833005e5e077bc1c593e032c7ebf0cb8f2262211ce6c

    SHA512

    eca0f43b4eb1833b882b028dd4ebbf2292fcded7126ec0587a23d20ee3a8c7ddfc17fba31f0c35ee6bb9bf1491662eea9310da704e9c8cb0ffc19ca7a4897dec

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    39758c763deb697d8943e8ed3b054995

    SHA1

    00bd970cef68739bcaf64ce415a55ed22d993ce5

    SHA256

    c4f76f98e43c38f1fa9d866b23c116928924186d6c0654213026201dc2e4140d

    SHA512

    54cb00c2aeb57513014bbc72ab08b1069c3999971a0015b75d7c0759200bb086b5c43c67a414717c4a4a06c9379f6498482e7f8cc256a4e1463ca37a358f0a3d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ed12fdcddd81467c39ea8bf23c386452

    SHA1

    1cdab00b43233012aaf7eafa5756874edb564149

    SHA256

    c8b8f689cc94f9263b68070c4cdc7a553ae26c062d3e03ee2bbc5acf7758476c

    SHA512

    33dcc23a32394e5342152cfcf35b508e1383b9e29083b9b8b3b6a64b63afa40d6fcf36223178c04ab2e48cfd927b97dc51ef030afa1ba44c989ccb84d571ff6f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d46a6aad7abd864e1a9502929c997626

    SHA1

    dfd9f3b690072d718d6435be8dfcead3781e5676

    SHA256

    5f423bb00c513d327f5f3be02d688e5bb05ff60d40d4c5ec7aa11adc25ee9301

    SHA512

    5c55be8becd6ff0fd5f8614fce48515ba05ce07c0cd7699b0090bfe08830fd4cb2038320271a7b8a978814d83b7ce08a04de31723112b164a88af0ca50ad7684

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fe274babf1cde4419179c51e0dc124ae

    SHA1

    d8ae0b364e87b8ccbc2a8d13be82a6e5d9cf3bf1

    SHA256

    7f7b6680c6db098e7bac4a45465093f0034ad39854477c7d2c17673bee137cf4

    SHA512

    4941d2c9c0050021c63c0cf3dbc34390cbb86761136aa0264f05ac69e7eb3c5cffd8f2119fe8ba1b80d8c6facc242627d0cbfbcf44b038a589dd1d84bbad1635

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5a4d6dd78b4b355e617dbd65eb9cd36a

    SHA1

    e041d5233c86e8e56d76ea85baedaaed940bd967

    SHA256

    6fd2e2c6cdbab8314205e65557840796f0a4a8bacfd18c91386f04832e68224a

    SHA512

    5783800922eec12ce02ba3fdbe5cc19b6f9c7db9e0b47548e46c894ee7c0d9b476fd69094d0e5ac99e5ef16c9ce2b0be19dd8fb2a8a00adde8d8c76ef6166ff6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e90305110f949d83b3e8a08a95821d8f

    SHA1

    29cd671890b84a240d1ae7674297bdd08f0b535f

    SHA256

    4221a1e3372d2a0906016ade531928e129b3463e25ed8a093adefd2b1fbbf6da

    SHA512

    fefdc4c7e5901b42b05d318ef7b1ba8a6c0aec645598fc227fffb162221def91aef5b1991250131accd1ee7d349b511dcaae046c89dc3c102d422f676e6ac159

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    48b5ebd82ce1d439bd534169639d60f8

    SHA1

    d9833cb495e2de0b59b2c0b288ef705650964354

    SHA256

    c1ab7936053f2b83a194439338003c3bb99f6c1a071255e4251a10642670feef

    SHA512

    bd5c765dfd2c8d628fca52166b133b80263eddcb5204a1bffcd9e04859bca87c36c741f83f70b28cf74afdb6b0ca9edd8c55af4d351133552b7499a4763bf3e4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c9b1c05bbf0899612bb8e336b6d96474

    SHA1

    98a722f83f49c02a55f459a228a66eb15a9020f6

    SHA256

    5236fffb02faa9e9f6ba0493c94fe7e0b937d44f98ff60844fe4e5229476653a

    SHA512

    ff9f8f51d70529844a4a4364025c43154b0b2450dd8b5a0f519471395f68042d413a42f58eb71ad95457ca4de16dffb56e9f67d79454a55deb3136184f0fb14a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2c9de3b500eb8d7ea981e9b3319e8e29

    SHA1

    f63824e61426b88d8c73c0dbe81aacf56aa9a102

    SHA256

    d09810ece3cc413bd9197259278e3a86e2cb73341d9523894f819fa2cf6a2712

    SHA512

    e8372e988800e3eecdb9264bdbd9bf5b6639f8eb8e54288e41474cc145d8ba72c885d1e2b5e0266f38c2b6f3dfbff8aa4ef552b4a7564acf42c2240d39a089de

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    634767e362d2db79f7982899b2c1a725

    SHA1

    a1e35a639846e9384622d66674341081460cf14e

    SHA256

    83007ceb60352919eeb8fa37e243ffb94b9ac0dd21d75b6882b9a76d435d7804

    SHA512

    400e8a8f049239d82eb303f5150d2d32be4e4b5f9b5ae65ae44289a6199214347ab0c67c7238464e881698649de415cac5aff69fba5e2f20085182ca05d57748

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    34f0fc26d18af12fdcd0831051839d38

    SHA1

    4184007c93f9050d1f435fe73dcb60e2bd52f121

    SHA256

    512e86fce56f30079354b26dc4e158b78a3df7616098ef32fa2803152c1ad531

    SHA512

    b10611a4b616d6604fcab27f29240868a5872c6fec6ca570975b075839c59018d69fece264f5ab93c25b81ab64a672294034b711244407cc19056f03b4a7ef06

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ca241f3a08940028093cc437802bec81

    SHA1

    90a50f8cb9d52ed98557ed0c9c52658b082c950c

    SHA256

    63888da63e8eab747e759ed0531f3309435ce6d831e0fc337cc3666607bd3337

    SHA512

    4ad974bdec3c8cfffba00656b43df22a09753465ef730f345fb852da6bc54feb251221cf0366ddbcf2b6ce8b97894c4e87ed3f9637de21b02bd253c5cf9eb557

  • C:\Users\Admin\AppData\Local\Temp\Cab76D7.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar7738.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b