Overview

overview

8

Static

static

3

a936074587...18.exe

windows7-x64

6

a936074587...18.exe

windows10-2004-x64

6

$PLUGINSDI...nt.dll

windows7-x64

3

$PLUGINSDI...nt.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$PLUGINSDI...0_.dll

windows7-x64

1

$PLUGINSDI...0_.dll

windows10-2004-x64

1

$PLUGINSDI...os.dll

windows7-x64

3

$PLUGINSDI...os.dll

windows10-2004-x64

3

$PLUGINSDI...18.exe

windows7-x64

8

$PLUGINSDI...18.exe

windows10-2004-x64

8

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...16.exe

windows7-x64

4

$PLUGINSDI...16.exe

windows10-2004-x64

4

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$TEMP/Goog...69.exe

windows7-x64

4

$TEMP/Goog...69.exe

windows10-2004-x64

4

$PLUGINSDI...ll.dll

windows7-x64

1

$PLUGINSDI...ll.dll

windows10-2004-x64

1

$PLUGINSDI...5.html

windows7-x64

1

$PLUGINSDI...5.html

windows10-2004-x64

1

$PLUGINSDI...6.html

windows7-x64

1

$PLUGINSDI...6.html

windows10-2004-x64

1

$PLUGINSDI...7.html

windows7-x64

1

$PLUGINSDI...7.html

windows10-2004-x64

1

$PLUGINSDI...8.html

windows7-x64

1

$PLUGINSDI...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    14/06/2024, 10:32

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    $PLUGINSDIR/g/gcombo/ComboOffer_1028.html

  • Size

    3KB

  • MD5

    3c9d9a1818bede3e8e7fa99685d503df

  • SHA1

    0db677e7ce9707e89c865a89cc6ab60e04af0119

  • SHA256

    5cdeaa26f12096e1aecda8acc42516341599ae4122d8e9c95d461ceb0a7e3010

  • SHA512

    9b9c06ef13ba802e0850fd98ff025479bd955c93925405bc7a181515e3c01d87b0b15c37057c2a26bc6fbb93fa814f4dc07d8658a542851c6dd2dd1cd4924632

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\g\gcombo\ComboOffer_1028.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2264
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2264 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3040

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1f9a0f138523733edf5445ce984bf3bb

          SHA1

          9600d5776c8ca2a5695dd5581d8d6aea43c0e298

          SHA256

          853938fcc6fed4d4c7fd9570a5bf0406706f959875a1bf5cb7075b80d843ed37

          SHA512

          0ca6a16d0f4a6977a607f8f4e3fa38a7d32bd7a2c460446738b913cc670dfd7bd01af9914859e952e7d3955b6b02a6d4dc6fb07bc50e642ee120ee593ce51893

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          8abd719d9a91dda710897cfdaa4b80a9

          SHA1

          10cb3b63371d7203d371b706aacde4e8af038b90

          SHA256

          b7bd6f160a423a879fcdc3e897098da2130881376cd260d8b422abe199fef3cd

          SHA512

          594a338b175dcac11fe43b1693a17a510b3b2b738f111f0997e576d8404396c45b3e9ba4bcc794e6151491b65a91b5bdaa897bcf9d70dc1b2779df1747c0be9e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          51bab9904d3260d1d9716a293f0cbbe9

          SHA1

          feef43f906f6f232833cbf00d08678862d741464

          SHA256

          2eb815ace4ccf3327191a4c77464ad67e9e72cc621c3a924caf873b582ff056c

          SHA512

          746b8b20ea173980f091c9f71e51b7c6121f25324c748c4c68ff6a5e266364f187bba446408d141d594261bb1c4c26604a917d1917c93a15cb563115d5e8ffd9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          53ac958ebbec79a45cd070d774b0263d

          SHA1

          82f0ca9c5feec6f52634150f458890fb33500da1

          SHA256

          2ae047027c6bb1576c406ceaf76ef4373a7ca4417dbec408ab8739331156e14a

          SHA512

          7432b49d31b56c6c1b5b8ae3cfa606c44afda93e56fa4c3890af7cdb2eebb2c146dbe9e1a09140d1357fdfef7b7c25dbdb07c80c9af90d7e727c43fc6c5b1d2b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          03d5336a088fa423b1b79f1954acfe6e

          SHA1

          969442c4a21db21878dc26908090eb169183528e

          SHA256

          04d914c86415f12c0de2e6f97b94eb66d76ce4855b2d0aafa11906027beb46de

          SHA512

          8d2c7a61b895049dc0dc7092988166a1280fc2786006ed322f356b19d33a3f3b82969b225aca857542183b298c27185374caa88bde366bc0381151182accea29

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          460c0404cb3d102afc0e134143b03aae

          SHA1

          cdcc104bc201e39ed4a2bb3551fe895ef8f83819

          SHA256

          c1b7e4e31e62b3e8b5c29a54965c9e4035212c46da799b10b1d29a67688cfcea

          SHA512

          48a250ab330759222bd3387a3bd3cc51bad2e9311f3f05fc91806d5e0df94db9a5145393400843aa8d68b57b17efb346a5dfbe60659f1b0d6afef9b611146cff

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          4a4e05c15b3f21074db105242bbdb2b1

          SHA1

          4216e40ecaa5ded7ffe0b8789c7bb8b53958b767

          SHA256

          c827de45109f228af483bdedad6362ceed4bdb7e4d881e49a1468d6f0042bece

          SHA512

          fffded6d7f264ce7af2a598915fd7e91817fdaf5772324defc393a654f24b788f51f395e3efd75f27deb680ae5ba66d40c5086813ffb3a935c2ee0184b31302d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          e87ed5f29a90084b5be7ac3487e446c9

          SHA1

          40cc33ab9af58106df69f59164e9b8fc7ef8a663

          SHA256

          57f9ad91592f19154694fe7e809c9c9de5c30e35c2340a142bacccba24b0f38f

          SHA512

          dcc6e3e9dd925a1297ac920dbc0be894940c5bd7be61226ed84828be273dd7b77d85b97a5cb8a0d8afade429afd14250594a9e46860ab2217540afec7eaf443f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          57a6718e05af18d129ec3ef1cbfba90d

          SHA1

          3816d1a2971a3034241b6314105ef050b61a4113

          SHA256

          9871c298f4d2bd4a6835d60dad071e4a418b6e556ef1f925d06549b4b30dace9

          SHA512

          7b303960af36a960ac7a9e8331c47d287213325338c0fe69d4aceb71eb3e49cdc252a2a059df42819f2a9b90fd1390cec5a315b4e37323040b3aa0bb1579f971

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          d2e027945e049264a59a230b5f5bdaf1

          SHA1

          17f699e99703510f798bbe6b5760ac8fc72e7db3

          SHA256

          25425c327ba7b8596c1f48398a80b8633774c18086e3a46a323951bb097c7963

          SHA512

          2a2bf7b4862c4ac346db6bf11a89421860603cbbaeb03e73526ea145cfda75950d134a6095f2b5602be40e7f79736081bde46838a528d99ff5111a41e263447f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          63d3458cd45382ed4df1a23accb159a9

          SHA1

          1f7c5e4c78ebb6094257206d974fde84d11fc7c9

          SHA256

          2a6d80da09bc8c169928497255f85abecbb4a2784a23654ef33dfb77cd690078

          SHA512

          cca4aeebe4a294b78421c57b0d7f0c7c27658c910f62b3bf0989eeb0b979db159929e8119c7f75caa2270cdaa456c40e2ed70a4aa5ea7ce6089dd687e8c177ab

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          be07767ec2e6c9a249d590e6555874fc

          SHA1

          83c699d284454f06b807bd717e483fdd72b4569a

          SHA256

          b0bb4d3338eb72bb96cf7c881afe5b722f8826742379239b7270485c13a939d3

          SHA512

          c3151adcf8694c028a7fb94f6d57c0e7927fa163863c125236ecff00affcf36b207cea089dbf489bb3abab3b94dae8ec35bf56acb2aeecb3a9ba55cb935b01c4

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          97fec906b497ee98340be8a73b500e16

          SHA1

          3acdeeb1ae921d5ea40b98864174538f3cbf4cc0

          SHA256

          ccec9a27385a7baad26cdab35463f6d380a5269276c8f8ae4c101601a98dddbb

          SHA512

          c78cce3604ac95547963cfb6d251a3a7d8215d746a39709b99a6d438a0456ffd15c66b398e71b18e2d59f89124f4112068c928bc785a59ceab6e17866daec8cf

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabA556.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarA5F6.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit