Overview

overview

7

Static

static

3

025642e318...18.exe

windows7-x64

7

025642e318...18.exe

windows10-2004-x64

7

$PLUGINSDI...RL.dll

windows7-x64

3

$PLUGINSDI...RL.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$SMPROGRAM...Ø.lnk

windows7-x64

3

$SMPROGRAM...Ø.lnk

windows10-2004-x64

3

Data/GUI/s...til.js

windows7-x64

3

Data/GUI/s...til.js

windows10-2004-x64

3

Eets.exe

windows7-x64

1

Eets.exe

windows10-2004-x64

1

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

ÐÂÔÆÈ...Ø.lnk

windows7-x64

3

ÐÂÔÆÈ...Ø.lnk

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    20/06/2024, 03:14

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    ÐÂÔÆÈí¼þÏÂÔØ.lnk

  • Size

    344B

  • MD5

    4c2a7c403e0c28333f645a363f606da8

  • SHA1

    fe61f5e318e323fab9af329245e4bba6128aa5c6

  • SHA256

    c755fd0b870f2367e644f899afd720c4aee7b019b5584a14421c407e7910de14

  • SHA512

    8516481f41413d3ec958a07af39aad889840f964d7cb1f8027142f9c65abea9821e3bf2fcfdd9fb2b1c676031d3096d478bf06586deaaac05a7d451b0c2146e5

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\ÐÂÔÆÈí¼þÏÂÔØ.lnk
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1972
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.newasp.net/
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2452
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2452 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2580

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          44c51fb988068e388b31dbd17871d2b8

          SHA1

          86cbc4cb1ae6841005979c232d0d802fe9e8ecc8

          SHA256

          b8f0aca217f39afc3796fb0edc6cbc2570fed361cd02256d3f0ce73d0e8a9293

          SHA512

          820cd48926bbe7aaa673ddeeed1968d58fbe302b240a98b691597e1b19784c81e36daeb78d48806ccddcefee7497ad57844d0efdf2b0710c3487c996f0628091

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          51c1182bf1dfed6b6e593639ae012970

          SHA1

          029b5d799a64c395443904d4905b5a744db5761e

          SHA256

          ecb968ad4030ed5845014a9d0c5ebf216aa2f1a84c124f016a16635e691f50b8

          SHA512

          ce8df3fd33734e8f4877233f5e89c693345407fa3eb5e787c9c658e505df229b654da385f1daba81206d1981a16296d955db33ca58e1a946c9cba2f1f6849592

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          94545a935bc31429478d318639026f54

          SHA1

          2b9e128ce9594b2e3420f0883d242f78d1d6032c

          SHA256

          324839793a7063a6e60b06d2bc5ab0346f69d222513686343f5c80226f6a0c54

          SHA512

          46d697e57ff15b13b4861d37b6ab07c9e017a8db1f123427bbca88ecffa88a859f99f0b9f0c4daed2ebd01bbe0d3d1c5df1d5f942f4206ad046599281ab3c0fa

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          cb2a2656d874b2a0cb199d5b4d75b93e

          SHA1

          7125f08a859cca23cbc1a78ea8792a4bcb5b5cfe

          SHA256

          dfce8621dde0fa69a5ec4fd696635a42f006584b5038d11edb76f88e8f65f8be

          SHA512

          b596a9692a164fd7f858b508fd57e01c4ef1d51b012c2225d7d25d1ed54f7223920a1d75732e2c255aeede9e8936126ddb634a1e0f8f54724e84c0c2fa56d578

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          687861eb416a7ccecfc08cbcd8394309

          SHA1

          46cde836a5db79397ce11fb9a0fb73c214873852

          SHA256

          29f4240f414516d4d3b91a36aa54622d393a65263acf0930aa8167e160cdd441

          SHA512

          9f32b0bd8f9700866915474cb30c08146b653daf7532621917b2f9b19bdfa8ecbd4f597a25081a3b7f3386e86f8d5b559be32d5684800028d9cac646689cea46

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          d0ce07277dcad3b56d936a7d26c17d45

          SHA1

          668bd2590cce609309c582664f16b69991015d08

          SHA256

          0f91b29cd013fa7e460ec6416bdf94156d71def069d2497ea343c1bb3cec6bf4

          SHA512

          2508aa6f61b0e5c2849165e770edde1ab456002b99615a1aa205d3907cba26a30d552e012c60aee415fe7774d2528066aa76c0d8c2a6b536f7db58d7a62c3e07

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          8e58dc2bcdc6b0885bcb3067757da765

          SHA1

          8243ced6070cd8fc07eb9d7057a74524e900ac96

          SHA256

          6467d7eeb5cbc2af04eda49a5cb9aa154a6824d92f7d2af4ac3c86dacaef02ac

          SHA512

          0fa1762e8b2be5c47e94ac7e7474dd440081dbdfa5aba9fafc84a5de3983d12f560539b1fd5b1d83f32eeefe53ae954e719b252eeb5536c2dd6d94be6b25ea5d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          be46645e26f368654696c1b635fdf7e7

          SHA1

          b6ceff51049e857338866d02ca6ebb93ba941e1a

          SHA256

          7fbfe131f0190f8cbca9ff0466658daf012d0685e47cc72a23365ddd7ae5418f

          SHA512

          44dd292a6f481834c1e7b84038f04c2b0bab8cbb82a139226d16eae2d916aec42f0030bb2ea2b466412dc940cfe5dfc4b8be7f6fac0361ba4f0ec43fe15fc1b8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          7310d2f8b55e98b3f9000b32d8dc7dd8

          SHA1

          23e05022908e843b2286c8bc5d00f502f21d7137

          SHA256

          f5f6be8736d0a24f2b08bb25801e9bb9473ddcb09aa8af0acc7b97928aa1b496

          SHA512

          3910a42583211f83ec11b6b613aba46fd20b6f8a8ff74a3da81de89c8e07068a4d81cbc4b80829c9813f4b5e13bfe447c94c56e1e6aeedea98a25708c565ba25

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          4be889494e383c244a42835b191dddc0

          SHA1

          e37dd41e5aa694d11ea61bd5ea89a6fee54c084f

          SHA256

          e5d80c43759636289595577fd8a3ac2990823b1ddce75ac21a1134c574286bac

          SHA512

          c707508d5d136a4065a6126faa9015a1112dbbbbd3ede7d7ce57721c8f9dbe986fc75a8f4a873ac84e660c567364e5fb88153be3eb18e6f4f0110fb7646b714b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          c3f250019835b88a29b382bfb0847bbd

          SHA1

          8e3c520ddd366a6952debb495c887a05ad4ab168

          SHA256

          db1e9f051d6a193e3c616952b55394ff65a8ef44e0cd666f02c5d40f53c8d0a3

          SHA512

          b54bd85070a6c7f78aacb5bba9ff57e9a540686d2fc1df35bdb3f70ccff8b27829db767568bdd45399dc515cd55ce05c3db1550ab0585fba10ac9d82aa363628

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ca1c59e95c09d176af5ee9f20b9f9159

          SHA1

          2c76a5d565fa53d25cfa3ac52f3d8c1ef2c76c54

          SHA256

          5379a8012c264e318ed334e97d589547845cf102c1f82e289bacd4ad698916cb

          SHA512

          88c347ae6f7b97aa62a191ddead09fb201f39999f2f16cf7f05f2892cf26d14f7008e3b923bd1553f48142cb4190c8ba1da4ef25ee3149b8ca478d554c757e6d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          5e97acc878ec7ae822d99ebf63c33750

          SHA1

          8cbe918ddbd264ee33d0427c2c87de774940367c

          SHA256

          24d6a1f7d66c47f7fb605993b5b84d72a608a33ab15ccc3215184e37baedf6d8

          SHA512

          4a4fcd4863677ee96b9b7b4720cf0d7aa945252655bbf5ebf96c7df0f418a46e8f7db39629b93a9daa392685bfdff4c98c6fa0531da938e90f3cd258d36697e7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          baf5392e86c3419c7284d236ff5ee460

          SHA1

          fe2ab89a531823ab237da982479d4f6d4bc325e7

          SHA256

          a82ce99066f57f7258ef9d8887840978827576d259f37918e6b8a9917985aa15

          SHA512

          eb6863e0b6b016301010a1f901dd4df8f5c7ed87c10737ba4aa042a58d6175f710eda96854c3b0c1a6f3f00c9682af6b909df9b46e9de7a620491f6a885aca80

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          d20967bfa7af1a18156134153cbe66d6

          SHA1

          426f6110c5908fed2331797d738296c5ff786964

          SHA256

          3f1120fb37f5f10417a795255cebe8d5fc09fbd5369b82ac5effc05097bfcb8b

          SHA512

          948573f49a2cadba60381bcfe93d4a1e03a77bdde9d778ae4f95a004686ed635d7fc31b98b463f3be796f19e87e1adb5fa3dd3289d114e93f283086da62509bf

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          105c9aeb239c738795318a8697f7380b

          SHA1

          be8c284b0ca7191d006ebc7d29313097d1d604a9

          SHA256

          c0a35f5cff2c294e6783197ac1e3a360695f80f7f31f021c88d2d6f90f829690

          SHA512

          576e2dd3fad3e4b3f6af87c71b2cd7750ceab010de444c411cbe54388183ae031d858b2011fcec00014d5f9553b5b7886e3bca7c53c4a91c7327346030b7fb5c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a13fffd3889ee13adea5da7699534f4e

          SHA1

          e20ce17131b9843c304909a12135dba69de60e92

          SHA256

          c97b29c883d3f094a1724e095a9f8e489f258358171b6a1a4af634439139eff7

          SHA512

          ce89d949c4059aa2c1779ed5bf0377d66bb33150faf3682c8ce443ba67126d9421e54c65537f62d86153a1ba85deb07bd05f0079574a7b54896222a07b54d23a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          d87721e5c326dadd1aeab5ca3f7ee553

          SHA1

          ed3a5c38d3e8736a8e4024130bcc84b76fbe2995

          SHA256

          1b66d31f34b6fa3b00de962338f12b33bd62539371c283e1d1c6613b1476abdc

          SHA512

          d7daa50ed57fb55dcaac495c91f3c55104eb1ab1bcd1b6c2191d026cb09df5925c7ed16f114d8a412553866908e21b9d7de243a52b901b43bc6296ba3feec925

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab44BF.tmp
          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar45B2.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit