Overview

overview

7

Static

static

3

035a63c0c2...18.exe

windows7-x64

7

035a63c0c2...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

FlvPlayer.exe

windows7-x64

1

FlvPlayer.exe

windows10-2004-x64

1

apps/ffmpeg.exe

windows7-x64

1

apps/ffmpeg.exe

windows10-2004-x64

1

help_Web F...er.chm

windows7-x64

1

help_Web F...er.chm

windows10-2004-x64

1

player/flvplayer.html

windows7-x64

1

player/flvplayer.html

windows10-2004-x64

1

player/flv...w.html

windows7-x64

1

player/flv...w.html

windows10-2004-x64

1

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    23-06-2024 22:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    player/flvplayer.html

  • Size

    1KB

  • MD5

    2b1b314282a57b4cc687771347694c94

  • SHA1

    f43b1990d8402919fddc49f85dec028697bbcbce

  • SHA256

    61e2f5b1a83e8fcd77889a72339d30ca967c2e5cb03f481801572ca8c510183b

  • SHA512

    4582136f2ed564ebd4d2064b7ca06b79e6feb138a2877bc7e1a4496568db9198e5c7adb702f57631b2eaba1bdb1903420992c4792ff0610f8b151023633c0b94

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\player\flvplayer.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2844
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2844 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2908

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bdc28f49e998b3c05a4e12e0df50a122

    SHA1

    15475d28c466b04b584f64a7e781c4f3fa0563d2

    SHA256

    b54ec1e0ab28841dda7302a798d3a86d049e6830f054cef34a2f1b7d2fe8178e

    SHA512

    7e2135f6ebcd0171b4c961e7fc29dc4fc5a9be31be1a4d73f52292eceea644956c044ddba62f76ff796b195bae89b3b46e85dd85b8bba3fd30e1ed59626c6e1f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3713eaa2b91420e9d58ad3c24e067336

    SHA1

    1f265098737bf4ac2132869ef4b9db3a4ac07e82

    SHA256

    cc4b76c720d9365396c70f33d35da3b480302141f57fd120f957ed5ecb7d81b0

    SHA512

    4cf7ba897ac1e81d575cf1fcd450dadc4e093007f612f736a9b5e434bd006af0251cfc52622671119ee381899b2c3c4c85f702bf2032b4d957f07ce7f5a10c2e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6d46ee2c08593b92ba225dbb8c58f6af

    SHA1

    5ff3c3c169a28e7a0618f6a34b2dc93494170316

    SHA256

    52bf6989a4ed9249a83b67cef107cc1420b90da4536f0ded5420de809e9ccde0

    SHA512

    0150118bf9ad4b9c8b3710648f8990911b111f273c7d7d8fd896729166e3e082b0d9727915bc54e3cbb2c3b305a04fede496c7b8f7de11cc0b962d7aefa1e11d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c21a8dc9138ca08ff99c52e12f75a821

    SHA1

    ab1f2ecb58ae1a020d30c823a0ccd6c7d63b6798

    SHA256

    200bc94489c443951a92486b8fabcf972b7274c9c95fd21f0cbc90edee1f27b1

    SHA512

    ccc85016f581a41bf74972284c469ad8f8c80ba848379998b4dc1aa59092b414cd9567b600bcd0944358ddfe5db6b487ecce976ae507fd0c9741ed3b8973d6f6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    28fcff065f68307d3a362314bd4a062f

    SHA1

    7afd81b355939aae919e39fc8cdfa05d11da6658

    SHA256

    fc2e08411da48348674497e827307fb6d7e0a0a96c4cb9715e8fafebddf7c39e

    SHA512

    e97528c8e433093cc0903ce3633cab8bfb1e99fd93c51744d39b340b2927ac045249e2b5b68ae22bb6eb93c9c3b2bd6db04413a316f8fbf68357319d586869ba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    927693a8c2ec5cdbcf69f63bff2c3fe0

    SHA1

    0d18581b440d44b219f0be227630c6d31ccceb94

    SHA256

    d46f712990359102e04a5b130c21518cc5952c3cc4d3eeeee2fa44c23622f349

    SHA512

    137b0b7e74cfafdfb1635a21c9022ded572b03d6f03a756fa7440f935461b9eaf95ceccecfbfda74f002ea91ebd6796a58f4c9ba41a5526653286c443c749687

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3289689ee4bdfcf8a825629ca81a0c34

    SHA1

    de4889916b7c77dff1675eed81e66bb87f406439

    SHA256

    a16a956b40c13dd83e33ddeb51a843810a86e7fd8c0a23026d31c61c6a45db60

    SHA512

    026ecd27184f0d33930196bf43eeca7626636f0a806249fe7e1866146f5432494225bb050c36bdc59c097d5c161d873be2b7895edf6a59391013715767a4a927

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e0d176cc4de14149d711730792077a1e

    SHA1

    848d7f4aa9256695557f7c3f0fd3aea418022fa3

    SHA256

    f4251cd4a2f3cc0fa603dd68a700b56bf183e6f72129daf2c30974adfad9f505

    SHA512

    88508a63c1868e78e7695836099888e55fe5e372bfa8619cc0991e79e402d37c00448cd239da749d9fcc1ebb79c319d298dd64424ef86ddbe7d201e5e7b3e193

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f1a457a7272ce9ec99d8f523c5e147ae

    SHA1

    2837c938f0e56ee61daed79329cf6c225f5a8ffb

    SHA256

    8b9cc69ef458d3780fad1e0697e676dfcc3ed60055a7b0231e743ec4349da2e5

    SHA512

    38b8d896d7d155cf84935b665d6787c3e73b6cb292dd6f43fa5682ab5cb7b92fc9d0cb7fef5c036f3d6e8803a098f696983315ca78d0b186f376ce8db13cd780

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6ee652b061f85b3645bd2942dfcd76c3

    SHA1

    323c26a48d567c8ad4b2dfbc941b2bfc7fa5b6ec

    SHA256

    d156955cd1195fb7077b0c850491333467fb619b54cdf589527e6981e274dbdc

    SHA512

    3f8bc00a80d1b2428fe17e848609abdd824fe8d3d6bc2c6b12e08df031d6049fb6f464d1d708d3aec23124cd6f77efca58103705c9f7dd317dcc5b42e0ace1e4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6f340f938e7355485ee59debee9fca0a

    SHA1

    b1321c7836ef7b1a74ae29384968fc02cfb172b7

    SHA256

    d32fa5e18b71e02e83964d8020646eb5411f65a632c06e258c948e3ba59866fd

    SHA512

    daffecbc26e7675f76fabfb5c5b7742024258c164b74fd8e9a0182d4d2a04475b74afa1862ca954ab9ea32b14e43dab8b7ea54f38115b7b85c46a862916c23a1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bc87f4307fcdcee80e4179c3294bcb84

    SHA1

    13cebe0974fbcc23a0e9ee16c106f8ecc805245d

    SHA256

    c46c01d5c936fc72bdbe6ab2fde18f705cc93069cf993d220ea0d437e730e9fb

    SHA512

    c7c1f1d5a3dfaecba9f5310d971fb7f85642c45c9c64cd4a0eaa1131e026de538e258a1077123c284151e6ba88590d150a3c0939868d69ddc8b3d91fc4fe32f0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    93990ddb6a6727aefaf5f81e1337f860

    SHA1

    043d29d12d693782f4325f05fcb8f60d3590c3a0

    SHA256

    5c25e6b0370c954d3d5abc7651912d1d0728774a2d8fd65d77004cf4c4485965

    SHA512

    3eb7e3d034116b1ed79f1887724d5e7e460715e4c53a7cfcd8a59166f72f36d4a1357304660469a53b0dc417c2e2d1902e4ea5b8f3185d13d9b1e40c0e34d361

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4aae1aff101e405fbb9aaf4032d4cbf4

    SHA1

    f5d9f3f17b87972dc7fe6292f091d5de47cae215

    SHA256

    be2f38cbb21a137f7b9e719df005e4425cc729dc8ec58adbea920d1f9e8600ad

    SHA512

    676045c39a2eb935d5c964cbc0b86b3b9792c4bec1b1c4c4dbe2c5701d3355ce750020313dd7687f7759183d4d35cb5fd829aabb155f26ab837057bede960b66

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    29d23e3a1986601ae675dc366d53f554

    SHA1

    dbffcbe54640df7a0421b7701c24b3e666c03433

    SHA256

    c25929ba907e53f1e41509e5c29f5d152e606c241af0c982f63019c8f0f2124a

    SHA512

    750af8d3e22983c8643b1584f9283a9acd0f26d3f712cf495d8c09240863c77494bf424fcc6e6413e68aea86e8b1a6c9df29169291d22bd7b69dced88078397b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c631dba9d31b06d9c3671bd61e65140d

    SHA1

    0d99a04e33e173f27e43e797aa5f6c3cf197b1ca

    SHA256

    06a42787b80d7c20784b32898c484758bae930a0b916c8004b18417bc0b5eaa9

    SHA512

    0501445d60ed14f8fab0ce70d9df8934763fe097e82357a68e85d31ae55945024cda7b1baea0537dfaf43eeaccf41bfb1c1df7f02195e9bfd830b2c3010d9774

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    08b18b9145aca9495bbfe6385b8aedaa

    SHA1

    c0a887cf8e10c0002d4d7026a2d3259fefd56ec6

    SHA256

    fc4a42e4fd8a3432057034d0e49cb9984447c6740c44ae058db96ab2d46aca89

    SHA512

    642bace4b9b1ef21b1d91e71910638593554ff67edeb9632bbffa976378f0376907720579131e933ba8e241412e27ffb34d48475eda8a87a32c6f6ce3c4db19f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    28aa026a89afb2dbfb6ebd1ea993955d

    SHA1

    9640169ce6537a2b7e4c88d121d957cd34b31f02

    SHA256

    90db2766976484a3865b62f98bb481181ec3b6c70fa1db3941c1124eb99f5c76

    SHA512

    f2e50555414c7136c4f283f323d68862623a14a27cab646c72af60d4c9cf8bb62f8bccca4f27651991ddabc06942ca36809395a0d85a5e5f52f3a520304dfa30

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c12b221ad48d12ac0f4272847b9f03dc

    SHA1

    e477e1d67091396bbfc14d3b9209293bd2f9a7b2

    SHA256

    bbe28b64bde5b0bd50cdda682f1a52889a9b12e13cb8198cd0a2ebd08de2c9dc

    SHA512

    c3c41f7c1036fb40bc11f33f5449b062eb94184e4b2b2ce1d61a4b7236c1734c421281d6bd0074c93fda44a7b27442e02fb7e0cca5e10b94839657877fde8e88

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3009.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3098.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit