Overview

overview

7

Static

static

3

0f562ef020...18.exe

windows7-x64

7

0f562ef020...18.exe

windows10-2004-x64

7

$APPDATA/�...÷.lnk

windows7-x64

3

$APPDATA/�...÷.lnk

windows10-2004-x64

7

$FAVORITES...÷.url

windows7-x64

6

$FAVORITES...÷.url

windows10-2004-x64

3

$FAVORITES...÷.url

windows7-x64

6

$FAVORITES...÷.url

windows10-2004-x64

3

$FAVORITES...Ø.url

windows7-x64

6

$FAVORITES...Ø.url

windows10-2004-x64

3

$FAVORITES...½.url

windows7-x64

6

$FAVORITES...½.url

windows10-2004-x64

3

$TEMP/A±�...HJ.dll

windows7-x64

1

$TEMP/A±�...HJ.dll

windows10-2004-x64

1

$TEMP/A±�...Io.dll

windows7-x64

1

$TEMP/A±�...Io.dll

windows10-2004-x64

1

$TEMP/A±�...Io.sys

windows7-x64

1

$TEMP/A±�...Io.sys

windows10-2004-x64

1

$TEMP/A±�...er.exe

windows7-x64

1

$TEMP/A±�...er.exe

windows10-2004-x64

1

$TEMP/A±�...ll.exe

windows7-x64

7

$TEMP/A±�...ll.exe

windows10-2004-x64

7

C:/Documen...��.lnk

windows7-x64

1

C:/Documen...��.lnk

windows10-2004-x64

1

C:/Documen...÷.url

windows7-x64

1

C:/Documen...÷.url

windows10-2004-x64

1

C:/Documen...÷.url

windows7-x64

1

C:/Documen...÷.url

windows10-2004-x64

1

C:/Documen...Ø.url

windows7-x64

1

C:/Documen...Ø.url

windows10-2004-x64

1

C:/Documen...½.url

windows7-x64

1

C:/Documen...½.url

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    25/06/2024, 19:57

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    $FAVORITES/ÍêÃÀϵͳÏÂÔØ.url

  • Size

    142B

  • MD5

    75819e641311cf416a2e2c7e77adb856

  • SHA1

    fcb4dbaea6e4f2e08bb48a60364f6ad9981b89a8

  • SHA256

    63a38655e1d0d4494ad75daf31aa18168a525eb0d6444ad9a04817e313a28cd6

  • SHA512

    be94bd0e2f0a0e6938dc662f8597bd13d7b2d4b3f9c050facf7710a8727c41350296524c432a474837c28ade8688a9d3d55e299c6daf9d28ea9bc149e1ce6f09

Score
6/10
evasiontrojan

Malware Config

Signatures

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Modifies Internet Explorer settings 1 TTPs 33 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL C:\Users\Admin\AppData\Local\Temp\$FAVORITES\ÍêÃÀϵͳÏÂÔØ.url
    1⤵
    • Checks whether UAC is enabled
    PID:2068
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2160
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2160 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1704

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          e6dbec7cb1d8f98c1f249f75c5e68423

          SHA1

          c6e034834757a6d0a5809b5ce15ef20af953648b

          SHA256

          8f67b4bcab08ed397b3cdbe368484d378f92f2af28475c44d7e313ba67faac37

          SHA512

          a10bf41166074fad6df0907f932e8ad2afec0cc18aef2d782cb29b5e19ec9ff05fd30466e6a509766ed36297bc2c76648130b8ccd5ac75518ec03e9eccdfc728

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          6c2c40f965738512447b4efaa921be82

          SHA1

          99ec442fd8b24a26041476ce3f49aee1dc6b0836

          SHA256

          2fdfebc88256f9c4367748547d0ffc8c73ffd395bff9c73f734b545c035d2f77

          SHA512

          57ca9ae43a9b7359beb4ce2593a8458bcaff3cd7ad37fa87fb905d428ca331dd233603945d88cfade847cf02093bffa2acce4176dacfd0ed91c4d13d814d1d0e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          693ed7325e7ef5b68afb2046be22a098

          SHA1

          1507746288af1fa1aaa7129b7d3fbcd93d465dce

          SHA256

          7b58e48b33e478ea0ff0260f15addfc44f8f51655832d88a14853821e189d761

          SHA512

          829ef0f3e42663209ee26e59bb25ddb3918854ea7c0a425441271eb59b1d5f24bb11531bfca5d514d8d8b83e5b005e7d07605f39efa4d4273a79e7b22feb4587

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          6238a4c94cdcb2d18c288d0ec9590a1f

          SHA1

          d4e1f28585d979c291d2ca2c1dda6d1798b4dcd5

          SHA256

          2ad388508da1be1e7523a3485fb2cf88c2a3904346a4134d1655d11b894892c1

          SHA512

          7798f6613fef32cf00c96828c92f4c5abca33744c415b418a78054356d0a34328502622124d25c44de0c328f021260ed147d02d23a5b303c4f4cee8f0d1677bf

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          12aa677f3b13bef1d4eaf52cccf8fea1

          SHA1

          8d4e15a3bc0edd7bc9e73b98dd887fe0fcdc7c25

          SHA256

          b8cdf239f732b9f4d6fb7fa07bf0a0a4cb19152ddfd77d160d709830af3ff58c

          SHA512

          1749be308a4e5785218fd8c17f4ea2a0f71d1c3558f8dee1d2c1e49f9035e6099968d5e0b33bf8b68cb3bc49b1a2c9337b5ecae8f9514d63a21e71e2a7afba8e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a7b8cd6f3a6a7f27bbfe4a749dc72e3a

          SHA1

          b32ad56f9a648f1c18856cbcafe063479248ec69

          SHA256

          9c77e3528c53948b6ec3ec278c074959ff7a3df1d7c66c17af83c4955466e436

          SHA512

          9b92c8e7b137b9f7c356a69b483ab68342647e0959946cd2ab3d6c0b1575792becffcc72d659b127b741ea8b40ff98df249455c3dcd9d4b1ff55ff08f655218e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          d89b788bbef0844f0c803e7242f7e2e7

          SHA1

          1346063380b9601e29698e089bab544cf070356f

          SHA256

          1025885f576ceb23fb2a34f9bb53e7b4fccf7e9f9f14861282742131a8604656

          SHA512

          1ad35af0cfa7ed9ad38ac564b6f258c4eeca4f91a0fd061210409d81762f94d7112627024b3c5fcf30bbc3c96805f4a66d8f1fe4dd92e4de1e10ad63fd533869

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          fc9e6f4ec25f80b8bd997a45e89c1e0b

          SHA1

          fee118bda9b77e0fde11309e74eb7d146b16776a

          SHA256

          72017c69b151a966604b34a88dbaa7cf5ab47106d081ff6e7d95e95764548a09

          SHA512

          eef291a434d23a7ab0ffdff4a4bb081dbb96adafd955a0642ee81d80cad1de7381b76cd8c9680d1f2ce502c510055a274cc296657f6c6d59452e16b020f393e9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          29101182eea27ba1db4dfa1fc6de2466

          SHA1

          d802fa9402358d63c4b56660307d751d49dbcda4

          SHA256

          3817341804da947a25c85811702e6be2deb0692000c0b6ab23de0803231c9f0c

          SHA512

          231c3e873f452480ca3822d655d6c1763c29bf452e7556e1350931e753cdab5f0e0f7d6228ecb1142bcd522725449ddc42e59d333555483128b30027416a32a7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1041d3bfe84f0f3ec0f379df9ca64aa3

          SHA1

          730513f4428ebfee79ac6857e9b7f390a69f096d

          SHA256

          12c9a1d2687bd2e5cc0ff4488195d0365078a690c6d5cdf483213a8c09b6d9da

          SHA512

          e2c0f37299debcf4251e84b59a12d3b923661856f03eb0d5a7ec3504b9c67f03bde711fd26c7aa769ec0cfae6e042be5547c5cf5feb8406b77d5302da62ccb99

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          3e83b42bb487f5cafd2320a24e913962

          SHA1

          b3f82b8dc2a162f49d80d66bc88da678f7f5f7e8

          SHA256

          d9bd0ccc8f73f1669a34efaa80ebe49974e517c9ccf8d98b866ade1eaa9c1d3e

          SHA512

          d408ee1b5c4756e7f034b2dd4c1adac12b52032882eba4a95565838a78e9afc7617bd10e13436b81ed0ace95d09f7d5c93051f8abf0a5950c51625c97da37aa7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          dd1bfbcf221f16add6d0b845502555f0

          SHA1

          2f421d4ce759a5cbcec6dab3c9413ed9e8bcbb8e

          SHA256

          170c2e6781b2dfec7da411370784d0489646f5a08c9bb911465e3de59e3f2555

          SHA512

          60f6d2117a2bfb74d41d93028a95c4456a601859ab4e7b9180155fbaafb21723ff16c1a4d21389cade0cb4eafcd320f3e5aee3efa8f986b4e641b6ab4ba531ba

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          13d4abf5222a0cb38a2b7068f851e740

          SHA1

          6d394cee678ebe81c29e355baf581a9f55fd7d28

          SHA256

          ea60f6a19a6e25389b4038ed11d488e7c44c575b2374b03e2935180d95598b14

          SHA512

          2badf09223e36c88b0951400e9d4e2363e12b1286fc83ff782a61111dccfa238bb54b315bdee5e45dcfef9d98ee0c4f7160ccb94373cd60858872d43de7b10da

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          3fa6f0d8c54d7104e0f90f6243a295b2

          SHA1

          5e032d602825e3a4ed68fbcdc0bdb2d28fd3a184

          SHA256

          fbb3195cd5ea732bf29f09c5a203b4dc1449831e4b7b6f52d07c0434882d18ae

          SHA512

          7432d06931508db0284619521272d8f402a8dec536563aa1753ca751240642cf14ab3116175ba41446efc9006386a48b5f73ac5ef413be5a3163c3b7e6efbb5c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          894a4041ceaecf5c8858b629df72127b

          SHA1

          feb12fd7fac9b6e61f5f5a4e707761d1437d6b95

          SHA256

          fbc90e7b38d957685d335e726579ed956f5489a87dd76ec19743662d3330ecb3

          SHA512

          cf1e5b5869acbe9f1b5870f3cc8fec6ed46bbd67dd791033631113c5107568c2785cb3aee2c89fbfc9abc7dfad952ab6f7d3f9d27da871849feb55421f066960

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ba154401ef6ac63ce4b1e584fc0f220e

          SHA1

          761dfe1b2760ac4ceb10a46402d1d860009e11ce

          SHA256

          d9434e8f40e8a96ad57e594238e5a28307f579bac55af2366e9197400961f503

          SHA512

          1f98c57b4d49e609a9777ad684b40b8771d26fe7cb16f88094dea9c0561d9dcc681ddb9d84c50e6997f8572121cfc175b7346e4480f10ae5d7ca06e0605cf4e8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          54344f7bea1302e4ae2cea652fac0172

          SHA1

          d87b2d9062816eab019905dcb195be58ab7aa6c1

          SHA256

          9143ee202e4595cc260f60563659a0441d98791a937bb525e9f8d41dfb5f3370

          SHA512

          baac548b572469f5b0e86953ee0f66a4f531f4a00382a732e4adf863aaacbf5307243aed30fca94205a5e9a8d8d399dc7fd96bf61b09d78a025fbedf526f26e7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          6cfc60fa6c4b57280a11273e460b23d7

          SHA1

          fae730c7435a895ea981a6ffb035331fe3465bf1

          SHA256

          a1c8b63b3d81b6038c029cd0a3359fcc90403862f74537d9def40efefcaa4d22

          SHA512

          aa4efce9bd05099c6e3f33ab5fbcd9694acc0e6c64ec98ee0d1abaf4936cedb9879a1b1adfc79a8e0f6826549e987b48740e94e8d6a51cf893ca8b5fb44f2ce3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          fdbf4cf949719111274521c1b70f13f5

          SHA1

          24a642d457fa84c676e9982afb5fc1ee1f04b0cb

          SHA256

          13ffd98eae7cc129118d5234d3a6d287d4016b60beb1f84b0351127c8e6cffb2

          SHA512

          c50a511b255df5a906d65701529b752a75deccf1eab2aa6fc156f945cb8944f55c9073618c8faa45cf9d349dbfecb67245b87a809df1990be371eef7091d436f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          c715e32f04e7f3c010b0b2e836b6b8fd

          SHA1

          1079121b24fc63c762f9e9f83ddbb41a7b57828f

          SHA256

          6096415a4954cc9f90d90ae148f2cd5cd2809db6e853ba4a599808259cc3e308

          SHA512

          8f15b9a02ffe4bb7325f9738247220833dd5dee56eb999f9706ad284a1d77fd9728f679189dd83a2a16da766aaa44f96ec9bda856f3b9bcedc3b1352eb96ee83

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabDECC.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarDF8C.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit

        • memory/2068-0-0x00000000002D0000-0x00000000002E0000-memory.dmp

          Filesize

          64KB

          Download