Overview

overview

7

Static

static

3

STYLEXP2.7.exe

windows7-x64

7

STYLEXP2.7.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$SYSDIR/OEMLINK.htm

windows7-x64

1

$SYSDIR/OEMLINK.htm

windows10-2004-x64

1

$WINDIR/Re...JC.dll

windows7-x64

1

$WINDIR/Re...JC.dll

windows10-2004-x64

1

$WINDIR/Re...le.dll

windows7-x64

1

$WINDIR/Re...le.dll

windows10-2004-x64

1

$WINDIR/Re...E4.dll

windows7-x64

1

$WINDIR/Re...E4.dll

windows10-2004-x64

1

$WINDIR/Re...le.dll

windows7-x64

1

$WINDIR/Re...le.dll

windows10-2004-x64

1

$WINDIR/Re...le.dll

windows7-x64

1

$WINDIR/Re...le.dll

windows10-2004-x64

1

$WINDIR/Re...le.dll

windows7-x64

1

$WINDIR/Re...le.dll

windows10-2004-x64

1

$WINDIR/Re...le.dll

windows7-x64

1

$WINDIR/Re...le.dll

windows10-2004-x64

1

$WINDIR/Re...ch.dll

windows7-x64

1

$WINDIR/Re...ch.dll

windows10-2004-x64

1

$WINDIR/Re...le.dll

windows7-x64

1

$WINDIR/Re...le.dll

windows10-2004-x64

1

$WINDIR/Re...RT.dll

windows7-x64

1

$WINDIR/Re...RT.dll

windows10-2004-x64

1

$WINDIR/Re...le.dll

windows7-x64

1

$WINDIR/Re...le.dll

windows10-2004-x64

1

$WINDIR/Re...P4.dll

windows7-x64

1

$WINDIR/Re...P4.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    142s
  • max time network
    154s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    26/06/2024, 00:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $SYSDIR/OEMLINK.htm

  • Size

    4KB

  • MD5

    8412cb2051fd913d25b15ae3e3abae60

  • SHA1

    f72a89d26e3a26ce2b296e7e80f39f6df57c279b

  • SHA256

    1e81076b469d424ed099edb5bd39ab6ae334772e64456956dac4fad24763e08b

  • SHA512

    7de17c028bd9eac82cac57b2ac9524cc19fbb10b3fa1e8dc81fbfdc666ea84985435627f1ad4591bc13a60d347d5ec334ac8311a61b633eeb3fd9f43eac79227

  • SSDEEP

    96:VgCCzvBDiQqkhVnAEW0i9tiUz23p6v1KpUxiwKxaLJvNmFGuysFnzgsFnXVRjD2U:iCEnm0Dztlhp

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\$SYSDIR\OEMLINK.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1916
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1916 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2752

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2c2c67361b9eca09e03d1aad40c0b181

    SHA1

    bb82b485dc400a60f47a49d7640864d7887be443

    SHA256

    0f1bcad0a6036b942da63e1fc560ae4a3a6afc0993461a37ba50cc35bd99746e

    SHA512

    67143eee9562ee06f6dfe6fb2ffb983f9af3785e5243c67868aaa4441b94ec357ad8a3becbdb5c485a3d73fd4cd26ab539b483a46d73605e9709f1a5f4c7d113

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1e51e3442cafa50d6edf164b49e228db

    SHA1

    2f649c2d7f62018d93c91dc22818adf4253c379d

    SHA256

    1dbf32e561497c495536d43b4c4180440d5a8166e4136cd23cd6ebd989a52df0

    SHA512

    d69a55155ef826e68fbdc1dd9ab2fc3809413632be3f2b65cd34c41653f5fb0cd5c9db3cd7cbd1001b78a91a077dc891cce040d941c22427f1c107b5c0e1d0b7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f80019ede1fe615a52c9255af04ab3c6

    SHA1

    24232cc18e9b7fb9a6b20cdf7bf39b56611f9959

    SHA256

    224c3811fc1deb8e7778e73575b13b2c08434b3049b59d16e95c0dd45e77e855

    SHA512

    69b4dc58d180ff9e05f7be0f0d6f633e7d35b7ca9b85bbaea87be9327c199837eb7c81ea598b0ce31a9aa01a95a8a81a79ab42a6b220e4994339a7debc114d4b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aa00e7a6cfdea5653ec8735671e55f91

    SHA1

    dd932705f954ea180c23a52fbd999201079e377c

    SHA256

    77632a6f37c0f54fb7375066697da447589ea299b86556f19a10b686b2946749

    SHA512

    29995dcc75a4ed76b51f662378a971306267788e6693738020f27e55c150d09159c81b0f523c26dd2467f361d61a323552d02b34b8916696a0e45c0ad55dfc28

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f36107ae34b5ea51f51c633bcb791387

    SHA1

    24ebb1d2ab02b65cddfe6616ef1d4e354b90bb20

    SHA256

    dc42ba4dbc7f03a7ebc2ad2602bea87ea423eb1a018e3cf6c8822c6c04cd04ca

    SHA512

    8dbdbe21aeb332fe75b1845ac343c2739a3094c628bb0606faf2112dcd04e00959d5d11c3a262a752a59217449da37993ef6df17b650894d4483949e3e588731

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5d149dd90d02e29702430b92be416695

    SHA1

    f16e06ae643ef0bb118f357e0811bf67200ab7cd

    SHA256

    37f2439d9ebfe4701e25d3152149bc087f3e16ebb2e6f8ebf2d512da837d356e

    SHA512

    7fc45eb5b3e5204ff11ce54d437a3ad7dc704a71c60361fd00962f21b197a35afea1dd47cb0d0a7d9491a7e8c1c92f06a7ff3de5d3a266f0c644a82161dfa7d2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ea33ed6363ff46f48000d1a361924f7c

    SHA1

    f1129e10e3355d143123570643c34d9decd8e8a7

    SHA256

    7e3809d12b961e4240f0aacb259dd622a9ed97ea7fe451747c93d64e01e7a91e

    SHA512

    246c6a20e370ca85ec557ab3cf503515320d9d51ec89956953166488f3df2d903f48dfcf58bf899f36622410dda6c25ed30629a699d85ec2d8d4de0cc36fe07c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9f1443c9cc0dbb0bc6af597ffe2479e0

    SHA1

    6698ab6c193ddd62d71ef2390691e2df0f56c971

    SHA256

    cfab9a286d84c3401ff234ea106cab253193c68b719e5e5dbbc05b17f9bbfcab

    SHA512

    0df8f666153a811a4711fb9cd4b64d23d1ad63f295abcb6951cd8044d7db357f26715fa64b170d45c3a26854f3fd449771c5e1c226a263fa1181537f95d46496

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f24c205dc03f5f878b0c347d0606d6ac

    SHA1

    065b1334a978555b780ca39b99ffe521eb7a6076

    SHA256

    52e62c97ff631573e7ace34d16c81107f6a22947edefc66b60c2eaeb774aa6d3

    SHA512

    e852e6a88e0f814132f7caddb92d8fbd6ee381f2a8985745fbb4242aecba1662629bf45281484caaacbdfddb8ec2de3827410aba140deb395e2c5db53d1e65a8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    69e8cdeeb1ea2acfeb391faa4611c028

    SHA1

    1bb1b70d7e05f4def2fb75dc270a1f5bf8430502

    SHA256

    850de093da4e9d931a913d8c79cd80a5ea9c5848f537a861c328258d79c1d541

    SHA512

    cc2ab51298b3eaffa7acd61145730b2e2e9e6537439cc603426050a7678b815b4fec4e589266d9a1f94f6ce7fe1232d5c257165edec31abd8afa5368b45f780e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0466245871dc7ced56e951e08818df34

    SHA1

    2831a4b26b691c89600a7547017ec373b3efcb0b

    SHA256

    25c48f8056d2448f3d4cf3d6a95478ef4e475cc552d0afdfe5f95d3f94705dd1

    SHA512

    313be07fe2d7fbc4331d7c3c7d43c955de637c2bba8f50bac90b44c482c518e7c1f035a0f7fe10ef82c74d705d303f80e3ad4512aaf0ad3b17c4d903f7fb0e9c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eb39b1384b574a439651d3bcb09f07ee

    SHA1

    cfc2682eb0bb22ebc48c36c9aa3f000033dbfee4

    SHA256

    f9f834fdd420a3bb188b0c0e261b2eb3d6da807370f00ea75996d0495f5e12fa

    SHA512

    f091a8529ba8c8aebbc0587f700b9273a59b865b47da49df60219b9a9355ade3ce8ad6d64a1673ccc35c3a2c0e5b1e907f7cc7424dda9879f30ba3a2d6b583e0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    93c901f765ab3c300da560dbd4a05af2

    SHA1

    6dbb08914b4074374220dd9c9c7e3a44711550c6

    SHA256

    438043b2f1c933c2f9918e09d6dabc64d939befb0d0b84fc227341fc6d6c709e

    SHA512

    19117d82c86492f66536e1963a5ef28cc12740801236ed9708774d450a0fe4ef5c8f5fc468235c1a04b4de5156364639a0a72a9847f350c866290192dc66ca8a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a5cd3e0b38f612ddc305c0a4f42d9d28

    SHA1

    a29b9dd72ddc6309e05193afb10c5f609359b274

    SHA256

    7963873fbf9e82da6a60b4adee3a14a07d4ba94a80c3e921e30733d4bf1611b0

    SHA512

    1ebd94519b19458cb7d066a3f7895597c5d4dda578ad5a1051c27e1bab851bc82e3b6b11d0b5c7e53fef3658fd9662b24f39e555f24c48e0d58d8f64128cf62a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6dfcdf2694f49efb2a703ef7f07e104f

    SHA1

    e4ab1d4bffc81809bcf8d6059b8c98fe0bc66d94

    SHA256

    b9d1f8f785c681d47bec966bf2760ff7295b41f77e0f03682f8a8d2a539e4afa

    SHA512

    a70670f71e008942926c848c6779a6162ddde8d44b2bd07a930b06aaa8aaf9b425eb10425a03d38a8f731b74cfb26fca9119824e7b62b6e14d70822eae09dfc8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    78a192c72f91275ae88f2fa12db39c05

    SHA1

    496f3a3bfc4be9632f87c19a94fd25b2e5944a7a

    SHA256

    889fb5d2d5297150dabd15bdb3a48749b844366d046914866c9a3994f0a6ccd3

    SHA512

    84a62dc7c47e22e33c7fec8bf9646a992cd48cbfe31f13807b05e6fc77dca5d058856dc488ecbf9b460c7b97884a9385e3288e91d52411d3039f76d2beb1df9a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0bcd01aedf95f5c09963caf9f478b3bc

    SHA1

    f3b84b40086933137d6786064e6877dca7ea316b

    SHA256

    1c09c8ca742cd28e36aae42f34c9cc33ce199e3aaf4e8ae45aeaff7593fa0f7e

    SHA512

    2b27ac9190391c4c5bad60be229d4aae04c8b7afd42340a2df2b1a12478df82bd3f8c8033359a72a4b8ddd61264b6ce5beb2eb6978ffa1cacca7d789c9ab09d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    654f6c279f92257bbacaabb690cd7eea

    SHA1

    fb025c675b5c67a2c50af2024f8c31ddbb09fa43

    SHA256

    d10f386ba2d93a79094bbf3d38edf702c8f7d8794e268ae38d6ec61c9467e8fd

    SHA512

    4483d7ebb5b7a1d04436496e36bfc9e1ce5e0c8d18a0171f140d3f5df594679247a9966dd565c30a19fa24c69a7815c05f7efb35772244844d92ad8a02a4deba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cce65554dcff17c5fd6a49cfad5fb733

    SHA1

    cb256f772b11c18c940e0f1aec38279caa53943d

    SHA256

    54678040364045756aba434dc0911b0ba7e83b5105f8db64023d40f70a206e6d

    SHA512

    a7ea0687d8a46696ccdb2c5438b95753d618c638624e41af54e31af50a73eb0df5e12aad3cf90935dd3bf3b9fa41d2d90d266bc55a56b3b0e7b70b6c64ee713a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB09A.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB13B.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit