Overview

overview

7

Static

static

3

Fiddler Ev....0.exe

windows7-x64

7

Fiddler Ev....0.exe

windows10-2004-x64

7

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$PLUGINSDI...ll.dll

windows7-x64

3

$PLUGINSDI...ll.dll

windows10-2004-x64

3

resources/...trc.js

windows7-x64

3

resources/...trc.js

windows10-2004-x64

3

resources/...A.html

windows7-x64

1

resources/...A.html

windows10-2004-x64

1

resources/...fig.js

windows7-x64

3

resources/...fig.js

windows10-2004-x64

3

resources/...fig.js

windows7-x64

3

resources/...fig.js

windows10-2004-x64

3

resources/...on.dll

windows7-x64

1

resources/...on.dll

windows10-2004-x64

1

resources/...er.dll

windows7-x64

1

resources/...er.dll

windows10-2004-x64

1

resources/...re.dll

windows7-x64

1

resources/...re.dll

windows10-2004-x64

1

resources/...hy.dll

windows7-x64

1

resources/...hy.dll

windows10-2004-x64

1

resources/...re.dll

windows7-x64

1

resources/...re.dll

windows10-2004-x64

1

resources/...OR.dll

windows7-x64

1

resources/...OR.dll

windows10-2004-x64

1

resources/....de.js

windows7-x64

3

resources/....de.js

windows10-2004-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    28/06/2024, 22:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    resources/app/EULA.html

  • Size

    184KB

  • MD5

    0892909fd72035474dd3fe0cdc76b483

  • SHA1

    39050447945475bebbe891767dd50946e16f7384

  • SHA256

    9bf27c7c6d660937947e5e166250d8a3f52de47015c89c469f7de7d0d15fa7f8

  • SHA512

    b42cf19ce67f7fc56eb81fe0c5c9004b6ce1eb7b262458cf5f58b59f7b7e066e2a5546c3f21b4f9ea552eff578635be159741a789de1a4b4024f0284ccfe9e41

  • SSDEEP

    1536:wmKmgizxZDVt0ddZRxs8hB/FSjs4mylU0O1S+Zx7fv+ircETTv7OHWKzNv1AACbq:wKg7ZrhXEYo/bUd9cbXJ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\resources\app\EULA.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1548
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1548 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1608

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6b2598c58f6482bf17d2b9add404789f

    SHA1

    d09c6064a13c1c378eaca870bfd238bade143550

    SHA256

    5e9374f61056066134978afeaa7bc9c396014946074b33b74135e5ae0ad1ccde

    SHA512

    10da7934cf75fe7ff09d169c69044dd1de01d82ab0e2df26abf5aefde8ccea2d0383f06014a3273654dd39caca187d33bee2621b09486921b82af14c13053c56

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    efa1c38b3ce8ee564587deab5efceb55

    SHA1

    04e2b96ffed30d97a2f73e7c9b230adeef760878

    SHA256

    824dbc168d8a8c310e10d0c8180b721974be0e58e66a12d994125535e5384dcb

    SHA512

    f3da01977d7d2dcba8964ba90a696b604e9a329774478dcd8dc977880dd1cdfd149db37775100b153d00d1fa4d5111c0d60deed9e137dd5011165abe0773c157

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a70044dfb50f567e4d76f7b99c65cca2

    SHA1

    c539de19e3565049f64fd261dee53ecb12501320

    SHA256

    3904a7129746b5bb5f216647dab9c588134d99bd08608f3439cba4142c5553d2

    SHA512

    5cd83be8fbdb674b5da2fafec3582df89695e7ea2e560a33f45104ac315c1ecbeb7d1f1843c43765dfd8accf5b655e1bf307ec0966d6b749af7f385e70c9d9eb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d95de8411e001721fca92aa130174d85

    SHA1

    7267e53de41debe73c44f681f843d623e9519e7f

    SHA256

    4748b48f19999b1a7b16dfc1a4e4df76fb32a99e8070592c47f10c449f469c37

    SHA512

    1e0223793bd5f083db980c42a37edf5822587f5f203b404d460408e2b4441a6126d0bea4f04bb6ae201c8a2254af5ed4c97d77555b0328cd849f775294912b47

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1dceaa8d724377bb69b63b56a72c55e5

    SHA1

    d1789b64d979de800be313ede71d36a0454b52c9

    SHA256

    24f288e8ffe39961d33878fef4107c926b199b377690785a6751418983882803

    SHA512

    dc4e90d9193487e6c1fb68d3521d7b2c919ab33d28e5f76b15003d39962402b223a68d26f288ff25fa11d1c5689600d14374e515bcfbb27235c8c93cd8331049

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    175a8cd03e0b65ebd9e5f8d675d960f8

    SHA1

    f1a33aa93562d5d84640e5f5c56bec7dafe42ed3

    SHA256

    637005888f755d08a356c7aa5c7155841a3e608373f38f31d48a6b252bdc7772

    SHA512

    80de8e719710578ecc9215317f7db2c3cf352c8629472c40bd9b99314f81e92e40a1af3b5ce680f4c401bc25780e43674f9e7050a27f8cc5a2a475e231862365

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2d93028690a81fd09ff91e59f9edcdf1

    SHA1

    1233dd52b1a47abdce0a5239f857f0f6af573896

    SHA256

    4235d17ee0c8c33d76c7a8db6c7ac061f306f1453b4717a22b5af81a8bfee403

    SHA512

    616016de55c1a30913adc1bf266c001f9cae1b20cdcb29d50b1af5b429087206905d05d65db4b15598f5171e208ff7ea46997478431f08835957a2e6a8d44032

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a31c581c1c4d4124517afbfa034e544b

    SHA1

    56785ccd237c09f353f2ef58c0be51017e6bc3ac

    SHA256

    bfbfea35a559b7523d1b63713a0e4529a8d1107e3e455e6c8662e7936c3a7ab8

    SHA512

    a837acaa58da4765cc7ab4da2eda2237a4e992cca59d0a5bd3c62b2cb856e2b4b8a323cece77cb668562f85fc5864eecb795b16f225875be84780635164b8760

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b19d9c4146d590631731144e9d437d88

    SHA1

    86bd244b6d0c26ee145e0ea3a7ed0274e22af899

    SHA256

    145f56fb9a99e29ee6e3fef8922652327c02dc2a870a999f79e990e3eba030e2

    SHA512

    b1374a6886be861b4573dd545618e4d52afe74c63d3c0483bd4b5788e24bd5f2347d685bcc5787674b9d0e4256770109eadc8bdf7bf35d1a165a470a542e091f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a00b085b8a7de59a23b0b30095ae43a1

    SHA1

    632feda6bf8b95aba85bc3f61d083386545d6445

    SHA256

    1dbbbf00ba923106ffc5d6bd58438acd6e0765ce8cae02afcb5a18f4877bfca6

    SHA512

    5b366ef03724ef4e19445c167cd3e9894015cfb6a51b9753be0b2cb80bcbfd301f144fdffef869a66dbaf315f8e3e2a4d0ce7f89e078453aadddf65383bd1574

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6be860fd9c95fb6f30e7ce7be8cac3c8

    SHA1

    ec0e37dbada7d0be1fa82ff0a8fd5a6960f931ff

    SHA256

    095bc26f5fd4624fe7be1f4c5e8b5a47933e4f36425548bf0d14898a34ebf07c

    SHA512

    a747edb9aa1dc5ac5c781aaf7caf2fbb6b3190da326953c66e9b595fd41b5b0922fca834fb8c334cf1daa6aa7009d1e9def532689736513fa060f51ebb8c15a1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ba2c0a8db306971c98d9103e23f2b874

    SHA1

    783132a01d6348faedcab85458ccdceea9d0a56c

    SHA256

    003794553cc850665061b5cd634b7ab395e8d7003725a9e2f4ad091e3dd43d80

    SHA512

    7c3dc6efdbde575b75867663feb1776f00aa4123c00cf1cc55ccf70c9626c171022e011d7e2246d21213264be4315ca14320b8b828bab8796b9bd2790bf282ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7136707015ef0b4fe4cb0bf622ea3728

    SHA1

    f43fa13644d1dbcbf2f8fb3af3c333106ee2bccf

    SHA256

    eccc71830d5545adbbd0acc7766ffe69c3cf97ff297fc87a60d89f52dcb73aee

    SHA512

    0815c614b36f73edfb13c7cb2cd6b9e3f7ee9a3915b083d763c5c39d0ef4037fd4a8113292e2144df0da2250a01ae6efa1977ac00f6623a28b5ba8ec375d9d6a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    73f0de40febdaa1fed8656d34d359da3

    SHA1

    f7081c798814ab1decc448ac48e68db874d4d29d

    SHA256

    333d0ed8565b45c2edfe50e9506c57e709dd4f272c37897cc02db262ed1b3110

    SHA512

    e77bedad3bf0f3a4768a745ee942a3627c905bca9fcd71bc231c111ed8af854d7f8001f45feaf06493b6ef69f607eb26402cd4480de3b1e5050e90f510f76579

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9bc04bba4a2035a29e7ebe2ba7f737bc

    SHA1

    78598bdfb3db5b7131de49dcd2660877de1becdb

    SHA256

    82ae00d716c816c585ab172d301948301db329d4dc02a0a0e3f1617541cf58c5

    SHA512

    47702ead07821cdebc8b68dcddb0a3993820ab5da74cd73d32eb0a99d6498ed8a8e16067f1175d79348414a6d8012714f50a63b0a0988bba67d55ad6cbd5aaf8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e778881cbf64b28c9c7df395f351f87b

    SHA1

    4acadb3f027745f0a23960f2bcf704d3f48c1906

    SHA256

    825cf99d967e838ed82665f578f1076ae21ea80c9cfbdcddeeb4c8057a10e086

    SHA512

    f3a50837b74674dedcb0e722591ae67a7ddbe2b5112f9e85cf86800d858a87b5fe08c2e8dd112486d0242d0f6bafeea8719b5db6653ffc0423f3f0f6a2da96ed

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8a0840b6e34e5898887b81fd13666228

    SHA1

    2dbb45940a9fa4fc24e4d07ac207a2999367d4b7

    SHA256

    7c1cb33113b02e06bb0029e95e71f4a10d213f2b555f8cd415cd84c7ca04c062

    SHA512

    eaa91ccd49477fbcb4ab83af591df2f825fed28e5395a57ec7f42379ce52bb59e959e1a149a242549478abe6cc958fa9f5d9f930893b39ee3ba165bc5c999b10

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4efa2676d09e7b48db14def85c02e6df

    SHA1

    9a11b497bb9a5bce565de01b36c2d8cd9718b875

    SHA256

    7f39e369fd99cf3619cb47c8d4e03c89896edebcb8c9f95f899c4fb9bf505260

    SHA512

    813409f0c73b925e9cd57952b7a67cedf31715998d7dadbe4ce77c9260f9316a4ed0e6b1693c88e08130d5b1a30d69a2b4ddc027ad721a3a4da3f48c8edd0407

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab7E75.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar7F19.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit