Overview

overview

7

Static

static

3

1c7109e10a...18.exe

windows7-x64

7

1c7109e10a...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$PLUGINSDIR/spd.dll

windows7-x64

3

$PLUGINSDIR/spd.dll

windows10-2004-x64

3

$SMPROGRAM...es.url

windows7-x64

1

$SMPROGRAM...es.url

windows10-2004-x64

1

About the Game.htm

windows7-x64

1

About the Game.htm

windows10-2004-x64

1

License Agreement.htm

windows7-x64

1

License Agreement.htm

windows10-2004-x64

1

Uninstall ...ne.exe

windows7-x64

7

Uninstall ...ne.exe

windows10-2004-x64

7

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$PLUGINSDIR/spd.dll

windows7-x64

3

$PLUGINSDIR/spd.dll

windows10-2004-x64

3

Visit Sony...es.url

windows7-x64

1

Visit Sony...es.url

windows10-2004-x64

1

Visit Whee...om.url

windows7-x64

1

Visit Whee...om.url

windows10-2004-x64

1

Wheel of Fortune.exe

windows7-x64

1

Wheel of Fortune.exe

windows10-2004-x64

3

aminstall.dll

windows7-x64

1

aminstall.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    01/07/2024, 20:45

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    License Agreement.htm

  • Size

    16KB

  • MD5

    dff9e061ca0cbe9f428c382152a8fd2e

  • SHA1

    4394b6db510582da03738cb8ff7ce76f200b8dfe

  • SHA256

    36adde3f43a4a2ab46fbca5dd4bd7972982617ca9b5afd6e632d994d48cd56c3

  • SHA512

    3093ac306a459a03771f78f5650b370e746847af429460f049a6c963936cbbfd6329f2719502ce6eb7e5ae6bf9ef719f72fd0637f7f630826ed44389ce11d7f7

  • SSDEEP

    192:nYByumX4zaX3Hr2IVOoLG8eobQrHnhXc0qT8oJAEC4dZ9/Inday54pvG46XCuO:nYRzaHyDoLVbU1p1Ygnoy54VG46XC9

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\License Agreement.htm"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2436
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2436 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2244

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a53954e4c41f431748a64a10dd2923a3

    SHA1

    3552632926470ffc619851ae9980aea24e84953c

    SHA256

    dbcd034a8d43c492a6944a77ddc20426b0df0e1eff6cae346b6e2fd9c82acec2

    SHA512

    afc824bcc9a8b3f466ac22a3e551df7c55cd65a6a3f3839bb5112223e3bb7ae302b6133535431b53fb29e15c22a8040e91ef7fd3276ef7aef6a50538c03ed14a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f479814b2c418ada22ae5e71e39a5c96

    SHA1

    f2a5b8b18e6f1f932be428509350d35593c2feb5

    SHA256

    e3ee6138d38e316de67ec90b1cf03d7ecf29a6a2c498babd38b50eac63c6d12f

    SHA512

    3a8ed2a774dc43b509f8fca1c630cd093392f5b90aedf60612f0ff47729f92846f0f9dbe0f5cb3d27489026e4aa42d163afaefd118fb01ee038ce7a8e1a92716

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    76ca8a77b5f17f6f4424eb0f410a7ef4

    SHA1

    03da2662a57c523e808db89c3a9bf5e246bd7c7f

    SHA256

    8b8070118aecd82bb3ded0f47328f6a444056faae0e636d36537c403d7bc74f8

    SHA512

    db75653991a80da039824bc17269dce119641be06da8170885f070f701b150663e1f1d926d7c7fdb2143143ee1cab338d13c17eccc1bdf0ede94fa988eac9051

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cbb29e4060e0a55f0e13e2a331f59024

    SHA1

    72506f41afcc521cf63fba384e42853be668522c

    SHA256

    1fb8f847b09299df5b2168737fdac3ddfcda28f829ac7e49ee0ea52866a513b9

    SHA512

    fa83ddfcd81aee103676bb0b11fbb5892df151d3c3e34808e994b3ef7f07cf84de58925533667b70fd33a85e1b7d4c2416de28db2b1170f9dc4383ede917a1ae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8678f424a271f42c439b1b96e37973b4

    SHA1

    9a5ef01698aca20ebed64c8aca54d27601d5575a

    SHA256

    850f605e254ca907cd00b7a1b49c160498261a205608ec481956085f7a76adfa

    SHA512

    e6a9eee447ccdb205d8a753a48e2d351a39128dd4084df7c952fd7d1cdefc2746cc2692275c0b80da4c8efe9d0597c3fb9668bfbc558029340c5012779b59ef0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    43d2d121b8a68190f84f927786245863

    SHA1

    fe8bd0197f19d3ad005ec51381becd6671043211

    SHA256

    86bb0ec5e0a1b03e3a8f764d884e2f882ce94a13c3c05a7242c381e92d1e45fa

    SHA512

    36eaa80daea8a1937d0ccbaffa471515b44f42df9ea1c6e8ca353f13b7b2371fcb94a4a568330aad66c9eacdd38389f38673fa262fd1d85d99ff328268970a6e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1b46bcd898623bb5f1ae094d8fc3f8f2

    SHA1

    4852e96ee76d06700beb58e6fcb48ec5c8c79168

    SHA256

    27d3334ec8aad1d4af070a808aa7bc6af61218d284449304f2af88cdacb94818

    SHA512

    ac34a7ce7fa1c98ae71ece2b7178f7dcf342375a448924a5076ad77f0521954820c4df0ef2681f12da38cc8f5daf69ebf177fa315c45a0de9a0f165046f961e4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    49260144bc40ac5b59365f23bf823fdd

    SHA1

    772d888808115f1fa4709919fa1c660247f6ca62

    SHA256

    aa2fb8ea7fbdb3e4663c8811041fff4eb9b441698bd8f171627025f53f9fe350

    SHA512

    4c3d169df85fbc28cd6f8e1928556464ad02a82ca74f24724f80427933c73ae985a950061ff60d1c4b66fb475c6b90b0ccf307560a80d9a13c9502e83b365722

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    06b38fae1b8f5c9e9f2177be6fdcb96a

    SHA1

    4dc3fab0f6a7d018f9a43c5eeffee5f28e59920d

    SHA256

    188b56398596e298c5379dc0db7ef785f6b002c970c69b9184204def998d25a5

    SHA512

    6d3894aff76df60c5214b8806fb477afc475832d1511e909585d3226ed3e5f228cb5940cdceec5cad0b5196d7f365b9c7556ec1762f321578a6f40298529d599

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b943922f2cdab3941be744eb55bc415a

    SHA1

    9466ae34704f13696c3298d3f2201becb8451665

    SHA256

    1ca078993f32761ebd0d8f06a109acf946a0460713609f21ea5b45d06bda3069

    SHA512

    0ea0f13839f04dccf720c9f204f86e5567bebf9712f05499990f9934d7958429be38f5789b0179f14214511d1ac028836a6fa55c8bb3af5c17b052e44057c648

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6f82ec878701eb2f7662508037d91a37

    SHA1

    3f6a87cd9dedb31912919c5ca2e05c18cd6a2115

    SHA256

    37e95c20d3d457be5340ba071d36f5ee74b4f842b1baf4d7a780c4efb46c0950

    SHA512

    e48a531543b0afdc3054c97e46fde7a90715edc621e563d17ab46c49f61b787a56cd0c40f8f53ab37fec8d69588ce259bd4de10e3c9e657479595e4304fa802f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    13df9308f3ae5a1fbdc5a6505c6d80f4

    SHA1

    f3ca37bf41b12af1f29b61d2e3eb663b0ca1fb4c

    SHA256

    410fd1ad755a0c825a691f003761d485e279172e8516d90461e02bc0b6ca93a9

    SHA512

    7dd80c4a288623dff3344f28429213ae7d706ab1e7428affa02451af12389d149593145e69b7b4b283da5dc33e0cacdd4b82a0699aa106ef5d7aa4acb482d05c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    99a8de92829e412f496af36d9f9d9ee6

    SHA1

    5136c658c5d2920b7ab6f464161afbcce2eb6320

    SHA256

    2d29699dc58a8006bfe584fad19866c3e59b00be3de998290c5f8e0c28462a33

    SHA512

    2e8af40d5ef7f930b6d7a2a916257b3a3201b68920ec27e5c5d42b8241b935ebabef25b6b5df811b6afd7eec54bc7ded0917cc0760b0901a83469908c24efb91

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e476add0a9ee49ff62a4fe1f8f2bc0e0

    SHA1

    292f262b0ace98f3b13513f88bd748cd1e65ac3a

    SHA256

    b56c6240fb3268fa982cc66aad2d93af2c411c552920a0184fd5bcbb1b0d1116

    SHA512

    4b2bb42a0fa37aa5c2c90116d12eca34c1274b7cc2e0625fe43f41105d379da07882dc31f273dbe263028f2a1087b92162ac121d660d3bfc1c16e355ca2eeb54

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1e7b8d93c0bb39600d9e204623a15b0f

    SHA1

    4bcd15dc292874130bc8bbc263d627bd4b47891e

    SHA256

    ad3e480bd1accbc2c47255527b71a9754348de12885bc5231a1b94e5736e8e13

    SHA512

    a98b3526f30230a4a328fc7ed43b45ae53272ee362452b37fede20874fc7fdcb1fae008cf624c2287321b93ff88f7af44463553804dd9a49bd1901cc5fd22add

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6384ddc61a8302d67097bd82dfe3e970

    SHA1

    62176edb39abc748759d5e79706852d91780cf15

    SHA256

    eff7a80cd219c6a75692a629125afc620e02c0bcd0f844030d22bdb8ad38cf28

    SHA512

    21e8c0efa642a8a996e26e7334573a7f0d59ae406b11716ef2904687b77d894d04d7ba7fd72d81da60b53b2d8094b3c72a7d721d67df712b2a84b183793190d7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ce95c31a7cbb31949f297d73b076f9c9

    SHA1

    10f82938fbb1955a55d0b50db13f98c164307465

    SHA256

    ce5f6254f4b35c6e2e9787bff5dc03f1f4219d197f10129771346c26216d8e5a

    SHA512

    f3fe2bc00abfef62a459bf1e3ba853c2b1e5357c69d0ceeeb597891014773678024a8639e62b983965d28073f86f1c32a7de2584f3eb72c2032c5c3910406599

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7e4b3feda18203b233c2f4a56e830cb2

    SHA1

    68d40add3f2dcdb975d83f3546129f6290d24fd0

    SHA256

    768dd82adf20cd4019b98cd7312dd722ac361f88ec542ed8c95ca6cff5f1df08

    SHA512

    e4d91f1e90a112295f351528f678450d7a531a2cd6b4de747b9bcad97eb05a2fbc0d842c7641bdea2614b687e7e17a87494bea4ec58f38305146f14e2b7a7b52

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cd1c80e1ae91d6ce71e9083bb134d684

    SHA1

    0d10108ab41d34e9d3742002855b356f16e390f2

    SHA256

    79a455a768d980f5c5bcb3ef554ca045c2300c547b4086fe106e45b4f4f683ed

    SHA512

    a402faf1099f3606bbdb0ae716e62d49ba684fd0f6b6752748be6770e83148c6e38888e0fef1dc1370ecaf2dd59399b3b00ea8b47b028f9063ddeb5ed68ed12c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2E82.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2F22.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit