Overview

overview

10

Static

static

3

TidyMe.exe

windows7-x64

7

TidyMe.exe

windows10-2004-x64

10

$PLUGINSDI...er.dll

windows7-x64

1

$PLUGINSDI...er.dll

windows10-2004-x64

1

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/app-64.7z

windows7-x64

3

$PLUGINSDIR/app-64.7z

windows10-2004-x64

3

LICENSES.c...m.html

windows7-x64

1

LICENSES.c...m.html

windows10-2004-x64

1

TidyMe.exe

windows7-x64

7

TidyMe.exe

windows10-2004-x64

7

d3dcompiler_47.dll

windows10-2004-x64

1

ffmpeg.dll

windows7-x64

1

ffmpeg.dll

windows10-2004-x64

1

libEGL.dll

windows7-x64

1

libEGL.dll

windows10-2004-x64

1

libGLESv2.dll

windows7-x64

1

libGLESv2.dll

windows10-2004-x64

1

resources/elevate.exe

windows7-x64

1

resources/elevate.exe

windows10-2004-x64

1

vk_swiftshader.dll

windows7-x64

1

vk_swiftshader.dll

windows10-2004-x64

1

vulkan-1.dll

windows7-x64

1

vulkan-1.dll

windows10-2004-x64

1

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

$PLUGINSDI...7z.dll

windows7-x64

3

$PLUGINSDI...7z.dll

windows10-2004-x64

3

$R0/Uninst...Me.exe

windows7-x64

7

Analysis

  • max time kernel
    69s
  • max time network
    156s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    07-07-2024 10:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    LICENSES.chromium.html

  • Size

    6.5MB

  • MD5

    796505037e030807d9ddd01c93eb353b

  • SHA1

    79a1eac3b505e6d94a6206d4a5198d3cc11ab038

  • SHA256

    9f3f2b4d9bbd3113486839eca85de119fab766450cdca08a4574b80748885708

  • SHA512

    9435273a4541a579a427a295be47af8b81133896f50c97bab1d8ab391089f90186a7fd057b53e8b74829e4747e98428d8b4d242eb6854b1304a94a2891c2fd11

  • SSDEEP

    24576:8Pjy5WjWSpgDrAV8gmfwN6i6w6C6g6T+gH3BMbp0W:oJDN

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2748
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2748 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2704

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1af2489b8083ccd7ca33ccd7c4999bf9

    SHA1

    2c210d11f64e24a2aa4c626ae3dd04c3ea2dadc9

    SHA256

    94ce76fa5c94e77fc0b191fe97a1d0330a1ee0bc7f143c6b83e81df063b280b9

    SHA512

    e436fa534277389bd7127c6c7d6cff03a43ea9f5b7cf7c6e7e43e62ff1952cf59b78e96d368cfd1afa7f907e464627aafddf95b7e00b8d999117349b01e80e24

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    25f31455b52ca42b51db128581dd59c2

    SHA1

    4e8748645b1b930e8d2b04a9ed8d1afbf6b83b2a

    SHA256

    3c0bfd492e8aa91351976ae16727a28188e13081af72d8b7775195b6dd78b90a

    SHA512

    0b9abd48b737b8299a2e54a20dd1472046303e8f1e5326ced60b35d6ff1fac76be4fdcd3cba7a632cfdcca7fd0b88977a7de801646ded15ff0e3efa6e9c9f57c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4a2d4725baa5a1843456103a2628a53e

    SHA1

    3206b6f2d05d8ddc0febbd30b3ff43aec6ce9a5c

    SHA256

    081663a536bbc96d87222a6361ed0df04b95de6d83640c912a1da6b6e277139b

    SHA512

    fa70353256035bce8a6adc272c7ed2800644c37a4fd366a9ce375d73ea17f9c5d0183f84f4077685f2609f1967ec22dd0a72be7d828c434019e4c83ade346ce3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    099a1eaafb5826f805e8c3d79e789fcc

    SHA1

    0bac9308c0577e5c40b1e05688eed75ac52f2492

    SHA256

    297c8b847da152b6965ec609df810235854e26ab5e041c244b2330b8625c06b1

    SHA512

    c53ffa4a3f640bd434df7c526147ce733cf04a7d2e7e874dd25d26b3fb1389e01db111b5c751a7ec45ea4b63ec79a5c9764fd7ebfae0720056ffd1c8223c7903

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    930ae8e4f7bf949011c8541b8a736b41

    SHA1

    88a0d52082870c0fb4d3d0a9fdad356355d09b06

    SHA256

    5d8de1f3f49098b91a7f1de4af9feef214cec460769ffc99c57a726599d41ec5

    SHA512

    0471c70f0dea348aa34422ceea6c291f36b73a68bab167a1c9cd18b3212bd8c28988393c2aec4bd53228defdb4b9a0ba29702c0e100cc5fa4baed893fda62ff3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f7f4f09ad762796dba9ba7fc024c6be0

    SHA1

    2296d64a6918e121a64ba8700fb4b67e5460ba25

    SHA256

    b675eaa4f67a27e85a89a876eb03a41c1ff6e07e66617ae803a6719f3193f621

    SHA512

    0f3332c8b470eab6dc35b4881d02e57a1d243b771905872e6f2527d2517307307f2e0dbbef6497632bb8bc4c62f5d97dbde557765e3bfc19ad8a1ee4f00a0ed0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    15ecc336ae6ce6fb9782d784adabcfbb

    SHA1

    254c9bd73afb1970dfcc8eac2e57f68f1247f0bc

    SHA256

    867720c97fa6e18bbf8b7a16a52c903cf5528cc21b694dabc06fcc64ba1e43fb

    SHA512

    f3f3c051ab8f8ea86b3a775f262dec3cde9103c917a34c92eb9440debd9f9796c2f242cd084743c648469f2a7cd5c3d2f6b4e43dbce12a636bd5948de234168d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d71dc5dcd97c31c215858344629eaaff

    SHA1

    5f476e62efe483d6b89b9d45cd00ff9d8cd56410

    SHA256

    3f4fed8320bcd0a2cb39660c5c618f7c8bf1e599a61da366ca17ae66ae0824a5

    SHA512

    88203ce8f13962401e20a45a87c406bacf688aa32b208f72fa360b866fcd21b5eed28fe96748ace63e0e4f54d5385735db87a1a7d2429d884a817f47c7b082a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eae911ee19788432f2ed5a7090d7f040

    SHA1

    89cd0e1c906b65631725eb32f737917b0aa35ac8

    SHA256

    81553b1df0925a3b8bc2d7132fbfeb2de73f49c5fc6074fa6fd5e7f365c8358e

    SHA512

    d70763651e5b640b21d6b72b5b5b1c4977027ae6cc668beef265b33fd0789ebe51f9cbc37f718982a1ec90dab2efed83b9773e0b499a5f70f5834cbafcd04469

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9f5de242b3cf957d5e97f518bce88f7c

    SHA1

    1f396ecf375d43e1e3e6d86bdeb41e964554d652

    SHA256

    f2296e18260131826a99eef99fc4e096d2e6512352d71822d0aab865340f7dc7

    SHA512

    f05e85232c8daad4e9bdb99e806a257c6a4a66f91bc462778117a14e7a85f918aff90b316c7ea83dad2717e50ec306dbc3920669010623ea49a7e54b602aa1e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8067a195abdb5c6fbcdbd7f388a89d0f

    SHA1

    8f3c63fcc8659b209abf5429ab11ad7c03b6471d

    SHA256

    ae20f460d10028e76f745ae2a2d69031c736cbf22b0b80e9bd91657fe2b3ad68

    SHA512

    29ec5727dd23c008615a0ea417d96c2daaf7c2cc414d7d5043a5c7a3b1b856503f8092826bcf941e717418f85f28328c5bd45345c3fb85779882701a1e404870

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d16fdd94f6e32e99a9ac304f81839c2c

    SHA1

    5d1dd462adbb71ea6c4932ce430118fa5ace7e0f

    SHA256

    e510d694cf6a4cc854226aa652a4d78c427e5eadafe54c46fe122ac241371d7a

    SHA512

    8eb2c1332b2f3830e21275817696bc30bba95a54eaa79fcfd35e8a5094732e706a187f8f038203680bbd3d66f26a7c1291039c5c04d698a0df83dc396612aa6d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f733ee9f5809315d3892b6c40ee5a244

    SHA1

    64630ed880ddabb05d5bd337774cf587d115c4b4

    SHA256

    97693f3e61205c42773550a1014aa1a5bc3993930551fca6c29d0a87c3e53a57

    SHA512

    0da06bd96fa906d499bb78a2bbb48e602ad590f3ef2fa2bc1502424f727458599c38498942c530f95c206e864f17e4e506b3f3087a9217af1956e1d060141a23

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    42fcaca9fe9fb7474477171f5a578667

    SHA1

    164ac1f662cdf13d83b17e53c40a219fd6b4c99d

    SHA256

    52b406f9596fa8ab46588f3b4bb5fedab01e884c775507c6ee7c46a4244704a0

    SHA512

    e560215be2266869c898fc8911b7fd635010d7b89d0c6b360c671b75d5e86bdbd8bda5ffe9877cbc4f6fa4d6d83a9841491c15b87fc0f12a0d567ff37d892147

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    85e062130e7fc20c0976b64fecbd250c

    SHA1

    fa04847b231007716a8959e31aee5200c964cd1f

    SHA256

    a9e8010adf790ba3d6bddd5c8db7bd7839ad13ddc20a360737e5ebadd105d979

    SHA512

    b075e2eb7442aae574cf48fabd8d02b1a09868388e7e15425e6bcc6ce29ebce8b81de1ca86ae1a73a7eaeffd354c0b803383df7ef8e9e962238741863451167c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e1c8c837f4111a1ba148ec2399ff88ca

    SHA1

    e38f8df56f6019072bb6481d1f6036d4f2ffc4f9

    SHA256

    b530dc54dd16133c0e60b41df7caffd1eac905ffb55c46d220843770f6ea809c

    SHA512

    cf05348e3a9c0377d400edf732146d6e687a80f2f4a9deb95a84786a4a5ffc5eefff634f48dbfd416bfa04296ac38eebe531b25084e9a7c54f3d90aabe470a7a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ea13d81962f07dfb468033be2f9b4b73

    SHA1

    e1f289c3ca370f81e02da9724b9b8cadcf9b4e1f

    SHA256

    f06a60ce289c8c6dcca3dedfc0825bd751953ec5c0e53e3d656396c56aeafe87

    SHA512

    62cccbedd785153c456d6f6a9ab8e790b1b2c62ce4808e161f9397ffad468254102adb9763421ac29a621edd7bf3d94e765cbcd4f76c561941fb79a060dce8a3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    45b82404795e0288c261c94ff4164e21

    SHA1

    98d2facdd395dc6fe59c55b425df489aad28261b

    SHA256

    d9416732b4afcb75562ceaa501b075eeaa91a6cc230b3bb6cad792c94ba386b8

    SHA512

    9474dd94b51bcd9262710e3077adfbec878a00ae72fe2c1c9a1354c739e9376c3f22cc89cc00b230b611c5108d7a00727fb3d1c2d9f317b67e6ea3d383617a5e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8bdd82f36ec2a8d37856a80be43085c6

    SHA1

    4c2ca277a8fe4b0a960263da1e0c558012ab6238

    SHA256

    61a855e6fe306585d68d3c2fe94cf478b20a796d6c9f9d5025b08feb5921af79

    SHA512

    2e4336141bd5ce2d77fd234b72609dadf43a33352337caee7d292d8c575fb956cc600d491c0f007bd75d05e92ef8bd95d89e464bccfee8dc6275297e3d511f03

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9a7a7953be865a7b3c2362b1164affec

    SHA1

    a4d0cf71c7fcbc752c385f8918d56c1765efe88f

    SHA256

    ed0c3699c1abcda3faeb167b107a99d20ba34297c386a22c0ebb8f417716a83b

    SHA512

    eb4d72164537ed0a10937e11c25b43ac40605f19c2722abf33d5cbd572fd568a74341b06337ac8b37087087977fb0882cd93debe45fc14637e7989bfe8dcda16

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabBD68.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarBE17.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit