Overview

overview

6

Static

static

3

counter-st...ru.url

windows7-x64

6

counter-st...ru.url

windows10-2004-x64

3

opengl32.dll

windows7-x64

1

opengl32.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    144s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    12/07/2024, 07:42

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    counter-striker.3dn.ru.url

  • Size

    344B

  • MD5

    925028b3adce8fcfa114cffd9cc894aa

  • SHA1

    8a16d17dc675eff62b3ddff61325202de1395cc1

  • SHA256

    5bfd7625b332c174d1e253b65bf1f3b188a1c309cd0fb96e374a5f86ee99367e

  • SHA512

    0dc1eeb5607e7d09c621548635779a9eabdecf953f1292fab0027cb9a5f9905484dc54b5ef0436647af2b362465a5f8e2421e8eb8bf5d0ac1194ba365d3b5bbd

Score
6/10
evasiontrojan

Malware Config

Signatures

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL C:\Users\Admin\AppData\Local\Temp\counter-striker.3dn.ru.url
    1⤵
    • Checks whether UAC is enabled
    PID:348
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2712
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2712 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2828

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\07CEF2F654E3ED6050FFC9B6EB844250_3F26ED5DE6B4E859CCCA6035ECB8D9CB
          Filesize

          484B

          MD5

          71fb3c5a6d193cecaef62e92052aa87d

          SHA1

          b741e06b56dd250a593a518ee32452d07a22a10c

          SHA256

          92be3c6cd3b5e464e64012714e3e82de30dc72c26e0cae5ab29c0e19ab3e5f32

          SHA512

          e44ba3f93aee1c45a7ea297869ac9c1d1a725d2368a13e886877c5fc51873fbc23421d8df1de23494213b3b77c084ed060327f6247f8688db76c1ac57872a86f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          d45e9795976d3ac33fc315b385d3d5a0

          SHA1

          fabf39956f6871717eb37b76480fce18f533bbce

          SHA256

          599737388495fe79861b9552d52b3efd959a98918e1fc98548a031af4120bd0d

          SHA512

          c4cdc1ffe77a65ac000484e73de20dfad784f206f923f6fef660c839b2aaf0fbe62b4329c2eb7df4bb4ce02ceb6a5c26b3c43e39a636fa6eca31d79bd6973b0a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          025f1612490f3b9a65217648c449b538

          SHA1

          658224f57e10e517a9dfeac945f6b15627ca9d38

          SHA256

          ced8edfb12acb5fd325a43cf3cdda6adeda3b1f41aed67f016377282643929a2

          SHA512

          63eb02460b1a92f80874b4e418d44b468a66a3b89ad72ccd3e024eafebfcee2708d8d09406383f609e0803fc22c029fa512e5ac8f5467de6285793a63439fdea

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          4050b24a8548d2af6eafff1ebf302e39

          SHA1

          9d337df4d5aaad0d69cef56bad0672c37b9d4791

          SHA256

          de397c5f99b608fd1d3d0b1b1fd3b3eeeb5cb391ceae73fb51ec83404fea6772

          SHA512

          2f8c63dea9f86915bf9c4c6da19dbf03489d3e9f2930be8e4b989eeaa84fb8bf28820cd465610e8946fc3c955033ecf06f43544a53bed6882c7b5a2f5cf18ed0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ca95f39a5ab1149807f0bf9852c6e4b3

          SHA1

          dfa8f81fe8e07be116530ecdc775bd2c873009c9

          SHA256

          d2e12f0dc9724cd7cce7939c854cc913bebeaa319735a6e95b7e0e5d32ce048f

          SHA512

          fb8f541c855143759a93a0113b34b1c3d68e9fa615cb363a787c3db061f058600903677f777412de190a152434546dff8d7007fbfd3bd6658d3fc21c1c095673

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          696da29c6a435c5b82537d91cd0c31a0

          SHA1

          8b536063963f781ca501928b8e7cc76dbdab77b2

          SHA256

          b159eb6c0c120f4e7384a497dd19b1ebbd45665fc37dbca3898290ee49cf88ce

          SHA512

          bebb601a018a584aac115ae2a998535cbb5f91f4cb3783026cf0ed507783de406087041d0a74687d7e9b5765ec9779baa510e3fb630357578f85d247ae6d5b97

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          bd6666539e0de60b48aed96488aacab1

          SHA1

          6e9601d3112e3d6bf9b7eafb81bfe7f1f68d0669

          SHA256

          0f1da1719e89e8a629a7f06451cbb943b638ec959596f62a4b6379d4fa790dc7

          SHA512

          042c33fb3938496d8d9ac499e30890587776fbb35eff794bc8521dedb40df322104f29909d6d0c5684e71b2e84b9e23a5ec52077bfbbb101886d38890ec028ff

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          853c462367e733311ef3565ec0be2f7b

          SHA1

          183c112b1461e1dedca02bac6e9edba1a8a52d5b

          SHA256

          f3a762e92aae6267f420812a02b6a07fdd2a9966e55471f8f81695e805803089

          SHA512

          8322f7e8c1eaf6a2892296803966c91495d62bb7eccbbc48d43f251bb1fdb26806bcde870f2283720ce663070daa14574f9d073fb74e41f3dd0ecd3a04d8b419

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          4e5f5256679a86086ec6b0949a6617e2

          SHA1

          bc87fef93955d235acf8ac616596aadf40ecbd0d

          SHA256

          a5c9269c86c6a6a7e18b78f275d3ee5e1855bdea48aaf93f631634543463ec64

          SHA512

          5d43514890bfe368cbe707fe61e0e385120df4ec561c9148771525a0d1f4a93e1fa1688dfb814bea302399bd71a856043b3338793d6e1697a443c0c12d4c6d3d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          bd956f6553d1f51ca6d54edff4b0c9fc

          SHA1

          06010437e19ef08a6d8bf0c6346718340d285e1c

          SHA256

          3e7365d8298872049e0c01d87b009e515a2035909c3188a5a7119a8c45a85183

          SHA512

          da43adab311318a9fddcd816444c01223c766f439dc6bb8cc64a89e935f3f4b320063d13ec7cc06ca1b7dc93bf6d818f6b9861feec04eb4239a1c1477a5b764e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          e63a380b9db75897099691c1500895d8

          SHA1

          b06b71c33c5108d6811d20d3809da4a40ac864e4

          SHA256

          7af254d5998df15c339d7f6c471e8d60deef2e89cae1bd0e8683e3d6c51927f2

          SHA512

          d0215b5627dbca5e0c7a6bb7a127668389bad9cfa4244857fde41c742f19cd3f61f4df0b10a553d298a11df6e02dc8b8b1e8982466f85fdff2d40054869a8e03

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          193de542d133a60d37b40e39a2ed9b00

          SHA1

          dc049ac66da1aa654ce3f0b0a696b715c01b8021

          SHA256

          c08c1bd090b6f2483fb033e60e36b8b112be74d0332c3a4b8461d0fbe687d866

          SHA512

          9102c3cff15998befc4453f289a95422bed9d8878a3319bc8275830083577bbe0cf9bdce2d26c09857c1c1e911b4363e2e6ea49817c970522ee9ca59d44aba70

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          91473db3733091c3da0a76d5ca420368

          SHA1

          20938e90dd9cfd27bd8f20dc8edf61691327bd9a

          SHA256

          ae7d2a6ce6940ace9f44b8ba42dc3f237484b043e66a49d42d90c0e5be572575

          SHA512

          76e797851c300db2561b2e03849ce0f18b26d41cbf6f9ef8d2a63553a084c2624458e3266ffb3a45d5e80ffca50e5534c9258fb015da32f8891a04e425110d45

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          763c98e01c8cab197c57395594b80c47

          SHA1

          ae524d88f1cf47fcbfb473b65534943b7691b429

          SHA256

          5974fde9b35c80ccc9a888a29104e7731dec8c6ec6c3a87957bc37b09a160a94

          SHA512

          545ad1ea669ee1b3cdbdea2d6f76c7620aba2461fadd7d7cc2fab4cf8171c0df6159a716104a5b53f537a67a24ee5f054f15f2b898e9842ebe44fd961d96d897

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          3d8bd06c521d62675b1681d2d4a007e8

          SHA1

          59548edfecf926f73bdcd0a26f0e2ff49c89e0b5

          SHA256

          11e9879ddcb9a04d77126f62b865ce61be9b4b77241ae2aad2357c6baaafeb25

          SHA512

          4da0633ba78a76bf87f9816ebeb3dd9be7e4453e3554e8913f86a0cfbaedfa57ce7a38d99a99b39ba9de718ecb114617aa8588544e2e538234b457536756ebab

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          59d1333f8f6e2b420a21f011dd3173fe

          SHA1

          d5cebdd03371ee8edc09afefd67ab9c509b48bd1

          SHA256

          d9e5d29566d4666a99f950284b279fb37efe01a866bc58c425282a0ad497d93b

          SHA512

          f7b8ada92c0c2ef34c377d143bb75efd71c9d30d1844e18c12a8a549771e8278f9c8e42d2a0b3a11388f316f196f25abd81583d078dbcf9b3c5cc719d1f556e0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          97d75f7a41ec7b3be386f2dba8c0db30

          SHA1

          70f3b0f74faee48752d317d47721e5236261f062

          SHA256

          57548ff7de52c7472d7653a69ba02219af763eeadfa9dc87a30350e1d39b3922

          SHA512

          c15734d2d81798f781ba3f2a19baf4198ee9d930c40f8f15b0c41c0a0a41ac0f1a1de478ad10a1ae6d107ff4fb4607aa77b686a62f095dae3712a0c6691f5ecd

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a185f422b551aa7aa92dd3aa0f16003a

          SHA1

          9bd3c3fc90160b1ac272c6f3d3a3b6e1fe1b8682

          SHA256

          2c03a9b3eee7801549b2a61bdb317de6c3f95f5c6e331a03aceb2d8c0b3032ad

          SHA512

          114425cf62ac5810856a9d663566f3621d057a0ed8117477e29d5e3415c8c21e96328e844f0731395066596e183dbedcafb264c3a13cc046b12fef873577de92

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1d07ab5caca1276a34049bd56f9df47d

          SHA1

          722274a2764eb826007e1da9334490eda072eb77

          SHA256

          42ad06e7a2b60d84d5eaca5a96d5587bf180508ef22e3a956ad7728cd9b7c1b3

          SHA512

          c2f39dbac0ecff2ef2a3ad4880927ae5ac069c5ef4b2681e7af159e7d0dc8b2e062eb4401986a738565cb95b93a9ff1cafe4984f44377b3973f34b1d6adef99f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          527ca60b6ff34dd1112f1dddc9172a7d

          SHA1

          47f2d51298ab8165fab36b52ea02e3c20cab5ea9

          SHA256

          f7cde323dfdb0f6bb16ee251d555d99dc228f5a8503e614aeaf38cf811de1aca

          SHA512

          c8a6417346108e9a409117bc182f16314042345b609b366693a4fe515e0b3f8187ed4739cfece47e6aa8b3df38ff18644eb1e4b140b9ce54c0a8a00913b343ef

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          d1b9e9aa7b3b8a197d76ca076a253af1

          SHA1

          95faceb74ff38026372e0d86201002b62ead6b6a

          SHA256

          ef1aef05b876d9c2c9b6396e2e0956081a10625ae21041d684648fcae5a1bce9

          SHA512

          172f6ba5f859f2f18029149d9106a60d3f8831266d8721a9413f73d6ea9df6b2d9235932da8c93ac297cbdc85d32e9b6b4585dcdd82aa3bc1e9ab5a0ff4189e1

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          af127a002da521757192cb400bfa9902

          SHA1

          c587d6520ac0b05223a8806d70fcb9bcabc6eea6

          SHA256

          66d8bd7b0bdaa6a4c72a08698d046b17771aeb338935e9eb0d7a224f10e246b3

          SHA512

          6fe93599118a551c12b1c5ba7fefc481d2447a4e803275ec419137922071499dc9b84b576b0af77b6920d9ed21d308cf7b6ecc8ac126cd4a4e1da79ca9d90a29

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          342efc8de819f9993d83db90301caacf

          SHA1

          a07bc5a056208c080f837066e06594682ec2077c

          SHA256

          330c3cd60fa1c449291ec4f3f74fa4783eaafbffdd75189a36994acf3fef93a2

          SHA512

          ae1750e919e04c658ba4d78ded2c6cd7c295c12ae7b20f1c5e544046baaa23aa8116b2030b5e5678dc9810ccb3ae16b7becebb8fbd3c0854d331f2378f3c7e40

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\c2sxdb0\imagestore.dat
          Filesize

          15KB

          MD5

          0b63245084e91455c20181443332890a

          SHA1

          42b35076dacc61c79d6b0b48e62891f84077c76c

          SHA256

          19e077a9d4bfc86ee9f60e6e36ace5046742277b5dbfa5e28ed7776b0f9eb291

          SHA512

          3379f19737565c01c8d55b9d9f715a2d39ecd70251ce1b58cb3162eb445bc91256eb492ffe1fb57524990f4495e1e168f116c92cf994b608d8264ade6e2b39f9

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X761FPIN\favicon[1].ico
          Filesize

          14KB

          MD5

          12e586b55ae88e7db200e9e77f39cf91

          SHA1

          e229d2c29ff74dc720d8f73da2fb7d6a5cf0f2f7

          SHA256

          441ab4f4da564d1e43c1b117270dc5320dc993e6fb849479bfc82c8bcc60469b

          SHA512

          8a5ec2fdefc504b5ff5faf478762e54b9627921b2a12b41d8284369b6b446d54c8f2357aa124d6b6563c2e1f58ceec94f5b3f393b59cb3d56dda81147fbefb59

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab7F6F.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar7F81.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit

        • memory/348-0-0x0000000000150000-0x0000000000160000-memory.dmp

          Filesize

          64KB

          Download