Overview

overview

3

Static

static

3

4c4dbfa3e8...18.exe

windows7-x64

3

4c4dbfa3e8...18.exe

windows10-2004-x64

3

$PLUGINSDI...os.dll

windows7-x64

3

$PLUGINSDI...os.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

GDIPLUS.dll

windows7-x64

3

GDIPLUS.dll

windows10-2004-x64

3

MFC71.dll

windows7-x64

1

MFC71.dll

windows10-2004-x64

1

PGL.dll

windows7-x64

3

PGL.dll

windows10-2004-x64

3

Usermode.exe

windows7-x64

1

Usermode.exe

windows10-2004-x64

1

advapi32.dll

windows7-x64

1

advapi32.dll

windows10-2004-x64

1

dbghelp.dll

windows7-x64

1

dbghelp.dll

windows10-2004-x64

1

doc/ChangeLog.html

windows7-x64

1

doc/ChangeLog.html

windows10-2004-x64

1

doc/Interf...w.html

windows7-x64

1

doc/Interf...w.html

windows10-2004-x64

1

doc/Interf...w.html

windows7-x64

1

doc/Interf...w.html

windows10-2004-x64

1

doc/Interf...w.html

windows7-x64

1

doc/Interf...w.html

windows10-2004-x64

1

doc/Interf...w.html

windows7-x64

1

doc/Interf...w.html

windows10-2004-x64

1

doc/Interf...w.html

windows7-x64

1

doc/Interf...w.html

windows10-2004-x64

1

doc/Interf...w.html

windows7-x64

1

doc/Interf...w.html

windows10-2004-x64

1

Analysis

  • max time kernel
    69s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    16/07/2024, 01:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    doc/InterfaceColumnSeletionWindow.html

  • Size

    2KB

  • MD5

    c13f6a8883ba2ee44509f71289e2c4d2

  • SHA1

    c8e2aa9927f79e77bc3a6cc050b46e933e32a7d8

  • SHA256

    114437b814c559aec97560877e00e5fca299bb33e8c0a24a33ff2aeebf033c5f

  • SHA512

    6d65cad4fca71db909c3132c23c1a3c93e5492ac3ad79a5234788192b44596eb43eb60cd3c10e0cfa86ae3a1b58945f81764322ad6bfe2ad60de683392a44bcf

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\doc\InterfaceColumnSeletionWindow.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3012
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3012 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2740

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    04f5fb70d6cb5211d3ec25a53f179e84

    SHA1

    47ef925ab1180fc8d0f6493a36620d319533968c

    SHA256

    512e4173cde6a12ad44d713ed3cdee987a1691ee3ed4dd8bde6e9df98269f935

    SHA512

    1a2727aa0514e179decadd7c8867583b3a0c0593998f6eb6da80868a971fd79a60d8521b554cec2dc306937c68400a07bb87e1351183586fd90953f15d3eef78

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5e1aa272e4ccc96523806050eabeccc3

    SHA1

    559e1c224f3e3a8c07da4885e95da61427f1f00f

    SHA256

    5dfe9eefb60acc929f4c8f8b3ca6ab83d00e59b304ec3f97fa595f503d285c6e

    SHA512

    38e07e64815282fca8bf590cf4af5bf73ff333ca48e98007e6be748b5fa236006e35e86a47fdaff2fd5648f7afcd4f53a196c211707844b929b6fefa58b0f205

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8ed20b469a398ddb30f8583b85b9e155

    SHA1

    4d8ba9f3484a3eaf8f89393d80c496248a67c059

    SHA256

    6bbdeabef282362f3378b6a188692bc2c46e70e8044bb8424032cf2507a3144e

    SHA512

    d8a833489e4dd414cb5ac75d19e4a17f71d110c0be34af96ad4f4eef78e5052c392e434fb24650d41d42f270852b5dd8695e2576a69f1fff2386fd65cf320abc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    57a58f45ad098b24788a3cbdc60f676c

    SHA1

    56def09d6c7cbc6ec25a601c2f68ebc37dad57b1

    SHA256

    779ee646ca531800149538104cd6c0d7d17df95bcf97d6b0f62ffc7bd37a4731

    SHA512

    970a05bbfc6c1cc21ff90a7d9cfb060b9f70a5069e9662039692b7060f146ec8b949e89b6537c4031e8e472b5d1d21e4ba2dce89082dffc288c65013b99f546a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3ca23559790eee596847f20a4d3ce3cd

    SHA1

    02815b8493997100871cd5b08818d6487d34bbbc

    SHA256

    0fe7fbe3122a5d90059a9ba03c689f745a0ebccdc261614e2003f281e0c555b6

    SHA512

    9b06b0fcc8f71dd89f437c716095d75d0e5b7c5dcaaf003b9c13f46f47aef28899a7512d57f1a5d5911afc9f2324adbc14ab58bf24a9bbb0982432056ad383f9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a4dfedb690c9179b902d45dae212ffe6

    SHA1

    e257c2e2b590f304c544a233b785e7f6f5fddb14

    SHA256

    6a018ec6ae6a8e01e195693f3e6e87b6b925b9868d75aa7e38e7f649694a08f0

    SHA512

    02405508dc7ab4a43a480cd13315409a62bc4bbae408114d0a04b80fd3af8808e3695758bfb577c66026a3c1fd7243d5b86f9bc2a53231ae6042ab9c0236fb02

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8879697d06957476a154b61354f6a87d

    SHA1

    4c481f954f71ab1f3babf803581fb09678f00e2e

    SHA256

    58ad532ef06cb3f02711ff8118a54ea67f390a4a6bf6756d757bf95b571eb2d5

    SHA512

    1aa6e8af97378d0b697be5ef083a55a1e95e4df51717a7f38d48bbc45c994f212d334a2bb54cf27bec64a25bac01d30ea5816198e35157c5aabb32159c19003c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0ea73f43da23d18f423d7d6187158b1a

    SHA1

    bfc3babb04802e2b2078864cab3307b228c6afc8

    SHA256

    e4620a13e74f63a026ef6502631fd3c05982ab23885b9970d40b5fc4a4aeddf5

    SHA512

    a039675d90e2f00c9f3eb8915f97a8b1ff90f50b85241868472d9270be3cbc82e387e1eed8869a205b0cc4e67f5b44ef78974ff2ad0758f971d80431c44a2c60

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    143bc1f8319c1a6c7114d32b8a2aecc2

    SHA1

    5cd5445c899d09206c358755eae3d6fe537930de

    SHA256

    895df77290530ededf90b04194480b98d99f6d5d487c52d5d55e64354da15279

    SHA512

    884e9ccb82f3016cff5b32301cd63d2d59de689e596a9b86c19c407ad7bef1606a83c7b3d22c19d39823902f022ebaf94699f5e41d4078cb9559707f07e8b991

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bf517955247d9ae323f6f892f0a65adc

    SHA1

    4b1f4fe090262add235c904a97074ae39668ed14

    SHA256

    b071f61c061280d7d8ca604a4808709601ad61533b3ddd6ef9f98a2a8f8575b7

    SHA512

    1f36c8b6183c9bf422a41cd97328b123b48a7a48e7e1f4b5eec9a4d85e5cdab40775994c47285ebf4a2582fd491e08f400656a0b5af1d323ed8ec0db3f24aa2c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6e98b94f2527e9fc951342f1d955481b

    SHA1

    48091c4e6e3e5104d73cd5352f0520c390a0e1d6

    SHA256

    f56a2b69cf9b8268ba7d109b41312270608c354d42071e594a3df34dbc0b0552

    SHA512

    ebcdbc1940b0e804801df27dca93f4bc23fcc4eb1fcd5757abb9db0fb232c7b47e76d988f7a93f989328d089a2faa1237b2393bb912c8f6e123f56725edb3ca0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    745d176b41b8262488f288cb466c68fd

    SHA1

    2324c3d030229d8676ded8d6c77889abe38b7708

    SHA256

    4e53fded671e5d25d1a70d2f8aabaacf80c5513f57ef3485b403da183c0bb998

    SHA512

    78bb689651c4ccc182042e963cdc990650bbeac3e3adda8a5dd9d1ae9a7f53bf0c5e97acbc122b519ae4fc3a0c697c6d9dc4241bca0380c82b1878574e6b30ce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b777174b8be4fd13f1303f5c0314dee7

    SHA1

    e5782cbf80ff0a101606a9f6929c0dce18ffe58e

    SHA256

    29c001279a1618ba538308616dec7a727cde7d14ef675c2a915554ff9bff44c8

    SHA512

    8d7bc881ff00396787288782f94842741f5718645b3a30e7a0d0a211c8a4ea77f944c9d4767bad7c937d4d0abb56b05c3e64b993630b592d8564b249ee290cdc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0e2feceda0f3d8cb4160dcc59e273b5e

    SHA1

    dea757594927b5f779362a5a1fff456ba1d2c680

    SHA256

    7d89cec00ddaffd0ec4aa2e805ecdf933a01c7e412515dc272f87d7b4c725022

    SHA512

    84d0a375dcecc9cd15cf1fd71d2bfa2d7655c9cbf2ff700727a018d5e5ae441016aeb33f16e32aea8be8da20fb82aec71bd853ed32e7922a824e300d497cb913

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6cbd2bf0ef1ac5e65e93b8840ac0b43c

    SHA1

    4b55cf964e4a356702901366c5cc749c0f666e56

    SHA256

    1e12913ebf62317bca04f6fbbc9ac930aa98d9ab2d6722ba561bb1113a714885

    SHA512

    c394afb6dd0fb61dd81b1b7410dbc256a4207b295f87a9c28bc99e2f19d130c7cb29459c884bf31c0507191082242446c93366c84446adc0480e45b19e57dd3c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6c867de628eb311e64c56ae05b137d6b

    SHA1

    25573eb052e7845863d8ecbd43d22d1c16ae1c7b

    SHA256

    1742db93282552448b9f9dadea0b6d671f52eae7905ad220a518985329230401

    SHA512

    aad0b324f8f31e950a451035e43758833bc223ea7f361dcf64fb37419e74c962d2afee60ca1c8acd06faa7df6893d5971b71f820ccf34f06f0cdd62dca6e8de7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dc3e62de84dad150aaa0145f7e6894c5

    SHA1

    e8b3c514261d1072d15529fa0c8ee65227ddbc0a

    SHA256

    ee019a3913386e52926bbaa666704d3f3220d3bbaf14a578efe601cb965ebe60

    SHA512

    5c679b45eb4390c11e383823c4f3aa818db34bfc3c3b2f4c3d9ca137a550990d9c13082dd6b5f37f747016143f4f5aaa84fd5db67632d3ea56baae145a13c5b7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5289f56390648bbfa38e6fa0e1e524e2

    SHA1

    996b97d2db3caa18d42d76852b12915b19332ffe

    SHA256

    1bf333393452c89a5bd522f599cda07d9ce3b8041ecb0147a5e31d2e24103647

    SHA512

    82d22ca923056ad98ecf9f717958ba9b947427d90825b3c73b479e2d5a96b7ea68be6af4e87e69dfc1a2277ff9e5e0f187d9c03ac144c60918f453a82158d3f3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    986371e20a5757b416ed0c61b8307407

    SHA1

    285a9416cfa4af978e45fee6e1c72aa018d1a51b

    SHA256

    f4acc6f42ea2b588ee91a1771269b233e1b9105d32fad6d2d13ec29158f69caa

    SHA512

    3cad64061c7435073e2f93fda67b4cd1150e229124246d94884b7c292da345847d0b744db69326a5d0fe3921fa939ccac7c8ffd56f5358613c3c66d96508dadb

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2740.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2820.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit