Overview

overview

7

Static

static

3

5b7340c0b9...18.exe

windows7-x64

7

5b7340c0b9...18.exe

windows10-2004-x64

7

$PLUGINSDI...RL.dll

windows7-x64

3

$PLUGINSDI...RL.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$SMPROGRAM...��.lnk

windows7-x64

3

$SMPROGRAM...��.lnk

windows10-2004-x64

3

Help_ch.chm

windows7-x64

1

Help_ch.chm

windows10-2004-x64

1

ZoGo.exe

windows7-x64

1

ZoGo.exe

windows10-2004-x64

3

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

�...��.lnk

windows7-x64

3

�...��.lnk

windows10-2004-x64

3

Analysis

  • max time kernel
    117s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    19-07-2024 09:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $SMPROGRAMS/Χ/.lnk

  • Size

    344B

  • MD5

    4c2a7c403e0c28333f645a363f606da8

  • SHA1

    fe61f5e318e323fab9af329245e4bba6128aa5c6

  • SHA256

    c755fd0b870f2367e644f899afd720c4aee7b019b5584a14421c407e7910de14

  • SHA512

    8516481f41413d3ec958a07af39aad889840f964d7cb1f8027142f9c65abea9821e3bf2fcfdd9fb2b1c676031d3096d478bf06586deaaac05a7d451b0c2146e5

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\$SMPROGRAMS\Χ\.lnk
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1948
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.newasp.net/
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2600
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2600 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2644

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    947f70709f4134b7cb39e608cff152b6

    SHA1

    206e7983cf1eb9977f807e68eecfdc6744c2becf

    SHA256

    267e003456984b5750bf092bb94aeb040a1d95da9e671a9e0eb31771b0bbef75

    SHA512

    f8f87078d1120859f0decf9f1681b65921a893c4bded8b7773e7d7846e62afe30cacab254b3df70525dc06c80ec41520bd789539aa48c5a9dde4a2320bcaa736

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    352c0278ff2c49faa17b98517f3397b4

    SHA1

    2858884e2479d81442898332fea8a7f88c9e556a

    SHA256

    076138c38104a80176b05b05442990ea63219c99a433974862ebb0f06003e59b

    SHA512

    09213148e605a00aa4011363b38bcb7675d0c1bf0394f88c20a8b4b7c314129fe016dbdc1f67fb0215c4a43351bf36c13bb92086b90253bfa9a91d89e0cf0be9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ace2f2ddfeab85c77f19b2047837ce0f

    SHA1

    e2401f091ada7fcb91eecc5f0a6723ebb68b8c39

    SHA256

    a78bac240231d0b3bf8c9c34211abc14da7bfd3b590f07c46a7b33940b04bf18

    SHA512

    baa420fae4403f7c14e7e25393cf780812e7783a5c1f827435474e7c38c855ee51d0c53b5a8a0a863a22bc269190dddb74dea34608c211ad08da9eda3222d96e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    57d62e8e789b5b3579d26067f8357ff1

    SHA1

    991b532a931666e408469138ce3d57da079f55de

    SHA256

    479a835a7d83cb4c943ea1249d90bd69340d81d198d0d704155380ac5d0f10e3

    SHA512

    894a01fb6fe0914dce25b1038ae0c6e11f05547b9b80bb6227d735bc36b280781a69153d7306673f5c8d6f577a9ad09170d37d797b72fa65234a23bd54f2700b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dbcd173c1232d398856ee71ad923c5d6

    SHA1

    01bf72dbd7a04b6c43cda40da7d0b0024d0bcddb

    SHA256

    f9c18ee7ca99293bc91542421ec616f9ae5e08e909031bbda218c98b02a7ae9a

    SHA512

    2337b52b6c924f9727538cbd92b879ee0d113f050f88b8aeca3213b1fadaebbe8002dab2ee186735e023b2dafd51ce82de83ddc9fcbb5672b7222397111e0504

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    286aea5f2cdc81b92558a57c2d5891b7

    SHA1

    9fa26c56c6140839fb90a2e06de61957e178f5a9

    SHA256

    4b55d0a330280a8a4a127585d9e7ff6bd26884b9c8274e79d221f5ce8dce5ade

    SHA512

    f10c5b23fd44e789245e7309bf8b3c994d5b54741f182626e3e04bc5d5e6229ea38ed6c2f709cfee072926e92c6e3927ac56ddb4d643fce419fb07fe835cdf8a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    829fe33338f2e688c76d496c7c05e883

    SHA1

    aa04df4eabc1fa38057b6eeeec48c286894badeb

    SHA256

    cf75a86fb82076e55016ca3f27a9b85298911cadead88faf185f811b768d2537

    SHA512

    c079f214a8e84db0c3c3872088356fd5bb9520de3c7dcac8be6fec81a8ba74815440c6c7475e65f298d7d1b1b7908daf35543adf6fc3aeeb07b582346fa0a4a1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    393b144f25f31facb6fa6d815478220b

    SHA1

    11485d5bf3d62b6dd5219a6858c916db0ce73ff3

    SHA256

    ef443b71a152dbc57d5974b71292f7205190f21f7c37b4f4fadb47a0f897434b

    SHA512

    dc3267796f3f675054935fc03d1613bb1dd26f18c6d05c160afb81faec33b7a4a7250bbed2d4d7d4cb7e53f7a937cafa57b792ef2ac33e40c0b6e61b0ae2fa9f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9866df7d5284b0fe91d5e6fbc6e7a5ed

    SHA1

    af37f8287363bd32081de9f508b8916b721e0384

    SHA256

    5fcaaf0e1b75740b9ac55566d76d88934f8ac64760225d715dbfaf5c1b1b2c84

    SHA512

    64bb0276f9b80ef170f819fb6d5d620be93d480553efe2b8a19561de828271b80d8c30822c27ff84a1a2895a02628d83280990c3504af2c97e58576e6eec7cf2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0d2d4323729c6d6bdf0de0cd1bf28033

    SHA1

    24d874c0875b72f4296769101c773e4ba364db76

    SHA256

    6f883ad65b8903beb4e1748d9d375aacd86cfb92fe49cb98b858adcabf752238

    SHA512

    9fd006827d6274d83ade7891e51088c7ca1df2cba409556719ced2675a27e355f9e0368c9f84e0d3de696569e001c651fb8faf020b11ac4d73ddddd886b93ce9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    55048be213a8f4a3910569e60a05e824

    SHA1

    403a0d519ddde6eb47d8bffa6ae7c0ff05db7ed6

    SHA256

    b98d926c4c1395879a3c37b59fe502d1eeade93c82d517edfe3df0f5b78f1ffe

    SHA512

    08dad5e18afad9342f5b4d874995cc50d76191c8e89f71c05f7740748a54bd6a9939958b12666ee66030a668f2e94afcb5c01bec9fa60e1bc08be8fe0f4ab53f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5ab01a7215cd36f958252fda3d30935c

    SHA1

    32cd08d5fb331fd08b81d5240efa7991335fb021

    SHA256

    3177d21197ef01a3ffc76c3fc5f071a7d6878e2ac60ace61f95661caae8f79b3

    SHA512

    843ad84fa6bef4780bd91f343caccab9b106a4a3b3302142a2edccde77bf8c923eb21f64d41861ad7bfccf2ff04795bb9d3afbd317b1ee3f0b425beb6104351d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e5260ddbc34bfc79811d0ee4696a9dd1

    SHA1

    59debe011858c385a786f89a486000c9edb6a133

    SHA256

    18452cf5263bbe4a7838b0f948ad360e63de58b8ee4d1be29daa1d2d6007ca5d

    SHA512

    efa62bd3e161b172612f2c6814e2a38f583776068852dd7f76bb076f61714a0b6efd979a15124cd1955f7d4e9fbdd6b98fa5dbaafac775bc6031263b545840b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bf78b070a6f47289bbae939c171778f0

    SHA1

    b65796295942a8ac3795a887d5a32e7c40daa1d3

    SHA256

    27a2730d24a135fc032a31ad175435b01a9a934ae342e16c19ded6d01e9b920d

    SHA512

    7bc279841bca4d1d75cf6c3f64f082648e5578e56b8ffcbf04e1044778f1ab068c6281c585ee0bd09ee0a96dc898391d4058565e42b8ab8bf68b5863fbb7146f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dfdb51512386069527f8c78dfd415aed

    SHA1

    5b75dd66b7e985efc70d3b73bab203b5e3819947

    SHA256

    f8e24a3f004b46782148185ef664a594f4085bc7601ec9917930e737c66b3915

    SHA512

    49cdde04083840cf33e55088e92ad69abed9436265a8c26ddc2f230a2a5765f7067f26056e464c180effbdd4f6db21ce4fe6683be6ed6ac9a7d4735309ce6686

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9922f8e3bd6c14aa880e104ad2aebfac

    SHA1

    35535889b7e238892846639ea017061e3ba97a33

    SHA256

    2c5dc32062355e760fbc243540c5865d31e71ab1d4be90ab5f50f85c15cdedce

    SHA512

    6c89e510de3e3e65c4b9579fe326f6510de54bb73209d452c941fa8668e87e20a8470878a525abb48affd6ff6a2aef5d475df8026fa0edd2e3cab5110e3f6d95

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ce4cb0a4425cd8de5fc4d0376e713bc8

    SHA1

    7c7f528b03d8b27509f934a179ebdcae3ea4e6e0

    SHA256

    809b0650ae77b15d8495cd23d51f8c37560dcb22227c28924f12992838fbc9d0

    SHA512

    7da44e801b26c56b54778788a1ae170b2fc46adab5b223539a06df1afa3e790ee3f4fdda623eae4b9a6942576e25235320b30d9884c8a6104346af70614cd81d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    af12ed211b1303af482ed69795958eb5

    SHA1

    a636536da32ef3861945ba2bf3c9429d9342fcf2

    SHA256

    707adc991ed1766658d85464969efad37f7640efb8d8787cac463a0268c8eb01

    SHA512

    5f27528516541919e4ecb0c2ac3d94a1b0864a8e2e94b493483deaf159dc4b7316a482f978034435cbd9474924a39c6f57254980106a7288eadb6509b93e5a12

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab1E4C.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar1F0B.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit