Overview

overview

7

Static

static

7

5c37d6b028...18.exe

windows7-x64

7

5c37d6b028...18.exe

windows10-2004-x64

7

$PLUGINSDI...RL.dll

windows7-x64

3

$PLUGINSDI...RL.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$SMPROGRAM...��.lnk

windows7-x64

3

$SMPROGRAM...��.lnk

windows10-2004-x64

3

BonniesBookstore.exe

windows7-x64

7

BonniesBookstore.exe

windows10-2004-x64

7

SDL.dll

windows7-x64

1

SDL.dll

windows10-2004-x64

1

SDL_image.dll

windows7-x64

1

SDL_image.dll

windows10-2004-x64

1

fmod.dll

windows7-x64

7

fmod.dll

windows10-2004-x64

7

jpeg.dll

windows7-x64

3

jpeg.dll

windows10-2004-x64

3

libpng13.dll

windows7-x64

1

libpng13.dll

windows10-2004-x64

1

readme.html

windows7-x64

1

readme.html

windows10-2004-x64

1

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

zlib1.dll

windows7-x64

3

zlib1.dll

windows10-2004-x64

3

�...��.lnk

windows7-x64

3

�...��.lnk

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    19/07/2024, 13:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    .lnk

  • Size

    344B

  • MD5

    4c2a7c403e0c28333f645a363f606da8

  • SHA1

    fe61f5e318e323fab9af329245e4bba6128aa5c6

  • SHA256

    c755fd0b870f2367e644f899afd720c4aee7b019b5584a14421c407e7910de14

  • SHA512

    8516481f41413d3ec958a07af39aad889840f964d7cb1f8027142f9c65abea9821e3bf2fcfdd9fb2b1c676031d3096d478bf06586deaaac05a7d451b0c2146e5

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\.lnk
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2780
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.newasp.net/
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2596
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2596 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:3020

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ffd12abe184c1da12fd980687a6a261b

    SHA1

    96c563281872baec7b35e85ac12ba898800cc759

    SHA256

    a5f7484a9a75c988dd9e5df4b8e8d7353b9db2fc826269f5cdfaceb77dc7a321

    SHA512

    71f5566b2cb0f2acf53d745a4e4799b7870730932bcd5258145540ca0cfa7b2c7fc021234c5ed5e7f95fe10409e4eb1f78adb4c70c1ad97ed6bf753839204f30

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cc11c6784d3e1fef7dc81bbb8e08e5e1

    SHA1

    0ef5048d159453aa40d05dcc06be48d6dab8b762

    SHA256

    4bbc11df4ce41da675f6f67740848e72dc82b3e8f3e58ebbac5645a0c0a679e8

    SHA512

    aecb0731752444cd33b9db6af01bc100dbbdcf5ac9377808dad4a99d6cdd01d1f4f050fd05f6ba982c80b2ca5e4fd789c15a9381864e9c8b4540cab91a628d16

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    33b34ba472d23d455457fa06ca62a5f1

    SHA1

    dfd2a15d35955cb9444cb943043e75be258f5a17

    SHA256

    a970df01285b965b7a04b1a6947ba0458805f92f2518cd0ef51e0dc4417eea19

    SHA512

    ac67000e29756cdbb791b6badf7f4db45ca5f25d2d311fa749d2990118652cdca5225d846e38c55d3e27da494d96ebd9888d212b4b054dded4e6fcb52ce68e22

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c2c95b897097c3e026d91867db301524

    SHA1

    75681ec44845b00b24f99528a5e84467a437b71a

    SHA256

    ade002973de4598ab3c1268225d36e2ba7456cdfed8215e88407ea1b6756e1d0

    SHA512

    5b90a1446ad1544720379c896783b87d6e687ca7e81b54add1f7ca8a1cffb3a62cf8f9c1f404bd5ccf5e4ba67acfa14c88729236862c5c4517c08092adb9082d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6a08886a70f8fae396b427f2d351f1f2

    SHA1

    a8be7bb35f03d39e965fea3234bb5807aad6a1fc

    SHA256

    6cd290ebfa90f0f12392634c8910f867faed59dc7a1d37d59c1d4d1a37a408d0

    SHA512

    0b81140834da4dee21364c4af071e376f59720422cad516294dcb4d31a330106320c6b980a458659a8a9fdd2bacf1e81139bde57fb0a0239b2c00845b3d083ce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    295283903b278fdbacd139916d797402

    SHA1

    3a3c3e99b6a8e5c59e10baf776819ce25ca5d781

    SHA256

    a2d43fb549507f47ff0f1cacf8e9154b7ae66f6c6001751bcf27ad937434bac9

    SHA512

    4a25263a8b6e49da2d6c63fe6dcdab926b66bcb51706618c0d80e78e5e1a853ea9bba991892d12356ec1a92ce0ba39eae6ba8dc97ccdfcb8ad8526117080e33c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7c1d51e9f12bd6c30242f789a457ff56

    SHA1

    41b98c3e12514fcab49cb95e2547b75c3c8dd904

    SHA256

    6f3c9cbe10db9b9666dc8c221b0e03a543884848ebc100aa91be8b19529b29b9

    SHA512

    8840bc7e3da7de57861bb0d14b0a219557feb7d684df1ddacd37dc7984e1d18b2443c03bb9f29506470a6be9bfa5a761bb66ea16bda9c86d8d54741cb66c1c50

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    70d79c744aa88ef670cb9f0edc422942

    SHA1

    119431c19eef35fe829b9a4f5d93f4245f88fe9a

    SHA256

    8a323c117865d3b8c6a754891393a2c4f8fe78ed2afd0b0d7472298e4ff4fb95

    SHA512

    1a0aeb89a78921b32d93d22a39980b57a82f90f760805cfa524011bccd049b399e1448c157cca12f5a7358f18cbee403787fdc8c62baae6e25ca568965afb282

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3db82287fc1fb0d789878010ca221e97

    SHA1

    08c4b4450872a08d21848ac48d2aa667ce6f6c7a

    SHA256

    59930654adeba9df6498a835ec774ea06f0f75355e7d258797e3b111ff52fbc8

    SHA512

    c48747f9450709ecc89c13b033a0f980f2985dd1a29bd9ca0e7446937af18b29ef3f9afe83ac9ab32d81f53e1e5b71f57c6bba5f987e3e47f743b396492c7515

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    abb6ef95b35814c108bf44cf7cdd5be7

    SHA1

    754f0b996591d88a8a994b7008e956cd7adea36d

    SHA256

    5bda8383a31894499b1fe1809bc54a5aaab6276962342e8989c94544c3c4a29c

    SHA512

    7c0dde0d307d1d7ea78fd36d8f6acc65b8e37a6b90b6544f02432ce684d34ebccc268232a9f975ca23a2cad6acf38353d7f6b9ffaa0e9dc5a317e1ef6f657b84

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f7748504e150050b1fb532b302b3c38b

    SHA1

    4b823c82af21aa996a9197829a686af821a004e2

    SHA256

    2c0cfdf26345653ef98cbcd3ded89bd26f3c8795f5fbd2dc676e9c367383bdf3

    SHA512

    b4616d82ecccd934ecdc92ca21016a8a4b66bd1dc499b1c822f74a6e48634ef23885ee3368fd9165081baa6002a7779f0c8afba4e018d6e9a3c0e1c632967c83

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3f66996d1d862dbebe9feea153ee9c12

    SHA1

    8234cf540969a75fd7f589964765d9eb41010e2c

    SHA256

    9b598c18ce896c27f7d3371c8efe9e93fa518435a4064ac075073c36a00005f0

    SHA512

    3a805979c126154bd1874c46f61489259f8e7c5b6929aa25c8863d4b8ed5dcac08e88075bb30950003aac4562757324b6ab021a7dcd246a172ca6db56e6b6013

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    09e49f6a06e5739246526e4e77f4ae93

    SHA1

    c1344d471b4e68ec678d7bbb498fa07ae43515a5

    SHA256

    101332215cef25d2937bf67fc8c3d0c3cb6499e24c6f656c1e9ea0432d6cebf1

    SHA512

    2939b7aa1445e365a99a5410d783ac98cfd10d003a55b2ce6251495cbd07c6a3258ea288238e3a033251b9e877fce031fde450c427cb79b8dec57e01e1ec84ed

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8bae909e80683965a5933932e408fda7

    SHA1

    9106aa5af5cdf1621c263a77e54021672782197d

    SHA256

    131c1a94ace2f37aa178d5ab483241eaf352cd27cd2864bdb687ea5a09b987b6

    SHA512

    cc8ddf6c5337b1afe6936d4e36413758b549787ba89120f2f5dd994d4806bce30d2aa27ffee8b8ba060422dbfd518435fb3f68588fbba3c62f1da7bd48510637

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    51eb17ef810fe17e4a5040d9786019a4

    SHA1

    16e824a49ea731c9f83497a9b24acc4590a66adb

    SHA256

    8710a848da3937fbf3a109e42be2846cf5b207e1d8463e04426581e5ca9cc2cd

    SHA512

    cd09b4e22e225ae119a48347c3c05ea6c6bbf5431335c141f5df501b8d4507655410fa584174d5560b3538a28da7249c79837efcc62e47b78aef559aebf087a7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2079d641d62bb576219a191275fb2528

    SHA1

    be17056456bba21264ee435619ae0326c2081b8e

    SHA256

    340656261689c9f99ebcd7f7fb3f6dbbc4c92f8bf39dc67e9c181ef4e01f37a3

    SHA512

    f0b6e88c257df3b0257b211479c417115f19c0b60385346abff0b026d038321ada8f85ed521f2e6bb97e038c61ed133f613ea98c10a8f77515b9b80a4c93f99f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    54dbdf6e2a96fe1d4086e912cb4e92c2

    SHA1

    346f2406abd5dfa9611098d0fdce9bdace505cab

    SHA256

    fb8a1ebbecd578288f709d00568ac1ff91b13ecf4b8ca6f6af7c53d4aa62a91c

    SHA512

    679a90f21efcc000ecc0ed4721783c7a1259f69c25daaf451cb5599df54b4ad17595f7e507573fdec87ef549f8d4d419dace78c97882102b77f288d07ffb493f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d6796b67c5a8c3675ffcd2fcfe5f87fe

    SHA1

    d2e93cba34f3057f0470d44ed45c5084f7bad6a0

    SHA256

    5b77af3bb7b2e5d6cf6039b90d9ec133aa2607c684308ae19d5032207a37b54d

    SHA512

    1e0efc2f25a598762914a4883f023662c642432acdd9fd767274eec7328a620fa58b561ac00ec5f1cd945c49a2322c13e95c1a5ef9cd722dd3b1908e85d227cd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    98f44cac823abfb08b26cbe6c33770d0

    SHA1

    28be001506077e68de0e1807508519b4708632bd

    SHA256

    aa3272f9cf2d8b232ada86fc49cc559dae877d37020be8a95dbe80b38fe5fc6f

    SHA512

    6ed76c0f52eb143098e48566643af4ec2586d93b8dd20ebf4a82f1d48065c8f1e097ce1125c60ea33ea510c80ff93e4c8ab9cc4a2c7226fad6dbfaf22e331e2a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8170.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8221.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit