Overview

overview

3

Static

static

3

a425c2673e...0N.exe

windows7-x64

1

a425c2673e...0N.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    67s
  • max time network
    67s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    21/07/2024, 09:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a425c2673ee1a138beee53cb47ce81c0N.exe

  • Size

    170KB

  • MD5

    a425c2673ee1a138beee53cb47ce81c0

  • SHA1

    394f11e52316a57d35369e788f4cbe60cb8e22a0

  • SHA256

    3d398ee18a6f799e15f06bf7dd6833f56dcae898cd1c6dfbe47794a2432bc252

  • SHA512

    5911c9d0063e3d185461dced5c499e54a2421cdab73e51d3e396f56228b844e906d30808371512d334757fbffb5acc478cbe855dfa3fb76ae208a27f5704bcf0

  • SSDEEP

    3072:Y/Bpds91VaIGeJuDlPjQOygr0/U91VaIGeJuDlPjPficKWEZo4lPGut1VaIGek:YhT0uDlPj28ET0uDlPjGWEy4lPGuUTN

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs
  • Suspicious use of WriteProcessMemory 11 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a425c2673ee1a138beee53cb47ce81c0N.exe
    "C:\Users\Admin\AppData\Local\Temp\a425c2673ee1a138beee53cb47ce81c0N.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2264
    • \??\c:\program files\internet explorer\iexplore.exe
      "c:\program files\internet explorer\iexplore.exe" http://www.bluemountain.com
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2852
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2852 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2704

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8995f8e8646cae8ff56db1f48cdf275f

    SHA1

    215607c4bac99b714b91ecbbb11f9a6b8868f97e

    SHA256

    24c4fdefce3b49ca607f1398db31bdc92753cfa5335db4d5c111f2c7a8a4440c

    SHA512

    055032a4610323f7ff4113c6da68e2847672d87bacd65c47fa64d88cde47b1369038de847b643c52304ab378b82a02881f8f6476c3e11981b690501ba1e1acee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a008a3240b0b2457980a6cfbb8f6e474

    SHA1

    b0c4cc84ac1c94a984ef1b20075bd040313f0b59

    SHA256

    367899ddba38ecf45909d48545edf465de5022aa9c77a5cc375487523aaee667

    SHA512

    d01789a7768491b66814e3bb2d78640802e5160e26360370d4b000162ee3e642de84b281562793164389b420b5b539bc8f67769c321167e5b6154dea282b269a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4c69524e81dfe8c783aad50b390502ad

    SHA1

    37f86cd77e940e4beaacde0aa19c353bfb202fbb

    SHA256

    ff0b52061b4cf77d98285720aa862ae3653f33f305432d03a5401b074bca380b

    SHA512

    44aee9a7faafcf35e62df8ba9fc33b4b01a62569103fba8e0804bed62444629cf2885255925b20e520fe7120702deca4b4bed7d8828ce13ed2b13faa4b4cc650

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eadd69958066b4c2c58e7ba760521056

    SHA1

    8781df2d489a313062af4e78b5e3cc4f0535a761

    SHA256

    aa79759dce99c98aac66d32e500c3d61a7112ca448d477990a9b9b565d2ad2eb

    SHA512

    9e2978e220f4680326a8f1fd3c5a0c17981dea90c345254758e907399f3f8f081916bd7ca3720dff1e46890bda0ecb4ccc26687c2779a692ef141ca26ceddbc1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a12c2b7d5d4ecf8e8d2a96d67437a730

    SHA1

    6dfc820de91471bef69401a06017dd23e41a6e78

    SHA256

    8046dd9c0f3c8db33b463467e21202c25098381a5ed9f893dc77bc5efae8f50c

    SHA512

    c4e8188920c3e0f5dc12df097d4c70524a0eb913288da0a237b71a0c0bd1dd67e056b24b309adc08cdc5d609d8268d38d958c17c725f85aec62cc578841d7837

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5708b8203ed7da6e0d7f03f0dd1dc525

    SHA1

    973eb92954659bbf5a260403e82eda201e8f47ba

    SHA256

    f7f5e080d44262a474eaadc7dd3572ef1b69a602ec953328e58ca4b905f65ee6

    SHA512

    d53ab1fac8190f6a8a630b818f7a8ebc38782008f76b01b589443a759de32e6a24c3bbbab1ff247467dbca6c2c2a362713edf0c6a4e3e7caeb78d7562aab81af

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f0baf841ce8798cd340fbdf78325ec2a

    SHA1

    b3186b29cff5763f5cfd24eb3e395c3ebc6688e8

    SHA256

    a003fc1206e240bffea63905e09dc119cb9ce1ab7e3d7b9d7ddbad02220b9d58

    SHA512

    0a858e51801e6d4617418683e779792f615ed04ec8bf05075ed2832a80a3bbc7cef43a38ffab6fd43745b41a1e448a07c4a0a7dd92c8aafc4d48726faa6a2ac5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d0fae1b377848866bd307136918bd59d

    SHA1

    c6b16cbc788221d35edc9c810490b66210e3e55e

    SHA256

    85191a800f05492e775980ed296f42dc815c8df105aac194a56a4a9e3b36073c

    SHA512

    126e9f9cd5e42cb3e1c11d151585571d5660fd15895ae46c453cb501cb259d1547c416a917dc88c31f5beb802fd001acfd53a472b3dbc60672b4366a7fe20dd0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e233a451d0f1794c32176e2594162d19

    SHA1

    d4a62f6f67e849b2a1b87f4428b83236e0e315d9

    SHA256

    3ec94670e85150f848b0cc701d72d98d06ef2fec23a81c8c669913ee0f7a6eae

    SHA512

    84ec09c8eee065e22110a1906fb1f4536f111f08e0cba92d4cdca8a91956ecd61a7a1d96c2df9c303399c061519373b6da3e9c7c61f7d5e67ed421d84c295a6b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4a7175ad9cb759ce430a690beb63b4e6

    SHA1

    cc4099517a15ffa9eecfcd2b47e34bccf792c4ab

    SHA256

    94351e3be4c6d410b28e44a96d26577ae6b5ce38d42e7a5b26134c562a061b9d

    SHA512

    30a12a270875d27dacc5bc24997ad4660580e86ef13559bf88262572e17e2e47d51f66da2df7510216a6602ea6bcd99e906746dcace70f49a24e8a48fa1d6e43

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9032d4f9b770bb6ab55fde600230e46f

    SHA1

    0b1fe4a9cff37fa3f27a2c0c9cb12f66e15cbbfd

    SHA256

    b784124854d475c882c564106fe079f2fa9b74dfc50a09f0d9e5bbb243caffec

    SHA512

    a2ce48e1c984689c7eabd905cadab7d5a4d115cc44345933b8e07749f214dcb3fdbb7e025e3b26920b22dd658ccb7786f4fd2c92aee10d3ef8b51695f48c0a52

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fcc44407a4b1f7379014bf71dba90426

    SHA1

    9d5d7d4eebb704bfa9f31d5a9780ea68537f6c5e

    SHA256

    e109e2eed72624a19af5965fccf76b7888517eb5c68d3f16386d1047018731b8

    SHA512

    4a06a11fea45beb4a3a893b95733965bf7e54b3c1350a65d730963f8d71f4a8b26d4810c7fbd8432bdd08e30732172b4c9bbb4c5127d0397830f26421007b262

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ccbc74ef215fba71b28721174c3dc701

    SHA1

    77da22a43f3b60af3eda3decd54861957e694f99

    SHA256

    752596dfa0a6b3b46ed3309222765cb2e4fca6e224c899be2d32c7d58c1d587e

    SHA512

    4eafa9924163617778a13631c2baeeaed1dbf8f2e4754ce0d8f5027d56abf323e379267112697d0d1126f6dead67cf02c1ffad194754fbbb6627aaa08dd17cf6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b567686a4084d5a5d92691b0040044c8

    SHA1

    d337879edbaecd697b2675fc74856865a9fd8e1d

    SHA256

    b2dbc05fefa3dd52600b97bd06add34e2f7f86b7ec6ccc162f3e5dc29fe8f4a2

    SHA512

    d279168bac4bcdab05212fd9f293d8318eb27df4f37a06a9a2da2595d0e1d737e97cc31d0b6629c2b434747d0cc4c0378cfdf24797fd3e0524bb2dbc0ddc5e60

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ffde0bd16eb9e4481b884a93df6beefa

    SHA1

    11c27318e1134c7f0cc7205cf1c5be8ebeaa3b6b

    SHA256

    ef092999cb9b5ad498cc99d812117af39301ae06ebdcb7686cfcc5349ccca29c

    SHA512

    57686a4e47220231ca6dd4d5acbb515ad5990115eb0430e3eb6ec60b9e54ed8c71fbb2ca72f9e0b3990fe6bd56dbd0f73afd703c6dc3071479ecd782dfb170a4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b18692ee6bd6e189cb29bb8236de3952

    SHA1

    fecfb5adf1ee403844daedf2e7aa2ad30b166b41

    SHA256

    d38fa7d55c99208953002d9b7d17f22d0f19d05cad35820fb70df6d8d0c957d7

    SHA512

    1c466cfce2b8847890eac50d9cf84e22de9d1d21b4ea3e2ab78f533f2868bbf873100aaf63e0971abe26a841ae3c3f4d52272fd4d1b2438a68db05f7fae7460c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e5553aec9cf35b43227433e2c1bee26f

    SHA1

    fba4819b4c4d54df7584c8ebed5279b4634a99f3

    SHA256

    968154a334665619ea51b48dba848bb562872f2580b91a519739df79dc149c21

    SHA512

    5e3f6d0ef78a8a4184182085c02de666e963836d21314c1859a1958ae0f9acd19a41bc70b426316df4b6fcd05214c7b397c8fe506f8a34edde600c9dd567dc2a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    df07ace3eed0c848e7ed72e890e0cca4

    SHA1

    34f04c9dca21124f28ad80f2c881f866819796ba

    SHA256

    b8d3c83e62dd1381e61db95b02444c9b76562c58c700e471f99c9ec07e0a5557

    SHA512

    f469cf0d3e30405f3f0386bd58d59cdd90ff6e0c541ef5269dec2cf302a55a379d19ae292a10aab1eb1d9d003c15a5c630540ccd8bbc920ac4ccf241a1dafe9b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f1455f47a13cbf22d4cf3661947f9207

    SHA1

    87c29ebee81ccfdb17768fedf8df36fc52c1e03a

    SHA256

    cac1e223fdb318308333eb46b40903cfa391dd1b6f58b2d1d6ad336d8188b464

    SHA512

    d65c403d665e3a3688ca0d0649789b6b3129d19b3e7fb2e2889587b73c1147a2f128a0d611c10bc01a9db66d1b2d1ee6e6835766cec8e0cdf0421db36baebcba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    feb4a7dc166a80a00faf51f047551a97

    SHA1

    bf2ececccaa8fccdc90292ecc75a335feba22431

    SHA256

    ef87045821c442c8fd8bd65226099f4d0917bf7759504c9e711e122f7cbdcdd0

    SHA512

    a36aa6c9527651ea2a786123dc49e4ccc98de04916b3fdabb7c65dc79a1b1293a2d348a31734e3ca87938894a197aa04956fec6c5067afd3dfab79895f2dbd35

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cd04ec4a3a5628068ef49a10aae50420

    SHA1

    8af674634ce0a0ffad9dfa909666d715f70d53ed

    SHA256

    b49fba240cf42c107218cb2697480e94a1129bfda7ae87d65121d8152aa7309b

    SHA512

    18e930c8bd919c3570672411663d4b7340b6c0dc7ae6b1c2d93b91ecf3550728d078d784b1aaba16cf214baa2f08172135e6ff5c741cbadc821c50c398823ca9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab28B8.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar28DA.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/2264-0-0x0000000000400000-0x000000000042D000-memory.dmp

    Filesize

    180KB

    Download

  • memory/2264-1-0x00000000001C0000-0x00000000001ED000-memory.dmp

    Filesize

    180KB

    Download

  • memory/2264-2-0x00000000001C0000-0x00000000001ED000-memory.dmp

    Filesize

    180KB

    Download

  • memory/2852-5-0x0000000002C60000-0x0000000002C70000-memory.dmp

    Filesize

    64KB

    Download