Overview

overview

3

Static

static

3

Bunifu_UI_v1.5.3.dll

windows7-x64

1

Bunifu_UI_v1.5.3.dll

windows10-2004-x64

1

CeleryCracked.dll

windows7-x64

1

CeleryCracked.dll

windows10-2004-x64

1

CeleryIn.dll

windows7-x64

1

CeleryIn.dll

windows10-2004-x64

1

CeleryInject.exe

windows7-x64

1

CeleryInject.exe

windows10-2004-x64

1

Microsoft....re.dll

windows7-x64

1

Microsoft....re.dll

windows10-2004-x64

1

Microsoft....ms.dll

windows7-x64

1

Microsoft....ms.dll

windows10-2004-x64

1

Microsoft....pf.dll

windows7-x64

1

Microsoft....pf.dll

windows10-2004-x64

1

Monaco/Monaco.html

windows7-x64

1

Monaco/Monaco.html

windows10-2004-x64

1

Monaco/vs/...ain.js

windows7-x64

3

Monaco/vs/...ain.js

windows10-2004-x64

3

Monaco/vs/...bat.js

windows7-x64

3

Monaco/vs/...bat.js

windows10-2004-x64

3

Monaco/vs/...fee.js

windows7-x64

3

Monaco/vs/...fee.js

windows10-2004-x64

3

Monaco/vs/...cpp.js

windows7-x64

3

Monaco/vs/...cpp.js

windows10-2004-x64

3

Monaco/vs/...arp.js

windows7-x64

3

Monaco/vs/...arp.js

windows10-2004-x64

3

Monaco/vs/...csp.js

windows7-x64

3

Monaco/vs/...csp.js

windows10-2004-x64

3

Monaco/vs/...css.js

windows7-x64

3

Monaco/vs/...css.js

windows10-2004-x64

3

Monaco/vs/...ile.js

windows7-x64

3

Monaco/vs/...ile.js

windows10-2004-x64

3

Analysis

  • max time kernel
    117s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    22/07/2024, 13:12

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Monaco/Monaco.html

  • Size

    6KB

  • MD5

    a84fac3e5548ba4b85a2ad585422be57

  • SHA1

    de03dcb2eb51efcffb213fbb8de9f07d1d59b97b

  • SHA256

    01bb8609c6178c80748bcc2c35a8fea83b71585eb0b2ae2528771df74e39456e

  • SHA512

    a5ade58295c48769342aa108f81c2cea88f641e7a75815057f00175db97f227c46773bc15da52f37b23b9daab28743b05e57a9c52306602e4804de0e79a5eb45

  • SSDEEP

    192:wEod3PorvaBic0Qp5keghKcCI2MCTJ3+NLSaPh/WCY/jt:ud3PoeBi1w5keghHwjt

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Monaco\Monaco.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2080
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2080 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2144

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          dc7ede91e481ab702d34a30d2eb2e51d

          SHA1

          7cde14b572d661169e631cfbc60061ead98f72de

          SHA256

          ccb6b5bf1d0c34f6422e212d98c0bf8a4ee09907f33e782409625d8728d3004e

          SHA512

          58ced1c305fe863af48024d68428b77e2b88b8d7507fc910af78a0e1ef6ba40bbb75749d48b1d3096e4b8ff82807c4322c191ea29974350c1ad3e7187da5bdf7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          126aa173d6b5ecf3a9166658b9eccd52

          SHA1

          94e8acf7cc35632985a11262fb4cf21859d08311

          SHA256

          637e24a050fb05c04564f8daf6d29e5d417890727708bd7b81959d23a85e432e

          SHA512

          db3a6eec5744b14b1c5858ebd184406fbd0b79f611c2b84b83540654051362554bb5a2690c8fb561c1d2dcda8b45fb865c06841df1eb09cce7ba612ba1c3f510

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          083f0356e0af3c2a6645d36633ccc1ba

          SHA1

          75325a1422100d4b64872dd9108506d2c9faea82

          SHA256

          f5347862ef39c39ea4d2ffbf598daa102f08e6a401e7d62fe712064807cfeeb3

          SHA512

          013a8c050dbacfccac382af7250da0d674b937c6014c1daccfa32dc22e7bb86d8db4752b4cb9333bb1090226c5313b1d169ebda050d55ca694fab4918439ad4d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          3930a990f7b07f7841fe5cacf943d8ac

          SHA1

          61aedbc221e78946b87023ae5eb3cafad6cb5c2d

          SHA256

          c6c10c024608091bd0ec43dcceb134a3b0158e07608541eb2032197b069a01a0

          SHA512

          0ac49809075ed02126a6585b652e8691dd1528204a0cd847190069633f73f50f279f7310c367fb0545991b970ffa8951a5bb07d633e1ad5a297e78926db3315a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          da5d53db170f2e0bff9f4de82ac6b119

          SHA1

          4e3a827fcec844ffe2979497c7eb62818e4487d5

          SHA256

          8c1f3bbff78ae63307b42d55904ac992cc8cf9a9cb03c70c75bc8d967cb93b7d

          SHA512

          42f320d5e71d70d9ae78315fdff516f3850cd235251099508f8ff763bd8033b79a359f4d0b5cc823f64a3f96d79665b32eb3c8ea76d975a30caef36bb2f0ddb4

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          fdb08eb45baa11752a20e55452d02d6e

          SHA1

          353cf9029eceb4b17846627871412104a27efd23

          SHA256

          4fed314041cdd6f09005783eb2966723d2cf4e0be92f609faebbc9a369717c21

          SHA512

          84712e87222feb3105e2557dfd981d2487b875705ea1d5ca06f0f8c64ada53e5b574d555a779b2946ebed1e3d9da5d79b588b954b4995c310df36ea2e5529803

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabBA7C.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarBB3A.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit