Overview

overview

7

Static

static

3

663df3aec0...18.exe

windows7-x64

3

663df3aec0...18.exe

windows10-2004-x64

3

$APPDATA/I...er.lnk

windows7-x64

3

$APPDATA/I...er.lnk

windows10-2004-x64

3

$DESKTOP/I...er.lnk

windows7-x64

3

$DESKTOP/I...er.lnk

windows10-2004-x64

3

$DESKTOP/�...Ʒ.lnk

windows7-x64

3

$DESKTOP/�...Ʒ.lnk

windows10-2004-x64

3

$FAVORITES...��.lnk

windows7-x64

3

$FAVORITES...��.lnk

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$SMPROGRAM...er.lnk

windows7-x64

3

$SMPROGRAM...er.lnk

windows10-2004-x64

3

$SMPROGRAM...��.lnk

windows7-x64

3

$SMPROGRAM...��.lnk

windows10-2004-x64

3

$STARTMENU...er.lnk

windows7-x64

3

$STARTMENU...er.lnk

windows10-2004-x64

3

$STARTMENU...��.lnk

windows7-x64

3

$STARTMENU...��.lnk

windows10-2004-x64

3

$TEMP/remote.exe

windows7-x64

7

$TEMP/remote.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$TEMP/sobar.exe

windows7-x64

3

$TEMP/sobar.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    68s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    23/07/2024, 05:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $STARTMENU/Internat Exp1orer.lnk

  • Size

    1KB

  • MD5

    9ffaab5f197ee38cf1fe65e19d4bb217

  • SHA1

    39ee57d785cb31b75fe79879ab5dfed14eb1a28e

  • SHA256

    6a1bfc7b4d0b3c749f9a5737f7f0253c634bdd62fe812948807c6beae039ecca

  • SHA512

    eaa04c6437eac713912a81b2e11f97cfdc38d5d5bb459d7f4ae94d140b2bd4d74685cda43697f00b6803b1b58da3bef78ca3d9d6a4b9f5e4278ff2451aee512b

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\$STARTMENU\Internat Exp1orer.lnk"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1656
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.113w.com/?waga
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2772
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2772 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2444

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9aac3a33284a4a04b5ade618129a944f

    SHA1

    41898621289dfad5c4bfa2a9fd6c02561af30585

    SHA256

    e09e97aff519248b9cd20cd5cf72d55ee1d281b291e247ee01c22f8c31cea8cf

    SHA512

    3b5e42baa6ba59f93f18921ab91834c55d460c6fbeb7f0297deccc7a7384295dad77e7f88200919a16060399e5ea2245d0ca5a0e7e5f6fadd7300495f6bded3c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b043ea806fde1003c95a3f462669d907

    SHA1

    06e6f8df31c0d3f64cb0a2c9fa46291559629ae2

    SHA256

    a17d11beb3db6c2d3dbdd6f4e9db92483cc6d05b687ee6608bbced81fb980b73

    SHA512

    c695a43a25743b74a8d0a301686bd7872267c7fe6c4b89ae9130a2fd1c82774614874114155780b6931d19a0ccf6a540914140035c138e2698fed24738c8309c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ce6404463d564b52898eaa29212d7c0f

    SHA1

    8451d415180f3936ed99a68c3d3394d4fb8cfa65

    SHA256

    78cc2e3b3e636c74c9fd727ec7a934a42070ba28e07ab717d087461496235ec2

    SHA512

    eb2a92b936089afadc15050bf6bda177229d3d568dc08103732bf18edcb5a8c149fde19a2b304c56b3351985ec4fc8a05ed93959d46863be587a7276c2298dcd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    92832074b9c64d1f09c5088a521bf1f1

    SHA1

    017c20b5595118061b8f52a390ef354c29f3b82b

    SHA256

    0aee869a25f1e59b3db20ac74df711b6972b9928bdb3cce51ead425326f98568

    SHA512

    7e223411797eaf74a8bc48521fc0892834f5bac19f90ba5e1e38308c434dd204f8ac818e8ef97bd3dc54405f455cd8148082189746f2c3e042b8e24bfc0663c1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    722cc3b3aa122801de0893899df6e841

    SHA1

    6e34dc5aa58eba292d16d6704b2224519a26a96a

    SHA256

    8120004051e76353c76ffa56be55931317e030f1e7fe204679f2b8ddc68135ea

    SHA512

    2fd05a38b2de9c91317f7503e4b2962f10485ece8e38712f021ca61446761628edcce81ba1965e3b5b146ab005a4256c69ccb74e8b32c591a5eb6d7af29fdcc7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    05038b97b8489dd535a4584b6d58c41c

    SHA1

    4f0558abc27520f0555f16f9c042259f8981d315

    SHA256

    8009ca4e3de8b8f9de1b5ffd1d1f61ba8da3a1ad4324a3503ef0d6a9e69a165e

    SHA512

    b5ff2293db3b1cdf43cb984c205cc505724e7f37e47d26e129115ed959b1dd69392ec1214166d920fa7210b3674380edc662d67a02038c6a50cfb406cdc0dd47

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c0901546d2ec23f375b37e1851bd182c

    SHA1

    f53fffb0e05ca00a942073144fb3cbf0f477f7a4

    SHA256

    f765f693a7f80da2957e017f5391e3fd7182ed64c59debee42750d2ce5fdc74f

    SHA512

    04216c381e059c77e2542914c4bef2e5616c0bb74c74660e26cbb8eca4b092f6c4fad8a595017905c6e4d04221f1e7b7abcd5185595e59525660c6d36826101a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f5c70fe46d24475e48af753bc8c991c9

    SHA1

    88e48647e3d5b85d605ce2f944784fd7be4291fc

    SHA256

    2a8c18e89a7058c58c8256406e6abd9fffd3ac893b705569d5529ad636077452

    SHA512

    82e9829ed5d9fbdfc15f7f67cbbac45f3a6135a407a46452fe70b3191b1c87b5e70461234164932913cb3b910205a047ae530be0e5cb6d55735dd03587353c42

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    61b6fd39fffedd8896a474d7e6b71215

    SHA1

    a649194d11a49e9cf08e8191fa18679ca1303ab1

    SHA256

    7b5c841fd62c42479d3d4b3c9009c09200908910f3be2a9b502cbb7bf9e93d1f

    SHA512

    87ec82a8bd5261c18afddf354cba4c89ee6ed7dd51449a24245417042c76c0c2a90fee2dbca4670a9a66a39c8e2ecd886a00f0f2164ae564a5e642b963a52151

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4695ed34c175afdc6a61629caa7c151c

    SHA1

    ba20501dcc4f31fddd8dd1f69c75ea26c8673ef5

    SHA256

    be4c5371b5d50906014b85f0fdc475fa04b0950105a26f90ad6b9297e8882a24

    SHA512

    659170a3650f7260b523e54fba9bb8291a8bef33e1befd231a109826dc220bc0e769ea9f024b077e46dae3848bb46afa30742acda01a3caf32b9614f8389a8ba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    237335954aa7517cae8e9a61bb393bf3

    SHA1

    d75d14da5586ed418dcb2f5d90c6da5e4ef5d2cb

    SHA256

    304f684c30da7cfa56562813620c74a80b9cef35fa260e8b460c62322493b998

    SHA512

    c8cc3295edb9d790233fe164996e057a570028969b5e5fe90a680ea1f038026421a3865fe531ef895b917e72e62c8c0596e5ff849fcc2a9ab1b49dc9cff827c3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7bd29d3bca3d1603c523b2275d464afc

    SHA1

    ea520887d98db78ade2e34ff5e045816bd20a975

    SHA256

    f7ae339f85f267a1350da8d74bcff1ee9e096556132a0b9bd110a368e17b9e1a

    SHA512

    3ff39cf12bfc61e976701c0acae93cc4bdfd9468485d134a290e5604d19b366a4299ebfc72e538f9ba9ba7f69b4e9e2626629c7011c232b6833b1911e1207760

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7eed8169a70990f6a4251deb6bc80627

    SHA1

    608d72b880db22bc3721c4c60c9a42c7fb02e3f1

    SHA256

    12ddbf0b1e183d8b3b9de6a4e14374e0fa9ba416b79b77a13c53f2ce0c34c9c9

    SHA512

    6b5f9c5788e6fc99e0b93b3bbb24f89d17c8d7f004d05ab404f77595c549ae86bb3b74565f037a2e6e98dad7240b5e9dce02463a95eee44cbdb8a606bd54e837

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ec0ce68d538b8a913c5e25328701862b

    SHA1

    b18582e43a79976b5a0e882e64e9fdfb3b6d965b

    SHA256

    542b226980edbe7404d5e9dae2428b6f185e733412f6e689dc295163164ef0d0

    SHA512

    782bb396f53ad1c8a8cfa402515676acaac06db42567ad173385faa47b24b941fe071af4c414343f369bb66717e3c09039f48f9d814a570a7c50603d06ab29c7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    97052c3b1ce79c9eb752fa105011fb01

    SHA1

    be3674ac398d7a5eb912249f3c543cd8c970752f

    SHA256

    437bc915b43572b52d3e9740116d04086b77e786cda18ca216be1e75c5df136e

    SHA512

    1c2332d0b2b9109527638d2309fef3ee2b86d9ab5cafe17e5799877d4cee2678579ff79d94c8f9331f32daa49be48d37528cf1d3b68b4754e52d28dccedc7c6e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e86e06e84ca398c6cd62b09053753e5c

    SHA1

    74c7b63061b4c7fcebd227d6e9996f793d66538e

    SHA256

    d17b21c3068ef8cb6fe2085d4075af773b1ee8bf7bca782723a16d6aee6fd4d4

    SHA512

    32c262c7f52b13de72def5ca267e2073bf29879efa0874ee7c8a9b3d1766108330054cdeebd52ac84ea0933baa545b01845c9dc921dbd258f7dd1977b8b78fce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    930d6778bec9a83b871ebf10b2090202

    SHA1

    74eeec8bb49551fd9fe29438a398112b30c845ad

    SHA256

    342b843de8102dbb03e5e2a2ee5b3c3104a15d266a788f9733b1a7821f3c7ae5

    SHA512

    0ec713c302782f65e682370d83eecc94db7009f8037f00948f5f6e8022cb6a35b428bcebd68c7c0005134712c683656f910dbe07b7eacc2f8fe3635b71ec0326

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a30011fcc27d3bc9131080b6734d271d

    SHA1

    f19a566543d5e04b9aee58a0de2653900bdd95a6

    SHA256

    c193b94a450ee38d0171e7aef52245fbfb23df73ec561eb45869b9af324c939a

    SHA512

    735ba79dfef6452f963f53c37aada91c702a1b6096d8f65b759a8217c6e588ef15acf7b59f514ede76021615e004dd812bc305694c5fe860fcfd3e0bf8add5b6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2783f9ca7411596761f2761b3f840439

    SHA1

    9bcebbee93b16c007cd276add11f66ea13f89666

    SHA256

    ddaefa1aab262829796d2d455eedf5c52fcfc76bb461d210204feb4b85004862

    SHA512

    49f1325df9c602cddb9d4ee5d987ea424d3b8f14c64f446f191999f6605906abcd326ea93fb4d9fe742d999a63397bfdc30416bfb3240a8674cc7b24fb8a639b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7004b8ad468dbb152bd9dff284681ecc

    SHA1

    8c6842b46aedbea3560f689f9fe5f0c96162616c

    SHA256

    88a265fd271c42a19a013356517a5602a54ddf9c77cb3d8550df05debec3592d

    SHA512

    8fdd825b13d08cea9f2b95df64a55343811f9d9d5a748ae3dc8fac54c45f63c9876b2dc866043d6bcfeab82d5326a4e22f50b900cf721a1ddbe77da6985e8c6b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c25c8714e8d1a387f2c47d5592a54dd7

    SHA1

    c8c8b6ba0a172784e78658fa9c5e78d03b8efe61

    SHA256

    e9dd8f51821f6507cae0f34beed6f14f75f92b15c30bf9cae7a889c5768d108a

    SHA512

    5f9fba3d0b26a68c76d335e435abcf43d097e9c669a6424853b925c2643b85fffba42bd97a6cd70a06f177dd569c21e93ec769a8b697c83e5a520063ff3770cb

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC8DE.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC9BB.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit