Overview

overview

3

Static

static

3

66d66b06d2...18.exe

windows7-x64

3

66d66b06d2...18.exe

windows10-2004-x64

3

$PLUGINSDI...up.exe

windows7-x64

3

$PLUGINSDI...up.exe

windows10-2004-x64

3

$PLUGINSDI...es.dll

windows7-x64

3

$PLUGINSDI...es.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

FLVTubePlayer.exe

windows7-x64

FLVTubePlayer.exe

windows10-2004-x64

$PLUGINSDI...Ex.dll

windows7-x64

3

$PLUGINSDI...Ex.dll

windows10-2004-x64

3

$PLUGINSDI...es.dll

windows7-x64

3

$PLUGINSDI...es.dll

windows10-2004-x64

3

$PLUGINSDI...ss.dll

windows7-x64

1

$PLUGINSDI...ss.dll

windows10-2004-x64

1

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...sh.dll

windows7-x64

3

$PLUGINSDI...sh.dll

windows10-2004-x64

3

$PLUGINSDIR/nswg.dll

windows7-x64

3

$PLUGINSDIR/nswg.dll

windows10-2004-x64

3

$PLUGINSDI...e.html

windows7-x64

1

$PLUGINSDI...e.html

windows10-2004-x64

1

$PLUGINSDI...w.html

windows7-x64

1

$PLUGINSDI...w.html

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    23/07/2024, 08:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $PLUGINSDIR/welcomepage_noadw.html

  • Size

    5KB

  • MD5

    e46d56308f9812a43b025832521fa69e

  • SHA1

    627b206f3bffe6f2d5e662101c155720615ee88e

  • SHA256

    09f863f9bf5940d35976453c5266a9d8a1ce87e07b8dd513e7574cfaef735d34

  • SHA512

    439c73dba7fd17da848d9a4289b9b7f25e55c4fc3e98d6d3eeef160817a8013a796ff65e12b30e41827bf2110e71bb4b8358ca182783b3f22502707a69d8d7f5

  • SSDEEP

    96:SI32bJbWEMkTSf7qOugnffDbhIDbbE5zDbnwEqqc/zIxG1Dusp8SNy7Pt:SI0bWEM6Sf75ugffDtIDHEBDzwfF//4j

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\welcomepage_noadw.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2420
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2420 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2688

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f511b2d6c2995fb064e25a5f5aaee27c

    SHA1

    fdb6b0ca95394265e4ace69335293fbb1a38f729

    SHA256

    740def0875cf8de2bec4b242c4ea5347cd8fcab1a9ccdab37e8867dfa5fed6f5

    SHA512

    551c258a5ea281825444f83a479414e5924a5e906e222ce20cde0e019b11bf8792205fe4903b537f7aafec972460938f9d84ceefb56732688901539d4b240d66

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9a3c2f200283cb0fc287a7745178fbd4

    SHA1

    c90bb349f6f2ffa53339e20fb327639fb8171bcf

    SHA256

    7fa072b67c20f94e5241b20d8515fb6830fc5fe16d7ade2cc17fb10d946b11de

    SHA512

    36c581026b84da2382ab4e0e1ef972db5209134397a9339197bffdae4692d3eec525e17e6b874452f018f1c537104dbccdcd45744b70586e0b20ae4815670bf4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f168e7f79e6c6d4727a204f922177655

    SHA1

    ef204f4693d717fdf0a242c6291295abc644258f

    SHA256

    c5cceb6d475bc080775fb58956529a06aea70c2672811a39c42510a1a1c12fc0

    SHA512

    fb78ca6c7bc9cb149d1559f9250244f621ef6fc559c19f86281759ad497f9a727e58bb26f62bafbc716fb939afe0bcc4a05f527b421ffe399b45124b58993d87

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    79a05bc99a6176b6caae4759ee578d48

    SHA1

    23814aa0b2f7c3ca200743e882662bcef9d65334

    SHA256

    0270175b8b33040c62788c9de631f3c8bd32cceacccb3141b2770dd665f3f128

    SHA512

    105446c6ef194da4fc5ef8c561d4a04fbcd2bd53bbf6dd0157ac415ec8a766445901368a459cd1bb47d919ffed85d46dbade237de98aa089fa61baa1911d0ce3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8d3be61404961f22938889f7da355059

    SHA1

    80ef144aec9bb856c9e03dc7e83000cceadfd139

    SHA256

    e8b31c2d4a7efd95427e3761560166431dc1018645d4a0640020a72ce8130a7d

    SHA512

    cd6347d12a5be0a93337175488bba744c7adabd62a37dd3155beebe33e20a0c8754a28e5de50754a722db3655f97f3c0fbd53ae69f835e023afc4d740e7c785c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e08b8a1911a6e68aa0ad5637953d3cdb

    SHA1

    e318f80c1fc07b1a4fe93c9db70fbbfd80f5ef10

    SHA256

    32d738de53e1280518fe73d2382764e7345694a184f7464ad257bbbee51a66cb

    SHA512

    391affc788de3c671a23ddc3c854ff84cbf5d198260210eeb9cf2097130e444835038aac2d58d00732c8bca39513b55edfb20e098313e0eae9d3593313be6dfd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    285da70bac335206a7a58b815a363408

    SHA1

    93fa4fb48c3d69aabb338e3ae3dd18b98b76bb7b

    SHA256

    7d6b84edbeb375ed6333167a17fe6f0ef388ca080407de63a7a71384749a8cb4

    SHA512

    f925341dbaad8685b39bcba69e52c8678d409b0ca77e7fdd46f5844fef9c653cf3331e340bb9b3d39e1775cc620b6cb9d59b1193c449b0e60de1db75339a1282

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6b4d2a6d7eb9c24f166dba74a8ac1e6c

    SHA1

    3bb42b275d8a86cfae19affeccb9a7a95aed5d51

    SHA256

    88ae2e897cae914fa1fcfdf3aa178f9562d6ec15228bc092230077244e43c92a

    SHA512

    6f4d597e08d4f8e84590a78af733448197b535a1c1f3b0592aad0ff4a6816b4ad53e66cd326658012248985e1f7aa4f10eb415711a9045a31fba8f494cb46362

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c0da8ccd00c3c6b7e1334425e9d68dc2

    SHA1

    25d0726eb63cba16cdd3d61c4678949cb989d1df

    SHA256

    ac30dc6a06fa3820bab12cb3f2bb2a3722f1525511909ea62874694167102ea2

    SHA512

    329d0e30a8b4175723acc39d94dca4f48a14d6759b22ed2ca1256840d6c21a365716bbe5dda28676b9df960d3f0cd88daa438836053841169755a2afed8c59ca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    da3be4b1373b7c5b88ab28151e97097e

    SHA1

    637b4b7ff86382bf2572c72704054bf810e551b9

    SHA256

    d9b778b79b87008925f3748b39f7641c4acc91faff0f5800b76b798a353cc36e

    SHA512

    8882962d56b2137866cf9ac66df00cc092735d56ff2c8f55815afd8a1d6eeecd21709d14ce3cd22abb6c9b6f2a8d17ab9d5d74ec917b2a7709f29a333ae19493

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    43cd41e4b9187ae220d4d5a897740f86

    SHA1

    3a3d49732f8ef19a9a42a215384dd26f0b7c15c2

    SHA256

    02bf7afc42f62b2841a8b1e62ecf438f2c7992d1001b4bae85ee21daed057313

    SHA512

    5f31beb56bc0f0576fca61432e5354750b10b7085aba72f0ff4ad9d7a7b592802ab1f31254f511810f4dddd0a0ea3a73f64900612baea348ee98d0b0eeff0769

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ca74175ca6d1d0323f461eb13299c6b4

    SHA1

    10cee9fa5adf860025084ec7d53b8a28bcef34e6

    SHA256

    44f9cbaa3670e39ff0b391489302de23b1ad2bf6f8dd78cdad59982982c3771e

    SHA512

    4fb234b6d43dababdf097a13559d3915b05065b604bd36299f4497019fdf56980e3fd9529aa98db638688dc3783517e9756528157ce67325bf712fad43832aec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9a78ff9646b4f8497bca59ac52d7e66e

    SHA1

    a6190a248639912ffc731b87cac648f1dffe188c

    SHA256

    f462319b1f25f5a7ee93ebbafa2b6892fbf4444f3ad39adb043a581a30c0da9d

    SHA512

    34d1a6da680d0539f091f7848424437a9d2acfbe8875650e0e4d1d2ab67d1fb2375d3b5d1e8cd8b9398ea11046c83abd6bad98fbf8ab7d36194a80d94e2f4c87

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6dce8a71ff7e1d771adc1fe03ecab2b6

    SHA1

    ae7a6a6f44f3589eefb06b0a240cba3a4e3834d2

    SHA256

    e789d073bad36f6469690fb4a104f14ae8383dc12fb51f562324b0316a0a530a

    SHA512

    b64abda4c3df86e76bae77bd85f6ad05125cf5e0179f4d120163f707f279efca0992ba2c4f05a0a84fa983547ba63a496c6b5205a33a44856729f3540c8e944f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eac8eb099f2bf2a59bf182b0d0c555f0

    SHA1

    7799971a9aa4a6c44a32703cbd072d54d437d864

    SHA256

    419cc3bb7d3afb178deac7249ceb1855223bfb046f4ac90e03cfe7cbf5ca206d

    SHA512

    884e4790af2c1322fcfb5ece5e39ba735d6ff711c473f769e445752ab5cec6459990e880a5cac29392ce1138d161de04d794fd1113dcfa7f8e10e55f676e4267

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7f3e812f7c30fd51113060298a04eaee

    SHA1

    a1c11a51dbdc0a302bae74760f4b3be14c2a2b38

    SHA256

    37607e8ed68e29a05f29ff1da74828b31c94e173e717f45feed3a93dba0f41b7

    SHA512

    5ce54d9e879849ef8e8d8ac85adbdf50ace97286525a474478de149a28b421f71673e931216a2ed31117e161bc03aba5a1362ccd3f931d1bd7b3ddc4b358f172

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    475a36505b20929aac9e74423b6217a2

    SHA1

    e165f85b43e404e600475a27707ae2a6ac60ce6b

    SHA256

    73316713d84a38a050efad362392b28578b5dd054d98eedf8db59925ac38c1dc

    SHA512

    92d68a9e8561df2c96d070e8c69b9051ed0774ddd1cf246d8261ce817751391f909add933a0826cbd480e7724f3fe1a68fcea0b924239debceae11550084e355

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab1E4D.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar1F2A.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit