Overview

overview

3

Static

static

3

AlphaBlendTextBox.dll

windows7-x64

1

AlphaBlendTextBox.dll

windows10-2004-x64

1

Bunifu_UI_v1.5.3.dll

windows7-x64

1

Bunifu_UI_v1.5.3.dll

windows10-2004-x64

1

RC7_UI.exe

windows7-x64

3

RC7_UI.exe

windows10-2004-x64

3

rc7/AlphaB...ox.dll

windows7-x64

1

rc7/AlphaB...ox.dll

windows10-2004-x64

1

rc7/Bunifu....3.dll

windows7-x64

1

rc7/Bunifu....3.dll

windows10-2004-x64

1

rc7/Monaco.html

windows7-x64

3

rc7/Monaco.html

windows10-2004-x64

3

rc7/MonacoEditor.html

windows7-x64

3

rc7/MonacoEditor.html

windows10-2004-x64

3

rc7/RC7_UI.exe

windows7-x64

3

rc7/RC7_UI.exe

windows10-2004-x64

3

rc7/sxlib.dll

windows7-x64

3

rc7/sxlib.dll

windows10-2004-x64

3

rc7/vs/bas...ain.js

windows7-x64

3

rc7/vs/bas...ain.js

windows10-2004-x64

3

rc7/vs/bas...bat.js

windows7-x64

3

rc7/vs/bas...bat.js

windows10-2004-x64

3

rc7/vs/bas...fee.js

windows7-x64

3

rc7/vs/bas...fee.js

windows10-2004-x64

3

rc7/vs/bas...cpp.js

windows7-x64

3

rc7/vs/bas...cpp.js

windows10-2004-x64

3

rc7/vs/bas...arp.js

windows7-x64

3

rc7/vs/bas...arp.js

windows10-2004-x64

3

rc7/vs/bas...csp.js

windows7-x64

3

rc7/vs/bas...csp.js

windows10-2004-x64

3

rc7/vs/bas...css.js

windows7-x64

3

rc7/vs/bas...css.js

windows10-2004-x64

3

Analysis

  • max time kernel
    122s
  • max time network
    138s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    25-07-2024 11:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    rc7/Monaco.html

  • Size

    6KB

  • MD5

    fc63d6f8cfd66d984df8e003cd30ce4c

  • SHA1

    767beb1b385f89ef98d6aab11abacc564fc3c2b7

  • SHA256

    aaf84c7789f9f4a7505c408e484d0d04a5ddfe2badd3973acd41bf2e6a2bfbf5

  • SHA512

    843bb9660de5827a28a94799c4b745bc2c1c56db72d36b989ea2b72a3868d0b68fac36b5e320293e26034e4d2b0f9b0946162ea2f4b8e919131d888a825e5101

  • SSDEEP

    192:Q3+OKFLvkJj7gpk32eynKZyt7TJPAqkvKU3LI+QrzZws:Y+OKFK3gi32eynAhs

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\rc7\Monaco.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3008
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3008 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2384

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4d064b4c8ad17133cc2dcfa27da4ffeb

    SHA1

    d64061cf3325edf0eb7b7b56921cec8d867fb3cb

    SHA256

    559682128c255801820f2f131a7e6200bd10f8bd1a498d97fbfa4bdf6dbdc997

    SHA512

    513126ff8c8f019af297bd4195e088d2913378e233db8aebf8bfbf56d53815550c6f194700df5522ba73fe56d2eb77012196e63061eeb385d478c502d8459e1c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9b590d5f4f2b734c3c4e8f4559048988

    SHA1

    0035763b743e1b86ba0ee66346787448963d14c2

    SHA256

    f0ddc1f821d12ac279c832e4dc325b4a78f01a8af805ef4bf55e10f5c4a152eb

    SHA512

    9edad01fd553fdd8de89bc9c31541dd4a0361042c16cdd9dbf46d265d5d77b39cf12a54bafa25b1df630afa63591df156d175cdc2d6b089a17f8a7b6f0136ccb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a12990b9e83cefd85a338ecb4df2390b

    SHA1

    d5679a084b46af79376c70bf36b76cc37859aa41

    SHA256

    815262ff67fef37adc751a169936833090b82c69eb51739dcb9f58c1b56be46c

    SHA512

    f203172d5aa05ea9859671989a2ca66770ee56c03e4e4699ab2f2bfbfc24dbfd2add750bcf758719dfa2b38e4797da065a8cd765a111933ba72c02d566280e2b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f2932b98a29ce33ed120d6050a8d9259

    SHA1

    2e592adbfb3f944bf3c34fd28a8c51b8583c6381

    SHA256

    745b5730ed10d8c275904cc7921717ef7d55d1e4cfce4c0d9b642fac6193b357

    SHA512

    145d8c3fa366b15c7d776fd4c972cd44285f0a2e948d9be077bb918d8bbeed6b87e86ef57689a350b3242ce1787f1013fb44f2c6cdc5f8f06d6f21959b4f4545

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2e246cc4c4c94491ebd28b23f0e29b6e

    SHA1

    eea1d8f887c74a629246c7bb581bdca444d55978

    SHA256

    c3c7f92e4c3ec0a23ebdbb52ca5dce7b44481d73008c480c8bb981fc3040016e

    SHA512

    30ac639b7be664fc97160bad1d6bce16fd46d4adbe9eaea7ca90456d120453028c1f0d2b9aa6f11e6a82897b3120d692e3b56470528b989dbc1bb2b4fced16dc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9e788b2ebb5e4af15c934d1cce9d90d7

    SHA1

    5d1dcec5d8f1c160adf9554babe2fcf40a7567ee

    SHA256

    e6259fd512f068ad6a29288c30eb7dbe74f2fc993f214b1a49095410e4c97829

    SHA512

    cbf7ded151730cf08ffd629ca8c9a1ab82cbc21d264b44e455f66c90d8f5b323ee3853a3a57263953b340056769f8a049346bdeb4b537d41665ef533a4c0928f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    229568086f20f1a3a07da8e1d3ca9e92

    SHA1

    035f1a24d5e370ba52a176fc482c64ba7b5c857e

    SHA256

    8a84f1e652167233e92f8630cc1186ef1513f3876c10cdadbc48f6e172510851

    SHA512

    87e5c2418acb7500d099f2c43551113cd506ea1cdafd680ce71e0dce7d6d3d92e04dfe1513014dbe114cb0ea7abfc4039faed4f96861fd71d6eda45483d9ae80

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7fee6e3fef20ce8ffa35be96a1f5fd03

    SHA1

    5db6a63dc45950dec9b7cce2d5152624e322ecb0

    SHA256

    799f2db4d5393944cb4e2a2e911b0dbc01a59ca23bbd26d0303b18f267bed615

    SHA512

    79323f2600cabb32549ab40087fe1cfd052d52fef18aa5d650c0e74c25d5ad0bacdadc9e49e5fc23d6af0d9db1defea134888455711af28c1992424b8ee47fb4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    24b8b77967eb946fd7904fe05ca80f87

    SHA1

    fad0645e6dbe53698384c2eb81437584110b1bc8

    SHA256

    c7fb425018ed50d03263663f0ae6e41b2cd6b007a4ec7722a8f5a8db84f3f14b

    SHA512

    e8924ded3b2cdb1f3e795f3a4af23ed8c2d741876cd18de7001d138fd7fdda39a21390c591fb3fd6bd7b6635e271e4c47eaa43c2c9501b80856afab3e54fb5d2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6aab0cf514f3608a87aafaa8e8de614a

    SHA1

    83fb224410ace9836551c990e35cd243ffcdcb7c

    SHA256

    72aa20b41110f90503dfdb2f6693872a20b60ee438b9335f944c270fdb1b744a

    SHA512

    fef704abc35abdba60a1338a2a15bc8e5e76fdb6e0b28b2802a6c6170df272d676d3df6feb96583dfacfd7ba3a77c5dd8df4cf16eba57daf7f165773d2593df9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c39de87962c502bd522d1c836846cfe0

    SHA1

    db88f4f1076db53ea44401255b7573733b7ebd3e

    SHA256

    67330b153de9be96810b7c2b22ffb7caf5d963e0892398584dc50894f6a58c60

    SHA512

    1475583fb8d7d574eda664d207c0d3f98ff615ec945330ff4830acbaf430d138f76c1504272b6d59e34dbb2583639104c5484aa250e03660c6a10e4dbfda72ee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    103f1cdb2a5258e803c8ae09d66b87cf

    SHA1

    72962bc722a79f5e3faec661e3ffce85935bc381

    SHA256

    8fe51821b7f45021d661cb92fa48521ce5f9b97fe4b2b62a419e60ae357ac444

    SHA512

    b18c3d65d537f5bdc8a9704f8d216ee25aba3d37f85ddc047308c008733d71f8836deecdb89038fe001b04006bd40524494de45b5965d9bfd965eb2a7fe81310

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    67b3589435245a4a3ee86723dda0fdbf

    SHA1

    8077c175dc48d805a3ff096d425e393cca21e757

    SHA256

    2260a70a8f225c9d957698d7c7674473ffa5c78bd406f2299b16533bc036b1ba

    SHA512

    cb95a3dbc8a78e44669b014d1eedb20ce82ab7e8106c1b5abe3d7f9a99e4a774fcd2cdb8d5ef421a257f3b71335fb4500f0f468d8aa099e6cd8c71cc68325434

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eba5a7deadbed06176dbc658b5b1ac69

    SHA1

    55784a80964388a89d7bc1580ac1ac24f6e73eb9

    SHA256

    16687d2ee4e53facbf8abb3d7e292156780ef59fed2f871660e59713bda70286

    SHA512

    c92f7214372458c759d5f2df7629675c168f0ae72a6de06484a5d4e588db2a920208ce293e02b6816849f042b49eb8b9ba9a1744601bbf9a8bdc04dfc3656c26

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e0a0b82943f55b197af12a52ecef4afa

    SHA1

    c92a6f1d3790cafe2f6ad94dcfe3f7fb48712efa

    SHA256

    5553fe707c554f14b30a627d5d21bbb76180c87c4fd14af72b06d0bb3c882f6b

    SHA512

    301fae5f95941b0321dc1a11f44ad68e2fa372b7a25a5f5abc936162cd765a273b72ba4143ea6e433bd58cf3ce26642e03d2c4bf562a73988a69354081bd1a72

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF308.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF379.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit