Overview

overview

7

Static

static

7

74142192f5...18.exe

windows7-x64

7

74142192f5...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

3d_themill...re.exe

windows7-x64

7

3d_themill...re.exe

windows10-2004-x64

7

3d_themill...x8.exe

windows7-x64

7

3d_themill...x8.exe

windows10-2004-x64

7

DXSetup.exe

windows7-x64

7

DXSetup.exe

windows10-2004-x64

7

html/ar01s01.html

windows7-x64

3

html/ar01s01.html

windows10-2004-x64

3

html/ar01s01s01.html

windows7-x64

3

html/ar01s01s01.html

windows10-2004-x64

3

html/ar01s01s02.html

windows7-x64

3

html/ar01s01s02.html

windows10-2004-x64

3

html/ar01s02.html

windows7-x64

3

html/ar01s02.html

windows10-2004-x64

3

html/ar01s02s01.html

windows7-x64

3

html/ar01s02s01.html

windows10-2004-x64

3

html/ar01s02s02.html

windows7-x64

3

html/ar01s02s02.html

windows10-2004-x64

3

html/ar01s02s03.html

windows7-x64

3

html/ar01s02s03.html

windows10-2004-x64

3

html/ar01s02s04.html

windows7-x64

3

html/ar01s02s04.html

windows10-2004-x64

3

html/ar01s02s05.html

windows7-x64

3

html/ar01s02s05.html

windows10-2004-x64

3

html/ar01s02s06.html

windows7-x64

3

html/ar01s02s06.html

windows10-2004-x64

3

Analysis

  • max time kernel
    134s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    26/07/2024, 12:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    html/ar01s02s06.html

  • Size

    2KB

  • MD5

    42c49931f21ba250d9336a0043a701b5

  • SHA1

    e7a1740ea0dc5cd91679a24f3ae2abee08429e17

  • SHA256

    d09f77581054ac93d640eaffa2f0b5d29290f3ebd91bc4c07baf951075fce633

  • SHA512

    5903667f0709b9dae561b8c7267c43aa6489f47d173e9bc8612743154b67cd83d95f4939a09aeb0ec1a8b8719acf4fc489aafbfbd0923105dc256ec28b5a3d56

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\html\ar01s02s06.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3024
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3024 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2840

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    85f2c7f4f6ff2a8110945e8e053e807c

    SHA1

    db2f2378124639ee7abd5af33496b2cf1a93fac9

    SHA256

    c581caec05c8239e5971c5e839f49fb19838486214696ad2b140bee98d9c61e3

    SHA512

    0d5065681d91d4bfc5f5591338c5efaee46fbe2bd9df1b18b0e5aa1e73ddeba7e85d6624139fe30c273ffd7736c21c52c1818b9dd3e4e39b5386baebdfa01d7f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    967e7a1d01284004cbcb77eb1f681d9f

    SHA1

    dc895b8c61d03173f30d06412f6b3fa9c675ea12

    SHA256

    31ef4dc37bc13b091bdfbc9dadd15c025c9a1369d22f8d9304a4c569f0c757ef

    SHA512

    ad6ff993e4ae7b87a75a960823f741a04ab1afe758bd4f5f977678dc93aed4b23e7a7a9d788b80e46f725195ae9396e06e1019671c052caab5aff1e26800c861

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c10807a6956f77319f233afa0c2b5663

    SHA1

    4d093b9f4a8c19c517bd6f2ecee132abbf9fbd88

    SHA256

    eb450052a5ac4f881891a9a7f4f0db7ce24f0c8d73fb2f8321300b1b3f82fa07

    SHA512

    0913e2708c8cf3d30834a5c57ac714d8d1e42d47f4b585be0b116f740048060e3f49f90eb51a33282687ec412f2767aa18562a2691fce1d3c8caf6c9696d8ee1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fd411dbfcc1f409e73e0a4383b0711f5

    SHA1

    2a85cdbe8407e3b92c9e7d0455253ad1d1172ce9

    SHA256

    9260d0a7f9831763f2b8b617e065be2c4d21c5418993e5e2d3ed16b702707b12

    SHA512

    b4b327ad1d02cb8b1234477a9696910a78121360b1013fb95386f6c6b1ebde1ffe390f4a2ed69abf14dfd09793e35beb2a0985371f4c78b70c52c6a789232911

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    73e35408ba7234928fffc96759e51d9a

    SHA1

    aef4d86fa1d4d65e8ac20ad587521f3ad2859617

    SHA256

    638a6e13a6cf92dc5374c59754bd43105d5f5bc179166dda764f598222ea4e70

    SHA512

    1299bc4cef101c4282656b2d3da78c0fa704d50f01cc01111774f780623645ab9ec36fdc85733fce6a8a8030d551d59d840e1dc15a2fa6579c06fcbf4795e223

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    064b90a90be4357ea135a66664a1fb8c

    SHA1

    c288fde0489dabf45733f584e698ea12abdea38a

    SHA256

    90d866fb7fe4ac89f54c4f0878a105eb7a61c287d00662e8050deb782ef2e641

    SHA512

    4a524f6349ee68d90e61640eef42f4db66d042dc2494e401a25873b5b8d2b4a4dca434af73fb79f12d00fe17ce91378c4efa74f8d9dc5651f599af1771c4d59b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    81a085a11459a35cc25b84b2adb73e23

    SHA1

    fee0861b1f14cfbeddbc39d14f889e49cdb567e0

    SHA256

    d8948fa81b40b751b2d7d3da3946b47b1ababdc3df254031d462ebd9e2a6d119

    SHA512

    7adc330e45e0246db1268ad383036a24b1647925b7128bf5bb372fa19d82f16715e3fc7915d534f26adc91e47a89db7011f239f10d3714f4165d361399e02e05

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e1be480c358f32a5ccc3fcd399031d62

    SHA1

    ec5ed35b08d5d915e817cbd972e8ccfb69b0025f

    SHA256

    8b02f91c07e38398e3e9c64d32081902dff387154be90e3360e305a4a2bd8053

    SHA512

    384ef26b3dccd33981b01f815a8a29b0b24f78ebd9b8143c6a6fcd991faa10a3b7b6c9413f60c29a63910ea4c0d91a9016475c6bcd326f4f13d95b3cc4a1a9be

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    15b1f7fc7f6c2a6117cb9f68859e7ec6

    SHA1

    c58c6c68cf588c11c0606bdd37cdcddda1308690

    SHA256

    9f1eae49d7fda43f77f8da183c26d7188f589a17c4234de7d77462a52a7837b5

    SHA512

    324ab9eb1104f6b13891b547748701420ef9504d36232a64fbe6da40fa26b9edeb8cd8665ebcbc7873a8dcb1362d2b7bfa5744e464de612fa016f6b0943cea4c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aea546b26e5585eb4a5bb06ebdde21e9

    SHA1

    d04155e8d2f78ce4ff027b02ec6b16e2354bfeb1

    SHA256

    f4a53f0dad040c868c85d3e77a3a207f0bcf3d81866d7fe0d5f6ba8f1f590f51

    SHA512

    c8f967b1656df4b41b8247c6c393fc9f5b0e17525b573523c4371a20135d8d9026e9141b9982306ca04de490f1b01b4e32b7fa3742a778052da3287e7596ee3b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    99c172c3686b481dc26fa6c901fda5e3

    SHA1

    fb7becdc0f6bbac142691bd066df8ff4bc9a1f62

    SHA256

    ade11fa9f36aa56154c543013b0cff7b9377c3ee189f3bc0c21fb39ce8116f95

    SHA512

    bc02adcf1bf7d74cb045c80a4747193b05f6355cb33211c4ec531842e7cc6d417e323246efff24f518909b045f30aeae446c29a1e83f93368fc4ecbd33d2ed95

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4470239e105335614d63598917a8e68c

    SHA1

    447d0f445c4b51e6635c6f67e10f2dff5ca08fc4

    SHA256

    d82637d37c2c78ab239a43e4e0f148adf4e7b6c933eb621af7a63fe84b6c7a57

    SHA512

    7602962e667bc404feb1f59a4f8e6a830e5701428027cc396bdb7b18b2b8f39349417cbeb1435d8f3c84a8b3bd0e5519914f24a8ac401e5763693e6296c541d2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b7cf5c8b0ef4aba427bdb6cdd498e1e6

    SHA1

    ce9334bdd960aecb6ccd5eb7a0467a82cd76b058

    SHA256

    433b7f709d7a1996fd228a423e412778293974e028cd66babde304ca13a19a27

    SHA512

    46694ec7fc902cdd86a5568445ae9cbc8eb25eafd4a4b192b2c976d328a96be94d9c922a1ed67b501232b05c28e381baa5f21dd8f964398f63004091095aaa22

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9db61fe82ff3340552ea64192aaae93a

    SHA1

    d3c269ddd8484480aea61e62f82ae1ffe8c2f171

    SHA256

    a97a9ce197f323ff5c044c014c2db733164b27bf70cde581dfe9768beb1f569d

    SHA512

    acdf540f0e0239cc9a66751f81d7804bdcd471e9dedd9817816261b9061893bac67303842fe2b2f151d58c2863daf3836c9955d5441189cd1e6c851c9e971cab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f9d6e6248f90a3bfe3a8cfde5d2b2dd2

    SHA1

    dd43baebd2e8711f2d346a6ec973740fd9a5f8b4

    SHA256

    06b6c5ec13f18705c4162d09d9af9dc302f6903c630e27b0ec4d6d4d2a238d87

    SHA512

    d1e2a143e0a00d8b479d779ff8f0e0d7f4d4f947fdcbfe2dc6a6c197f5e61ec4e3a44f5af7caf767d86770bfed7659f4f8617f86910f0050cf484b50779c78ea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1a2bc6fe207b01369e7efad0597763d3

    SHA1

    585d0a7bddd0bdd31b834a1862e9710a8f3824ce

    SHA256

    83decaf1130c179d2b8d921e1c2274bb77c7fd04b3a5b25d3325c42d169e19fb

    SHA512

    4e928f64ea24bddb5388fab8d8d1a5f44ee84f30880dba5c25e453f9496ff5099246c93014194141f2182ff8e40a87a4053be7cdb449837415552bd63aa70731

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab66C2.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar678F.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit