Overview

overview

9

Static

static

3

node_manager.exe

windows7-x64

7

node_manager.exe

windows10-2004-x64

9

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

LICENSES.c...m.html

windows7-x64

3

LICENSES.c...m.html

windows10-2004-x64

3

d3dcompiler_47.dll

windows10-2004-x64

1

ffmpeg.dll

windows10-2004-x64

1

libEGL.dll

windows10-2004-x64

1

libGLESv2.dll

windows10-2004-x64

1

node_manager-ns.exe

windows10-2004-x64

7

node_modul...i.node

ubuntu-18.04-amd64

node_modul...i.node

debian-9-armhf

node_modul...i.node

debian-9-mips

node_modul...i.node

debian-9-mipsel

node_modul...i.node

ubuntu-22.04-amd64

1

node_modul...i.node

ubuntu-20.04-amd64

1

node_modul...i.node

ubuntu-18.04-amd64

node_modul...i.node

debian-9-armhf

node_modul...i.node

debian-9-mips

node_modul...i.node

debian-9-mipsel

node_modul...i.node

debian-12-armhf

1

node_modul...i.node

ubuntu-20.04-amd64

1

node_modul...i.node

ubuntu-18.04-amd64

node_modul...i.node

debian-9-armhf

node_modul...i.node

debian-9-mips

node_modul...i.node

debian-9-mipsel

node_modul...i.node

ubuntu-22.04-amd64

1

node_modul...i.node

ubuntu-20.04-amd64

1

node_modul...i.node

ubuntu-24.04-amd64

1

Resubmissions

01-08-2024 21:24

240801-z9cxws1cjd 9

31-07-2024 11:45

240731-nwq2ta1enn 9

Analysis

  • max time kernel
    122s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    31-07-2024 11:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    LICENSES.chromium.html

  • Size

    9.0MB

  • MD5

    aaea51a605688fcb2f178fd60e4ca64c

  • SHA1

    69d4791bf3cfedb68bc4d8f766878103578171cb

  • SHA256

    96837a4a521a61bd3d34f2f660e29902d228aaec501eeb2a84403f1926c3df9d

  • SHA512

    d328bf2f9ff7372a716a09e5882b9e3c0051b0135412b3258453085db1de2c7699c8aae24edfaca7798f468802db975977c9976e19fca84fffe884bf8594c33e

  • SSDEEP

    24576:h+QQf6Ox6x5n1nZwReXe1GmfL6k6T6W6r656+eGj/dBIp+:oAZeGLp

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:824
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:824 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2816

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dfe3780d61a9cd5f77a5c09153301f81

    SHA1

    14c8c06f4cb0bdcbc5175c28b594b597b3096876

    SHA256

    63108838a4dd09a42176e2bdfe904a04bf968fe87276597f0cd5b38251798d34

    SHA512

    24ccbb1ee41428cfdd9f73c179a04c322e6a3949cc55f2267bc0fe074f666d28882657822387701a556de6c4a807f1cf52e4c5571455034456849532d533b9f1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b2e6b5553600686f3aeef323a355476a

    SHA1

    f7051e0a61c51b887e884c18c069d9ad6e1741e3

    SHA256

    4eb3cdce07cf8728182bf24a3ef6df578c4feb10dd530a750cc5c9f5e93e1508

    SHA512

    3b69cd27667c2a78569ce8b9a543ebde3c16740e86b29edf046cc6ca84518748d660e0c9be671e1efe54c57130d8a54756a5d842104a784678248355da8bc3cb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7eaf570076385ed19d29f95641635c11

    SHA1

    6532754428a287036ae5ee1b0988cda9968b6573

    SHA256

    127f135453ce25b3f469f5c50ba725087db7d1451fe934bc46ed15629653629f

    SHA512

    b221dbe59fd22255fd887ad239ab7c40ec309f9caa2bd84b77f69a38d61c6d973c4d9196a7feb62a2e38f4a50b52bbdc4a0610ca6b6e73bd97cea4c2a854d70c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b28260e8f570393e4d2f536defa964b5

    SHA1

    6a84f7e479a89551a2312b4612eacb736b0ea63f

    SHA256

    0facf2cedce669f766e48fe874cd6006230f3b97cb9874e8cfaa254ab77a3b68

    SHA512

    d225d55ae7e37439512e8d6e84b29e89de89ba00b2d5142fc8504ed3ae03cb533d45aa4368806a648cf46442867971b6fafac2c72ad0b79fc60d561049f63990

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4e37abcca1742585b83e9b9d203efb54

    SHA1

    4584799b7132f5dfced6d2d1f5d8c4220ec7d30b

    SHA256

    0ba71cc99dad02ab1c5155bd7c06dd233e69aa3afdf833aad3d6ddab40ebea17

    SHA512

    5f654bab5fd8daae3dfd64ee78072d54387930e19cdc65eb5c61fe47500255870825e4844bf5d431cf72387512247e253549bc39b91ae7fcb77134493713cf1a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cfefbb7771413bf7c62f7084492d264c

    SHA1

    2ae4b827e5a6fe6b87c6371bcd40573245bd27c3

    SHA256

    4a8800b61d89e58f8febea5512763bef4e680d9904d4f9225af2860f24bb31d9

    SHA512

    cf5d3018e2d4872e44fd1760038b5b8b86e4745b6cf4256c1b463dfc2ba78c5a5d2e7d05171d88900f8b8c5f6550b808cde26c0e0a7e96686f3ba76c7ac874b7

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab4ECF.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar52F6.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit