Overview

overview

3

Static

static

1

open.gif

windows7-x64

3

open.gif

windows10-2004-x64

3

Analysis

  • max time kernel
    134s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    07-08-2024 15:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    open.gif

  • Size

    43B

  • MD5

    325472601571f31e1bf00674c368d335

  • SHA1

    2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a

  • SHA256

    b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

  • SHA512

    717ea0ff7f3f624c268eccb244e24ec1305ab21557abb3d6f1a7e183ff68a2d28f13d1d2af926c9ef6d1fb16dd8cbe34cd98cacf79091dddc7874dcee21ecfdc

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\open.gif
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2196
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2196 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3028

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5bfad2a8699f59cc42bf49cd0d285a69

    SHA1

    9f3a453d4e57c5e4588d129b8eb2c017d073d7eb

    SHA256

    14da40d56d5531d460e4076e2d782f340152d3b408b928af58e7a37556222825

    SHA512

    9c0e07524b241a7556153926b738712cf7eed5b6efdd8465f2baa6da959977cb75033bf99fbee6ee0ef0d780b465396dd6e638b18016cef70ee867a7acde8ef5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cc407440a4ebcc208838314ffd6b3d5d

    SHA1

    b9b533adfcc811375b7729604728c06afb114364

    SHA256

    0e076e8216b9dc3a12927beec646acd8f866e8506e1fa30de6095273e7bc4141

    SHA512

    8cfbe03f84bd81ec27def8044630c012fe0a7f93e95bee5d2fbe6ab7212ef41a0ca17fbf3bee1c63f851e14a6c89fdbfe97758f57f165bc4d980e18f3d90b8f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b767cb154d01dbdce1c18dba3e776633

    SHA1

    35c8e605d90426c69ccb86fd5f3d9a9c4492470a

    SHA256

    20e20cf5af4deffdbc36e9bf8f9d6008c8e2c093e5aa59200faed89f8cf6c987

    SHA512

    5e9d16746e198b21f0056f81b8d9e417836ede19a5c8270d0037c660edfb926fb051d59be008fc59602f85bb95cfbf79cc3e0ca108094afad44a4bdc87794dc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    25d327ae8834b2e11d98104ddb905100

    SHA1

    f15e3f7c32d440ff45cba1a74b3ac8f13e99d968

    SHA256

    0959799f5514c5697c6227513fbb84c94c721b41827ec32746f59d7a0897a548

    SHA512

    4a7f1c2614101cceecafe2206ebcf77d9af2591660c9946ceef62e4d02833f2f26137617e6644d374be9481205f96da5799425a3d9da94ba0d6af2b9502a9ba0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d16ee25d67c1e69a2e11782608023292

    SHA1

    212e9a3baf4b694a930c3f5fe3be7db76d2dbfc7

    SHA256

    78def080d023f561eeae56c4fc5078cce8d11c1f4081d16d2a6b6cd16bf5acd7

    SHA512

    913d57f7297dd192222c0b0442d3d48b99ad227c0326ca6354e50d9b77640bfd71e04956ded76b9591a2f550e686e31a6c4a0d4a3b8afdde4e51400178cd3d06

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b7a281eaf23af38f01fc8e97187edcb1

    SHA1

    49d2679423672e3f4bffa22edf168f2c897891c7

    SHA256

    45c3e8292d7510025692b1061b81609e15b5ad7ecd814e0198d87d9e16686ae6

    SHA512

    8ed25c6df641abd60ab2c844931910310019aea554c1a5f70ab4f1d823a6337a73d8741d601a3f694c2d7965e8a8199cc16377518cb995af85ce0dd7f8e2b0a3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b434d6199a256b95decf044fa988d1d9

    SHA1

    5bfacd4f7b93deb330af82f3034f1337b852b5d9

    SHA256

    226b6d426e9f9cedd04be48b55890b90efa2db5465339dc05087096202e12f40

    SHA512

    188d1dbae4114d16f9cacafe093c37d2e75f78d9d58273da2af8c6de6498b29d4cec3d4a27fe94b661779d0d2741b4575f67d9bd73d3f4db1f413d7e830867cb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2935a7ab1b20aa0bff772e34345bb56b

    SHA1

    c09e9689fa751bc10afe0e866a88b2a271967f93

    SHA256

    1092469c9b963a0abec097e72526ea3169a515f7f336414de12afcae0d4bbac9

    SHA512

    e2e4ec96dc27995d17051fea65221190e8259663369a15e2ba67dfc5cfdc9b2bb7a7133c0fed45ea6b603fe334116258b2cac6e4c2b439f935c7b6b3fa9c9050

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ab5784776b0c8f88855e4aee24d83f74

    SHA1

    c0036344ec976f6d4c4e4d88aa4ea982e603e7a1

    SHA256

    e4936060ed9b7687350b394a8c1c76b33b51559b3803d10a64577d434a24e21e

    SHA512

    4e7247132dd615e54cbcef4f3db51313baec9f82c092e59f17ee7c399943d4ec45194eca651e5541229b573c33bd7195383a298ff742d281d4d165baab9c582d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f3a181394782de6112b9cf00c0f4edf2

    SHA1

    53dd2c9a180dab478aa19ee48c3482e61502f254

    SHA256

    d2b033c51322f956ec098c8f717b97a900efc450a1aa1e86479dc552e6d5e458

    SHA512

    12c8656f901167c1ae1b9590a35ba4559c09f10cb2b979254e327cfb49318bc10f27fe816da89b34a9458c74e15420c1899113b79f1335cccc928566e44811b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    128147a1e992a829487d91a1f839d058

    SHA1

    fc332d1346a91ceb3af998d71af38cfd524f9232

    SHA256

    f9a006141875e0324f798cf38c20e9ab4db4e0eba7393d0c0e93a06d6f29d2fc

    SHA512

    dfdacdf0a6189648b7007a2d13d7655e7cb91686c511ef3876c9d5de53f9ec02003237c828a80114ec06405f80fad6861073f67f288f489cb497fa62a0f2c87c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9bf39a9f0e4f40eb97c9ba2800f9713a

    SHA1

    38419598218decfcb1c51a8624e6aace63a5f1c7

    SHA256

    f6de9ad332bb048ca4268f5042680a0fbdc60e61bed93271f030fde5fe1394d2

    SHA512

    5ed142f2024f49891ca104d2832219d1f1afd78b78398656dd92f4444f0ce078d723ecb722eca22ddaf5d4c560c7c3c35b99ba52b9877592070fce7b22ec3024

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0c215a07246e23fbc8f8697dd51d09f5

    SHA1

    d4903b28df2fd3081cc8d34a7a21516f85a90284

    SHA256

    43d247bde1b1c3cc8ae906dea6eb9fb223c49ef413e36ea4701ef5c9eb51cc50

    SHA512

    e46503cac763cc3cfc3ded6727c21e00a2aa0d12d57e224faa354100cf58f326bd741322a834ddf8d7190ab5b2ace6010adfb9b6afe737d2b9892938cc7985dc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c8b9dfb829ecc0c56d5f860fd9c10c2c

    SHA1

    68a5500501addbe841159f3132e47b5fde988fea

    SHA256

    c964f6a7f9545ac4bbd5ec69135e014810534d26779c1e4440e2f4e4962cbbbb

    SHA512

    58dbe6f4e0299b7cee96d48d36ec1ba67fe3e1ae9d1425e5cc0cc47a6505eb2895d4c82507e87b7a73a161f1b59ebaee770abb5753ab9a6afe957ca66acf68a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    50639a4427c0fad71ed9c9612bd19725

    SHA1

    65111c384fee2116b1a2c858b12d6ffb6f3e219b

    SHA256

    936b92ff986c8c074d5ea40f7b5c4d643841f44c3353a4558ded7b1011c43b88

    SHA512

    e2e04cdd1e98ba10d7cc130cca3d36a31e6bfa46561c1326f76ca1c5eb46c6f4569b55e3d0fd01ba7b1deb25d417d466a33d4182a4ea4c75ef1f0db6679505c1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ba9cf720772103254eb7480215d51d3f

    SHA1

    238b1903d73e14a9401f6d10ea7bfe7fa5afb7f5

    SHA256

    14b580804763ee414291fe21891ac31098dbdbe77a182fc680d8ac4332b5688f

    SHA512

    1efd1b188dcb452675c36d8ab05b26deade7d0b76e051944b04dc2f42a6e7f5b6d9bf5d80cb84e4817ed242b79fb1e608c632c7aac72741627a31ce805a7f0ad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1132524f60a37ad5d9473c339a9dd72f

    SHA1

    a7aab0ecfa5405bbeea4f50ef16af0bb5b03149c

    SHA256

    e9c346265325ccd4180f2301853fa0116c3e7082d7b359eb42185723ccaa3e7e

    SHA512

    82134a7069c3fa2a0a78d7bc78ec02b25a16826121c44bdc93ec511f719c6a0d4454110749779107add8db76b7c736f52606b070716221976bea06c7af6cb47b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    309e0b2c88ad967f9737fcde3cf12880

    SHA1

    ad1de16de6e23304162ae5b577317dba8f73e3d7

    SHA256

    efd6c1f8b2a374ea922348587afcf6428a26950d7de08304fa5929c26dd352de

    SHA512

    7ee04107a7ae6f5efff441079990f2079f29af83ccac5c58ad52627104d381a2e10314cea20185913f6fa17e5b83425d0f7895f26ce7a6b5e2bcf3d39b680d7b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF911.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF9C0.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit