Overview

overview

7

Static

static

7

Unconfirme...24.zip

windows7-x64

1

Unconfirme...24.zip

windows10-2004-x64

1

Guna.UI2.dll

windows7-x64

1

Guna.UI2.dll

windows10-2004-x64

1

Nyx.exe

windows7-x64

1

Nyx.exe

windows10-2004-x64

3

libcurl.dll

windows7-x64

1

libcurl.dll

windows10-2004-x64

1

monaco/Monaco.html

windows7-x64

3

monaco/Monaco.html

windows10-2004-x64

3

monaco/NYX...c.html

windows7-x64

3

monaco/NYX...c.html

windows10-2004-x64

3

monaco/vs/...ain.js

windows7-x64

3

monaco/vs/...ain.js

windows10-2004-x64

3

monaco/vs/...lua.js

windows7-x64

3

monaco/vs/...lua.js

windows10-2004-x64

3

monaco/vs/...ain.js

windows7-x64

3

monaco/vs/...ain.js

windows10-2004-x64

3

monaco/vs/....de.js

windows7-x64

3

monaco/vs/....de.js

windows10-2004-x64

3

monaco/vs/....es.js

windows7-x64

3

monaco/vs/....es.js

windows10-2004-x64

3

monaco/vs/....fr.js

windows7-x64

3

monaco/vs/....fr.js

windows10-2004-x64

3

monaco/vs/....it.js

windows7-x64

3

monaco/vs/....it.js

windows10-2004-x64

3

monaco/vs/....ja.js

windows7-x64

3

monaco/vs/....ja.js

windows10-2004-x64

3

monaco/vs/...nls.js

windows7-x64

3

monaco/vs/...nls.js

windows10-2004-x64

3

monaco/vs/....ko.js

windows7-x64

3

monaco/vs/....ko.js

windows10-2004-x64

3

Analysis

  • max time kernel
    13s
  • max time network
    14s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    09/08/2024, 00:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    monaco/Monaco.html

  • Size

    47KB

  • MD5

    d65261c2e83ae0319cb5e931d3cd813b

  • SHA1

    b13189b8e6c82f9db00985483867e2ec27c99ccf

  • SHA256

    520aa43d592bb8171d7cb015cdf6b8a2f5ae007be9a7a154c8f7c48b6f33b54a

  • SHA512

    3e6e544d3947fa7b5a0391e84f6157b155f7a67cccff81b892a8d3c2f2303bf9003bf6ad3033df6cfcb809cf22a8208a8dbfb804a01d1b1b3def8322d14ababa

  • SSDEEP

    768:TWi2Np6OXoy/21rxzD80kShCTrw4mkMXQnb1fqKTr5q4QVGQ6riAT+e3N9vnwJV3:d2Npdoy/21lkSMw4mkMXQnb1fqir5q4I

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\monaco\Monaco.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:308
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:308 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2320

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    47cacb087df7f71df9f1fcbb66a00de4

    SHA1

    346b8ef73c3096d6a5cc3760822f49df026ac88e

    SHA256

    a888596c259ca9ca052adbbe996c509ebaa9b249f24faa095ebd731ad30d3c86

    SHA512

    1aa98715efa49fac2b2a2b981b70599059ae87300a80e85bd4f77cf2086dea372c7f484665d444a4cb6cd3915f861c1c50126dce208e4b1a0e6d9d503412e0d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    e3dfddcec6a8d4d3af7358029e33a9b5

    SHA1

    d5bf8c649ff69ad8f14bc7dca8dc6dc790440729

    SHA256

    d7024e7f6421b8fc89f2d002426be3ea0929bd08e57cecc155dc1f092cf6705e

    SHA512

    45b5da41aa15f0ee6666da556fbdf5406a61013ee537f0f99502e8eac03a245f14aa5b233314c07dae95bda260c4f2b8be402e99c35d76e3e25c2908e8dda124

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    ad34e7ead7ccae7960a02166733fe2d5

    SHA1

    80de591f4e6fdc7dbfe7f4ff2228cb201e8862a4

    SHA256

    41f33fb882132c65ab7db745a1d2ff5ff6de13d49ab05aa4f4a6e236d715ef0c

    SHA512

    e5298fc2ba2afe5cad61f340714e070c0993008afe72eb247c0a552b736c464280244df149fc6ebaf4511f36b582bf71dbb67775c5323fc410ffda8c57fcded4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    fffb41cf2d4c809f29040d621f08adfc

    SHA1

    cceb387ea986039fb144a19bf817950b4cdc6191

    SHA256

    506469df16f84184f1520a6fe8fcd6be6b5dccd2f69a704dbe3f34baa8c6ac56

    SHA512

    30b8ad04ce4bb4c6f5c4cbc24fd48f01e30f6e39f1eb82fa39bab6ad9aa9e0674e2318b8b033bf2a0dee6f04bcfebbe2b227372b947d5f7e77c2833162fe4eca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    6d24469bcbc7b12fe512a9051c060267

    SHA1

    ac723af3ee725a162c38e669fae824cfd7c1553d

    SHA256

    7f0014241008f999b3d28cde38e08917883d8f5851afd0be4fd1b63589ecaa57

    SHA512

    f8f2cc24f0b84647a3eb65cb4233a34b89b40c41e186494e13a52b5fdf6bd59a3b8b24a1ac0d77c63536bfe9099e57be1d8f1d98bfb6a77b550f98253033519b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    af8f8b902653e60eee62c5c086ffc837

    SHA1

    2a80d6d8b3265504db1e7fe4af08518f9e967c84

    SHA256

    b78caf4ee83bed8d6eb042953681b943df481e0affe8781af6935b2e6fb3d509

    SHA512

    21ef413bdf3aa23066a029f4461b7fd1a2313a14a615086aca720eb6565445e46c4af86e3063a1c1f715849f4984eb3ce9efec1dff8049c58c067f0cba00353b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab233.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar246.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit