Overview

overview

5

Static

static

3

vlc-3.0.21-win64.exe

windows7-x64

4

vlc-3.0.21-win64.exe

windows10-2004-x64

4

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

$PLUGINSDI...ss.dll

windows7-x64

3

$PLUGINSDI...ss.dll

windows10-2004-x64

3

NEWS.vbs

windows7-x64

1

NEWS.vbs

windows10-2004-x64

1

axvlc.dll

windows7-x64

5

axvlc.dll

windows10-2004-x64

5

libvlc.dll

windows7-x64

1

libvlc.dll

windows10-2004-x64

1

libvlccore.dll

windows7-x64

1

libvlccore.dll

windows10-2004-x64

1

lua/http/custom.js

windows7-x64

3

lua/http/custom.js

windows10-2004-x64

3

lua/http/d...w.html

windows7-x64

3

lua/http/d...w.html

windows10-2004-x64

3

lua/http/d...w.html

windows7-x64

3

lua/http/d...w.html

windows10-2004-x64

3

lua/http/d...m.html

windows7-x64

3

lua/http/d...m.html

windows10-2004-x64

3

lua/http/d...w.html

windows7-x64

3

lua/http/d...w.html

windows10-2004-x64

3

lua/http/d...w.html

windows7-x64

3

lua/http/d...w.html

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    09/08/2024, 06:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    lua/http/dialogs/batch_window.html

  • Size

    889B

  • MD5

    f32ae14ca9d7673ebb23fc827d78076f

  • SHA1

    ff5bff0318296a910740411201cb8a4ca206b608

  • SHA256

    5189cdb57f5b2e8c3add7e6c4487f5cf8a018508c612f35c8e1305512f2176e8

  • SHA512

    f5e1994188c34753cdc0dc5143dcdf66a86e56b3a040c1f4b67f01fe5d443fa52f05abfdb8717e051284e5697d4a0ac5f46d2ae36b2c518c0d5a96358f5b0f67

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\lua\http\dialogs\batch_window.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3040
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3040 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1524

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9ad27f8bafb46b71a1f1e4d3c735e2b1

    SHA1

    87e4bc91621d05d0e09494a5831283fe98d3f494

    SHA256

    54e76e04e3bb9bb8d9d0a2e445c790ea13006d4e4a08baa3a72c2accb2dbf69e

    SHA512

    8a68889f31f9930502af49e54377d86b9d69e01a2764e0ffe119b51bef0d9b2cf2e88b8deb19073412df08783d30df4e243db89828500261730c2708ae919e19

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    273ebcbf6a2a82848971ebc4e917d7c9

    SHA1

    d71eed229a18b161d027e3e933d4f830116f84e2

    SHA256

    cc71be6feb860ff5bb06044947763dbb480a017ef3ee679f5769339604226367

    SHA512

    b6f08f744e2f216bf0b9629c210e21504c23b640077f942aae52d96eaf38c18a3f316bafe0cabe812d3686cf059b57114312784b9927d33c870e9088b8278fa0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bd0782a48f43ab2202f5f71208000e8d

    SHA1

    c3e3dda9761b46d71341da8935d45b999f558a8c

    SHA256

    f36a5ab1fabeceba8a9a672456f2997fb1d81257b40cc9f63dd852f471f6ed47

    SHA512

    dd80feff2ee2f6c88b5a835af5ab5b49dc4c79153ba1658613ea3305b54f658cb81c2b7953e135384053f73131ee586ff57cca14e991aebb530bb0d6b7391eea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a5303a625826433a73ebb14311be6771

    SHA1

    20c98fddf90bc45da7bf6957d4b282298b48cb6d

    SHA256

    6f5f42298e4491e0693993fa7dbfd42ead5a05b81d9e4e7b5c593269ee975454

    SHA512

    606e422dad8248696acbd455df8ede80b02d65c19951ceca157003ac879e168eebc8eb84e057ff93bfcf72928199b06f88e0a06f16bfbc32c88519a1effd87fe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3c6d8dc1e4f89f0c85cf8115b3764711

    SHA1

    46b41b8a054118a168510f9dbacffb087959a2ee

    SHA256

    ecb3e4d4522bc602627cc617766181de379ea887f3ddec14ef6e9084b4e1a5c9

    SHA512

    6e65b89d1db60c8338b61047bca4b92ca5d68ed13c0e923ccbea4ef9f0c5ef5248b533a20c3468c059f61b2f92953327ba5be8ff22e7cb1a24a364b2a7ef9fac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d0643c599914ba881e1bfc9d489ca2b1

    SHA1

    38e7d48ec8a7419aed7b99b73e2de4f89515fbf0

    SHA256

    3e7333376ebc1449fb0c469cbe219b0f8bb7fb881c1402393e8c61da7a89573c

    SHA512

    116e700d86fd8b928a5f7380689d45c91baf68b5e3f66e3a840f818f55384122b3d4279bbbb49561f54fec9f971a28236fbab48f5806cef58172cde80004666e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7ccf23ddf5238c4dd44be07450a58a79

    SHA1

    bb039bcb5b7e1214f5194dc7ea6a4236726a07b4

    SHA256

    30ce0a693afb20186b6963e83f36508b9bd2f6a22bbd6b8f0295f6b5a346c723

    SHA512

    834e39a15d88b49598c02136a3e24d9e65e745edd44926075cdaa2534b716402198ebbcac94a1aa4bf7c237bf09c963f1ab370f59328ec268776e389ce9d99b1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f9477ecc6e209eb4c3d2ddd0b286a70f

    SHA1

    618ba437525b5e69c46fb305c8b398caa8d6e8db

    SHA256

    c648a5565a2b4baaf3eacdac123f2bd7a318fb14405027825a09401bd81ebcbb

    SHA512

    8b447b97224c72442f7b0b81fbe44ed5f9011ca105d6cf27b5f7b58690c9ac3ea38cf5620c45ab43885b039b51f4d876d06e3e92fc8a94a4f0fb4b4e9e319804

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    88d259ca16e35d6469fca27c24fbfb2e

    SHA1

    f6467fe7a4fe7fe5acc93f7cbbd4829eebcdfabf

    SHA256

    96883721035c7e1ea4206080c89c4f69551fb60e1dcfb03728e0b6bb04dd1154

    SHA512

    e86cd2b0c7ab6055e83d502f6670d8fe4eef26e56b3f30328660f7e2e2964c7a7161d4e4dfcd74a966824e70fee9da183e463d183193a39b0e603717068dc136

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eccae262461747f0c0d2b0432112ea2b

    SHA1

    0655756e4e1e8a2e4fa6f569abf1fb5a77032338

    SHA256

    58b5ae1aab6bc41b1584e1a8ad4908cdf7f8ffe8c4790330fa1da5e8d069dc94

    SHA512

    9ada7017f5e657a8cf04a2fe38a3645e3683fc681acc382ecbecce2c95f2f4aebfdf4bd5e1a1105358a2d065f98fb6c689602311f8fe649a10921cef26c529a7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    73ebc23b830828e9581f89a9dc965f28

    SHA1

    b696f7eb63fab33c6c269db6f2bfe41972a9a2ae

    SHA256

    5fa8dd3bef55fa1043d3ab4d43b8809d2908d8b2536292fb14558e9b6b5ca331

    SHA512

    b42acd6d9891145fd7b519d717c9a2bcb653f6e185894eb256f75342265b48b5678d9b893d7157df669c3c2569960167aa385f410fcb377bc27203a4fd61f84e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7044ad2a7acdad34ccc5b178d80cfcba

    SHA1

    64740d1c4a893b7232d926b85416f419cd0a2dd7

    SHA256

    40791f4403ca900502cf5235d65c279d8e94195dd05491b48f84c31ca257282b

    SHA512

    c6a0e928db5743ec990f023d89ed71c69e7db0a54a51c6e5229a5a17dd98ba8b9fbac3846cdb39078a315610080c216124f612d0804f4186f2f6edd75213328c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7ac782e7a87ddfb988a478c9d87bdb81

    SHA1

    f089fcdd5054bb7ccafd7b1df526506e11e66836

    SHA256

    d3df2a959281627b8b4b841d0484132c7e139a453ebdd74ea561f8919caafbe0

    SHA512

    bdd18fd19dd09726e44f19322bf36f2567d29bef5a3a6053176ed86400d2000c1215b11f76965a3f37fd4b06d55ec143c96981153cd7c258ab823394a4a6e87f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    63613a3074afb0c3cb2df1dff3d68d08

    SHA1

    ee9814fc78452c3d44eb6cbdfb7c442e4b84c3ce

    SHA256

    e75808261377fdab0a9878b5f9d4f91c050c6a69374db94c9fa919a10fe5e6d9

    SHA512

    fa3a690b00501bb0e6b14ab8cb54fb988c478feaca35287ceb1f44417e568fcc5bc59a29b7f430ea23805bf7549f1d4215396a7a1fd681f96da52bbbac35180e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d41b15711d34ab0aa4b2a6714e8ccf02

    SHA1

    97629e2b0b5b2e228726d6e2b9b21ff37868c1b9

    SHA256

    c5f5d7863a88274bad6e39bd1c38df61f79693056f80997e4b2906fd64098771

    SHA512

    7c94e656b31e4ef8a967cbbceee645e784fcb4bfe15b0eb198c153fb2552f23143f5a38ebd2faab6be94591f0f20800b479b5af588d61b8493df762b15a4c8ac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    37c9e311701c9d24af4a122a21a44963

    SHA1

    6a1afadb812f173e94e02040f2b560f0efada115

    SHA256

    fba57fbcbccd5a1308d6be675b080b384de55718d41cfce368bf2a91dd2c49fc

    SHA512

    92e97e0a7411faf042681352d16f705b74e355e0696279e5e82cdf7122e1870f9770d96d57c75e51b2534b99504564612c68daffda2966d283443bf9b7fca382

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    033a9eb452adb2f237413fac748c2bd3

    SHA1

    8a1139cdf186dfbc934c2abe4c98d07973887e8c

    SHA256

    1bced5347ee1b3f22d1ded160a964fbed731dd84b52f3593975672a35ece5b94

    SHA512

    ef1dd7fbaf18deb997afab3b3fe84cf7d9b940970fcf6f91fc3fb61d856ff3539799dc3435817ca3f227513946415c29a79cedc86c43caccbbc3ed45000aee46

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d1710e097f620de85353dce0db90b551

    SHA1

    d3ad918f7c1b7096071efbf6ef459af0437a1e8c

    SHA256

    628adfa7e82ebce008170babf828c850380ee5b1f94a1e7daa0af7c681cc67f2

    SHA512

    2e87c28f4361e96deda82b2e8e4d831820a2f16087dcbb97ed72cfabb6d54bae605fecfd345d774da162aed3083293f4845e312783c5608d29e3bed266175cfd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    32eb9c88b8de7a65827805a48c222107

    SHA1

    2762b82804ec4673ead1e2ebd7d93369fb15596d

    SHA256

    d41d42bfddce38b425dcc339aa11c030d0160febdf1a383439f7d9f40475294a

    SHA512

    fe250b0294019bb8cc679789bc602de2c292bc48c09c4266de004d6ad323540ceeb3e588d91bc75106dafa42eb93023c99d4213642cc3fd235d9d5674656b2a6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab146C.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar14EE.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit