Overview

overview

5

Static

static

3

vlc-3.0.21-win64.exe

windows7-x64

4

vlc-3.0.21-win64.exe

windows10-2004-x64

4

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

$PLUGINSDI...ss.dll

windows7-x64

3

$PLUGINSDI...ss.dll

windows10-2004-x64

3

NEWS.vbs

windows7-x64

1

NEWS.vbs

windows10-2004-x64

1

axvlc.dll

windows7-x64

5

axvlc.dll

windows10-2004-x64

5

libvlc.dll

windows7-x64

1

libvlc.dll

windows10-2004-x64

1

libvlccore.dll

windows7-x64

1

libvlccore.dll

windows10-2004-x64

1

lua/http/custom.js

windows7-x64

3

lua/http/custom.js

windows10-2004-x64

3

lua/http/d...w.html

windows7-x64

3

lua/http/d...w.html

windows10-2004-x64

3

lua/http/d...w.html

windows7-x64

3

lua/http/d...w.html

windows10-2004-x64

3

lua/http/d...m.html

windows7-x64

3

lua/http/d...m.html

windows10-2004-x64

3

lua/http/d...w.html

windows7-x64

3

lua/http/d...w.html

windows10-2004-x64

3

lua/http/d...w.html

windows7-x64

3

lua/http/d...w.html

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    09-08-2024 06:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    lua/http/dialogs/error_window.html

  • Size

    501B

  • MD5

    ad9769b13838d62653857ff47718c6c0

  • SHA1

    a4683573d5b43aca9e256d4a45dc5ac46db927ed

  • SHA256

    75d1a1ab807cd97801bc37ed547b26c7b357497e82d01221ac064497c9480304

  • SHA512

    58a7d9ce56936da79a8f46f0f5c1e465d63ee1b8f68701627ffa00e1c43267899a64a3dfe601bf660bfee66b5ea365a27ba8d68f7d598ab6e3a917b52d6e9fc0

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\lua\http\dialogs\error_window.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1656
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1656 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2508

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2b869fc56c4899f69607086addd50cab

    SHA1

    6d7d956ee8c4e2af92811465beee8d65ecc72404

    SHA256

    e706459abee70443b59b29c6c40d95622e3ee46079d597fb09589af3dfda5dcb

    SHA512

    95e7e3c5d0719b8b78069cb64576eee1635fbb15fdd24d1cfec01edcb6d189ecf75042ce56d7eba7bd468e8ed32c0be69c0a06cdbcc4641057053599878b0593

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    632f02d6c9985a4af0ea43d865005b5f

    SHA1

    4b5fa6866da3650acdd963e7bebacce55531458e

    SHA256

    4e93d2367f56ec43c9195063f527e30e2099919316717dade658890ca002a6d3

    SHA512

    16d30bb96e23dd4eea4a5929829d2cdc971b715dc48da1adb7fad0a4889465e4b55ec6280c674cbf8ba3c54c28fb1db1e88771e4ff842b33d95262df92854014

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9e5f3547b0421d95d900553e348ce877

    SHA1

    d36836bf220a0350933bc266222f03107d1c5afb

    SHA256

    b89d8fda6890bc705a210b7b953b7517e5959a80e268dcab8bf239c1cf5bbf32

    SHA512

    2bd3d9ae78777cce90e584c5f9cd80ba3a6c117f5f49b705bcc467442c76f74206e093a3ba69dbe61b8352124f1ceac34bf9c44977a7d9607432c299795eb893

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    345df9e2705517fd1ff23ccce40b7b53

    SHA1

    c4ac55a672870ac03d414fd1ed0b9e8eea72517b

    SHA256

    b2d1beeebca50209456e43996c276658cbc986314ed820bb3a805c1d2b0952c8

    SHA512

    50551fed6293b1101f8e3e5446021a3a7aa93091503a28c9f3c286fc2b37abd962af907440a4d003d0ee971c9417eb3832d6bbb7b804d7728eb05680453ac424

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4c17041316f05be3cac19cc750f77cb8

    SHA1

    0f649ca030b240761b3c658432a4685c7ef0af6b

    SHA256

    fedb5a837d6c4e5d9c77af5e8a016772aca75366026fdd98d02cab97c958e1a9

    SHA512

    902b5e96d3086aef69aeafd08388f9d71443880ec0d76fdbcabf70a28c13317ba798745d9656a77366070457ce98cfc6fba983dc542aa25a1eeaf577d79fd536

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ddbd8c0a7ababd0368a2f8e9215e2d31

    SHA1

    07f7c6463fb5c90e5abcbb6dfc4b241127f054d2

    SHA256

    c98ba657b543267b54e4cbfad19d7dce6c1e51a1d8d15de979b769ecb04fca0a

    SHA512

    6b6910d018a95cf5d9666318185fe0e8c9cd573b9b79ffe1dfc434d014d3c961dd3ebeefc2e42de6bb17961306c69e1491af83cf9c665adc35386e99fe75bb9d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    68daee64cb55892d0eec71c9debd4aa2

    SHA1

    60c8237936ae6e71a177defb0392573b259588d7

    SHA256

    2bcbd3afb5ad857f7f6354115c90e290f1a350ed251a75707f3e8100c3d396de

    SHA512

    471a09b6cd378ea576f57bd676a3c10d72648fba151c6d8f24b315cb7026b8a682a1a652cf36eb52e583a092e5d57e6d13cb9e46dc395a7825661d83fe6db066

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ab15b4462ac74838304e93d90bcc148c

    SHA1

    08cd52fda02ab0f98871211c7de8190d0ab816d8

    SHA256

    41e24202f46fe919b6182fb4d6eba53ed38eef2bb7e59338ca7237aabe5a67ce

    SHA512

    dcd16f0e1337d4c9bc66b1c0cb3e9938e78bbd12faae131b1510344318f9a095019c63cfe2e8cc35fc1a8a3d055e1a2deb8efa5f7102c524f0fd19cf71cd8e85

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0fdba6c9b59b6f23f48bdfa06699b631

    SHA1

    dde51d458357d81371f981580d471e466d39515d

    SHA256

    0f37b985f21eb47814b640869ef05604907fdefe1aaf59e06890e1866cfc31f8

    SHA512

    c1fd0da4a3063413a10ab39f378dfb0294fb33815e22c6b62de19a26dbe565c4ace5af62ac6b7b158c9911d80d9f34019aa8ffd11af68a98514eec130e9696b6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8b760c8627e225dd78205e202b15d3eb

    SHA1

    cd45f61e2d02130419f6fb133a283b556e497880

    SHA256

    0ed59677d722038bd01ecfcc7a323c7288aaacd0f9c7fbb863c9c61f32b0ac25

    SHA512

    65162a04b8bd78ee5cf261860d2790e3b5a08967971c58c1ea3154697e308ad4dcb4da9c18c3e8fd7d3aaf07dc191b6befda9faa69e0d638d6e533efb1c3025e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a92c0e80ef8117c883f9b1cbd1792ecd

    SHA1

    e6bf1058ad0f99142b9a0eeea5877cd8ca6039f8

    SHA256

    87ea26262216933c076c4387e40b29b0ff4da897a21a5884e944550e502cf667

    SHA512

    bcbabe3db12076b1d41e5fc3027b13c8213746c600b3a643ca184ab8c19e646a705a585fc472ce7c3ab3587fe6efe8248d7042722c3d24545baa45a8544f26a2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    42f2fed7b84cb367ccd1cab06ab46715

    SHA1

    d3d9800fe84c898b51593d684b03e785b69be8e5

    SHA256

    d08dcac6bc51f8032334f7ba187d2e51a19cae65eb5e2e9750875ea75a2186b8

    SHA512

    1d355d9081bd8d749b776a967881f51059b4502e96da7d7467d8f5abbde9f4db6eeb3fad654d62a37e5c6e66ab37b320430ad4e1124e0d3e0019bb57a82590bc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bfe3955cb5da09ea6ee85a33cdc030da

    SHA1

    94523f9745c3384644c46f693b7fcba6489a318a

    SHA256

    723b0109d7a53d4bf0e9197306ed50d4e6d6961c0994354fa08d25792ba69069

    SHA512

    430ee653cf108eba707b631a8c64aeecb388271f9547d56ffe97123331d7be1f8571e8d646fe41b1b4afa66890fb84e6c66ec0b783a1e46519a1fb1948e4e57d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a9e59459211aef5201ba2383251c899a

    SHA1

    df5dddf7321494e2cb270d8f458e46474ec9eeab

    SHA256

    6edfbd52a8dbe212747567128484de379f9f8d8209e5759979117e2d3522a1a0

    SHA512

    c26080094d4ec5a7c2d0d9d9a6a20d1457f9ccb318fc9f540b0424bd690847cfc3e8713f6848209c2494307ab172d1d827631f16d802267457c96efa51e97794

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8cc0ffe9ed58c2c4b54c9a20b4ea9282

    SHA1

    2e90763e68b85d1ea266cd11df198d68aa451738

    SHA256

    ee488cc967380e0cbd78c33ff3891f1866814ca2ca558edf4d551f7b50fc5aad

    SHA512

    8db36b27c2032e8820bf00342fcd257467394d640ffb1f57285070b324a718c7d42c555298bee5ebb37927a8e07e0b80a1afc5ab6a920c3c7484548a75ed5734

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6d4bbeacb0118af15b9bc03d1ab6a39c

    SHA1

    c50cbf7b08d05410743f26e51abbd9621201c300

    SHA256

    09b89e1e4be91ff7fe85c8c1c3c23f0f1879035c67b102ca1e486c606f62e049

    SHA512

    f54576c96e71726d075b6f3fb59258f9b52c3d7dd442533316adb9a5ccc07dc97dee7c4f44222c2aec112b9d2bd5075fdbd4526b0364a1f0effabc6d76996851

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    02e96ac4d0afe56835968773352e3887

    SHA1

    abcfbbd266c286b6733b5338ee3c1954db43a8ef

    SHA256

    4afc5f320b4c8c11388e3be65dfe64c505a75de1c7c4543bebe53a9926c5d6c0

    SHA512

    620e9e9af2a83b31eb0348b1fa3168273fc0a12b41fe79e14c2275c057258ff7f61398457c57ace8e178a062fabd64d89913a7a68cbe8a674111fd5b89d3bf31

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6431cb8fdce3acc6534aef0c325ef7e0

    SHA1

    cb6268e05f8a0f3bf41c94237982cf350b034395

    SHA256

    03cee7190e31e8d0bcf0b16d26586b88cc49964ce926112fed12ff4cefb54802

    SHA512

    876637a5b7e35703f5dc2eb8b4dccca56e42525fe4e774d83d6f837eb725ddd3225326d6e3931082f71397833ba4ee69c44ab2a3837289d2a18bbfad5ee2f689

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    04184b2a7085dc99b610bb12fd92bbb3

    SHA1

    f2201d9c8d8f55ea6622d6579f4baa975aa00e53

    SHA256

    0710a0fcba1ffe74a4115fd6f3fe81ecddbd380728b94a59d9c91e0962b502f4

    SHA512

    752f5943cb27112d53735015e29565f5ee59c735b62d66f2becdf1d53f0b97651be7d2374c2985720b6ae4924c7735273d587c1b7a40ac66dd53b775dc584fec

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC728.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC799.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit