Overview

overview

3

Static

static

3

wudesktop.exe

windows7-x64

3

wudesktop.exe

windows10-2004-x64

3

˵_Readme.html

windows7-x64

3

˵_Readme.html

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    12/08/2024, 02:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ˵_Readme.html

  • Size

    2KB

  • MD5

    8561eae1bd764342079e753e59149986

  • SHA1

    25266d367a12e81010f4ba0b3f0f1cf446102c67

  • SHA256

    a6ed4af07fcd78d3a64e2079996024efcb28709babebdc94d7262d7153b6f641

  • SHA512

    94a5b678ae5baa4a16143f43342b8dcbbdfec080301b48d04b3642777e097d8d39940145b336877cd2f26bacb1d11ce2c7aa15f6225efa027755ec54afc3c556

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\˵_Readme.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2228
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2228 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2940

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f72540e2383704094f56d02eb715ef0d

    SHA1

    2cd4c4c2958026d6902fa54a870040cd3fd7ccd6

    SHA256

    344ff0169181483cc299e3d5deb4489ebf3fc17ec7551de6cc8325f8fb9bafee

    SHA512

    243a598410a12ef2bf66e6046a7cccaa7c81d807632c6a3b77c3f845fa545c8986583cd9c44a61c54f0033464dfa0bd9c2f5a8af3201ca5838ee730855f1f8d9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e97e7823b2b96619c8d20c6a6166206b

    SHA1

    c92a99d1b154ec14ec2bf24f2032d7bf130ce40c

    SHA256

    3abada6ce3318030a8502802b3b41919d49ba4be9a6f01ebfb67ec9db36f5b59

    SHA512

    976ccd43d9bb59d8957b72bed9dc3572106eeb858ed25cc4e005022901fa40e1a8148965ab84262ef748e164b4e833d183116f4404916eb5b6245e85888117dd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    74dcc66ef7fc27e7d020d35d14dd94c5

    SHA1

    21adc57c805d488d8a0be1837e4c06436dbde169

    SHA256

    ed3b85bab00a76c38cfee5cc9dd64977d8caee91f6dbe13188c8111f7c3c82c1

    SHA512

    77294832d0606b43403d11b71e231c99e462294499f24b72add6a604daa3db209834185b0057bd308bb1544f984dd1fec5275a38395ebfe7626e55f8a403058c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    180c208e6aa76b379f56fe275b17c5a0

    SHA1

    5d246da9d73c072b51e535343c3e1c78f9cd2a2a

    SHA256

    caeff3255f0bdb98f452658edd6663318519ae2024310792b12a99236e01fc13

    SHA512

    f284e3e7e06b45550c91a9a6f0aeaff9f0c0035e9bc886aa9528814ef94060cf4e4ebe4cebd05eb0d4b222f904f37db0e1a226d5f0dac24a2024273379b397fd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c9141f2dd71fcdc90365ba9b405e76d3

    SHA1

    098ca00257f3c149c4153b298c5b6832b1410401

    SHA256

    8c64c605392048c21da64aeedd395ad7292c6ade9763689b3ce1f4246149c0ae

    SHA512

    f3902f1ba3abb8504a844beb5d83c5dcd7b691b05104895acd72074dea51e48f3e865800f3a349481dc660ee942b4359aa1b7bf6eaccc0cecd0e63ba1323e87a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e99420091faaac46cea7d2f1b8f73400

    SHA1

    f15b4e9c038e367c6973383360c8ae623c0813cc

    SHA256

    b03fba1c3634f32a02f1abb3d91a70d05cc081d4a95052f5f2bcb2ff3fd5938b

    SHA512

    e984d49d811764992ed098d189b8bcadc8e4d7f40e2e04c40deb8593e79780946c4751cc7314b2d9152a122933828fede1e991c32098c3ddbe0016609e67b99f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    52b74edbad48955c3ed43ef018dceaca

    SHA1

    0a11d792f4b93d68e0db6c6be6a72fb65e0535cc

    SHA256

    78ef3d7a9ae7be2f4f8dd84f7a08013d096c548154f988e780e8278e9d157dff

    SHA512

    916c3932cd154932a9de1ecba9dd969f853015668a8f9f0823392a0e8026af8ac61ce96d62d076cced0d42a6f9cdee84e8a3c9f6491bbb271778a5e9c65479ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f8bf3a1e05ddfcbe0069029093b4afd0

    SHA1

    abe822dd08c2b38f45af00351990df50113cbad7

    SHA256

    df268e1268bf5ff4bd0f98a8c664535a0c0f8cb5d289dd65c96a5aefaec9aaaa

    SHA512

    36ec921d7c8bc03840f6527e7dc739567d8ac51c13e7bbe9f450afdea9dff638552e221525745e30ea190719d57ccc86024365dcdcb581b2e5d6871430757591

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c74c394bba8383281adaa5cbf9872c1d

    SHA1

    5c9e3fd2cae0d50c69e8654a6c8d4c904a519f76

    SHA256

    12257b7501463535b6a2086f498fbb73a5d0affb0c8209d7ff62f2cc54e25f8b

    SHA512

    26cb013630fdaad2f6d2fb6301587fee08888e202354d9af77cb0c1f3b1a04484bc6384a005e5345979e3630b5e907bf65893d654ebb7bd971a25c2e174f5887

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f8f6cdef001fd84a7631d5d75ea7ece4

    SHA1

    7f6c8d9bf85f4b6294c0cc3efb4d6af91d577392

    SHA256

    883ee569e979fe6f024ea3cc5fdcee6cbe10054eb8047deaebcb4d5d93ced0be

    SHA512

    cdd664a24ef83529c2e5bf52da7c61688e20dc0d8e035b2ede407f2225d622b47cab63972ecdd3fdb50288386d7e93c9275c82f6f76a2ba8af0752205c78bbe0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    97c13b467a77dbbd98854d23eeb23a18

    SHA1

    c0804df90c7ad98da89384b2c8cf57a175bad49a

    SHA256

    6f000cc9c19deba0f9f40fab6d05976662731ea5ec3e6d16e4dd9f46563afa49

    SHA512

    af8fd55a1e439fbf5a9300f67271479b6f13c6fcd6dd5afe113d166dc40af21d48b913a5e26fe9b45f1566d427ea7c7063e46ec7b8fdc05198babe52b768a77b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dd5cf34f58cdcdfa1327e8eef27edb4a

    SHA1

    e2428f2427623ccf92acb0aa4aeabcd5f5fd1b1c

    SHA256

    f642114a153c1d2b34e3f5cc096a33b3c325e620e91c1f59a6eba8958e481db4

    SHA512

    bec97c443ab85a25d5e4805751da6e4120cd088681ce94eeed700615bd413505d8153c65297f9f178363c57a8d998136f43b56fa50bfbc035d4ad40bccd12743

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    795b3e4f156ad1be4015f1de9571060a

    SHA1

    878451b29ec85e3b6f67e578768d6ad337fbd758

    SHA256

    231c1f10025bcaf7a283c8356d1b94183fc781b282c53ec28c7748e679426d1a

    SHA512

    8e0271607d7d2f09a2409c2ec7f9fb1a7c81a324c81b3c3891e12147e8cdc152a51986fd88fa7300d5a7403b6a52d3ae2e7c22748fc78ba4d0ce461128b3f831

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7ff475f896d047c52a8d6891dac78cb8

    SHA1

    3b995cd253cfa68fbc7716e3b984694dd1ffddd9

    SHA256

    c12e8cc2f499e5b2d8cca6d26b5bb54bd54cc15d0bfd62ba2f35ba8a8a57d978

    SHA512

    e11eaad2d1a6898aff8f2ab4e007dc6109cc3209ae6309ef2cf72d31c4159295e4db37ca97b5510d0fb8b1deafabafb02d2b476eac1f4cb2cd3ad87bebd7f190

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab4ECD.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4F6D.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit