Overview

overview

3

Static

static

3

pictxt-v4....vp.dll

windows7-x64

3

pictxt-v4....vp.dll

windows10-2004-x64

3

pictxt-v4....on.dll

windows7-x64

3

pictxt-v4....on.dll

windows10-2004-x64

3

pictxt-v4....om.dll

windows7-x64

3

pictxt-v4....om.dll

windows10-2004-x64

3

pictxt-v4....el.dll

windows7-x64

3

pictxt-v4....el.dll

windows10-2004-x64

3

pictxt-v4....xt.chm

windows7-x64

1

pictxt-v4....xt.chm

windows10-2004-x64

1

pictxt-v4....xt.exe

windows7-x64

3

pictxt-v4....xt.exe

windows10-2004-x64

3

pictxt-v4....d.html

windows7-x64

3

pictxt-v4....d.html

windows10-2004-x64

3

pictxt-v4....nd.htm

windows7-x64

3

pictxt-v4....nd.htm

windows10-2004-x64

3

pictxt-v4....��.url

windows7-x64

1

pictxt-v4....��.url

windows10-2004-x64

1

Analysis

  • max time kernel
    144s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    13-08-2024 17:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    pictxt-v4.1/support/add.html

  • Size

    2KB

  • MD5

    22737f595cdee071defecce8db29d768

  • SHA1

    e57d103c4013b1a42b02b2a49514c2fcf4041594

  • SHA256

    9cdc2eda9f5a269ec51ddba2cf0ca6d9f546bc57fb916422d715da56995cb783

  • SHA512

    d829995ca85e2e36e9ba1a21e19bd3af3c1dad5f36832a532492bd74d414b22d35c289fee8c04785b7acc941c1103c1d6fca59c998144265fbb37f843519b50f

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\pictxt-v4.1\support\add.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2672
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2672 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2680

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3d5bc851813ad27ca17744d37ac49d3e

    SHA1

    7137635dc34a4bc559dcdad0d841e481463282c5

    SHA256

    d552ff8eb8b5c5337a8fe95efd71086e57dc8ae92065403812e562cebb4ed118

    SHA512

    20208dfe0c13ab8d4220de688171bafb0ee8a9fe0cc8a8b0adf6e030ee542392b3d5daab4189413a014deb8bc4f2cea6134e027d7b9e686ca7b01cdd2a907b7c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cdd6acbe62da2c2cbb81f73c3092ee5f

    SHA1

    c2b3d4b35b6e254e89622e547a1016453223dd5d

    SHA256

    f0d8b7e0621e1e2db9265ee7fcb01fce1dfcbba38088cf93bd3a04b6f5dfc448

    SHA512

    e55266787502ba75f71ccadfae003bbbe0f07bc440a81844589b7f6f1d36f39c5ba38221be8da8df6d4d74f6117e062a0e6f959323a159d25b0bb0697be03e3b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b4dcea207c639f4061c836024fffcc7a

    SHA1

    225004fb7a498f30c8048636c5a5f0dc73942af6

    SHA256

    9788dd97ca811a77af857371fed504d8bc99490e8451d121d6d2441a1f9043f4

    SHA512

    37c148973cf4d63da431b75b3ef60030d52068c72bde258cfe12cee9bf4327fc0623b0cf3c1c9c2195af5dcf9cb1184aba41425acef65d6d9cbc1f1da6fe33c3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b31b16918bec8816afd477cbb9f29ff7

    SHA1

    73652c55135d55f567a5fdc246911feb970a73b3

    SHA256

    bcdb0a5b1c410edd31cea76ff4767e36673db810e04e09e7f15f50e5bd3d462e

    SHA512

    ce40674fab77640047bc2321f7d7296f590b3e0a8d0bfd029f0437b854eff455d7f0d5519cb5a09dc686b342b44b9b759ef6c6328a8c62529a4e1dd1073881a3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    29005fe28f71647c751b4efaeececadf

    SHA1

    b0fedd1446dda21eb2ed406a7336b4a9d77e7033

    SHA256

    c2ee20489bb6cddf9125e1c83d1e4d60ee6cf7d4e3a1d61a0772b55a3f41b247

    SHA512

    ab3b343939532d77dff0b7f5b1d78775535e53d584e631dc4a58c3a774a12334979a201749057146a917323c950b4a2871a83f2178e198d1f21b69a11e30ed19

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0dfbf9662b53e5befa70eafe1097ef0c

    SHA1

    3076d20daa6fee4b686eb199b311d12075c2e6c4

    SHA256

    5f50f28d3de08eab219ce1a8a0a4487558fda4d206dae4aa1f803c289354b1fb

    SHA512

    05fadb3d4351d95b67181e45fd745a43882207c65bbfa7822aa8382e218b1fdd49eb593124579631d0fd0cf9ba71369f93c63c59fef1d99819845ab1ee0f6a77

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6b370dcb2c3c53618ecdcbd3df266067

    SHA1

    967463701c38ad61a27488e110387577e6c12803

    SHA256

    6a9f52522cd34437b5d1c0d1bc18d0348063923f7fc4e9d8886a4644ebe8fe51

    SHA512

    a7f0fb1b893d4737f6171f2047892bf5bddc81def87a9c933cf388e1a80e0c47b3df529a282990bf8b211c3f899e9712ddc980fab31c98fc5c3c2792c2c8dca8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5000d9d9baaf586ff3f33aeccfa9584d

    SHA1

    7d96bee4816bb4f95367951f14ffc75eccc8fb11

    SHA256

    0b9458a348358b066f640ba5f9df4c70d6680c4fedce50f56fc6070f2ecbe86c

    SHA512

    90095762432ef21f58af1bc2241880c56f36076a3960c19c225a03bf78e30aad613d51e795fa6c053d5ba88ccf7dbadad4c7bcecf4d69f8db31b3b2434a8bc19

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1a776978a222dd88185676a3bc85a482

    SHA1

    73a56a62bbfd76f5d3a65e68bbcefcb8485b5c17

    SHA256

    d200a94b238b04975fe5d2594ff220699641db20e3a281e3d0341240669841d0

    SHA512

    211a3e3618b3bce2de6a79bf3ae186c15db804970d0d389bcbe2e5c4debb27c954524ad0b0c5838f7744eebf949874f5ac1a4cb2e4a0c566282e07fb9f80cf3b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bcd13ff9701021b9b4acf0fdf9d808cf

    SHA1

    d71e34ba026b85df88811ec531271543eb2c8a4c

    SHA256

    cef2dcb794bb81f7e6f7da61a7712ac8844a3aecb43880253c59d0f3711c2531

    SHA512

    314ce65e6297108d0ac915f0723342caa2a3f4e60b864c495d7446c2b9865c9a3104417d60d6ce670b3c7f3803a52ca431308a44f00f2847aa9eda5e36bdf1b2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d297316da0c923c12bea40c4322be232

    SHA1

    fb6ca8c426a07fa423a29157df18c4427847e171

    SHA256

    41ae5bacd6c20b2534150fb4eafe68864eeee1b9859c031294dc49adfc6b20dd

    SHA512

    a5bb7f7ba4608bad7501b2b8a4c40c21056a2c8555ffe2053a2deb0302ddbc0a1a803620a8d314233261806b2797a7c317082b5d682fbbf815faf56d48f5730f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2b82c4236ec0b461891eb9715e243254

    SHA1

    c496585238d8d49a71226b717ebb16a57b66f6f4

    SHA256

    363804bb5568aff87582fcde29ee88fca7f8bb63efcbef522ef2272143144356

    SHA512

    899960a4396cf5db79b52d41bd984f7536a221faed3179a7a736e772e563a820e030afae29afc2479e2ff66f74bd62d1463d791fc603aebfe24adceacdc78989

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0c81ca7f6b4a205fbc3f543dc0cc2364

    SHA1

    8965ee0a28d98831ba5ab6bd2683016b4001d713

    SHA256

    3bae5cc81db4b8882560cc7b8c2308c2b46395ebed3c1d9f36111d5d5dbd1194

    SHA512

    48655a800f3d75cc1bfc234e9f69076d3072acc39843b5387423feb12911da4bf371a3f1f12b454a330a9ae2034352797c2053695be3d7f0313f27e9799a4992

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA21.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC27.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit