Overview

overview

7

Static

static

7

a57618a045...18.exe

windows7-x64

7

a57618a045...18.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...oc.dll

windows7-x64

7

$PLUGINSDI...oc.dll

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

$TEMP/Toolbar.exe

windows7-x64

7

$TEMP/Toolbar.exe

windows10-2004-x64

7

content/aboutTabs.htm

windows7-x64

3

content/aboutTabs.htm

windows10-2004-x64

3

content/ctoolbar.js

windows7-x64

3

content/ctoolbar.js

windows10-2004-x64

3

components...rch.js

windows7-x64

3

components...rch.js

windows10-2004-x64

3

components...bar.js

windows7-x64

3

components...bar.js

windows10-2004-x64

3

components...re.dll

windows7-x64

3

components...re.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    134s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    18/08/2024, 04:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    content/aboutTabs.htm

  • Size

    143B

  • MD5

    30b063c23ccd0e573f7956a49e6ad2da

  • SHA1

    b43ddff041bd7e3fdec541b0b3004ecd661db8d0

  • SHA256

    dde0330a494598aee2dec1ed467b0ce99400b860a9eec03e59a963090736cf9a

  • SHA512

    5af5794bc10afd6692ef9eccfb860248fbf656361fd6cbbe399e497bf0f8c9e9e603eb0dc3781344a53ae84578e1618e60a9a1096cc3a0b149e2e4c82c8c43c4

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\content\aboutTabs.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1920
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1920 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2060

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e134f0b2f9fa92735aca2c6aad19a1c0

    SHA1

    cd06218bb47ff49206c50978b93270b3c0584585

    SHA256

    f634e8b98994bb50a8c32f149b93798a76f24f25b09d037f313478f6989d7243

    SHA512

    4ff93ae37c2af459169c20fdca68f238dd435b76383669878c6abf0b732333f01e24b2aba920493b4490cd96430ace08c4b1119cb80e8fbca83c5ab82c49f55b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    70bdf865b5893c6c922390ab0f049348

    SHA1

    6f8391bd08898a132308dff2ec3273790757004f

    SHA256

    5c6cbb409faed718620638dfdc33721de2efef40843f14927c357190ff592c07

    SHA512

    e7dea1fc30d52265003f3d2a6f44f6e602b76dd4a73cb3c27e1f2daae93a7963a267ceda98e6e34c395531988457249c07eb4da27aa145026ef73a49932a6164

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    333a903e285700ef5763cd795a664bcf

    SHA1

    fc837ce9838a456b0534d53d7aabdd899dc78abf

    SHA256

    429342d1c6c5491eee8f9972170bcd2ddfbd9e77a4c27e838e5cc0cfa4719c93

    SHA512

    f71c3fb3ff20653d947af5bd921bb088fddb468454c3f61bf120eca600bd670c7c71b85c4544bddb2a69dfd54fb875b9ff0291fee7083b6f82a0a239ec4314db

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    91d75034df72fb5529b3841bade411b4

    SHA1

    272d17879d0bea142590aa699a5e695a67ff47c3

    SHA256

    2b7ba56039b1236283278420f19062f7de232316431a7321a3e39ad5fbadfbec

    SHA512

    1a20857c5bceded5443624314ad9538451a141b19ea11d6da6fcdcd1c1e94dc2d56e5beac6781e11991376f55141b0665d6aa901ea43c40e0e5abf984012a105

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2a5f58243f77f3a56f13492aaf92adee

    SHA1

    e3796b0de5b813c16861c1044316eace5bfab9a0

    SHA256

    50a45be2814881a86d5a4911ae6289c57dfdcf751c8069a5bf0e28bf057a4a56

    SHA512

    276d14b7b1cb91c4cc75bcba0f36e3984b44bd1fab376db076826c0a32448c28f82f7ab9d562e6c75ae5f0369373eb987c5adfd02810d6c6e2cb1d0256f4cd25

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fbab26e11e9f5418f3ba1049a20fb2d6

    SHA1

    7bbe164e0d3b84dc4d2f893fb2cfb0e87b41004e

    SHA256

    23ce4452f7d1b8994442bd7db2aa7ac4853186eb5b86118c3664b95b5271271f

    SHA512

    21a845247fff40a1a1524e179ac14f8f1d09cff5d670aca8a78c1a35273db3ad0250d75643d01d7328f7306f08654e739e317cc734f5816781cdf930b31b6c80

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f282ce34cc6b6a0252d35a1f5f5af75b

    SHA1

    cf66f0611b65f2b2f2aee65b0f9b08855d26d3b7

    SHA256

    505616bcf235826acecce018f7d7b8322fceca63f24445e43b2636ba722fee98

    SHA512

    8c1a4bd7a3ee1225deeeb27cb60ccf0ef09067b4004d8750514d65c6340713454bcb91fb1dfbcf324a0e0c400a01801deb39c109658704624ab17e8af5c2ecef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    042e75d82102de2314ecfdd915059845

    SHA1

    77c71e736b6729923e8ec7e0d55f45caa7d5bbf5

    SHA256

    f0a20985a1f873553f03164d0ae655b57ccd898091e3db788a2e0be2e379cffb

    SHA512

    b93e681f062f63413f05ab1860b66bb83a97bff7dea96ba3df7822d51a2a4de26245789155885037643ae219114c8467caf96967cccfc3e324a976ce7aad4a94

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a27e8ca26d2bd2ae76b267ec78707a20

    SHA1

    85660c76a4812f1d6b0b1330af2b44cacba317fa

    SHA256

    de01dc88540a9f71cd009eaa89030d29eac4a9edbcb58999ec30da4fcd4ed0b8

    SHA512

    31eac5ba3d861e47912798e1c3cba633ba7d525b2f6d8c25fb40c01598e93a70bda6622750b9f1095a82ad32b565fb0b902c64be4fe70c3bbea6b074340bae6d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    422af826b210f81cb26a5824337a3094

    SHA1

    1f7ece9985d4a19d1ae90dd757b8a4970009bfc6

    SHA256

    6f8355796d44d28ec9e79b014a6b351ca6b5d0c0716cc24c36ee5e163db7ff18

    SHA512

    e0087c3d14fd62141704830b8e68793108ec8d31fd7ddc9d2f4aec38e4561719d3a0d590107c3e720b14b941aef83063ec502cc6e035bf21deec114497af06df

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    402517f3f0d58db840e5ded66f831683

    SHA1

    493e96b42dd030abaccb9c0b1d86db99323ecdaf

    SHA256

    b4a80f8727c9d717162e6538cb4d427d7498a3eab86a8a86b8f07586fbfaa5da

    SHA512

    c2071426e35658c01014f086df6e19fae76b1543d28d7422121f79b648dd2c73160819042a87da5aa976b18cb3ec866f4886b47e0bc6ea0d51c4a533c8f2d432

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA71B.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA7CA.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit