Overview

overview

3

Static

static

3

BetterFold...er.dll

windows7-x64

1

BetterFold...er.dll

windows10-2004-x64

1

CeleryApp.exe

windows7-x64

1

CeleryApp.exe

windows10-2004-x64

1

CeleryIn.dll

windows7-x64

1

CeleryIn.dll

windows10-2004-x64

1

CeleryInject.exe

windows7-x64

1

CeleryInject.exe

windows10-2004-x64

1

Costura.dll

windows7-x64

1

Costura.dll

windows10-2004-x64

1

Dragablz.dll

windows7-x64

1

Dragablz.dll

windows10-2004-x64

1

MaterialDe...rs.dll

windows7-x64

1

MaterialDe...rs.dll

windows10-2004-x64

1

MaterialDe...ns.dll

windows7-x64

1

MaterialDe...ns.dll

windows10-2004-x64

1

Microsoft....re.dll

windows7-x64

1

Microsoft....re.dll

windows10-2004-x64

1

Microsoft....ms.dll

windows7-x64

1

Microsoft....ms.dll

windows10-2004-x64

1

Microsoft....pf.dll

windows7-x64

1

Microsoft....pf.dll

windows10-2004-x64

1

Microsoft....rs.dll

windows7-x64

1

Microsoft....rs.dll

windows10-2004-x64

1

System.Dia...ce.dll

windows7-x64

1

System.Dia...ce.dll

windows10-2004-x64

1

bin/Monaco/index.html

windows7-x64

3

bin/Monaco/index.html

windows10-2004-x64

3

bin/Monaco...ain.js

windows7-x64

3

bin/Monaco...ain.js

windows10-2004-x64

3

bin/Monaco...tes.js

windows7-x64

3

bin/Monaco...tes.js

windows10-2004-x64

3

Analysis

  • max time kernel
    141s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    18/08/2024, 09:02

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    bin/Monaco/index.html

  • Size

    13KB

  • MD5

    8132342ce4b039603cbb3b1a32ab859b

  • SHA1

    66c46050a6e5b08758c00455ae26a6c66e94ce4c

  • SHA256

    3818906ed429acd27aabad7ec8771893d60658ea31b8d0c92418b96de8ee94e6

  • SHA512

    44d93118187e703af1fc1627de7e97c39072e666c9086b1b4c00a7eadce1913c84dc97e8f80e2b514154ef66b23baddbfd71a2faa250735ddf4d2bc12709cef4

  • SSDEEP

    192:oL3bXRggAbYm/9mv2Oxr09VpDwFgBsK7u24FzTkcmc/VT+9taAc4dReigXN:2RggAbYmbD9V9wFgBs+SFN

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\bin\Monaco\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2372
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2372 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2984

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          18dd1373161c70bbd90c34c8ba0b1824

          SHA1

          10375b69e2829ccdfebe8a3a0935c00929461b57

          SHA256

          e34e77f73a1be118b234168059a6e83eae021b43b09524af648c5520699f38ef

          SHA512

          13c4d067ecaa49bdd8c5ff659f0a301ad18aa66099bc280dd0be615a3d7593d4d3e2b7357d71f0ae71a625f9d129c59e9e50dc1e813c64975c9ac4e1da420d73

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          de160892d4ea09fd7e425885a0f44a42

          SHA1

          b8bc927133db676b2fa2dce4c1883457854ea785

          SHA256

          151f8fca2686be978b840fd5a1fd51df6a54e1ec1e3db0d09ffb375092d702b9

          SHA512

          269254e8aa8b401834328b2a35ad3607ecb7b1da1e015b6590f84dc50922a005db6018f132be0179c5ada1d429919bf8b3886eff2f24732b4cfec45750d1afe1

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          963eab1a807df4afa4cd2c443527e394

          SHA1

          53271ccee906d7e30765700449977a350715f455

          SHA256

          d4fa9cf82721bb989f3948dcc3c5b984a006c72f54e73d43b3501b347592d0ef

          SHA512

          82324f9e6e46069716033d017831b3caf9a15e7cb37cd53c8ff12c757fb1f44e4f407c50cb9490c38eee9e61a16522f731c8d3ee8d37c09573594038482d1dcf

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          8086b35b8a3f650cc00baf9ce649779d

          SHA1

          5c5c1575b861eae6b463b89b16714bc325622853

          SHA256

          763b11b4ac160219bc3515b8552f2e3dd52546ac81fb5f7af322bfa296fedebf

          SHA512

          7d0f1f817e6c25444860e781d42207911a4b7d62ef1be4cf3552aea7f05e2b56b5a456e81d0aecc57ab96489ee1018a0742dc856821a1972a33d01e6c36bbed4

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a5d784ccb7d6c86e4dd3e4494c37e41c

          SHA1

          402ef26860a6ea9876a0ed7d64d042fd54748129

          SHA256

          12598fcdb575572dea0b972b42b8329a2f63a73d6a9e0e743e9a4acc97448312

          SHA512

          ab4880625f5f6f04efc491bce14ec77d34f81f28bb50c1374ef476e78680f1eef003e977a9caaf1cbab313ee8829c5cdcf19a2ca57ac781c4be458c0a659b519

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          671f86ba5d07f661d024dc1043218049

          SHA1

          66ae96437ad095a613485658caab94ad73053d0e

          SHA256

          328279c8d19036fdb336f3ab60b5a73701c9be6af9ca5aacd125d62d9716431f

          SHA512

          8fb37a44a8b23349aa4a6399d77447ca8f8538e3eb3b0510e574d287d956f779c9bfdc5422ad9984470407661f5ee0a23a8bd4d46ff8cec3e987ade04ec7540f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          746434e85364617c74ab4e4e5a81a4a2

          SHA1

          ce1e9e3ff552ef383b9d66e966828515a0a9eb43

          SHA256

          4333645d57f538152fdd7456f1d2abffd5476798467fb4db6c9f65472f6bc9e1

          SHA512

          23c131d8391296f5a37b3c1619e317add9881ec721e57d4d104c9ea20144f60455cbc2874ad5614dc35e824a230bc4465d6b9433079d809bbc4974561231510b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          2fdce081ae390989d0f5fa6f3a3542a1

          SHA1

          550ba2f1f6759597da467ce6061aad78bc1d2f1b

          SHA256

          9afab34f8778b8c3adae4337e374bc6b6594588b9662914ed81d270ee8d1dd9d

          SHA512

          4e3bae2eec030fcd76bec9dac8a867d879871501ea673d151996b2f09aa2738b9b40604e0df2dbe92a2e9786ccd1487aabe7e1b9b6fabb5642ae3847ea286766

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          5aae792769e2db90f92370cc959c2ff4

          SHA1

          7b53acee4c3cd69c440fa2f37083c9639c9a95c8

          SHA256

          755adb830dd15a5c7b7050211c15dc2f12de6c9541e144142433c00578e027e3

          SHA512

          c5880aa43e5ccd707c6db26a2e20690d77804a5ec2cc24c70a0a94880d5b1cf8c114378576ef81c91224991ebe9c703a41f472d420666bd4b26e86c0b1315883

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          77353b87741e5814b709edd4dded901f

          SHA1

          53cbc77e65d158ef0fc217edf4a676a56c5d9f19

          SHA256

          2d1307d57449cf580c1c56d8eae32cf382e438211224d03e80e4834bf226eb65

          SHA512

          4c7741c35ab56e8a29679901b3f069d5afc77cdd10e306f9a7aabe77313277e669d6b5e5397378b4658a0bf3d3f0f37aa39e7bcd8f5524c9dbe13555fd602a51

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          0ad19ec5fd4a83350073620938336e81

          SHA1

          5ca0d55f5ae86b697ff5c89715b89c34fe6bb1f4

          SHA256

          688b6b514387d240118b1f41c6db37dfd330ccb0313ea4621fd20298d9e5956b

          SHA512

          cfb125c55cbcb96c04d25fadae23ec60dfc6e6d5b6067e330256cc5c9a205c38d2212645a230b9ac02b43e94506ae31e6d3ac1a4c4262ce136712abd79fc7054

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          0f51ebcacc87998cb88f4be8f93479ad

          SHA1

          d4ba7dcbc1f64829acd2be89229c77e28cf94e23

          SHA256

          d7a2b64b546d10558c3b2d7cedac7efd61eba850871830c6c0a3eb1475d4e683

          SHA512

          09435e53de7847991da1d2b154654e21196abb3c30d60e0f691b486ea4b41c51a2ddea561db21b4aaa287a41e96277d470400b6c48ef79a407e44f82c8fa25fc

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b9bd0566f0bab882971bd42c482d6e5b

          SHA1

          9bf68a07a2d9496d6c2f1581744fd1d9bda03e17

          SHA256

          68517e3e37212391a433889036aabb1c9998163ab3b186fa33073486097e0842

          SHA512

          b416574e83cc282587741393df60f62a0e2a741aacfc741397c4205ab03559251809f8f5266529756ff6fc8e77c72660678700fd478356eb765f1f65aa280e3e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          3ce7be53e70a2c4caa90d1004435648b

          SHA1

          3065baf7afbba78a2566a1a974c07130467a25ce

          SHA256

          316e8f361a97a21b44fc0cd842ebbf8fec1e914e11a5d5f1e5758be3198e988b

          SHA512

          bd4e1255955df9d46c9188185dcce9cb220ddd810427256aa6ef477d6473311b1b33efcc1ac8165e616ee73bfec71336b1258a9e1d2980d8589b0b5e802ebb8e

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabFECA.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarFF3C.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit