Overview

overview

3

Static

static

1

SteamRIPpa...4.html

windows7-x64

3

SteamRIPpa...4.html

windows10-2004-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    19-08-2024 10:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SteamRIPpalaceofhumility1256286199694495844.html

  • Size

    238KB

  • MD5

    17ff4593972658c0964b6813e1aab14d

  • SHA1

    4d2257ff540dd6e1ab14fce6a4aa1be96721ce3b

  • SHA256

    26ecb3cd51fbaab64cfc024eabe3c0c8230001594be9b34b9e943d01fe02ea79

  • SHA512

    64367f97c622f38a74ead0b7596dfef0c282c28e35e70bb5affec99d28f9358b96eaf7af9f4fd7b85af28b9ce7887e58f8bcc83abc76946a88dba94d77d6ae63

  • SSDEEP

    1536:4MNDL8DMDahDEqlDO/RnXbvYEVoSWaoo1TREiDQcD0sFbyMzQrHPDfaS3epmxZCr:NeCuTsX8XDzsl+SRP

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\SteamRIPpalaceofhumility1256286199694495844.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1904
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1904 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2804

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    27fecd66286827306fb5ba9932405088

    SHA1

    2774601e055ab642c656068bba4dd5d4eb72a8a9

    SHA256

    9e403458f87c536601a082718119b357d1fab934b8f0f432a643513ae0c7a0e9

    SHA512

    6ad45064425310aedc73056baeb0d92a25ce21578b0bea516de88283cc50bcc17f6c7266f844fdb638465686d5359dcec9b8dff75b26a8f4b20166f90055db30

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a68c6d1c2c13e4d94730578dbc97a568

    SHA1

    520e96dae83e748e72fdb1f00c78932197ad70a7

    SHA256

    403661a887901cbabd029992963cb6d3514a2e4435ce4b00727d30a2896f221f

    SHA512

    8eef24e37af55224883b1849cb514306084a8ad1dba6c86a5a247794e483c1add670770193b7a35f665a444392c6e9bf3a8d29e5d9e109470bad5f232d6b5120

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2fa2dc9e59ad707ae183a2d804646858

    SHA1

    8a0502da8addf0b3ec68df81cc15e45aad70a7e5

    SHA256

    2059f7c28cd5f961df43bcd936769b01f3fe26fdc815556fbb2303b99f714477

    SHA512

    946a14636ba2f360ce1ba7b8461377736138f745216e30f64b75a8232a26309337a52e492c20c2ec89df08e43bd15ecd3add4b85b87715711f823012ba821dee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5584a2fc4ac1f765e17fc4a3f3902933

    SHA1

    386a620996e7696513459a89587586815d8d020b

    SHA256

    eb9260616c4d8921c9ffc54fa2a64a6d58ee0be882c0e9d403e58c80798172f6

    SHA512

    6800d38384b2e7729f38c61182f1ac0cf88ec044fa1b438f74be2a77b97c65e1cc210d294a217fffe98236b282a4ed070f83862b02099ee7643817ea8f7254c1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b869fe79cd593c442f7f31a6c9926036

    SHA1

    564db8b8045a0a3261923253cbc64d2c132712dd

    SHA256

    cb84c4f99bcbd472d3c5ec678a6a677291d8a54b2c5ab265bd0d3cf73151e4c1

    SHA512

    aa01b7178303cd70447f235f0d517623a90980ef6b8707e618f94c853a8feda86dd527f2404f454d85635819835e44f3f6611b39fe131b9bcf788aa43f26e29a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b6e87e0a0c9baac5ffc582b64ac73ce8

    SHA1

    60525e85f855e47a8cccba7a0f9aeff0e8d18634

    SHA256

    5054ba4b83a8c9e44d7dfeb569a7f95776516b3424d692b81156a33d3bf7cff7

    SHA512

    92602922dbfbb9e12f18fa18f117e5e6d583675ab8632825cf8c9a6594155ad859b6d78800daf8c2a924f2f4d9043824f1ac657e8cfc572a44b3fb63fc694e78

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f23d5b0ee5f7066f093aadaa858f9b9a

    SHA1

    ca3b70ade1ba7ac812bc40b18a7202b0a397af46

    SHA256

    8fc82c3166fc88a8c9b9913f548b0adb81633a19976d8086e6329cab464e1f2e

    SHA512

    eabdce754ca238d3108a2eb95549d9e490a50f94144dab46504301e762d44f45b01d3e1a624876ae71eeb1e0aba9dafb3483a9bb4fd0b588908551a8c1fe2d09

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0d63c4cef3986d000a088254ff2d12ab

    SHA1

    c88d83818387e26b324fecfa44292200be21fb21

    SHA256

    d01c46c27a86117a00199a2093f34edd3381678be95e3c67641ac3d78e54badb

    SHA512

    4cc5f4792bc4d7b7fecc6aba7b4b4d7ed34abd2bea9f7186fbdb111fa6687261f0ff0883e346c0558afd270638a8224b50ecac3a8fb5e43d74350ca70bbdaa86

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d0cafcb019656b1bb2ff0b202edac0d6

    SHA1

    e9da241835dd1244c5d744bc9a110b2f83333a61

    SHA256

    c617942e1298358cc1cae061d528c5d7e83580d32b453ecd16f78e409bdbe8b8

    SHA512

    967c59022df05ac320789bb514f1081afeaa8734b4697910ec180ae42fc7c4268eca9ee2f809a0fdd1d366efc23ed7c4f74daf424dae2e33e8fb6e452485468e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    df0b326c0105b0e2801a890100193641

    SHA1

    38c3ebd2148a5ccdb81e95720275e22fb65b88bf

    SHA256

    546b12b4aeac58eedc0d3f52d187dccec18e07b566db0528f9fd2eadf507828a

    SHA512

    bfe12eb558d353f6dde346e52b4c1eeca79b815bb8ce944e21c859049375f1f8cb9201c7da9e04a783388334ddaaa3bfbd457444a42e5945f12fb8da5d8e485e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2091ead9cd8332e3a139c882289ef29f

    SHA1

    b0ea5f72071866570acf77a936abb62c6cf4dc57

    SHA256

    ef1d230052ec31fe88d5a65edd88f66441098a39fbaa64d78466acab8a6572b1

    SHA512

    43b967bfceffba0e62cf10ed597aee447952ea77e986ee8cdbed768a61d92c30b85cbef3055e2cdaffd34082e70ab185327bf587b7fd41de2f718734b7c25e68

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0bad6dcb600847b798d45a3bb7278745

    SHA1

    5abd0e16b28de5202f57c3320b7711862d4e36a1

    SHA256

    6f0dc5d3bd67e70017621c27837e63cd0d26b66a9b15d30d63bdc7896063ada6

    SHA512

    49b4661d3ec13995395ed6447da4782ec17db750f1483f4c5e6e7a946a1b1cf75c02cffde0c41b6eefe5872b2b706cb3c41ec707ff89ecfadf0c4d0639fc5aa0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    23c1b287c819189242ffd8cbe3697ff8

    SHA1

    a7f854aef450a82ab12a457caff23cb39d37a053

    SHA256

    fcac1099e7498be808d5aa57bf347bfa73ec27d5225f647976c3796eabcc099f

    SHA512

    163d9f7ec2721423f50742f0ff12758bb0da048a76847380e29d123fee5cecd82f4fb1be8570bf6686ea91884e8490b123dcbb5277fff1835b452744c965f6d3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c8d6a872b35992942e0f11160b3325e1

    SHA1

    a405bc189a3b039d3ce13265ff6092641316276c

    SHA256

    48512f8f6e1fef92ce9e26bdf7357073cc0cbfa77cfef6c694cef8c120e875d9

    SHA512

    0b4391d3d8c03c801e054ab0b36043aa650ca335f8e91fbbb609a5aa245904f4d021f2091b2937cb9fee26f05eba04d2d301ab40b7624c71c0c5adc990c08532

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    deb82a620a4a94bd95135246130d52b6

    SHA1

    dc3e0be02b287866509c54e15da696a49f4f4352

    SHA256

    28cba7306cb420a3a171e02754f6a9f39c0c4592a325010dae53a3411731d1df

    SHA512

    7e1eadc5ea002a4352241fe8666c7533ae964cc5efe5bed4010de8992777550b405acf337a7813e0a6d52bd1f7ec0fad2ebf8e70116577f9379205ff577fe7e1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    386a9ec5eae75ca15df82e6d17401e78

    SHA1

    7efff94599492ca88aa96b6079a2954929c5db6d

    SHA256

    d19e9c409e2b20df78c51bcfe0edc3b5858fe86d419963c577a466a1c46da5f6

    SHA512

    71a027ec460ae749881aac8fc9b1ecb8b4705b586906b20fe7bf0ae4732a5bb8172d6c6cc0a8eeb011a76799617bcaba69b55c55918b2a2557f7361011a26c42

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f92c3009751add88d237113e224d64c6

    SHA1

    b806ec12fe96321679b57bfe2a9b2b114e768c83

    SHA256

    0d2b65f81b5b9d06b35eaf298bffdb1602aaeb6039751dc9fa8c32ca35f9c525

    SHA512

    7447d0cfd61e0b6d2a3204aa457c207173609807fcb92f079bdc9206b6c5e51c96d9595ab984c4ae0252c1dbba7c88e9ea95b2f185cb86486cd7c4d1537c7c3d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f7653e5230d213e2c8e4f57eb20266f5

    SHA1

    b26b1e10743173cf1f06380f347706d4461b9076

    SHA256

    ea9fbe7f53e6cb0966687525f5495d7767599d7959772de4c53509afe56e2241

    SHA512

    f35ed51699820f151dd7dc9dd0bf6903e18ffb92fff0baa6f7253ce7664b99e1e6441633b2efb3bc83c4b0448cf83a9698d6b2abad6ebd82c08cac6f9a58033d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    92305c5669fbab830ac11c31758342ca

    SHA1

    f8a5939e8abfa89bc8edc3b23f2f4e1a61a82c52

    SHA256

    9a9ec65cd059f6200e47f637d28456cde9adc7a72acefeaefad22ce0c717ff0c

    SHA512

    362665c4d56fdcebf7b5799258638125348766bb1b2cc9a3badf65d1624971d5e885ecff92976f7867f5b724bd16ce1eb35bb3f8313181033b898f5d4f980f41

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab293.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar342.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit