Overview

overview

3

Static

static

1

FREEFORTNITE.htm

windows7-x64

3

FREEFORTNITE.htm

windows10-2004-x64

3

Analysis

  • max time kernel
    52s
  • max time network
    53s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    20-08-2024 07:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    FREEFORTNITE.htm

  • Size

    117KB

  • MD5

    6523b89087d71e85df642922a31a6ae0

  • SHA1

    d10f5d5717e0977daff00bf3e541bb0c0c71cbc7

  • SHA256

    51069b63f0f6e46171a4c31ce2064728fd49db30ed4185b0266f68aa27548b57

  • SHA512

    1b2cb663a251443a33e8eb62f2b61a962ba60039e49f08589f8bebf679e072852594bf585788a72ee2fccfb4f2558bc44d1e118ea2eb637fa2c115eb56b048a8

  • SSDEEP

    3072:t24rgmdY2imRk026pQJ6PdnYsa70hoOQ2Yg2QS2Sd+l+sArql7vOPDOOtd9+OcsM:3Z5pK6PdnYsa70hoOQ2Yg2QS2Sd+l+s3

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 59 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\FREEFORTNITE.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2716
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2716 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:2732

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d45e55353144b35dc56a513bff600c70

    SHA1

    594ba7bd68bea58d0cbc8e4f8a13bb701e010b60

    SHA256

    8757cf364080016b92be262d98f074f14379b98ac291567b5dcab0e6050816d5

    SHA512

    76db43c5da25591d80adf7c33616530917bcc33facb75c5c9284b42555f1c36e31ff053caf081b20808c0e71f0b56eb216cd74dd9a88e5c5161af936959dd295

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    27cfc8682bcb75638af2495f716d3c06

    SHA1

    0bd5ed3cf2287075f6bb63c0a0f82061adf44bd4

    SHA256

    085ecde7bb8369d4b82c3d0ecd731acabd34e81aa7c4d14c129cdea6ce4c2275

    SHA512

    afb8f31b505647c0e6507d2f7d83a2af859f85b4b9a0823dc1a70dae13a62400f0b3be4112dc38e96499899b852522b86a581aac3e8493031ff51a53ef95c96f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7d6c5b1daf90c466e6cc7c2f09288f15

    SHA1

    e660c90de07598bca37fa59837d423780e4fc4be

    SHA256

    1ef7e72934a477168d84155c82f3ef51e52055cf951b65c95211e88959938744

    SHA512

    a05e0bbef8f28004fa984b9875a34c5671648a5bb19c95bcdbdeec40808d32c8eac14e594a7ceba212a1eeb8e1d77a1bf6b829a184fdc40b5451f6837cd6cb33

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    753ca6d137efbdc82878d30fbd19c605

    SHA1

    77b6eba02165d2232f50f143d9a31b9910801022

    SHA256

    f00b718bebfce396df7e6e72215a4739990cf08b0a509ef74e18ef8125be63f9

    SHA512

    f250f450773d00ff4852d03416884a2f53719abe605192f0849d5c75cfff8c8eb47d39538c10c0c9645ea5a501c5baa72014da57e10e069c4fac558912e37d4d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a74803081bd1daf8fb0b9aea20b1bac3

    SHA1

    bc5b0de595b70fa7e9a85f8a42b28f1c15bd1c0e

    SHA256

    af097a9da9236378c5169d90ff9f154200e49155e7916556b5b180e1de5e47b3

    SHA512

    08cb2beb62d1030d58bb93b8afb11e380349fde4054df94193a34645c51b89f8415b8e7cabbf5197db19f8092c09e0accc755035117f73cc9a4f39f6b04ba760

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    882726fac6d24e780816a5d694a1e70f

    SHA1

    209c36780bd7f3b17194dcf5f91c90e53c9db319

    SHA256

    1bdd70011435d9b5b4de126b945600115b75991be60233c15429adb5bc0a6d09

    SHA512

    b422be690720e9535055157af24987879e9431b911456993f412ca7c8fc3b1872304b732d6974b254f8b84ca32a0c32bb2bb6f856959b37faf1c57f74e44531b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    50e3c822bf06b61b17c2f2b741559c20

    SHA1

    39240f375d4c8a50ff1d31073950b8f386ecf3ca

    SHA256

    4ee27bee27b9b8b580069f79121bb9a1771c12742ba2cf5e1a11264ef59e39eb

    SHA512

    f026265668c24e9fd39f69a39f04457c0b111b98ec97aa7c024c1e397cb605983ae7b57900b372566d8cfd40434184f073991506e00b5d8c43007e51b4e24ca1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a4987d2e934fdc39f1b42e0933ad1ce2

    SHA1

    bc98ee534ded5d35dcee4469a3ea0390db5ce065

    SHA256

    cd86d5d034beb52db13d1f74b8e670d19b48d5c8c2c436a72920ea91c77177b0

    SHA512

    3c0ff0b0f920d65bba401a22fa2d62bdc51ea53ed258ceb0ff3f567b0e5577461af94d19bec58e94158f5371ba2c1e20b0673d87d861ef06edbfc7ed40a9c24b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0febb3f04d3a1434746e44150351c988

    SHA1

    4873d61a6c58914f867034ddcaeda9f2c44d012c

    SHA256

    472a69bde2d3c888219d6b77de9751d62b89058a08aa90d9b6704a006ae51c79

    SHA512

    8962943241beceeea329d7976af05c9dc04bca5e95ec26983b6b63f51411557467f6a9b4c8850f7c5d90560d7597351279978eac488c1b6d30107e10996b92c7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3532cbcfc6d04e4e12b79d9cd5232e61

    SHA1

    e58f393fd2e74dc94ca96ea0989292825acbf00a

    SHA256

    65edb1a339839cb5563da2aa63b10f8dd87864b40634bedc7a87a76957a0036f

    SHA512

    5997eed705919d1c686fc0b357607df329af24abcc988cac5f3325bb27eb37cef2c6fbee345741edf0f27d67680010a83407703589dd6e279146e8a604e439d9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4e620fd195ce809831f0f4409ff1a37f

    SHA1

    d1cf7ad9849435d1f474782138c89be83f8714c4

    SHA256

    1133550c0bee5876e45ba47550bcedf6f0758c5199a5b8b278c47411af95b71e

    SHA512

    a743f3398d4a8a59715f45b1108e0a6c81912a75f4485a6b3881bfd8d71b685aceadd48fcc794fb62fc34e9f10120b4fe100ddf2419b39d0d13859d9f950172b

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\6I6U9QNE\sourceforge[1].xml
    Filesize

    13B

    MD5

    c1ddea3ef6bbef3e7060a1a9ad89e4c5

    SHA1

    35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

    SHA256

    b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

    SHA512

    6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\ER947IUF\www.recaptcha[1].xml
    Filesize

    99B

    MD5

    38857d326fc133c718122a8f5dcb02db

    SHA1

    d97e07713b36af8474156672a34181a2cfe63309

    SHA256

    16fdd14ccfb1c58b28dd5d2d386c126e3d40b59f8f80714e56711e3e7bc09871

    SHA512

    716c64c584fdb41342207bb43af2d6ef6607900d7dffca14316d40969477cec0c93ff37100ef50b4e1b12311f094b7931d36bde0b4a1f23459847115ce233269

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\ER947IUF\www.recaptcha[1].xml
    Filesize

    436B

    MD5

    c7e726fe2572da1d79dffc0b85e5cde8

    SHA1

    0fa1abdbac01754c34fc552cf0840b0f2f079ca1

    SHA256

    56365c7f9a8a5b60093145a08b69d5fdce87f9583cee1201c947b906c13ea4a7

    SHA512

    3a71f1605bf8357cba2e69ea6cd6b36d32c782b47101356541577d7bc8475d2684cf84f0aa9c43aa4b596b8ec86bd40abc3ca6146dadde176b7e689e4a003e1a

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\t6u9s4b\imagestore.dat
    Filesize

    1KB

    MD5

    7f29a2e4a0d4ada4fce56a6b9569606f

    SHA1

    244971843ff1f86a2cb1730527dc001d6444dda5

    SHA256

    59623947fb545bfcc6d54df3c06062da2ba0e3694a3d07c91a7400cf7f734098

    SHA512

    13a1e4381ed891aa9bb8da9574753e5dc91c3a81824d50d963c198dadc015575057b97b71290160d04dbce2a412b9d89ca19dc04855e76398309015a63fb2cfe

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6GL24G53\info[1].gif
    Filesize

    43B

    MD5

    6f81c41597d3f5a336f458822cc0c32a

    SHA1

    8cd77a54b38f1fb376b45af2eaab8f5982523b8d

    SHA256

    5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

    SHA512

    edb4841fa021f06b664c4f09378f6572177ceb8518b976c0b1571e2346fa116097d4979d31bd9ab7e841b68795922a07d451583620a2f31e3e54a867f91d7c95

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6GL24G53\lato-v20-latin-ext_latin-regular[1].woff
    Filesize

    30KB

    MD5

    a53df66f339b35b6a9b18b41980d0005

    SHA1

    1f0147318d19be33e44b625be0a645a5dead54d8

    SHA256

    8badcd604652360c68c0677ba0772d2973f2cfe293b5679fec3d1d63018d396e

    SHA512

    2db57597916fb31d3798227fe6844fab5e84e8b184ab8286045468632cdb2638c8f6b4fb0ba1f4edbd8fec487ed09f55ddf45137c0a3cb1f41792609f50f7c78

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6GL24G53\lato[1].css
    Filesize

    424B

    MD5

    8f61f228ad51184b5f8bbbf14b436df9

    SHA1

    8e94473045719c0e51f579c8137ffec2b004355b

    SHA256

    da04907546eddc4640039bb9efbbb483d220b1e4ec553f9830a9510b7ff14899

    SHA512

    29cb07b2aa813124c583f06db8ae63fe5b52527c2151c2ba64c311f4ef774d5be579947d023e98a478592895892e39ab34c7d920524721a086e851b77aafa71c

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K3JH4PQP\logo-180x180[1].png
    Filesize

    1KB

    MD5

    a9d7bf56513384b97fcc2db1de53064d

    SHA1

    ed359a1fe61487d245673f9518d46050b252ce9c

    SHA256

    fdde5b5b61bbb7993d4faddf6046abeca70424d3637f73c945cb3d6bd77f9cdd

    SHA512

    aa88b0d27391f8d774c4762caac06a911a7d74ee7bd1231e43e05e7cb0a6d1bb2a238e874236ca485c7ae7f4c4e7dfa0151574d49dfa5508e99f40c6be3ed4c4

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K3JH4PQP\sf.sandiego-head[1].js
    Filesize

    122KB

    MD5

    9f14d22949ba8a7cf22b46d2eecd0c5e

    SHA1

    1375aa76cf51a2eb9aeb64a7d0712eb0625172b9

    SHA256

    82bc6954442e666df3a44d185f4a04acfd8a0c8c04a8269b5cffb21d521bfb45

    SHA512

    69f7bceba493d4054685085f6cea21e5fb23079b9ec29ce18d93c2d3328f6cc32ba3168f89e9f4df1bf53748605222ca045687787eb0fe9bf82dcee1e25ec6fe

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q98GZSGI\cmp_en.min[1].js
    Filesize

    434KB

    MD5

    ba6bd7849a99c0b8e081f494f7fdaffe

    SHA1

    0bfe1979106dfb1a9ac68b27dab7a594d47581da

    SHA256

    46060889cb5d752e97a7b4eda9ca632295d28209481c724ac6683040a483160a

    SHA512

    6692b59074bfad57c6b86134ef17cf68830a456a1ccce1234c73d0ba5f3b26a81c198e03352bf93ecd041de9ffc2d5d6c543f190c7c2c740d4871ad057ec7773

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q98GZSGI\recaptcha__en[1].js
    Filesize

    531KB

    MD5

    1d96c92a257d170cba9e96057042088e

    SHA1

    70c323e5d1fc37d0839b3643c0b3825b1fc554f1

    SHA256

    e96a5e1e04ee3d7ffd8118f853ec2c0bcbf73b571cfa1c710238557baf5dd896

    SHA512

    a0fe722f29a7794398b315d9b6bec9e19fc478d54f53a2c14dd0d02e6071d6024d55e62bc7cf8543f2267fb96c352917ef4a2fdc5286f7997c8a5dc97519ee99

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R4VBOHSO\bV8xLndfMTEzMTkucl9HRFBSLmxfZW4uZF8yNDkyLnhfMTEudi5wLnRfMjQ5Mi54dF8zNw[1].js
    Filesize

    70KB

    MD5

    b78fe9f5239e7b73f8dad1fc5f0dd36f

    SHA1

    4932d21b0ea2974d5e58abc2b9c1ac0eefeff79b

    SHA256

    ddfbb96b0b202f8eaf09444723625cd50a6466f0430369aef80ef53df0c0254e

    SHA512

    f412fd692cb10098c13de73a934e4332b0d9072fbd7a3a83b0b449d768c0af1d7bd625ef356b623d5dc7016f00036c9ce9c1c90659af75480cbbd56fafe5c3d5

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R4VBOHSO\cmp[1].css
    Filesize

    5KB

    MD5

    697ebd7f1539c15b311ed3570b15d037

    SHA1

    44dc41ed06d0b814a97953fe5e8cae580409184e

    SHA256

    e7d6ecd379ddf6434fa3e1cb3fa44da5ed949aa69f69e5f60f5792c518f0f0b2

    SHA512

    7073ac4ee1db9fc570212916a973f9345b37636ece20dd34841c8992cfafbb1cd4413c5c5811243a902a35fa0cc161918707a27061713070b3cb4cf0d42e9606

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R4VBOHSO\lato-v20-latin-ext_latin-700[1].woff
    Filesize

    29KB

    MD5

    c3a17dcd22924a57167bdca954763c01

    SHA1

    670a02140dce20d2c174049489f9fe7fec20e4f7

    SHA256

    66bdd962ad3c4a394964e44600d43808fc3377e3323e00c86213c2564aae5651

    SHA512

    dbfc9cd39b4521fab9cc2fe75b7c9eb9d31daa9606571726185cbcc7d6a6a913c80f6ddad8fc16e95c14e3578185e737e0e578dfc99794b18224cc07a23b7c3c

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R4VBOHSO\styles__ltr[1].css
    Filesize

    55KB

    MD5

    4adccf70587477c74e2fcd636e4ec895

    SHA1

    af63034901c98e2d93faa7737f9c8f52e302d88b

    SHA256

    0e04cd9eec042868e190cbdabf2f8f0c7172dcc54ab87eb616eca14258307b4d

    SHA512

    d3f071c0a0aa7f2d3b8e584c67d4a1adf1a9a99595cffc204bf43b99f5b19c4b98cec8b31e65a46c01509fc7af8787bd7839299a683d028e388fdc4ded678cb3

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R4VBOHSO\uVtrB8mfYkSeGiJQPzMX2K5aR434XKq5huJIZl4eJIc[1].js
    Filesize

    24KB

    MD5

    f35eb4bfc97287b71d66f27a4f1986bf

    SHA1

    e8a82c098cb2cd80e3eec59f488190567747669f

    SHA256

    b95b6b07c99f62449e1a22503f3317d8ae5a478df85caab986e248665e1e2487

    SHA512

    9593cd4fb1b17f82fbecca612cc05a2c3cb82332aab35982648a72155cec027791a81fedda2e65c64506b6ef48b58af021f4ab6f67d5dc6070be6f9e19b0c9eb

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3E88.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3F18.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit