Overview

overview

7

Static

static

7

b022422ed1...18.exe

windows7-x64

7

b022422ed1...18.exe

windows10-2004-x64

7

$LOCALAPPD...ly.exe

windows7-x64

7

$LOCALAPPD...ly.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...om.dll

windows7-x64

7

$PLUGINSDI...om.dll

windows10-2004-x64

7

$PLUGINSDI...dt.dll

windows7-x64

3

$PLUGINSDI...dt.dll

windows10-2004-x64

3

$PLUGINSDI...ry.dll

windows7-x64

3

$PLUGINSDI...ry.dll

windows10-2004-x64

3

$PLUGINSDI...on.dll

windows7-x64

7

$PLUGINSDI...on.dll

windows10-2004-x64

7

$_0_/exten...lts.js

windows7-x64

3

$_0_/exten...lts.js

windows10-2004-x64

3

background.html

windows7-x64

3

background.html

windows10-2004-x64

3

DealPlyIE.dll

windows7-x64

6

DealPlyIE.dll

windows10-2004-x64

6

vn-zugo.exe

windows7-x64

7

vn-zugo.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDIR/Math.dll

windows7-x64

3

$PLUGINSDIR/Math.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    117s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    20-08-2024 17:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    background.html

  • Size

    1KB

  • MD5

    b283e8f75dcc4349e1d88e72358ea3b8

  • SHA1

    b017c920e90daeae106ad152ecfb42a1d8d203a7

  • SHA256

    67cb79577f26d6632168145a2b7b4d3ad6b46247f0244a9f6f25b45fceaeddc3

  • SHA512

    c714233bc1d7ae252695d7b56213523525beb4b8e198b11377213647418a76824e89c49dd75b82beb0fa205646ca458ba7f14d42fc350d6836a6921aa9524402

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\background.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2208
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2208 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2396

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    51e924d8356d569f88750c380620f33a

    SHA1

    3601424d23b15831bdd5954ab5d5b33e72dddf4a

    SHA256

    8d97d6a751cc72c4fc00710c9180a8ab6cce8d0798c7e2ac5efcefd682314ee1

    SHA512

    187e1beabb40d1bde3a3dbe1a4819ee1262b750db1e8cbf40dc456111b72a6571f4e5d303be57de4defde99a375fce73b6be28a0010a45700092fd13b6f3ddac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5f2df0c1a1d28eaa446a91c564ad01e9

    SHA1

    5089ef01b8d8ef482bb5db7f8560d8f86cbd32d0

    SHA256

    5d33183afc663df9fb788cbc39a9612fc9bbd79f6aa77f7bbadd6093dac6f1cb

    SHA512

    aeb16b4d921b17d614debc58bf8c115685c7b9a2dbf243acc3b348f75a942bbda2c7225c17d79d94bfcb84fac00bc0d88120f8650988d12beb07be2bd4dff0c6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4a5feb3e0c61e02d8506a8134a3f1885

    SHA1

    984388a5a1e9719008107658733a8297ce42a0a4

    SHA256

    7ae7f6716ba363c73b0ed33bfbefd305a1a6de034ae7938c6996ed052e1980ad

    SHA512

    246036fde94f39951ada3807201159898b553d7f8d2b6b0810e8a917177affa7e23f2a5297ed0c87784b1796782715a2bd5781d4999f36f32d055d651d7ecbc3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5df7d15eb9cf6a987a0a8bb1a1016468

    SHA1

    0c57a90ce400ddd5ecca4fedbbd27c8f7fed4ec5

    SHA256

    ef9f709678bf95b58e516eda656fe72d5c5108645233f951fa4f60f5dfe20ccc

    SHA512

    d8a5ee319dfca0f0c2296c025d13f297cd23c604969d2ff13cfd4c0ef2de71468d4c09617e41f9bb1fe7159b476d08b1b568f21ee599a06fc3c18173596ed468

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b9bf1c5ecb32ba77af79898d81fda440

    SHA1

    6444edfa54372b0608ea7cac359513369c093b85

    SHA256

    21b059d615ac655f2721567b422d0a33db68fe42da0bd8abd56a25dbbbe4e20c

    SHA512

    4b642225f2ba5e615bcf5bfb180f995ae9a1ef22bce122adf1a5bfce478f68ee4139777c7a43db8e30a429617fe3acff210397730ae0d773111cfbd30b6869d8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a0f22e3c35ce928fb7e441f50f4063d2

    SHA1

    7bc98f7e4f4da4901727606be8d399257aa2c28b

    SHA256

    0d619bc869f0b885c85f682848c1b2bc9795522431052234c687c04a4a9bb139

    SHA512

    bc25fca4c9a9b1ccefebe003c71bf04c7fea07c1da466cc9036e25aad49f0c5b1b52e6d3c795c76ab41dc58ba0c5985e80f22e5399a138952affbe2a1199c897

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    08e1ba94840a7a237fbd55fe2dcb1ab7

    SHA1

    6bff4469d16dbf97d6bb538c09edcfa852b82bd2

    SHA256

    bf2d1ae3ad5e00dda1d7dfd3cf3a81ed081a257fbfb6c3d7994b3f53044bfae9

    SHA512

    102f2748a35e7574eadeb038c04e99f8d3ebcabb91f28442722c78b4f232dadf811e3a8acfb58a11c56597af601482ecad40f4798e52f9e9136949e1588fc34d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    14ecd1f45c0698cd4e046c5e13c1a07d

    SHA1

    bf5e0488c2cd3875713880c83c028a8e9518ed13

    SHA256

    30cfcc402d675950169702ea17d4d6a9433c33a5edcac38b511eda496386147d

    SHA512

    50be4a38bbd1f3ba8ef3bd1845534b4160759db06490a592ac616a1459b751ccb4843e5b80872bc7af2d9498e22adc6c8f82e3c73af7b0da7a5fefd5c068bd69

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0c484216a265b23d054ee8e90d64f78c

    SHA1

    8b19aca0824e05988c38e60393a75715637f674b

    SHA256

    fc8a67c7e7a6b2d9a899628d73351c394716d1866bd5250f382d770788f94be5

    SHA512

    a8a465f368b7c8560b32b64a59653642fa941c76c5c82f861c27fcceb6baf75b2680e5d07916af073a2abd5568c4fca366343391ecd64aed75a1749a293e7b6f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    772d83239a3f89ba3a0431cc3b34902b

    SHA1

    4bde50a0e75f02c606110e39a14d0597ea5b7e96

    SHA256

    7aa046b69dd1e7a70a6c69234f12fb9d15da0f27810f8f42c7337e25b34c49c8

    SHA512

    17bcdb11c2890e211593692083795c81a9b92ff07a2974d9eef5c183729eda5116cfb80e76a0be1edf38a36716e3b1333c7b83c73054d24336940533ca4f7dfe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2fb5e1fcd4a30ee393a4069c9df31d2a

    SHA1

    8813ea9b893be1afb20828a222e961a7b17e3168

    SHA256

    9d3cb682556294fa7dc8fd4f287cd006bd6e2f609e28a4227fcd6232a09ee4b7

    SHA512

    f5be7153d2e0a0a2f04ef834f34d383dec95d082bdcd93537f4031516833f0c728d35fb642b40b233fa83fb2e4b7a4c369b74c1ae25379076179c5befdec67ee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ce8a7c9f7a27ffc12441987235322f4a

    SHA1

    9bd9278a375d2ac8acddd8dd3a01c9569aa392fd

    SHA256

    846b5128de514f94b6f7456459a68f4a26c61536bf263c9c38f59e019e6f5177

    SHA512

    b3e81a4390cecd9e78550bec5b55ad8f2bdbce2c1401a77cc417854a166dfea4d7c059e374a00a5c50bc3c6bb48bc3fc39d04724aa11492bbaa50ad8891a1bbe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b6a8d38bd0094adad788c31c9604752f

    SHA1

    fa11dfc8e5bafe026ec5c14bc099916141894694

    SHA256

    3f73d163134f9cb7213ba49015a585d085fb0e463e582d119f481eb3e82b2fdb

    SHA512

    a9cd106d0efdec966f889057ed164055fd715fa19bec7eecf3cd12f392427d48d1ef99e5d2d8fa4d9f1c1c02f5fa6505e4716540c5927730f75d83f3e0fad4f8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f69fd8bd9f9fcaa85fa216f0ff17c320

    SHA1

    e6998f99f18ad688c07d5b411b72f53e6f5eec11

    SHA256

    9f77653bb7c28caf91325387e276ad04c39fa5ae14d7c95bfdf0eee875d3fdc9

    SHA512

    90ceeeb337623d611eee8397c54ac763c8ae52b02f24a257ef1f0050ed0c0f62daca824266c21c7b3e94d0ebaac18376b3abc4d90039dc356ad0a2183f0be1da

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF5C7.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF628.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit