Analysis

  • max time kernel
    117s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    20-08-2024 18:16

General

  • Target

    LICENSES.chromium.html

  • Size

    8.7MB

  • MD5

    bd0ced1bc275f592b03bafac4b301a93

  • SHA1

    68776b7d9139588c71fbc51fe15243c9835acb67

  • SHA256

    ad35e72893910d6f6ed20f4916457417af05b94ab5204c435c35f66a058d156b

  • SHA512

    5052ae32dae0705cc29ea170bcc5210b48e4af91d4ecec380cb4a57ce1c56bc1d834fc2d96e2a0f5f640fcac8cafe4a4fdd0542f26ca430d76aa8b9212ba77aa

  • SSDEEP

    24576:KPQQ/6MP6P5d1n+wRcXe1Lmfpm6k626D6b6+eGnkywBIpv:Cy8OeG8k

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2700
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2700 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2868

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b394902a248f486f27e493daa881cad0

    SHA1

    43ead7216a8fb3d61b8dcfc4a935e6d430b4ceb2

    SHA256

    f8aa60b8547d18400dadcbadc61eb5bae55b7fb340e879b5643dbd3911aa116c

    SHA512

    99bf1a4b6969136e7bd431e269f0467fde0d4cdafc1b43fb4f7d19427d3406fec66cfbe8b25bbef11ce86858b4177e98c6a38ffaa60fe1aaed5c181b49317109

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    220f8b6e31b129eacfa43aa4ac8f95da

    SHA1

    3f710a04cb8059d5ccbf42c2d5725c531cab29c7

    SHA256

    d8b7941db23160907903cfd1df74b0b61ec4082b2c1d6dac96bfda429b79d52f

    SHA512

    c2e3694bd0e1abe6f33017762ca4b92eb873ab155ee6797ecf287f765f13219ff853566f0185549e6dda08237e3fe2f4dc9299cc65906fae070c96d9c21d6f25

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    53854ae0ccb382d33881a75504b7711d

    SHA1

    c0168298fc546fb447b236dbf6acad0f32456179

    SHA256

    9b0e76f3ffb4dfa0871de7ba3c4863782cacf483b56c58eeb133c2062fb4b167

    SHA512

    c1b210b1a78bd8ab46ca2746bbe05008a59a0a49e6e17d9658bebcc67d2b5d993b26f3ebe1fc230e5fdadb84ed420a03e3b0b485d3e65665b54da0299ff7e362

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    46d3325b37f00c4ba9babf8d08fceecb

    SHA1

    3cb5e89764681abd66030467b4184b8f569a6590

    SHA256

    a4de8e05102fc2f82f26ed24dd91bccdbd3da20674f1a2a8134d0539d6550757

    SHA512

    89ae08ced4f9087df4519a37140843ab732136e9fb74d889dbc15fc6192e547d71972c0d9f97494fa73f619f0f4e83f56cb914ccc92d591318d23aff511cf654

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0fd7fe7e27664c1f4e30426a5b87ae2f

    SHA1

    e40b5a251b73564cabe85f9f47e95d7b97942a19

    SHA256

    aeaab7215087aa412df1861274cc25f3d42c931fa98e76e74f1d605c124920c3

    SHA512

    08e45c2f3df02fb79c44e615a536a6be26a50bdc8613d72eeb535513018d1e2c6bedf563f63abad8dc8e4eede1e2dfe66270992f76d37111075101e36997c801

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    59da5a6e23a1148906c704d4e9c333ee

    SHA1

    89c8983c4056c694e8079360b70a13c9c979ecb1

    SHA256

    f8f3e6b9836ea47b6e79b6f5343ab87ffc173b8c597feaf9b1cb83ecb82762dd

    SHA512

    058669003e5300c8e72b4e9d95015fd116c2fb34f2d981ebc1115b77b34ac3a840d5114389fa567eb6c19012bc502e218a41de25d81b120bfe09629dffca9561

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5eb06df26fcac732fdaec2e76e8cf066

    SHA1

    8776052943e5312c4ddb987d79c7108a6d2b0ebb

    SHA256

    435aaddb1c90571cb80893eb3ba67544bd6b158bbf52855b40ff04af4a8880ee

    SHA512

    633d1266eea30d5fe71b01f5d130fe0010bea8285bc171e34fc3300fc93de028106eb82c84e52d693d3fc61523958db7c533641c93d4c8cb65cec6747f455709

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    26240873d8ff079db6838704a2bbf64a

    SHA1

    d27ef988b23a4d483e6886cb8651c77b8cbcb9bf

    SHA256

    f5df389c1f39604e5b38fd5d4f862508534e277b132624911c0ebf007a6cde9a

    SHA512

    be22a47bea50efebc25c9a6e3245a95ae67195d6690d44203a1811823d96283ae1e6a153dcd14ca6cbdf5e56cf5cdfa01810349780416a70aeb8d7a567d07b07

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fea5008605e7126d7c46be77e73f8870

    SHA1

    4c9676ec8ec8c7ed8ca1437e2737ea6672874112

    SHA256

    a2d75957be396787f4e124eddc95b851be2e448f8d288b2a49f58521691cfd94

    SHA512

    0e7d41ed7b9647db6d29f19f7106befed5ed306785c342e6d8597b790024b806b49ade4927084865527e6137f5d8895a82c7399adb32bb6fdad69c6eed47ef88

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4d0a2195a1ff3bceb95be5906b989af9

    SHA1

    7c0e5e3ca887e4b449139e44588f32a19b91d2f2

    SHA256

    25ba670ecd4a5bb5f90561cfe8c366622e29b05d74fd9521539a004db90238e0

    SHA512

    831f1a3fc01d4755d342adb232cf80f2b5ebd6c3609ed9258d29d131218da9de417c4ad8d6cfb091f3248029234bdce2a9ba18993814329dee8f3b8670defe14

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7bcda359cca32418434e373fff33467e

    SHA1

    4158078a8d2d28eaefa0f029a33afa7f0deef6f1

    SHA256

    71d502dc5cf248b64c73cdcc8d5750e89674fe279d4aadefd85cae774d922ed7

    SHA512

    22811b341fc43ac057bb9fceeb9ddf4ae676331ab0122ea3f926170786d750a4222b5a75c6fc7add911ed20ebd6a914490ed15b04fc0ed6bf6563079f26bf17a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    727dffab51b94a86abeafc6776fff3f7

    SHA1

    84e2cfa22d1e091b31207b29cdc71ea21008ea5e

    SHA256

    fe96840e208ad850adf4403b46b6736c6e3302353a500934c49aabe755df4d62

    SHA512

    cf47bdacfb46c591fe940bb8cc405b41a564c4a12b4b41dec50d72b7acd47a0a341cb5bc3892debe16b02da9c4d0112ff9985c7c196bfbdd5af55400998bc6d1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    38a0e59bbbe984b910c54c706e0a6494

    SHA1

    d51acb5021ea7fff86c6a2a35683f2868796316e

    SHA256

    9eea79b51ebd9b2ff388c432b7d4af893071b2108052d1922f4ac77b20050b4c

    SHA512

    e00bda3a63d074195c023c0a1dbc4be1549c831dda51621c2e530ea4b92b080ffb7d752d985dae3d848ee003d30d4ef071fdfc648c9e77ed2fcbf13194f9ccd2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e194c0e914cbddd5a46dfe51383f6d2f

    SHA1

    7e2c552d1e7fb82b1560f338aada15acd50c5654

    SHA256

    5c991ac67c72d1c9ef7d43893a39e43ec21b6f38f9de57e2cdc99c7be9a95ad7

    SHA512

    b57b9499a40ae32964194e92090df219b133796c00ae8a41ccdf31c40c578d56edb43ae538e009fd0ca311c169b0a9734ecd59f1c5dba7b78c6e739920367f11

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f7a0fdf4a2cc5348bfdb0c44a2cde37f

    SHA1

    e6833a3a31ca9e326abf64fba64ae573197c9757

    SHA256

    8f15f5c23147bdc4428a01eaf64739e17d4845f8c207ffdd53de57ffd6a63ecc

    SHA512

    6dc3b4850c7dc2b6b047f6c034eca9ba227a00ab6eafeab6c5d321d94a758db1ae39df3da18de3c7e5b309e66e66b2fb897c9fca8483a6ff20acf791ff38b371

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    197a78c5b4f0c13b4782f155cd670cf7

    SHA1

    edc95fcd9381bd1e0def6b009483f17aa3d9a441

    SHA256

    4c4cad4e500fbadb28f60c1cc9273afe84df03b7013d5b9948143e250c471f44

    SHA512

    a35950036df0920af60da588bc1ac6049220059f68118209f17708b629e23d2d6362d354e1e65b5e95686d3b53c57d0535b0cefc8a6d17071681e4ad4370c2af

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1eac029001f8eafe94b4170cedf2a7ec

    SHA1

    347262709837edb926bbb785086aa815c4d17037

    SHA256

    1b396bc36aef506a20e99e5186e44755fa375a88c659561db5e63238e136a8a5

    SHA512

    b855f57df04a2412dcf07fc8e17af0a1db4301721bf8a3c20649f2037664bdbfbd653dab3b24157d94e06598556621dcccdea1d2bad5c074396ec501b97b3065

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5bb1ae2d933eb6f73d24070ad35394f9

    SHA1

    a027634dfc3f05563127982393a97a2ac7dea702

    SHA256

    c9ffda7bccc7fe9ddde1f80e327b71ecb222c8986168782f00055bfb89f17dc8

    SHA512

    2df39df03ee9dd79b1e69353b37fe52165a0b2688971124251900d52e62e2b992a37019049d9901f05b7a946f26732a94ddcbaad3bdf44e076b48c61ceb5dfe9

  • C:\Users\Admin\AppData\Local\Temp\CabA7C6.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarA837.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b