Overview

overview

7

Static

static

3

rmaildxp_v...ll.exe

windows7-x64

7

rmaildxp_v...ll.exe

windows10-2004-x64

7

$_14326_/$...st.exe

windows7-x64

3

$_14326_/$...st.exe

windows10-2004-x64

3

$_14326_/B...er.exe

windows7-x64

3

$_14326_/B...er.exe

windows10-2004-x64

3

$_14326_/H...x.html

windows7-x64

3

$_14326_/H...x.html

windows10-2004-x64

1

$_14326_/H...d.html

windows7-x64

3

$_14326_/H...d.html

windows10-2004-x64

3

$_14326_/H...0.html

windows7-x64

3

$_14326_/H...0.html

windows10-2004-x64

3

$_14326_/H...1.html

windows7-x64

3

$_14326_/H...1.html

windows10-2004-x64

3

$_14326_/H...0.html

windows7-x64

3

$_14326_/H...0.html

windows10-2004-x64

3

$_14326_/H...1.html

windows7-x64

3

$_14326_/H...1.html

windows10-2004-x64

3

$_14326_/H...2.html

windows7-x64

3

$_14326_/H...2.html

windows10-2004-x64

1

$_14326_/H...3.html

windows7-x64

3

$_14326_/H...3.html

windows10-2004-x64

3

$_14326_/H...4.html

windows7-x64

3

$_14326_/H...4.html

windows10-2004-x64

3

$_14326_/H...5.html

windows7-x64

3

$_14326_/H...5.html

windows10-2004-x64

3

$_14326_/H...2.html

windows7-x64

3

$_14326_/H...2.html

windows10-2004-x64

3

$_14326_/H...3.html

windows7-x64

3

$_14326_/H...3.html

windows10-2004-x64

3

$_14326_/H...4.html

windows7-x64

3

$_14326_/H...4.html

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    21/08/2024, 12:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $_14326_/Help/help10.html

  • Size

    4KB

  • MD5

    6bbf3fec866f0f1718b99effa5b0c794

  • SHA1

    94836e7ce34a148773b5bb37640a85cf5eb45bd6

  • SHA256

    3ee782caf3f7aa490c5eb202da57d66cdea6c115c4d0127b9cc2d9c7fcbea710

  • SHA512

    cb5c596f0ec2038fa69cab4947a1a773dadbfbf0ab507a212629f32862142203f184970d82382fbb58624c6a2c854380512a40ae767fd283cdcc172b3eb12981

  • SSDEEP

    96:IPHCirYtmPkV6FY15S8vRX2Ic84rpgtMPyCJy:E+AoGraB

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\$_14326_\Help\help10.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2736
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2736 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2060

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3c71bc18cbd088677c6ba66bf563f1d1

    SHA1

    61411c2f39e279315be1324914041b4534b44eac

    SHA256

    00b59caafb9ae3149fa201be3701e85159f691c8726683172f894cb5870e23a9

    SHA512

    87cfc7c88a97e04a996829346fe0334b50140501486a5041a09a9389309c6348b41f4431c463894bc06ccd37b552cd7a025b8cf695ab19aa49dcf465f307db88

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6c9444982b19db949b1bdb231a2c4f81

    SHA1

    4ccad5a8817e5388f8f6aa9ee4f23ddf2763e377

    SHA256

    023d4448fea95670dbcd4b89181bd7f32594487be91b4699bf8f2cf010ed516f

    SHA512

    3e86db1c04a9ba73c69819e9d29140d62de32916b74a67a445fb5b62c9b6678d562e305a40919ef942a465ca32fdad8cab5070b1e578be37d5bbba35cabb7ac8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f4014e3fa40ef355b50aa46abe46f44e

    SHA1

    9dd7ea1942b0a8de6e8231e784a5ffc29e3fd3cd

    SHA256

    6a01605212a422d7e9129c14e7a1891f29de6d3e4293964c84021809bb9630f4

    SHA512

    fcc5bbbba2bb373bc886618a8d30e95a8fc8f1c9a55748c684f22358e14b295962d57d1a7da675c6b9e04900e3546bab165f265bc69cc85070866795e9e9b725

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    01a2ee0f738c4937895b0ae07ae8317b

    SHA1

    89bf85e6aed521930f309049bb759f134a406716

    SHA256

    04d97d9f83fb780ac51af8ca8b00c854c9aaf1b0fdf392f706a90f2e81f34254

    SHA512

    3721d988e3cc1ed2dc0eff10127af588d2ed04dadf2b058ba411f200d02b21a478544cbb96384815cedd8c7a1c324d549afedaf33ac54d3e3b0fcc92c894d87c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e460f283dc433595d0fe39983742fc07

    SHA1

    a15c855607b55843aedc16955881933789818e30

    SHA256

    2c29a96569e8477ee422066b879b6b800deb1fe758a941fdcfce6bd1986ac7d1

    SHA512

    fc801c73512fa87b2fcf50c6390f55daeefcd9a526a1464a310749e3f8a1860c005c7d229e542dca6d9295d7ec6e05486e87fe822b0efafee5123cd349883590

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9ea8e23695f7294855804502dd78f036

    SHA1

    b2d5c661dc74cf12c5ea1609796cb0b2f7ec4b4c

    SHA256

    6f9c5a7d8cdfba7e429502f75c6632e02d991f5d8fd253f49c7f5d3e2bf7ba39

    SHA512

    603b4c64a57e27bb9507446445a874ae70182509cd8a3db8c0f0bc886d7972952c765280f6f360bb4c2c676aa75697d16978f286e108306fd13b9a0b754916e1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    60dfc352b87d5f826c4002368ad447db

    SHA1

    034103d65ca03336a570be68eba7c38a8f2236a5

    SHA256

    93d31787eb76525efd7e5d8ca69f81b0ef6de8cdcdcdbfb3351e365b8135dd00

    SHA512

    088c4b28fdd1458172bb9967b991f9a7d787197e0f549634c75bba1ba570f8dfc939ed4246620ba65bd8107865d67fc08244d17fb5125502d0e60c5182d8bec9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    816fe4862177e26e8ec89614fcc92e51

    SHA1

    2b0c80f301ed4ac714f262be8d526944424af4fe

    SHA256

    d8d4f5c5bd2472d24bf4f242043b6adaa85278373400f8182cc57dda28be0f23

    SHA512

    a0e1629eb14b91f4d442653019bbef9b79525117c50ed8951e1d4020afe28c88a837cf2a63f342028c89dc768458660ec07a3a45eaab038985409cdb87b832bc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    045cd9514d727e604f5ce66c0aa97716

    SHA1

    056b30f1607dc2bd8d5a82ab535468f6a75c1ba7

    SHA256

    a643fa3eb5397f6cfe330878498746e15e126babb6bf463c1e611bdf86407566

    SHA512

    9cc30c3151363168c9ef13ecc2c107d8a5004f575b19c08a0d992690ab29352f9b5bc7a81e5e8825badfa7b0be7112052ae256853bea42f393b5b28a5c6c72a5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    476c933087cf6eb2881f18ee5bcc9046

    SHA1

    e2f7521256c49230c6cc78afe9b9f005f07c3920

    SHA256

    b4ca98c5fd8bbe9e7e96c8fab3ccca1fccb606e998ff09d60f8965e29958832a

    SHA512

    334f4f24bc4aa65f4ec44de1bacc170c9f9a4fc23709d59f272a36e938ca1309984dc032fc29211099db376ed279f6f859c5773c549186e64cb2484241628d16

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fc2595e36e4076389ffac638ff0e4f70

    SHA1

    6d483fe45ee73dce17388df94b84cf4feb3b426e

    SHA256

    d9a7bb8cf538e92637d21ce6933a26bf5e76580ab5a09c56608014715f8f76b9

    SHA512

    b860a3284eadeac217251c5d15c69cd48633cc8605a932ad8bf32abafbee100b3a77163ac006ca89fddd861350d3b6f8b1fb1cf9e02660a8117a10aa9b265ef8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6fba8d7e691014a54b455d5614ab76a8

    SHA1

    d5e01d755fe5c1e9919018873e523e5a23c65595

    SHA256

    c6d4e1ab7fa8d91704bfbb28308dd74c8d395f87beb3b63382d8fc72a9f9782f

    SHA512

    17ffd73ef44abbd50810466d05725c23fe8c0041036703957567f6d6b022d3caf934d9f21f2e2382d4ba671fd5a494c2980363142d73b53db9a84013943fd9c8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1e9daf0d4d277f54862349eefd22b983

    SHA1

    e0b818ab19b1f4cc7847ec57e769018fd46e8443

    SHA256

    39bc4f3e2571e4c1907ec94f70777f2e3200c9ef272103fc15eee991a4d07316

    SHA512

    6e6349aeb1e6a3a80bc0c9767eb4cc9cbaaec92248881efd31285b814b6e13da7a2128a8537d3100cd89b3056d4f76692cad96d115d59e1184500333ad9ee6d2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cc1787b41edbef1d4958bc84f0aed199

    SHA1

    1acd85829272f694da7efcecb2102ffe0c508a56

    SHA256

    6dd460afa53ab6f1ae596d1ccfecf8ee235a8c47a7738237837e5b377676b1f8

    SHA512

    4eec2ffbd9216b8d5d85165692d2ee249a9cf96cd748244f22ae6e3482804bdfcd451eebd0ad55dad3cace8371fedc6663a0291d93ccd2c3936fd0a8d6169547

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    066f75de7a597f505faecd65b26cc78b

    SHA1

    88cba54e2acca620c0fe697f8a6ee8bb8d4bb957

    SHA256

    2c97fb40d7362c813f79df2d99d773ff8e4733cd9c636958c464324188fd20a1

    SHA512

    5ffcb98c49df008176a7be6eb02da657babf43b3ec551c4e80153f322a9a1815a264c621575f6659baf32d4705c0d12576afca2a6fd02a30071a35674beab9c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8d48a43d1771abf885d49fbd24c92cb0

    SHA1

    4e823090daf53e99fde6f8b7aa4af38f02d540eb

    SHA256

    e15cacc8c257c7e81abb2977578088e16b6011f30eeeb91cbf5f2f3f529fc135

    SHA512

    c5037fa80aaa955b9a20cf8391d26e978dcc4faf8e2089b3268ffbecf0f127fab73560875285b48e4222195c0ab98f16eb29dd23c120d48c6554849ef8a3b4e4

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5C64.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5CF5.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit