Overview

overview

7

Static

static

3

rmaildxp_v...ll.exe

windows7-x64

7

rmaildxp_v...ll.exe

windows10-2004-x64

7

$_14326_/$...st.exe

windows7-x64

3

$_14326_/$...st.exe

windows10-2004-x64

3

$_14326_/B...er.exe

windows7-x64

3

$_14326_/B...er.exe

windows10-2004-x64

3

$_14326_/H...x.html

windows7-x64

3

$_14326_/H...x.html

windows10-2004-x64

1

$_14326_/H...d.html

windows7-x64

3

$_14326_/H...d.html

windows10-2004-x64

3

$_14326_/H...0.html

windows7-x64

3

$_14326_/H...0.html

windows10-2004-x64

3

$_14326_/H...1.html

windows7-x64

3

$_14326_/H...1.html

windows10-2004-x64

3

$_14326_/H...0.html

windows7-x64

3

$_14326_/H...0.html

windows10-2004-x64

3

$_14326_/H...1.html

windows7-x64

3

$_14326_/H...1.html

windows10-2004-x64

3

$_14326_/H...2.html

windows7-x64

3

$_14326_/H...2.html

windows10-2004-x64

1

$_14326_/H...3.html

windows7-x64

3

$_14326_/H...3.html

windows10-2004-x64

3

$_14326_/H...4.html

windows7-x64

3

$_14326_/H...4.html

windows10-2004-x64

3

$_14326_/H...5.html

windows7-x64

3

$_14326_/H...5.html

windows10-2004-x64

3

$_14326_/H...2.html

windows7-x64

3

$_14326_/H...2.html

windows10-2004-x64

3

$_14326_/H...3.html

windows7-x64

3

$_14326_/H...3.html

windows10-2004-x64

3

$_14326_/H...4.html

windows7-x64

3

$_14326_/H...4.html

windows10-2004-x64

3

Analysis

  • max time kernel
    71s
  • max time network
    138s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    21/08/2024, 12:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $_14326_/Help/help12.html

  • Size

    12KB

  • MD5

    e629221d39a78b46820383b369262b7b

  • SHA1

    4ddb3354edf3e13134c01ec6dadeb340737bea98

  • SHA256

    98c453787c351c9c26f3531ce3a73e5ff68013f968860aeb2cc77512b65ec63f

  • SHA512

    3519008946ea66168267e23a1a0fe9e10de30d36fb59e093791b3af15c5e4a8c41ac514b457ec204aa8034cd6a869678fd9263e043f43ba28f907f4739efe096

  • SSDEEP

    192:Eqkf/UaFytDGvnxCXyeOk+NQqHhGuVVc8vKLIT:1kfsaFytDGvYXya+fHouVVc8vK2

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\$_14326_\Help\help12.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2552
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2552 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2368

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d2b7b7cbf4e13057bc0b791f95f8f169

    SHA1

    7cf7c877db017afd1e7145243b901e6ab7754377

    SHA256

    9d2d51f22164bdc4463f63b594dfe43afc399eaef4cf95d1527c10d79fc8235f

    SHA512

    c62b8e90b3fbf9710aac96af8a48f7a9d19e0abbf9589d29570a84db1f65de70051a3eb0b722fe0f9798b3e86524e3b10aa36095463e58f2cee4c6b625216018

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    619a4495be0fdd670b2dea0c173fe827

    SHA1

    3516467bbbe2f2206ff3a9e4295e6e252ccd9464

    SHA256

    d956868143980fc6fb5a8327808a645d96efe549266fb4c483d68dd8f02a7772

    SHA512

    7b7964039e60d5c2dfa818850f6e1a206a95d1b828563a023715e24e867be47e26634f04a7af5926c515fa8dcbd583a1fb5753970c05a36993474d6743444d1d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    54319454a36fc8af1d3da80077bae5cb

    SHA1

    63c2b90b9dacfe1f22e2e9b6eceaebbed0658ada

    SHA256

    3303760e044e9225651d7a1591510d3e4c9d945cf56d0a6b90ec6e2a331a887b

    SHA512

    929a4e52545a8bb1435ce94ef83e24a8a7a23119b2d166a953e0a757c1128b6d00069d9f5dcac0c92b93df5df3c74747e1b11f3ceb556adf4fb139b44a67dfe1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    993a34f88867b7e56233de010f113d5a

    SHA1

    1fbb1ef92b7aaa9132317642b421c7cfb5691363

    SHA256

    6fb2a079df45be5d9a6b6c7f334ba6d8b63d83620ff3a58b90f803f9692683b0

    SHA512

    5ba72ee8008bf4fb4ed70c439b44f3ed32f8a2f9baed8a76bb149964ea46206216bac7ffbbc4d429e3e808b1f9e85883a4c29db8475a73dc17752f89f0f99ab8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    27cbc3c89080ccb7145b194a12b4b967

    SHA1

    419735d30ea6110e774efcbf88aa6a73fce64685

    SHA256

    fdc71b597c5f92368d5504da1172a609d724859ae1b52bd8db591df7adcfd214

    SHA512

    dbcdfa0b11ce51fc059a3f2d3b1596ed235b89d75e51fc2005a88a687dff581818aea0654b0434ce27be75eddb08f4e941bb13439d7f0209c81f1889895f5da5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    47d1dad4e4e637bec87b462b50e4473d

    SHA1

    425c75dfa9336117f6b699d11918509a0b7e5e08

    SHA256

    66cb883a0a7ac1d9bef4c690406ca7ade8c04a53e72242daac85bda19555708d

    SHA512

    47112527fd094e679a9e499047be7fb367d0b634ab2bd20ef4e90bf08e2b956dba084d1c0f69059a385ec00b480d4c8dae7530657473d6c02df34c1bc92f82d6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    167c6266608a3cfe64f45162e1d8a094

    SHA1

    0c0d86b401e23a0814231b8a941f05c0d7a3ea33

    SHA256

    2076d4da7402477db86d8588b345831a99ef1ecfb86fec75dbe70a6bb035195c

    SHA512

    0bd62650eeff5cfa2ae625ea33714f3535330829ee2ed36fa0b15da7ff3df8bc8910b811081f4a3bbe6a90d82dafde8e3eea4b55710c6d1af3ddcfe076722b46

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7eb80690d32d047d6aa965fc9b928d9c

    SHA1

    28d49c40ffd9c7db28cd577174ecfced1b7f69f7

    SHA256

    17ba56b7ea216d9314a04fa0986f1dc823a569036ba09c4eb052a743ea2047c4

    SHA512

    4206747ee6d2178e9511892f3e4a3f4ad8c47c7710d363c34f920804e590f9e30ecc363cc66156eaf441c0517dce9175eece7da459ea82fa68f8b7f783a5d10e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6b93967f23d271f0ac83888cc6888132

    SHA1

    ea0e9c1d7cd2e99c8fd12480388f57a216a3136d

    SHA256

    64f020ef5c805f9722a9544f27967fb935c99f827defafb321cfdee3e72e1509

    SHA512

    474d76405eb641f8672669e02302cf3c2e4cc45ca2fe22dd3e9a5a9cb9be38234f3491fe8e2e81e7f462a979753adbe96bce68d90dfd7bbababa3a0d65b95e1e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cd9cfe8fafe60d7231d0b3e5657a7e0c

    SHA1

    c3876dfa95fec2611fec58a75fe604414753f033

    SHA256

    59f565ad35460456a0fc927ce5a24565829d0100e493c5ce9922490773ffe3c7

    SHA512

    24ef4c06b093935a67c0348e1cd931ce76dbd5eb864606b72031173d21091f3ef2f65123e70b6457eadf99207a2959fa95372ea83858f858171a860ab5516b11

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cd953eeeb9379f58a19b9cc2246daabb

    SHA1

    269d72a18470bbf8ab991f70a98396e850681e26

    SHA256

    baeb0b508346be8544539eb6ab5c22e2388e93a1e659e521b3cb12d7dd3ac87f

    SHA512

    71a42ed5424fc5a37bd819b4061c89561ba5bba5ab038acb12d2e2857c8353bb2bd6887d70899f1e74d841cbd400725d7a3272960914821bcc0a98aede1a84b7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    49ae895f9c0ab9a7a20cd74866db7c35

    SHA1

    cb0611f55183760f21c637fa34e82ac95aeab54d

    SHA256

    52a9530cb32a9f06819d41a8323dbbd88d13b549600b04bf126495b194d6370e

    SHA512

    d15387af98185d453b963de73bacb583249766664180e7db6285078a8aacd8a52a1af1b75a5ac430b7318b209b5631fef58b940d62a21f20f7178bf36f47ae3b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0b734e490e864ffa420a7cfe7d7c233f

    SHA1

    96b6ed2c28a7160ba7667407893b95d9c30c21d0

    SHA256

    226a94d73f5079c2cf82ba913f7f3c8a2a95dcd610da9ad610102f947eda3b39

    SHA512

    4c0fb2ab3139f72b10fd357caeafc0fc9d3fa71620af4a1baa6791816db4b2550d0ffcad56c63c52870f283986e9b82bc95eca99d133ef1bbedcd23ac247ccff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    90ed279c8ef78cd5ddba28fa0d446d45

    SHA1

    7b7696ccbd1ae0017a882b415c0997550abb2cf3

    SHA256

    cfed133c9274636632e9a42e848c2d62dac4dbabfc37be2bb4ec02cabd5a1a1c

    SHA512

    094b9c95519485fec8ec963d5a2060b23c1aee100e8f2b5fa3217928bd4eadc1fe05e10b53e8ea62b7ae68729912505e40b1aab2a6a57fbbef2a198a12e78f0b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    25299db8dcd7a898b70cc8fc15a75dd7

    SHA1

    f6ad8001f3a89ee8be208d2bb57fdda8b4a66a68

    SHA256

    37fcbe5964a3cd9c8b680ad8affad43b0b67c4f737a3630da3d961819711be63

    SHA512

    0764bd3d55ad478744ecd6a7db3766592b8fd4c5265ac49d45a97b5212c0b756a77072cb12a2c42de2c5621baa248b9f51dcd3f2e3b10891f2eb5ee8fcd66d79

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6E31.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6EA1.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit