Overview

overview

7

Static

static

3

rmaildxp_v...ll.exe

windows7-x64

7

rmaildxp_v...ll.exe

windows10-2004-x64

7

$_14326_/$...st.exe

windows7-x64

3

$_14326_/$...st.exe

windows10-2004-x64

3

$_14326_/B...er.exe

windows7-x64

3

$_14326_/B...er.exe

windows10-2004-x64

3

$_14326_/H...x.html

windows7-x64

3

$_14326_/H...x.html

windows10-2004-x64

1

$_14326_/H...d.html

windows7-x64

3

$_14326_/H...d.html

windows10-2004-x64

3

$_14326_/H...0.html

windows7-x64

3

$_14326_/H...0.html

windows10-2004-x64

3

$_14326_/H...1.html

windows7-x64

3

$_14326_/H...1.html

windows10-2004-x64

3

$_14326_/H...0.html

windows7-x64

3

$_14326_/H...0.html

windows10-2004-x64

3

$_14326_/H...1.html

windows7-x64

3

$_14326_/H...1.html

windows10-2004-x64

3

$_14326_/H...2.html

windows7-x64

3

$_14326_/H...2.html

windows10-2004-x64

1

$_14326_/H...3.html

windows7-x64

3

$_14326_/H...3.html

windows10-2004-x64

3

$_14326_/H...4.html

windows7-x64

3

$_14326_/H...4.html

windows10-2004-x64

3

$_14326_/H...5.html

windows7-x64

3

$_14326_/H...5.html

windows10-2004-x64

3

$_14326_/H...2.html

windows7-x64

3

$_14326_/H...2.html

windows10-2004-x64

3

$_14326_/H...3.html

windows7-x64

3

$_14326_/H...3.html

windows10-2004-x64

3

$_14326_/H...4.html

windows7-x64

3

$_14326_/H...4.html

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    21/08/2024, 12:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $_14326_/Help/help15.html

  • Size

    4KB

  • MD5

    61ab2f8ad1bcbcaf1a303652a3499550

  • SHA1

    7884a7d6c74626fc2b27da32b5d4058cd50a0457

  • SHA256

    1eb9840ce935d021a1e987ca0c1efe8be6da33d7946f9c12b6bb6a619c941652

  • SHA512

    208543d8a606ef4566e034d191df589dab8207203538c7f337972c8cf277982151394863967a5aab94592b995e8d0687b6ab7be8672f705d09f48063d791b706

  • SSDEEP

    48:ZqPHHQrr30mDtBcTbOiGDYWhmjpKWcNlWCipDSA/6chZ6saBGAWTPLWU2DGtWAkc:IPHCr3vtIC9mjpONI7nmmUhsMPyCJy

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\$_14326_\Help\help15.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2696
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2696 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3000

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    48ac37cfa0d889a10cba2a31fb939687

    SHA1

    802a8e7ffbc97041e395a295d7a52e2b0d55d7af

    SHA256

    4ab0510d8588bb047e0e334ce767c78a4c12d28bb9758747155790fc9ebe22a5

    SHA512

    671b01a1163935e687e68b92d5dd70f146238c96319783638707cfc9dd4a72e3108bd6608c1d4718d7498dfa57f1a2c4c255e69ddfb2227756f1f68772c8df82

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3db05fc0f7acae715b07a61637a35f31

    SHA1

    ed6935dd92e6f3fde43da18bf7b137befc8f9d1f

    SHA256

    4d89a9066afc48ca6c1524be2a61bdfe3687f465774464376e500deb602e83f4

    SHA512

    55ca8ae6a4750fe00e4f1fd274e1ef967a94e762f77db1e1ffe1f04d79780974a6295a2bab4ec1947c3dcb213464c3becfcfeb579019d5d5fe5558000682bc9a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cbb305d0ba1b82e3373daf90d7e4d8c3

    SHA1

    04156dce709f01f4a174fc7f62604e61a73d9493

    SHA256

    a987817a2d7dabc5eb4b8f771855c4cec56e573bdee136300759c7647199d05a

    SHA512

    c8752a4ae0f017463d40f79dfd81bab3ea03ea60d8be9485d9c099c5a64eb579a6139de5acbc4ebd1add1169aad6cf9e6d79656fc8ce269db52a2595b19b6ae5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d7d9ad589ac2d834eb90338334f26018

    SHA1

    aef11f51354c26993f114da6d56b329c0ae47e31

    SHA256

    e40a1d52eadf43e2fa423f230e81aa630537c1d7e4b002fe4df2e7b2b2f673bf

    SHA512

    81d6dd9b8b68339bddb4ba60df494f53dbadc6b2d8ab038b22a0e13f17d06effdaa4bc243c67b5644c6af5cc22587e6e34668963996145b651cebc6f45e35a64

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b77730eb4001486747767f56b0c785d5

    SHA1

    f418ae8c604f2aebdb63dfeeab3a3f903f377a81

    SHA256

    c5e4cf5374b266d360b6b56b0ea631dc6f5aea8c938f4d6d7f1d303df62641bd

    SHA512

    c8d151c3377bea38daa7014fe512cb8e9a0bac1c0f6a30a2dd87d6b76905c33682eb7ec64f0bc2a1a7da76374ca43da6089c6274df9ae210097c95b75d43846d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    85dd78524e4b6068103c42bfafa21961

    SHA1

    e693421403997275d3501dd92d9d75822f1c3f35

    SHA256

    a8827f1eb6478187ed1f93e269f947be3a2f394c92dd16cde99f2697d3147810

    SHA512

    0a919a86fc804af5e2308541ad4104e8401a5f9cecaea4c8e8f197ee8f69792dcbafe317da6bcd30204a5e7d3d70cc9571d78d7c66df2a7ea24e3d9f3b1e25f2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f29f881bc475d36550d95908019476e4

    SHA1

    89e12d82119eb516fa974cae4ba33c6fa2d8d058

    SHA256

    034835fe4a09af737f9226fac39cd4618aa7a362f961eb5f79957ff26c9b8e17

    SHA512

    63f761e212ea82f53b9b69105869133c6f0f7c1e62298e5add4e71a6e02a6b41bb7ce252c3b34c6ffb065fe4c987f5bd8c454b132877542faa877085983f0bfa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    70d7dc45d66a45b107ed79ecf6511a97

    SHA1

    b6bfa24d028f3f4e1bb8262e39e8ea7c82fa10b4

    SHA256

    5b13258f215d0d46adb4ccd2bdaffbf7bf32e49462f5bfc2678cab126f0f8778

    SHA512

    f012b7f0e94f777c53c36865e83395f97c081c90b2647f51ad455fdfb710c49bf4c7a2309a1df8bfc4997cc03ea1c0ef1b1c11ee4840bc95ad54f237337bc317

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ca3bbbf0d46efd9eb5c671a13d6e8916

    SHA1

    c8354291a1bc4fcf626d9f94dda09f76167acda2

    SHA256

    a82d12d89b20d454b7a1c9b5d5683118f23a83221c7bf9faca7e6032e0d5d156

    SHA512

    020d8db400e41fe106144f1207b8164744b6b335e31837d561a3768e1c5696dfa01119a63af3afa08d2651eab37f8f9936ccac10dfe9b41b104c9d4144b3cef3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d176fd2d90d2c17d5b2839bc3ddb8b2f

    SHA1

    33e1f4de5fafb53fb0a103f93e7cf711d5419e6c

    SHA256

    97fc0e96041008ff95d86eac57a577cd0bc9f39731bde0e8689e5eb55cf0c475

    SHA512

    657b3926a056dff6e3e7bf89806c788fb64f8c3cde74df044803c6af8fd19c5e77a0752e7a9ef1eeebaec3711b8ad875cb09b64ddff2b67b78efc7226547d768

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    859049bae4a002b3c84971c9b7b7bb97

    SHA1

    9480b0d65dc87422133eba98a4593f1df32ae708

    SHA256

    8093801cdb3d1d6f539785d4048670d1dfbf30432bdb26d5264643662f75d88a

    SHA512

    189549f6a50ad024f742bbe99253812ff67fc705252af49f7a2454fd226b7d4876069b5d9147e83adaa3ad7da7cb84f4cfc8457e8c53a0236e6cabd1ab4b4289

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    73e37ae2546ccb15ddce005433f96554

    SHA1

    7f33997659b71e0486173cb0d2f893dc4a7e1d11

    SHA256

    427e8f2e9f5ff69b2295f82281af3ed24e1036b2f9f385bebcdac26dea79edb0

    SHA512

    a3121733f4a5a254a813cc39eff58af06c194111dc8f111f1c3979574212fa1040561ddb1f0c581a48671eaad65e89f72adc61e7eb686fdd8a87c5ac4729ebe2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cb894aa3e535846a28e70aa0245fea0d

    SHA1

    6b5d8217796f9b8d4f91e70340b62349ae3a1e01

    SHA256

    ebdad7c04cf2e6f7472c5aa5dedc125e179af93a79f49b9b5531aa1772cfc853

    SHA512

    4200e4390de2f4c3b7bad042b9c24f0722eb5e537a610002e5b986735e0d66c0f58600a6ca4f1a53efcc34eaf80f54ec117b22241781052564be8279e0d030d8

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab629D.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6416.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit