Overview

overview

7

Static

static

3

b943379042...18.exe

windows7-x64

7

b943379042...18.exe

windows10-2004-x64

7

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

Bejeweled2.exe

windows7-x64

3

Bejeweled2.exe

windows10-2004-x64

3

aminstall.dll

windows7-x64

3

aminstall.dll

windows10-2004-x64

3

bass.dll

windows7-x64

3

bass.dll

windows10-2004-x64

3

readme.html

windows7-x64

3

readme.html

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    22/08/2024, 21:44

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    readme.html

  • Size

    9KB

  • MD5

    cd9d3933f5218ba1eda0411d1985c12c

  • SHA1

    4451c1242f3f4670c8afeee1b7f50146f1d8bf60

  • SHA256

    3f01aa9ceb63e2ba68d401e00aead4d08328bdac5f3372afbc0acdfa88177002

  • SHA512

    57958c008fda9a70f8ce5b8d361fd1e52dd2514c605d34f8d67f28efa7ab64adde4e3f4fc5de898b93ace8d3ceda23d397276c4fe625c6394b97a480033fc952

  • SSDEEP

    192:sZvJaQimLbANLGtJLA1tM/mqMJTQ99G68j75C3SOdaIxLtTLVLn5XOrs1rsvwo3D:0L0NLqJLLqRP5C3SOdhxLtTLVYrs1rsJ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\readme.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:348
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:348 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1944

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          90df8d678b0572e7a13e64e3149ba4ed

          SHA1

          0d2a10d8433fd382ab648f2748126176fc89ed9f

          SHA256

          309df603fb7a5db68168acebd295faa373388e1c7b318af3b320a8a61d413135

          SHA512

          2a5491e83eba57fc2352351b52a40d44a68cdf459ef884e4fd443f38d2eedc43538b4df2dd43f3e8965c6e6af9f93082de6b001fcd6a98457172a66e53c2866f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          786c48b306f98c19c93f786a3fe1c714

          SHA1

          dcd05b0801a501e6f4532fa5dcf05763812e02d3

          SHA256

          b313c75e32564e90558b854ce665ac3f4cb40b2f0cec5c6557ced8a26fc3cd83

          SHA512

          f97b94dfc95d772a59dddb89c107db9324731d6cbc7023366edd74fefc9846d230c569180c710ea97cecfa464b84b9407d8c683bdb210e8059ed48253b169e54

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          8fe522daafdff4849ce19b67cf6b242c

          SHA1

          97d5509f0fa2156d1fb7b47e9e1440cbd4312278

          SHA256

          dd745c6578a1e8f635756e16fbcd6a78fefd4ac7769b1e9143ab847f83b83fff

          SHA512

          0a2f987811b61ab0611c691401044385382e11856250c3b9c426b1305a03318f4a1002bfb9b097f236a2ac468362dc65165d2f7c1eb84b014cd3e33024a60b9e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          e509b1329ada5554d46d3eaedcd219c6

          SHA1

          0c121079e67750f891e525356ffed6a02408a409

          SHA256

          a094d352689df7186d20dc397ed66e6a2193d5084b4a0762dff6f50e7d313b93

          SHA512

          6a3cc8710efaaa65f7a2d2d70dad62e81a1b48a01d287f87b9a6a351da8728ae5b403fcb768cd1b103f4478bfe8ef88eed052c29ccdae82b411e6bf37fb277bf

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b29394c33e00dcd88ee25ab1865949c2

          SHA1

          19ffa53fecfe0e22af32e72a5bb601719239d51e

          SHA256

          08f8c4a4e9a9dfa60d6e53c534f983f190a2d3c63c38c238d0085d720e4da750

          SHA512

          61d5aa04b9885c710859a5128130b3af2d643afa4618ec4cd0fc797fb137039693ef78668d407c587e457d3c825d9f4488c8f8ed62ecc89c2cbedf413f3ceafa

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          e29e9787fb7375a37be542c283019a95

          SHA1

          69733f87bdeccff7caa1e0a526e2c9f44accfcfd

          SHA256

          b1c28b40d2e898834b1369c82250d4798c4f3701cefcfbb8ff5296d0361243f6

          SHA512

          53a129dc5ef09069b747a0338385180e8b7da10583435e60c3edc6b91766c6188896e61684ff883dbaa95318e3d04865a20e2227d8a18c660e3d9a6f3d5ffd75

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b5b4ef7eb76058981f7976eeddec9c9d

          SHA1

          b89610410b2d8058deaee3922d3d04514b3aea4f

          SHA256

          73fbeef6d92c4864f2bca2a8a1b4e418dd9236ff266b951c27edc8388e834cd6

          SHA512

          419bb1d2538c407b96abe7c074993b1b299ebebc4480aa40d9bdf8a115955937ae8f18c89f8730a9e331f7b792b96c64d221f1dbe122693f19997de213be3489

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          bc6596d6c524ec635b3acd95b033bce5

          SHA1

          3b2b6b6c002f111e4f5f1e30495e3f104bc0975d

          SHA256

          85280ef1b66b2149e534486988b55be50833656161013a7f83e335bdb31d79bc

          SHA512

          f10d4e61a762c6684823f4cfe70aeed27c92c27c2f5de40de6677a183d17319a3bd71b7606372f50767ef9caff5cf394742df2a488e3d4f8e0e6535852e7a93f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a8d6780721d34e3655806a0b5885f28e

          SHA1

          c7f4a57472829f6bb4963e98a00a7dda060fbce0

          SHA256

          15dcb5530d6672697c78639d17b721579ec18231faa7034029c7e428c78e8e2c

          SHA512

          62720cc863bc768fb742bb2bfdb204e30d94f4548d423b66fd3788f355af1df7a850eecc07a10b8ed8a7a050d13daf9c0b5e3ff674ba4f0bba71b57aa998889c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          0a6361312162461e73c170b204126eb7

          SHA1

          c49c56414cbe3fd1ecc0e7e07ad0d13745827ef5

          SHA256

          3b6f448bdc8ed4d3b4ba202dc8d062b4777f89db5740062f84810889b459e801

          SHA512

          b8c6b93275d60292d2f5d6bf14d0201bd1bd268bd6d1ecfc7ea4104c522beeddac891f85b4254c31eb22eb3638d574331179c20220a860809f5b9aeedae3bcee

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          daf14cc709f30b871aa98c7731f9cf1c

          SHA1

          37f73cb2d028c40fb70cc5452d77b4eb43125455

          SHA256

          db3593f1239d259c0d28452dc69d63cf5505e0256a7d8fbe520dff18af98a2a9

          SHA512

          2318240e310d18eb063146b1c110875b65cd06416ca5acd85b62c941edb9c7479c628ea9e6aae68217b198587012fbc78c4d669821997e7a7ba1bc4103c4c360

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          37eaf0c158cd93823eec423671774cc7

          SHA1

          09740e3221773b1e5532bac13e9dd4f894303a44

          SHA256

          5675f1a3a41a33ad2c55b7d1afc280a1cb1cf61cf513df5293c24594349b3e0c

          SHA512

          c2c1514dfdab21b44ab6c4326c32611ec2f0abe7db79a6032651ec6dd104858ce78f00e91a381c19ae1169277b16cb14d113a8bb38872c78dfa3f9a5845733f4

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabB1A5.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarB226.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit