Overview

overview

7

Static

static

7

b60c71573b...18.exe

windows7-x64

7

b60c71573b...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

Help/en/TO...tml.js

windows7-x64

3

Help/en/TO...tml.js

windows10-2004-x64

3

Help/en/ab...ic.htm

windows7-x64

3

Help/en/ab...ic.htm

windows10-2004-x64

3

Help/en/ad...ic.htm

windows7-x64

3

Help/en/ad...ic.htm

windows10-2004-x64

3

Help/en/ca...ic.htm

windows7-x64

3

Help/en/ca...ic.htm

windows10-2004-x64

3

Help/en/de...ic.htm

windows7-x64

3

Help/en/de...ic.htm

windows10-2004-x64

3

Help/en/de...ic.htm

windows7-x64

3

Help/en/de...ic.htm

windows10-2004-x64

3

Help/en/de...ic.htm

windows7-x64

3

Help/en/de...ic.htm

windows10-2004-x64

3

Help/en/en...ic.htm

windows7-x64

3

Help/en/en...ic.htm

windows10-2004-x64

3

Help/en/he...nit.js

windows7-x64

3

Help/en/he...nit.js

windows10-2004-x64

3

Help/en/index.html

windows7-x64

3

Help/en/index.html

windows10-2004-x64

3

Help/en/la...ic.htm

windows7-x64

3

Help/en/la...ic.htm

windows10-2004-x64

1

Help/en/lo...ic.htm

windows7-x64

3

Help/en/lo...ic.htm

windows10-2004-x64

3

Analysis

  • max time kernel
    122s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    22-08-2024 02:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Help/en/delay_topic.htm

  • Size

    2KB

  • MD5

    9372d621f8e3ae0261b8128917fa9bd9

  • SHA1

    5b4222b977f686846d60c29d4b8d7af1fdee4ee7

  • SHA256

    d4135669f9199d8410abd50a75ca839c76a15e55244715b76f6ae17afdc798d2

  • SHA512

    6ef3893d02e5baa2f9a4b9ad38935fe47f9194060e11ca1281761bbecfc976e3302c8ca5cda8a3cbe7e23a8e321ec78548ab0e1f4f8c21e74d5addef0c498f8f

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Help\en\delay_topic.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1908
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1908 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2968

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d8801276025431918f031cb074af0ad8

    SHA1

    29ba0a0ab79c4b26c3ea3030897d03cc6fbcd487

    SHA256

    d1f1258960e0b6a48c7c55f9678fc13b635a38a07eec5ec92c89ebf6b18ec78b

    SHA512

    8656b98dc7df6bb56b2062172f446597b66c090f50c18eaa8330e1c084c0bbc607eb5f06f307e12c47954c3bb5879f09c94c42279fc88bb8ada3e0f822a6048b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4a569479af5761a28e0777fe7ef77927

    SHA1

    85311617745c444b0069898c5645f48a30ab4b28

    SHA256

    6d2d6e592a9734003e16d96980e0583dd721188e72ae90a70e0a3e2494110a5e

    SHA512

    2b3ea2c385fb14cbe95b9769da880b42e11f887cda5d8fcf9c2d5fb6944e4ee6f70833b0df81cb32a0d08222c6ce42c048445daf9b1dc6c68fa8ac1b2a1c49c9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    86e61382ba2e2cc9cdb59d2a607080c2

    SHA1

    9ed54ba83366b475313e097ec04ad906b91d0b4b

    SHA256

    178dde92cafbf3c37d58c1ba711ed9270810967cbdda32a454b5135506ea3dd2

    SHA512

    e295826621f0d53d4cc310a3e06ea236fc8129ab817cab59a143d29333215cff763d513a433ad83005af50b0a7a5c5483f5f58a69a48e9dbe41dde1740db38f2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    16f4c807b8526a86fe841da925a3e488

    SHA1

    ef4badf76c9602055ec2296974baaa019b4f74a0

    SHA256

    3b31ba93009016a16c855826adfc0c0d713a2f42b290394cc5d82ddb5eecfa82

    SHA512

    14f89362a913fb78ed90c0e9a5d608c1ebf50c327f23662eb862eba1067da0e663389b2a0ed93eb42c968ae3a15f973f9cd80339a650cec9814055fde1903900

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fb37540de01dc50e3782dcf70b592224

    SHA1

    acb3ea580228388a82da934a144ed8e80025383d

    SHA256

    0ce0adfc7a8ae954739223031d9083427138661bda63d5efb56339c98dd2f0da

    SHA512

    9514b2af007dfd35d92ecba633cb3cc58c32a1b9cf75c0bd7b272ddc1b4ab3513151bdacdcfc41d6911729dcef5d76f61bd5f58b988dfb14e16501ea468f46c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e0aff8addce3846238942f5f35ff1fb1

    SHA1

    fc018b6e10468391047f58cf94d10d199a5662f3

    SHA256

    5b36110337a9927709a24b4d2c718bf2a127cd50e5eedca150fc4abf2b48385c

    SHA512

    0702104cf2744fbabf1a88cb67920062882c395a8a89fb07847f0c4e40c375a1dc10823e2d73a3bc6de7be2bbf87b616055a06637b533162113eb3503534a1aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7ede51261911f7dce7cd0bb29ac3c59f

    SHA1

    62f3645c27880e97983f59be7a435a996ea7fd4e

    SHA256

    b872c3bd79847d6188468924246bfffaec42f5c8d6bcba5e1d7b88e57b865eaf

    SHA512

    7db97e70c91a2b4f933f8455c19d629cdb0682887eb52638128c9be1818b46559fdb42b6d9396d3af6bad3e4351b3dc36285b8dce1c4ae7a6ddb3eff2982cb8d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    accaf3d437642c0761da403deb126676

    SHA1

    50c129299553a9725a2a75bb30798621d2695ab1

    SHA256

    acd410c61eb95e09511b104055b23c20aec32308213e79445f82201de1336718

    SHA512

    c24aacc4940d3998767570722c198c7535ba054e5090fe8fa50ba34cdd1c08733a376abcc252a63ad097c88b551335222a3861cace70ba1ccec35a7c1e9037c1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e9220f3fd1c05103de61585c3aa281e5

    SHA1

    0a64b306110bf37f520d4b5d2488528751da8ea1

    SHA256

    e5ef08705a294028f02abfd36c49ff9cdd3d3816c1cbb1f990558345a7ca1b67

    SHA512

    f26c9d7636dd784f783a7629ad6ad7b731db261e65ad38620250ac3f84cddcbebf9bd9cfccbd40ec3bf2eabf063272df76f072310ff8595872e968646f3b899e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c152b4235674e44f1224d05e5f4e8819

    SHA1

    04641f91d576dd40346698c22f2ac18919d73c54

    SHA256

    023abb6ca59c4b38ade9b8845e38ed7b7343d07786457355d313e460373d0b4d

    SHA512

    1fa1a2aaa30ddf2d184661e4028ba45a79d6d4878ce26d985cc58a08e601012e47188546171fe9ab12afd72c5b16fdfacf4a0ea11f9a74c1cbf1c770f7f8ea20

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    998e7c2c1848583b31b3d95e729f51a9

    SHA1

    e54ea465570a1724fd1c13faf9e9cfc9eacc0561

    SHA256

    a1f6a2ff80883a49bdde4e48e4e7022c7b107b0c0567b87a34782f4e1ba82ba4

    SHA512

    8773cdf5e9d04240d8218004f1b4aad94b495ab26011065c7a008456bad37e0b2857e54852bca9e2bfb9af6e22e5161544b00cd8399c3480e5692c612beced36

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a1658aa38c0cc8b25a7ef5708be7a2af

    SHA1

    b4c37a73d412549375a79e133e5b517f4ca0b61f

    SHA256

    419c69faf31a0fd9defab32b8b3049cee3b27f778849e11ab1178da0c1c0008e

    SHA512

    64c06ac8edf33253846bf06cb5da614bf240e0248237745631e11ec58cc1e9c56663c748b4e32e28a48b4079452451d61677d7dfbd707fc13d31134797e824c7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6bf291ea1dd5767962f97a145e158a4b

    SHA1

    94b7a884a1b372815894fb4842a973c88df5eee3

    SHA256

    461c8ecc40e622dfd59d870d1e47c07658b642c7fe7652cdb2826ec7fb75ee0f

    SHA512

    e0e3838c0e72f0f26a28e90a15f2480575a04d7e9ee17930e70a1f27b71d5931591702359b99e1789a4344e3b79b8576059e8a55ab8a11cabce2eca5c155dedd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d778593864d53836a627dba50d46f892

    SHA1

    fdc644e9cabe68b66ffdc9decee878d404a2e84e

    SHA256

    cf168f9f99916f827e197293b92f745e530ea559f7f0a30cb32c4b794302af57

    SHA512

    6ea87fd0b9199f29b96167b61a4b8c404c92a34095c8237dd3d7548e18f49395252ca565b709ec7912e47772e79680798c5d6d6e87417d6a5734dc590476d241

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7a2a3c063de89b11661a2e0025c70e93

    SHA1

    af37df81c4d20ad5c99beffe6530ba2fc739d43e

    SHA256

    3071a6865259287a6eeb55edd76dd5834b9c3aedbdb9fe98e00ee605b43dc340

    SHA512

    4e183542106ca4b5fdf45b6d0220cd6a66e952ba5d4a5302b57be6f2f6e4fecda8441ad13d5b1c41539bbf48e416f770814cd556287df3d318bd0b3a24323fad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0d8fe722a08fb4968b7460757cef05df

    SHA1

    974a924b913d4cfc5ed725cd29cccb7a1622b85f

    SHA256

    98c5fbcf770644e4dbe6b5cca56ce51e3bdb92365a6450af7e88efb2bb9bb3bf

    SHA512

    109ba07ba268f2e284a13f15385d45e1a144395edc23c47145e1485fa82ae19dd0bb2e5c6f1d74aaf44c722d94f6189c17d8a53194d679a52b0ccc36366d5921

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3e1c21dd187a88f92d02391aada2096c

    SHA1

    c2ba45e2a8bc57ca3304800a76008f63253051fe

    SHA256

    4b461d0c0912ef708a8699b4de5e1d5c088bc7a36530638a9636d999f39b62fa

    SHA512

    e3e1053a1080f166fa5c12d5579c8cc115d22e3b8be9f78bd75808e305f2695e232d26bdc2d85d03af5a9c649383ebd666823a9517bf54d39bb590dd1688eb61

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e9426f050a6d72db30c9dbfee413e747

    SHA1

    45e0489e7e92badbc7be21e229673fcc253e536d

    SHA256

    b1a67fa45772c3d1c96389dd4542093e6917578a220c0e24feaa6ed7a9f84de4

    SHA512

    a588cd03e7060316e589b813a2c1866ba9505d559d99b84b398026f4e1fa44fbde589306943a7ac711b7bc61efb42cccc96803f144003a8a99cccd32ba472ad8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    abc0ad9097af95930e0362b2abef26b1

    SHA1

    3cff2df3939869b74e835b12fd214e6e7eeabf31

    SHA256

    cf60b533eed6bb456f0b13c6623ada4a31878e6177fe40ae22708b682cf9f93f

    SHA512

    2fcd14aa91b9dfedbab08fe75b6e08c63d94bff8b679bc30f18231b4a3dddbb9b979b517376e070e97fe63a5c965185ae2fb55ae251610385af78d68729b73a9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2974.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2994.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit