Overview

overview

7

Static

static

7

b60c71573b...18.exe

windows7-x64

7

b60c71573b...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

Help/en/TO...tml.js

windows7-x64

3

Help/en/TO...tml.js

windows10-2004-x64

3

Help/en/ab...ic.htm

windows7-x64

3

Help/en/ab...ic.htm

windows10-2004-x64

3

Help/en/ad...ic.htm

windows7-x64

3

Help/en/ad...ic.htm

windows10-2004-x64

3

Help/en/ca...ic.htm

windows7-x64

3

Help/en/ca...ic.htm

windows10-2004-x64

3

Help/en/de...ic.htm

windows7-x64

3

Help/en/de...ic.htm

windows10-2004-x64

3

Help/en/de...ic.htm

windows7-x64

3

Help/en/de...ic.htm

windows10-2004-x64

3

Help/en/de...ic.htm

windows7-x64

3

Help/en/de...ic.htm

windows10-2004-x64

3

Help/en/en...ic.htm

windows7-x64

3

Help/en/en...ic.htm

windows10-2004-x64

3

Help/en/he...nit.js

windows7-x64

3

Help/en/he...nit.js

windows10-2004-x64

3

Help/en/index.html

windows7-x64

3

Help/en/index.html

windows10-2004-x64

3

Help/en/la...ic.htm

windows7-x64

3

Help/en/la...ic.htm

windows10-2004-x64

1

Help/en/lo...ic.htm

windows7-x64

3

Help/en/lo...ic.htm

windows10-2004-x64

3

Analysis

  • max time kernel
    135s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    22/08/2024, 02:42

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Help/en/demo_topic.htm

  • Size

    1KB

  • MD5

    24a6ddc39ca6631583b7fb54806a577e

  • SHA1

    fe86c20cf66e6047590d707e6eea0454243abf75

  • SHA256

    cc03a4a08caa166a4ace2cac33891c25eb1faecf21e19be78901545588133a9b

  • SHA512

    f9ead5727d36e5abbdb1d46240ad10de84b93d3d5db0fb3c0f13470ce8892cff40c2ce5207055132c219204d85826b116b7d74a757f66e7ef82e852596dab4f9

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Help\en\demo_topic.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2504
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2504 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2424

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          8566334dace95232665c34ba484590a6

          SHA1

          9d40ce748b485385501cc8c6fcff198ea3913c1a

          SHA256

          d6d069a9b1aa56daf4b53fba93ba41c2cfd9569410fd4699a557b0e3bbc4ff39

          SHA512

          480ab478ef454f5f9eb3ba3c014e93d0af913b5ab04128ba81335f9a0b3a6118c9bd6c2458617fcaf9624235605cca9cc0be1c598cca59ff1256d98f433cc2f6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          bc1645f12cd1dd7696c6f81f51f09616

          SHA1

          a308ca4b8925054f843485c3e65247d237e74566

          SHA256

          f38de9edc51a4d9583bf4d5ca8ec762d643f0a88ec2d64aba4b5576140fe1e6a

          SHA512

          805972b3747bbf703322da580ceb49886a501b63be6388481818faa7956850dec13cf4e0455f0294c1727d36027815ea50ce4aaf149210cc164a753e2b307396

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1eaa7abd2adc9decd59ddcd966f380e5

          SHA1

          302e4a6883a7d5182b35080a2cf36bdc622abfb1

          SHA256

          205854a937cc5705e87e949ecebc2bb13abeb60f8b4b4831775aa56595214512

          SHA512

          cbadd33c19d51ffcde8187972494dbe5e90bceabc4cbd2153c9cd4d85da345c9d06da6ab76e711d2da4f6a757fb7bba410eec5cb17052a7c47a61665634051c6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a6d22dc3da4984c5c2cc510bff121e79

          SHA1

          2b91c5b94181e0846fea54ad72c372e045ff21c6

          SHA256

          a2e55b8e2b88cfa65e88c6446f4e08394541455dcf4d4ce4e1a527cc97369dae

          SHA512

          8cf233aaf38dab0ba250149e2005bf0cb834711943ac4f99a46dce5bd83c9020cb5c82b0a7ad337bc0c66f838c363559b498fe97d235c8b85c82e0aac29b4516

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1efc0d90b65f22decd2c030d1cff98ea

          SHA1

          fd91157d7e78b4fbca69696d26cc74e924936042

          SHA256

          9f970c97117623e253b5951795a7f3bd0ea15bb87c3578b2371c04b03facb52e

          SHA512

          216f218d292de7a43a726d8272b36e1b71d9098e65450f0916423bdbfbddd33640df49810a48aaa6417bf98f283629c98461ea85dc3ee58da670f51e77d2c007

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          3df4cb5ed9af16cd7ff8b5eaf699e0ab

          SHA1

          3c0c8cfa1dda42a6955093177dd53046662c3fa7

          SHA256

          efc8098ee923e83a84505a8f23f9da5d5d89b06ae0f68edb1b8b50dd7d0f9640

          SHA512

          2dd525d38c3cda02d8955dfc01cd4c8bb6a11a6c839a865980b5a7cced9a1b6f65e96f381bc1128f26df70243675e8621b5f9acec49b1a47cfbc9d40ff48ac1b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          c4a8b92269820c2296aef7401947112b

          SHA1

          5eeae3791df33e25b0a8006b6e5de49dd3690260

          SHA256

          2f3628e1a1baaf62e5686ae3fe730f94a99d863776481e9895bd5b66af97749d

          SHA512

          1f94ab186cf52fde00f0141a9e9844d7731ec2208d055cf6bacc54205eca9d7d4461188945c879c6f6069a8b4af31908bb9e9a256463cbe4f1b99d768d1a9f7a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          48ace41d49723db2dbc973056990583f

          SHA1

          a14996f9c832d9a497a5ec9a72a84414a305e96b

          SHA256

          797cea4cafb9ae246c5e109cc073b6f4c90f41fe7b807b0eacb2bb5850dbfa7f

          SHA512

          1ebd196f0b78bf8b6a21f760546ed805c19779b199f124da30bd3d8aaf95106f66ac68df79d7ef5bc7d1d220b55cac280afddc40036ea53903bf321e7ca41687

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a65080f4474c5a9a28f44ce0762470a4

          SHA1

          41e829cba45ddf776a5a9bcf62e141a25dd4a728

          SHA256

          7632a48fe716e9a8ff574cc02099acc2510d96be9a6ea9b51951ec51b0b75cab

          SHA512

          7126fbaf7cb8f2338315596fc5feaaf84618dc45f46bdb499c7cbec6c0f615722884f28991d3fdae845a7eb7e149db0d6e0b43c5c74b2eab836b376aae5217cd

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          e4c0244a9bfd983d606cc6c54a65c850

          SHA1

          37985f74b8cd1938839aef5ee58092448b038b8c

          SHA256

          4fbd9868957b70fe4c14a3ab02ba2e9b375bd90a4f3731de4753781a7fd655e8

          SHA512

          c262d6a1a4e06f815403a2dae091c8e2e60bd59027b836d2dbc9e90debd0e71f49659c6c89c30c9bbd630e605e2d4b45201f6ebcaf28e0654ffcb9162a51719c

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab52C4.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar5373.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit