Overview

overview

3

Static

static

1

URLScan

urlscan

https://github.com/L...

windows7-x64

3

Resubmissions

22-08-2024 12:39

240822-pvykyaxdlh 10

22-08-2024 12:39

240822-pvn2haxdkd 3

22-08-2024 12:38

240822-pt73zszflr 3

22-08-2024 12:26

240822-pmnqrszckq 8

Analysis

  • max time kernel
    5s
  • max time network
    6s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    22-08-2024 12:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://github.com/LeoLezury/Hydrogen/releases

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 24 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://github.com/LeoLezury/Hydrogen/releases
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1460
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1460 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2204

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    43386777d88131aabe7d6e140a9effe5

    SHA1

    f0dd5016200fad525b2955a9d8dba675a2f00b74

    SHA256

    78e4003492555621190754aaf127d9104b927fbd84917da527c4ecfdd7664df4

    SHA512

    5b41c22d9424518679d7958811b7b7f0f4027a103f216cd93bde68b969328f4f8c61d4042bace847907fe29373b6e4d8e63272598ad6fe939f1bcce681d96b0e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5e1275b093b729ccc34a505289b877e5

    SHA1

    7b165a857299e335953ea834c66541803a84fb85

    SHA256

    03b00d6b85eeb2b77a03c7a9af09bb6331f913fc3b20fcb55ed0f965879990f4

    SHA512

    68080260abadc71dc5aa24bd0e8f372cee403ef917777260ca693b4dc76bbaa73383a1e32c64360e92fbdbb64e215c516373c99ebdb6e41d4561cefb121d5f82

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    86c3fba0f2834beff728b9906967178c

    SHA1

    73b522c0a0bf1450bd56556fe4c7c35b43f69dfa

    SHA256

    1e6d4b5a025e54599552fb915777232ac79833329617845e00a8cc618d843368

    SHA512

    a8464043b99c84cef500f21c696758ddca0a4c22d3981cd05ea0314d07ef2cf40fa41ee866cafc596c6f3fbc09373452afd6a2231b304463fafc3d95f522da69

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2be1b23de84d424ee9b5640982db20d2

    SHA1

    c4b6ae570f9064551c7fe2300794b368bc39c2c8

    SHA256

    1b141958ca3e88143fa8995efa60ad4fde6b76bc112273cea31b39477f154ad9

    SHA512

    5a5252cea59b84fcac549e5551b3fff7933749af28fb0de25d94ae0c1dabbe3788eaa2783256885e4cc095a7679b07382cc272fab5b6af7847d8e9afcbc94554

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4a1dc20302329d0b0e2ad00279fe75be

    SHA1

    7b0aebc17389af2184f73c25cf45d52a9aa220a6

    SHA256

    7dd35a2202a4398925eaf5663e662c7aeba213882519effe0783677a8caaeea8

    SHA512

    74e1896e37effc3c4a8fa54e71ea2aaf54d5366660ff53536f43e684be3f6feb07650b9466fbdd8b88ec7dc4797232d49d4b1a2e1bccf0cb336c9cade0f2096e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ed59038e92c9b1763cfc12493b216f23

    SHA1

    61ff3cfd50426d637376bfb86ab10884c79bb96e

    SHA256

    147fc3bbecfa1a5f2b15eb0ddd6c6fe106da75f9601728b4a75bafc1bdc8c3de

    SHA512

    29aefbeeac7a9ffb2ca1f03fef96932889baef1b3d0b40288748be58d50cf1c6ff8f758a040c35e595acb07661a1fb2a32e9b9c1732a59206d1490a5d5661bb9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c84d2ec10b7f6aaa5084f4da4ac798c5

    SHA1

    b1315ef90b57138efb9a50d2bb49a42be15a867e

    SHA256

    18f2b1b23c3303d7abe365f24c31987dad6b67335f750b418491c3b13955b918

    SHA512

    a24294d229b3bb7529275fee36a79244620988624d5a038e59e0591f8946a272aab8e89f8ab9af75224476d7cdf255d6611416fa22f72d51b219c9ada7eeca8f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    36b98c14e65157db0bed83af26e98326

    SHA1

    facf84a0d3d8b623880363baad6d02e2c30b2098

    SHA256

    4118d8a5c6cbc89a9c372cd13848bebdf71bfdfefa8b19676109db7994fef7cc

    SHA512

    10e19cbd310a9265e39a486b9463d163ee862aa523baa43fc38eca550fec27120801420ea4b9c0f33d93501cb842d31dc42d3c78b5843499c75984a1d0b64e09

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabAC48.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarAD16.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit