Analysis

  • max time kernel
    80s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    24-08-2024 23:11

General

  • Target

    http://getsolara.dev

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://getsolara.dev
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2452
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2452 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1300

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    41734e1225b5dcbfd32fac0b33110058

    SHA1

    e4a60bc94585e9afb874be077335c994e85bc58d

    SHA256

    e31778885872806cad80b3664a34ffbcc621af65114b30800f576ac26879894b

    SHA512

    bdce5e4950172b678810422b5a98417d3cb9bfcb76b4a009b433c09ae72758e17eddc3d08691076568f953e3be0f9f89956332ae08ef1dc933e6998d8b2a5bd9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9870da0b5152bdf0723ef4a7140ab0b4

    SHA1

    7ec23218b639b48d657edb9123c56cace4675875

    SHA256

    58a8dd18b1a81ff544233a81692d24e298d4abbad70c1607a9ad952a5c81640a

    SHA512

    903b174391f07d42591117f304437fe703a01f5edab46b22d8073de9c507e606199c1b8c532558a4e5d1486dc15dd7a9cb7330eef8e922d5203e739e525c73aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fa160e69b94e506b62a262afea3a0d2b

    SHA1

    12e68c63a333090de015563e360b0d00f10c62c2

    SHA256

    9576ac4ebb37d078118103fa60dd9d377733b96ff67524e479a97a9afe549e0c

    SHA512

    d9c32ec896d1a05695400ad43cc3427144fdcea90eaed8d90b16d41632d3fbf826a012bce6275f557983b2a0dc3e26374260bb7f2e25b62c6c69a0283589331e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8bd2ce14ca9079052a8e0aefcb2ab1b5

    SHA1

    eaded9ca6de05849416d1a41901b72fdd2bbc0d7

    SHA256

    cc1ccc5a08b15751bf694dac4002308b354d0d777eaacbce831c0915517e3273

    SHA512

    d4a4001d888a48f66845629a8e74dacb45b314a23acc3d59bd80bfc6a8c36a9ead755b83795e368ab5d3601b906933cd573c100573353b6b73727f6b185daf30

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    500183178aed117f25118177fccbc853

    SHA1

    94bfbf4f439f175dbefcf5f8341ec2256731c58a

    SHA256

    76e24bf55be98e9ade277bcff0b88625176539eaa15d6fc03357bbfa3c3fc074

    SHA512

    114f3b363024cc4337d4f6583b40bd3d5764be0deb4f4a4978f51b7c22c1cac9c5060ca6b2c6e5eda6b5e69075f49bdcb8a3308f7a32b1969c247813306a5347

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7217d855a5818c6913731bbee819ed72

    SHA1

    f1a756bbcaadb857cb33dbb5a18ba18a3a1952a8

    SHA256

    b84e072e3dd98ea99ca430345a972f1c95c4072074ce5f91c011094132a6f8de

    SHA512

    7da66b46ef18e0e021cb46784d399cfce1534479e58ffb90a08f29f0b585f8f59bcc5119dc8965d8055c9a89c38be74af1e4b3f8aca3fa1d1eb012f2b1fc82f1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b04dfcb71cc837f5041b61b9e0db4b2b

    SHA1

    8f74ec0ed4944bf408244145ec1a0ac020cd96ce

    SHA256

    02c480f9e2e997ab084f04d367711099157f8dd33155bd696ad348e9e1121fd9

    SHA512

    97fe414cecb456054826a30cc25f77b5b78b3ef249fff0e236eef184d72906ecab95d447f61a537a4b5edd37940fcef57e9e57514b6a33a10b1ed00da4fc3881

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d2f3ed3cd3544ad14979aa6dc3c87b3c

    SHA1

    906ff4e6d661fefcbd3f537d49cb83a12673d572

    SHA256

    8036a98028f94725624bd22bb495d618a01a55d02e183990a429dfb13c12dd18

    SHA512

    7f1906126155a82a79a2b9dc2bddb13c716568bc1ede3f0efca0e393ca7592ce15c05e706b7a2b244c691e3510e800c92b5f69be1eff7d5567c3369fa50abe05

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2650b3b0647e28a5d0dff936c78ad5db

    SHA1

    9eed396efcb95e65d93a65c9f04b46db133c1366

    SHA256

    8024eca3bf5c32aed6f3a8a52d9f8898e729aed3111a72b1acbb59496764eded

    SHA512

    086ff53a419286cb6ce019c3b249be5206075fd018d9e6fdbab80383de9367512fce99830dc486e1394549fda9664a3c4c517f4f1ea2390514e5a33f8d223142

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b83355f4ec37b9b83e4de9c198e6430a

    SHA1

    2f2cba037b19b6948ec2ede0b673caf1c510cf5f

    SHA256

    6f3cba848e27505a474c661c25f5b384998c05e5caadc332f9c2e41a631d62d0

    SHA512

    f609dc2906d2de2adc5a39ea59ae52100cc5dd2b849cbde0ab244cc3e524a89bb2f7518b4f787807a6bf44b0a9c85ef394e6b0333b0eb57a2478b496527b6cfd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d2b85472a92b630a4a53c0f01467f42b

    SHA1

    50dd8e4635b56c8a6e487ff3f2ec33e2c80ca067

    SHA256

    dd279bf18ec82870b51ec9a5d30719d907e517ab0a9692f3d5e0fb850783534c

    SHA512

    bf69c6724a087804eee1424365aebcdc3bddd3e3edaaaa6d3c55c33487862c31bc9cdbb724b6febe24c6aeaf8f2fc9b471b84f47c4e785cdf47d28c7f965d983

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    aa11067ab3d5c212f580e25ebcb9e0eb

    SHA1

    3838a726a2a183b51dd3c519c73e1eb3d240c2c5

    SHA256

    ba6528e1510ab2fa1ecbb22da915396e4fccd503b293db48bf5e19324e7d573c

    SHA512

    bd691d93cd979cd7aedba80d89bb24a9d0fe555f8320e1cb625109ff83727aebc5355d20d5979fd332c009ad7d6c99daa08f0d2d56d757aed549d6457a85e191

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7253f2a807b354d5ec113f7b07db6d7f

    SHA1

    c4546c71b92481ae1d1a89e9d2fac4f8cd721bb8

    SHA256

    cdf5ef0299e61bf1c16adf61533c407f9fa8e21efc9e02ac5645cdd520559f7f

    SHA512

    1eb5f9b7a0c3d905898a7a912d3998828b4c1b29fc69a775bf11c74ce9bf6c920781a07e49bbfcb6b5ce84c5b8a54e1b67c77d3705ef68cc9bbe38ee9e605f07

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0caaf6d3b29b9660a03b678216db46b6

    SHA1

    f1947afe6edc99bb5614bd23cb7029cdaab6e67f

    SHA256

    01901f3123b5b731dc00b563082f48a2a80da8c4781e6591090afaf4ed20cbda

    SHA512

    92b8f5a94df6c40561155a26a8d8ac25bfa84e2785fe83a642c271147b2fc16d91513068c8f607845069e3c39b435927f689faaf272e17ac490d331af4c41f2b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    2b71fb21d7ce8cb93632fbbf4714842d

    SHA1

    7f1ea7d52a09aa02989de0dc119acfa8b6431e0e

    SHA256

    1632e66097a901467c2e425b47e7af9bbd72f5310cb6e09a67c0c7b2740fa4d1

    SHA512

    f0b5db94e7b62591de18b55f6630a75937e680a2fc3880c6ae39336f73a55392445c59dd0fc0fc9804faf8987cbf14bfcce82d632c01a7d0a2eae17bdadf30be

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XWMUP5AI\favicon[1].htm

    Filesize

    58KB

    MD5

    f79d7b2e81acbcdb5253090393d198e3

    SHA1

    633145cf2a36e70a9e663588ff968b57d8a73cc0

    SHA256

    90056965adfe9c63aa2252d2987c02cb80bb5eb4e73606574d90dbb4e7fa5584

    SHA512

    1519218bde26b5fe547901c0ffc4a74bb7d08e0862de0ff82f6436c6d9bff143477787cacccdad0b85dfa1ae92855212672304ce89640387be6de0d2edee64de

  • C:\Users\Admin\AppData\Local\Temp\Cab4DF4.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar6B04.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b