Overview

overview

8

Static

static

7

8f36dde1cc...0N.exe

windows7-x64

8

8f36dde1cc...0N.exe

windows10-2004-x64

8

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ll.dll

windows7-x64

7

$PLUGINSDI...ll.dll

windows10-2004-x64

7

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$TEMP/$_85...pp.dll

windows7-x64

3

$TEMP/$_85...pp.dll

windows10-2004-x64

3

FireFox/bootstrap.js

windows7-x64

3

FireFox/bootstrap.js

windows10-2004-x64

3

FireFox/co...p.html

windows7-x64

3

FireFox/co...p.html

windows10-2004-x64

3

FireFox/co...uid.js

windows7-x64

3

FireFox/co...uid.js

windows10-2004-x64

3

Modules/7z.dll

windows7-x64

3

Modules/7z.dll

windows10-2004-x64

3

Modules/ArSp.dll

windows7-x64

3

Modules/ArSp.dll

windows10-2004-x64

3

Modules/BdUdr.dll

windows7-x64

3

Modules/BdUdr.dll

windows10-2004-x64

3

Modules/BrSp.dll

windows7-x64

3

Modules/BrSp.dll

windows10-2004-x64

3

Modules/CdPrc.dll

windows7-x64

3

Modules/CdPrc.dll

windows10-2004-x64

3

Modules/Core.dll

windows7-x64

3

Modules/Core.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    67s
  • max time network
    72s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2024, 13:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    FireFox/content/html/popup.html

  • Size

    734B

  • MD5

    c929c4ef17977667affa3fbf2308d429

  • SHA1

    8981c4dedbb7446e817e20f206b5c9e174cc0074

  • SHA256

    4599c1cb8c97f841d48a003f47e6ab8b7b8f720448129183c4499812468377eb

  • SHA512

    1831fb44ec6c9ff32fe21386023d4f0229d85844b09ed28975b65e5aba6eb81c6a0f783a7e023f966cc90082191ea4d5df5c3f803f2764181461433ce38935ad

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\FireFox\content\html\popup.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2624
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2624 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2748

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4e5295631a579f54025b2ee703ee5f93

    SHA1

    34d56fcedf43c45b6dc106ac4c46d85cae78eeeb

    SHA256

    dbaa1be7e849ee5e44a7ebe0f73b7d576eb1ec1c7cd7a0f2f7a413f517e63c9f

    SHA512

    24a21a538b143a370dcd4d294177192c1c1e4f00d46ede229463a874446d33dc789d9d938fa94e98aa6b1386a7022c3fa75ed90df67037f936e3da79dcef2ad2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0cc0ed3fe4ba374aff9a110b65e06fd9

    SHA1

    f93bf39a1e0030e51dae2e3fb66cda325841dde5

    SHA256

    cecad528c3ceab5009a127df6daf9a7ce36ed6d03e9c16ed799d17ecfed0d1bd

    SHA512

    fd03ef7c766b4e0e2a17fc0ecdcd19caf3ab84f634b3fdfff4a64f50875862edd96e25c25613bc1ba630975107a58be0cba29d640e42506b782900a51bf9977a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f50e149a523158a9cceea2075acf916d

    SHA1

    9222e26b43658e8fc0dbf5b072cab757075e2a5c

    SHA256

    84da3449408af0a41a6c1b0f4c351714a2b52719fb07133ed02a7196f58231ac

    SHA512

    5b345875b420cb598b4d792c15f44b3fb0e56c8af39df18473aac15071f6197b90431d95c103518eec46ff989b1bd257a50c56c117b9d2af55e0a2af0b7591d3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c839c5d2f230ab8ebc7bc5622f8dcc5d

    SHA1

    ef0e8d2c7ca8f69bdf80fcef2ee5743f469ed0d6

    SHA256

    8ceefab763fa687326b608a52873ca38fcbccfd3025706ea29590644829e6bcf

    SHA512

    69657a270a20dd556844168226060f5901e3aec83dc62c44f35e1f839f57e6cc3363232c1beada5b81fa98d13f10d790de44f526b1c28814b3f7af87b6e011c4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    38891e14e154fcdfa1c1dba2a1f29c5c

    SHA1

    979b0794e693d638a66e74e1a7f90c529e942807

    SHA256

    2497a2636bf53515d01997952676126e0e90013a86df4afb974dd48f1b5201fd

    SHA512

    9c113390a3e714c3f19dc1f83767a7dc087646aa93dd85a39834b37b1ea44b33e331e49a47861958635da697969e0c4731dc172ed276072e66e8669a598eba47

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    97c5271d00d28e85f7e046b3d88159bd

    SHA1

    94c270bb5c4858f63eb11e6553f0208fa963c5d2

    SHA256

    68081f098c66f676412470b7c94be15127cfa0136350a6574323c564a08faf59

    SHA512

    ec08ceef2dfcfd6cec2de4b1e3f5f84ff8914ae8ce56ff46aa44f53b2457b8c65b824db38471290a24d9ccd71025f3f5655291f78a1b27ad3210de89c4030d9f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b947b7ba15be25e8d03436a8d7db2613

    SHA1

    e81e1b4b80703de2dfa9fb98f78dfd933c6624ab

    SHA256

    ba544ffe585efb41395cdc0babca04438f5ac70c3204a76644f5d240509728f3

    SHA512

    5221c5aa70d91e264ce4fdaa394dab775991a614acac61bfdb8db2b9e5dabd350ffcbdb7f30ccb7254ba0741393ac8ec8fec42a35cf5eb1a22a153be6ad023f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4ffe16705a3095f8ef5bde1ed03e1d40

    SHA1

    b8f26f93e48398bd8c1e3c3af4bb5623e7b5207c

    SHA256

    e8bfc9a371444ae316d9efa1381e63f10f09042fe49a1596bd50be9472873bbb

    SHA512

    3a156a255100b9e173c1b1b90c526eab05c0662200705cedde27e2b03c102bee96b948a93928165df5303088f1f0802da4b8e53aa5ec48fffa514912662f2981

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    071a6e268c773e36e9a7309c1bc1c605

    SHA1

    777071acc919f1c8ab0261ffd9d3d0f4e12b1a77

    SHA256

    7b85681501fdc968c3b497c5b82e0e8b51f14d9e63e25c2959a9db056352aa74

    SHA512

    b3354aaa45b0fbfe794970cf98a331255ab18c865031483910b447c5c18a70d4d0e770a9025696886dd4efe4085539d565f643da3f47bde4a4d7635ea40435a1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    be325acad6b9812059317a6d5f3e8908

    SHA1

    19506adc5f9b3fa7c09b66d15406d10b24b70f02

    SHA256

    d6ae0e3b648c146530ee391369768f700b64edfd2226d81a6fc90ee2e467c1ee

    SHA512

    bb903e122f00f07ecd5f0246235753c514d25f4f673a5f4003c089f883ebce34ccf428b38b73a509f6cf7368137ff948329d94a55a6a3b37d25d7a4303633e31

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1baef7e03dad8a4a1dcac585211bc603

    SHA1

    01733860b788f7669e43024bdd9695f4e0ce2dc4

    SHA256

    e86e2e600c5930ff180c4a57c3e5b8312cfcb7d7ea1d24932c860bb915fe342d

    SHA512

    672914455505181dc9d187e173488a9dc7c730ddf6fb22683a6782678ed22131dd31c7c22f1decd2f804a433aae40ff922bfec2bd004e376474a76fd3974c3ba

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab149D.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar14AF.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit