Overview

overview

10

Static

static

3

086583686b...77.exe

windows7-x64

10

086583686b...77.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

RollOver.js

windows7-x64

3

RollOver.js

windows10-2004-x64

3

caption.js

windows7-x64

3

caption.js

windows10-2004-x64

3

gestaltung...e.html

windows7-x64

3

gestaltung...e.html

windows10-2004-x64

1

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    139s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    26-08-2024 18:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    gestaltungsbeispiele.html

  • Size

    2KB

  • MD5

    f1c2b7b7b90de9d73672db4fffecd1f1

  • SHA1

    04ef4207e0dff63d1ac2b02f701a53f6b098b5ac

  • SHA256

    166e7db0bbf982ab239fc1ec9a147515d71d1d446d684223767c5b494c8b05d7

  • SHA512

    81bcf68d8234b1f73aeed52548340f53c1d3db14554084ba7ac96f9e481ff5f7871be2fcc3e761672fd53f1f3898c637f63cbebb2034d81dccc4f86c55977db3

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\gestaltungsbeispiele.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2512
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2512 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2328

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bcf7f084a6b80647a7ba3685046ff4c8

    SHA1

    4dfa74b55ab78a460cbb7a9270e8a543e46ae9f5

    SHA256

    39c2481ad769bb68bc9bdff37f0879205d6a7bf5098c17a6993f5a7b0ed2a1bd

    SHA512

    2aceb8f5e19925b1df9d06ab9cf3d887a4760bfa3d88c738062e17b91be05bf531d21cdbc66188fed0315bdf8f641b07ce58123a76165dbbcb8132645d6cc5f9

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2aee10e3250c76c6d58623b73f884b65

    SHA1

    ec407f0d7a1b648c4a2375eabd9be2b0e88e1fa5

    SHA256

    88ff4d8842c22be863c8ca5830fa781ea4b562864e0e033723b788bb06943e58

    SHA512

    f553a371ed3b43d999d62e573b08e589fa868f6c178b30c0b13eda68e7974c52f5563d4e1f36a065516224115670fa555235b3b3f12c9e3ad663c5c41ad2e83b

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1f275f69df81da1e20ed027a55c06cf3

    SHA1

    5a775ff9360028d00b8b9505a175798be3099987

    SHA256

    4ca4bccb454a4d5d277ccf92d0e309559f400ae2236717e91d4759e34e8b156d

    SHA512

    a9b4553386ac1421fef86729a4e8dce4ce1c1cba1c8c68dd28fab844068932bc91a14af657f73e409abe4dfbfe33705aab9dbe69becae1060dd3b5d37f7d342d

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7f296f72d62b8b65e642f1416aa63ff6

    SHA1

    c212beab4b083950c5902357504dfa5eb8f9a5ae

    SHA256

    ced6c97124ff4cb15eb7b4c18ac468109a4c9763423060ad2d9470b7c0e7e6b0

    SHA512

    1d00df98467e8dbc58babee49db33c940f98b55fe23360863e6e799a1930c8237fa70d3941c2dd57d8bfbd3a8a8660369a7c2b4eb1b332a17dd09352137b3b35

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1b5b7686e57dabf4b2a3c9c79fbac5d1

    SHA1

    5420d656ca5a170d1dcc7c3671e7a6e3abb37f19

    SHA256

    85f6a6f4752efca40a9cd5bdea0eedd69026e683249a690af9b5bbeb42f04cf8

    SHA512

    e217b53a92380930af5f797c6abe72310e351eaf6c51ec7ebb54861ab6bcb69e31ce863534a21b252600e6fdc2d661ab52c577a6c4527c2bbb292439efffa44a

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e00ecafffa4a266000a4f12cf02964ea

    SHA1

    ae56aeeef65565f58f26771077d21c8cfe95a7d9

    SHA256

    2e1d960e9f4f1595f3dfc2705728a51fcf0d3d6091cf130ff63c016313fec488

    SHA512

    4893c372aef19215542dd4f055df5d4399402af7b56abd15927a76172c287f241039341b271a5e9524671560b2285ba06872612e9b3a88fd1733efbc696e6730

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6d3e81df2f3ab81769144cf736e60a56

    SHA1

    caba87ac746298806fa9ea9def51f6911ede44f8

    SHA256

    8c1b1dbe37ddba3abcbd70cef2e86b07ab579dd80c3cc39770e44a03d6375f9b

    SHA512

    4353a1402e76a1b4be48c737ebec7516846312d5240e70210e0732df6e5973c87a82bf49c86f7ba61c028b68965f3c78a54c7f932cc96d73c7f6a578eb186ab3

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    16e5649c34322a8a000e7c811ae7797e

    SHA1

    9277353b210ffafd8959cb977a434bce5d126170

    SHA256

    9b83ee3238507c4b0260d2ab21d6ceff4c9975051b16ba9eaefceb474e2028b3

    SHA512

    2b6d8e071749d86761b5df18f5962aa6dcee808a1052fd3003539d7a2cbfbe71ebdf15d7184fcf0ccabcd063285d5e9ab88f2f4a55d76fae09f647528fdc07e2

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e1d7914578f4dcdacae99d28e83add24

    SHA1

    d2af54d6d6fa9ea4124e55ca8ebd4b841245b99d

    SHA256

    5eb18d1a067bb1378d77f4ff134e1695275e6aba05dcfc083cd1c597e910a739

    SHA512

    3cb699a015d63d46ad65eb80619475ae1685a25e9f093fac3b8a693a9a4a0a420e90856dc624ffcfecfe4a2dfdfc5dd68f89a11e6fe72c37c968656528fd72cb

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2eb91c8b35b82a98adfec44336dc20b4

    SHA1

    1aca789c72cd06e7884795c78c9d09fd07170d27

    SHA256

    7fd8da17c97cc60f8267ea211891caddb8c4c5d4f26011ef31f8122b930544ac

    SHA512

    b9586999f174ce024abf205494393a1f4252d17545f54c69bb8824293d994c79faae8fc7966944832daa72d82eec74ca1da81ede62d283e54e7c61bad3e71ff4

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4f30631dbe4cd48ec8f602442c0f4941

    SHA1

    47ae7dde2a7703bb02b2ac781af213f65aeef577

    SHA256

    caeb1813cdf0bf7bed2dab599901ea05a8984a26a3e128288ea098e1d51cecb9

    SHA512

    00f78316728b8e04b6ae856387e34f260968d03140e8cf5d487505ee289a4630c856811f8d84fdb8078e3afc44e888bd78442c690656afd8870b8435d0e2a08e

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e4d17a9b2ff450c27e8a9b8e6a141b54

    SHA1

    e3037ebe72b95e7e7ef96a1bde1207dac17ff678

    SHA256

    a058e9107db0832c0266e84056a42dad407f8feb38ee4d02a797a04e086623cf

    SHA512

    e4a3247fb64164f684ef5806f06f241ae8bd4258a4396b340c594973062a16635ed8d684a3fe293210fa33d22f9d90d7e7e7ebaf8c66349c53bc119a98a5d57f

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a93ccbf1292a3365c5c5128edf1d6d62

    SHA1

    aefa9272420da3e8592e7e79a0703fc170653423

    SHA256

    e0ed9c1f31958d8418ae7ac13df85f34fb69ea6bbe3138c82904a02ce509f2e6

    SHA512

    79ce7be1be4c77b61f8d71c03761f1b73fe13e4da646e7c323409671f72d25729b15826703b21d7391020ebc6d21094c116eb94fa1f4a24dd3320342e205c4f0

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\CabDFD5.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\TarED61.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit