Overview

overview

10

Static

static

3

15540D1498...BF.exe

windows7-x64

3

15540D1498...BF.exe

windows10-2004-x64

3

1D34D800AA...EE.exe

windows7-x64

3

1D34D800AA...EE.exe

windows10-2004-x64

3

301210D555...6F.exe

windows7-x64

10

301210D555...6F.exe

windows10-2004-x64

10

60C01A897D...64.exe

windows7-x64

10

60C01A897D...64.exe

windows10-2004-x64

10

67E4F53018...CB.exe

windows7-x64

10

67E4F53018...CB.exe

windows10-2004-x64

10

8953398DE4...31.exe

windows7-x64

10

8953398DE4...31.exe

windows10-2004-x64

10

D883DC7ACC...64.exe

windows7-x64

3

D883DC7ACC...64.exe

windows10-2004-x64

3

DF5A394AD6...94.exe

windows7-x64

10

DF5A394AD6...94.exe

windows10-2004-x64

10

F1E546FE9D...FB.exe

windows7-x64

7

F1E546FE9D...FB.exe

windows10-2004-x64

7

F77DB63CBE...1F.exe

windows7-x64

10

F77DB63CBE...1F.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    121s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    28/08/2024, 20:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    15540D149889539308135FA12BEDBCBF.exe

  • Size

    49KB

  • MD5

    15540d149889539308135fa12bedbcbf

  • SHA1

    4253b23f8d48dd033f9b614d55dae9f7e68a9716

  • SHA256

    a8ab526718cc2767ca5f29612a76dc0bc36a9b11542aa3de92e35e41b98d346c

  • SHA512

    31d23897f54a8120e211b8ff0c7fd38fdb7324c21e5bb50800d9a4055bed4ab72be9e38cb9bc8de8732d5e859291f873fe99e28bf1592eb20c91dc0db5bdf233

  • SSDEEP

    1536:QpgpHzb9dZVX9fHMvG0D3XJB4Romu/IDf:mgXdZt9P6D3XJB45hDf

Score
3/10
discovery

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 11 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\15540D149889539308135FA12BEDBCBF.exe
    "C:\Users\Admin\AppData\Local\Temp\15540D149889539308135FA12BEDBCBF.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of WriteProcessMemory
    PID:2452
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.binarypop.com/?cid=114&eid=001&key=0112
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2336
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2336 CREDAT:275457 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:3044

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8274ae4f41cda851f62f2a84160e9777

    SHA1

    ca46caa41b4de764a4fb652256eeb8f64e9ec77c

    SHA256

    223442727f27632b3f56948ed6353958df8cc4eaec41886b455c4158b74e1e44

    SHA512

    f562ed0a60359b4c888f3b95cd94cd00184c79e7e7d2eeae6a37b35427dc11649085a1f985455443b5c58e3583e9213af19ccfd067647f3caba7353ed3bfeed3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6c87cd6d8d032ea6c86afff95f899e00

    SHA1

    f4b97524de54732b379c91b613e715976f7a2c47

    SHA256

    5950a377b237ead480da32a7a4d9a35d692d703b7828a66efdf4c6d0ff89c7ba

    SHA512

    c66b9b55e5d694051cbc0edc49b983a5f18060a059056094d57d0afd4319f1a7ed66596db1aa39175036b564676ebb5e80621184d4004e484659761e40b68b6e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4fb8053fc3b83971daf6c8d51a5881ea

    SHA1

    22b27200400d1ce56635a69b810f721bb0b812f2

    SHA256

    5f8cd674b7d74d66f11ea75ee7a69af8248b96573a0f6a00580a76dab3d97035

    SHA512

    e3a30f282ec4fb9fb91bc929fce6dd8a2e25ffcc9724e6e5ffc5f7b99d51282c025426761b327b00dfc1354a03f7e493f3738e2d7cf78cd8d3182a97b30e9b07

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    82902ffe574007017fe60ba8f1452f5c

    SHA1

    5efb75c0095fc5d4fa530e60099fc7d4fe0888e2

    SHA256

    4b85224e263e544350300e3d1c56fa450122a33f70ee3cc5e981a52e51f82e02

    SHA512

    266f9e5dda8b5b1fccb090659a69f8ea9aa77421302b0f827eda37613002a023b3c22685a420d8b37c895e2ae60d059f4e12f500e422cef98189e617b2b30f6d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3d53102a4a194c6b09b99160cac20359

    SHA1

    9656509368f3e3fd8d11d1046fd24865631e5cf1

    SHA256

    fea230818ff5e47f43668c27c21bcdd2e37b3f6fefca31a1ce674d0d318bc4d8

    SHA512

    d9a7759a4d614525f22904e9c271903cc0cd26e36a1e5f40249917489be68e77920086ce619df12db6553a6694e6b7c347eb56519812c5286631b91128396ce1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0c1a8be022ed22a0f796c95ebca8b80d

    SHA1

    c644991a4b07413125cfa17b21fa1419dc18359f

    SHA256

    302f4d78ccb7e54f3b03221a70b7dbefd68284a8098314163097503c8ee432a6

    SHA512

    2052a3dbb760fc573654212e6cd61eef20b04f1067736ce11a64127e93eccca55537317cb1e10a7594db5a96884a6a97feb8ce25792bb689324651cbceee1285

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2e6b046fc6dfb3dcb7521cdc9eb83e2d

    SHA1

    228a428dce83faf4bc0dfbd3ca4702a5584da66e

    SHA256

    9dfe8aee86b896c0f28706b58874a62fc9c043153a417e3d2cbe7097ab4ee7fe

    SHA512

    59dda6913e63dfc4af2a7c52248e54c8540ddf14009d80cf9cb1064c277eb3b9ae11749f245c09dc2938a4584aac9bc4194e4accd5ae2847f5ff82ff4d8a0fad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    62dc51d339e356cfa30acf64c9f36ef3

    SHA1

    249d3571583f567cdcf17f89dccd22fd858a3d41

    SHA256

    d78c16cd3c34a8675c64d357326824b21d21e3c6659c2e986ac5e096a9f50ddc

    SHA512

    d0672829be4bd79994d1e6b56a4827877fcd2134fca4554317326b392010e38ecd5506bf5fdd8f1268649cb19054d50df6c41cf9de3824047c257af1ba272a1b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b58486b126cee6a1df5ca280dea910e9

    SHA1

    e5b6f924c662b8d92bf4f91a8f190b931b03ee28

    SHA256

    f8907d0e5d1f393c263ea364e35552c821f92ac1ec29ff1e3799fc4462e14c9b

    SHA512

    c2f7f0de58879262d315a7833b00b27aac32f44895ca5ec3be02ab5c2a2fd41cb30f8a2165db5e28724ab015d8de09574533574430cf2d998bda87d240b24882

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    78ccb6e5191edd78bddbf0d91b0dc6dd

    SHA1

    9af8afebb3b1db48eb414458df65a15e02f11de0

    SHA256

    32ad4e4e85646c84ab3f229fca57a9f7bf8d0e8c914a065572019d791b8a7b72

    SHA512

    5cc68fbb3005c694f10f837de2a9dda9ea62216f72f0fe4e9f67bd2b7679aa9da65f0bc6ddb27bd7b9b20a79259ef0acbabf0beba7f2d051f26b4bfe4c75aed1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7e115baaf2795134f2ad13341dfd5626

    SHA1

    47ada06e003551cfae2efdb6d2a6f76b8a0c55d7

    SHA256

    04e2f6a08e5d07ea243b3239330b4ffe86568a223f111c23f66083d74110846b

    SHA512

    af81073167ceff5c6b225782cb5b4a8c22a135d0771adc953c0d9e58b31e781d54784a4f886034615dcace2173447bfc961f5e3df67c84c9318251a2f182f90c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5e1febbd00fa4d105d337ee47c2e6608

    SHA1

    371d6b3ed3a5365bf39ea092bf1660f47f397fca

    SHA256

    c05643ed161044e5f5fd4a1f92fd27bcc946de613f344d33c6fd143e71639c2d

    SHA512

    1fc259572a8769ac8058ff595f3f25531a03aa2280374c4463626116d41a93649cf036895cbe0a1d1fff5f7e3ae48cc20126cc7c3c20482bc49ee631169c97a4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1408e58e30738280a721c6ab92398827

    SHA1

    e87f16336ae7ffccb1fe7ad745310bb31900831d

    SHA256

    27e0c8ad13a3dc5449db2f6d6ce15e43bc9b06c3d368e2e01fc7180da0b55540

    SHA512

    e14271277dcf1018e4a693ac71906392081a715c2e8fee4475987ea9bb1c64de26956c3299fa0e23d59011e5cee49d7ce8e70d30f242a25c4e0229fc7116b8a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bf7b937f57d937330093d4b33390516d

    SHA1

    68fc9a771fc8577a211da6023ac6dff39fef0537

    SHA256

    70ada3a4dfb65497fa776ce658ccfddf5fe2983b170a9a28a08b3ce642f856b6

    SHA512

    ed0adb46b397af781a9cc9a10b140129929ee21ab6149de3b51301ab8efd5998d89e74056969c2d36a94618eda6161c0e3dbcadd958249ec8c831038d61992f0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d6295aca4d27922a61084b19906b11d4

    SHA1

    e0f96c1cb66e8e301225f5cd4907aeaaad087f3c

    SHA256

    c110c1efc538b9bc64ffdc5e2ee35da708c41769b374f771a0bb9ccaa532e613

    SHA512

    c85bbf1d64fcad41222167365ae7c25285df9efdd937764354f36e0b407520ede804f233f55ef132d81f0a1518829e3524de54c4c08b2ca22cb5b56cbcc639c0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    213a828a27f54bf5c5210ebc7f68f07a

    SHA1

    6ed1ab8dbb7d8f99d0b7d50860cf1298f6c17722

    SHA256

    be99950c4cd0ab8fde0bc5ba4d25e397ba3d3ad72e32165bc196304d73d74a81

    SHA512

    ea824e28413afb12ae3b6ff4c4f1273fbd8aa93ba5a8b0a791a5723faaf8783a3ba91460a433fb27e7d558d99d4e0733ee39542e61ca6fa5c47c027884cbe741

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e8007f8344070b4d259cee3de67db9d4

    SHA1

    3616802c70fd4bdbd608369d49f387a1cafe5589

    SHA256

    1b4daa00af4046fac9a496ed253864774d038d0f4aee9f738a9ab1cfd3264107

    SHA512

    baa122515dc3f6482fbf89bf9b209b9fdc6e223e22979c8ee43eb0c265d7b3276aca57d9f2a0c813b230bd49a4c59e8ca8ec32973ba4c0f462a4b80ce5260a61

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3aa38002fabcb4caf7a6573d04f54ff5

    SHA1

    fba584643506725891e452d65764715d718c638b

    SHA256

    c6f87e70ae49f3564f64f1ed9b92d60803ac12a0f94ae71a1033b761d061a212

    SHA512

    85592c44e28d3525ee8ad4721434042433f381a6f933d42e3f8fedf285ca05e243dc2fa441fff4f2a40c080a3b83b354727c26cc93bd30aa78e08021664fff41

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cede41369b069b23d7ad2049c551410c

    SHA1

    be03f9fe965058dbce3678c17fb97aae6863b42e

    SHA256

    b90b807cc29de3f5291600dfe6e4fac25b586982fb1c3091544f3fa2a1a1c383

    SHA512

    f341bc78de07696a51b3870b08dea7f1044807d29cfcdef1d41b1de9c2c05d19a0e5512bacc44170b0d7a93775e9b3e8c26dffd05fd4705b5a61ad02a6a112b1

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabCAF0.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarCBA0.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit