Overview

overview

10

Static

static

10

Xenium UI/...rm1.js

windows7-x64

3

Xenium UI/...rm1.js

windows10-2004-x64

3

Xenium UI/...m1.vbs

windows7-x64

1

Xenium UI/...m1.vbs

windows10-2004-x64

1

Xenium UI/...er.vbs

windows7-x64

1

Xenium UI/...er.vbs

windows10-2004-x64

3

Xenium UI/...es.vbs

windows7-x64

1

Xenium UI/...es.vbs

windows10-2004-x64

1

Xenium UI/...I2.dll

windows7-x64

1

Xenium UI/...I2.dll

windows10-2004-x64

1

Xenium UI/...o.html

windows7-x64

3

Xenium UI/...o.html

windows10-2004-x64

3

Xenium UI/...ain.js

windows7-x64

3

Xenium UI/...ain.js

windows10-2004-x64

3

Xenium UI/...bat.js

windows7-x64

3

Xenium UI/...bat.js

windows10-2004-x64

3

Xenium UI/...fee.js

windows7-x64

3

Xenium UI/...fee.js

windows10-2004-x64

3

Xenium UI/...cpp.js

windows7-x64

3

Xenium UI/...cpp.js

windows10-2004-x64

3

Xenium UI/...arp.js

windows7-x64

3

Xenium UI/...arp.js

windows10-2004-x64

3

Xenium UI/...csp.js

windows7-x64

3

Xenium UI/...csp.js

windows10-2004-x64

3

Xenium UI/...css.js

windows7-x64

3

Xenium UI/...css.js

windows10-2004-x64

3

Xenium UI/...ile.js

windows7-x64

3

Xenium UI/...ile.js

windows10-2004-x64

3

Xenium UI/...arp.js

windows7-x64

3

Xenium UI/...arp.js

windows10-2004-x64

3

Xenium UI/.../go.js

windows7-x64

3

Xenium UI/.../go.js

windows10-2004-x64

3

Analysis

  • max time kernel
    122s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    29/08/2024, 01:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Xenium UI/executor ui/bin/Debug/Monaco/Monaco.html

  • Size

    6KB

  • MD5

    999896134bd43cefa865f37e514ba62f

  • SHA1

    97077125bb36ba072e30f2ec68f80ae213f76b84

  • SHA256

    1ecdd9529ef5487f92736894d94ff680f6c32ee821615d29c0fc814f3a310b4a

  • SHA512

    6af01d1c9d4212e25fc35e9ae0730538f01b3d62cd904fec90077030ede5b07af952388e57927f3518895580b95263c70372f791a247572da657e70bf8c3ab47

  • SSDEEP

    192:wEod3PorvFhAmQp5keghKcCI2MCTJ3+NLSaPh/WCY/jt:ud3PonBw5keghHwjt

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\Xenium UI\executor ui\bin\Debug\Monaco\Monaco.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2368
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2368 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:340

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6265a1280a80245def75d12b154c67f5

    SHA1

    0c48a92a33954f40ee9684a4384a53510ac28fea

    SHA256

    ce719a533224ef1fe6fa6b705e116fb158e3682652f9215968cef0ac6e8c2788

    SHA512

    aec709fe64883e67c76f728b53f802f33162f38357427e1597038da95b842710754aa5f604df6ed0da6b56ba6b7739bd9417c64c16d0cfb33b973c7ac1c07a7e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ebf9b4c1980cd4d16f2e0d2d1fd55049

    SHA1

    293cf57c639559865864a19fc245f086d9f404aa

    SHA256

    5e4c06b7cec01725029e5da32777fd6e791890938a924b741ee06fe450adeb5a

    SHA512

    b1a17e71cb94f184acd5ff6f40d5c8fe345da31081cdc859daf4c401e86bec65caa42cdd82a59a0ecb23326837556fdb852ae59ad1b85cc71f38912ee93b20b6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d95b6cbc18b425868e9962849cf394e6

    SHA1

    c1d292f3b16afa5b050eb0ccf926929776d7f879

    SHA256

    3d484265236bc4d3fdb8bc27601a7466490c8490a8aa0f294e74a051cd75a761

    SHA512

    e3e8539b3a39523c2563ca78919aced03fcd1f098e3c960cbf81e2e9b0c21c3f56d4df8d42f4e62b07e9a5fd176bc07fd6a0c65b8065074702c5b6de1ff3c166

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cfcefebf01a00c047318399b38090ada

    SHA1

    6409b00a5beb9a8bc58f62e7644feeb5420f58d4

    SHA256

    253df92c26bfde64876e2a36384b996fdbf25f3b9de028e1d067ae077fd9cedf

    SHA512

    eaadbee43e4ee45cec6d7dab438b1b765684bab2fc85ef65fb9f8ad72bb7eb488b7ceb264276313c4eb1329a01e865f9f736a72f7aa0375d25e6848f2412c499

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    53b4a851a75bf4ea9cf0bf815a24ab93

    SHA1

    8c810932d672627e7e0505cffe8dd7abb69ce9c5

    SHA256

    724970c9daf64d0b19d2149f1293e513572dd72530e894e3095dcf5df7918999

    SHA512

    09a8c7a6c866cd9c7d5683734a71d527ec4f760c862fbc88291a6fa62b394fb709bee3e5b83a4890f811c0b97dd6bf712b139be4938787d51e7def5b0ff02cbf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f2f15bc364b9d14c5fcc9de5d887fb06

    SHA1

    361e86607a32afa69c3921025cc1d7caef91c7ae

    SHA256

    fb8f0f07d0b7e681c266c3854127dc58bd0ef873fd5a9c2a2b90dfb4419d60c0

    SHA512

    25a7dace75ac62a1576c0504a5bd57c7d91cb5fb719d3f78ce4d6392926ee95cbde48d5c2e5565533adca9ed441b098bd870849888af597da15c1e64fee802c9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    566b87a1f50caff87c40564a743ed346

    SHA1

    503ecd5c0ac662dd82fff6e30a2b05af10096f54

    SHA256

    f9d210f17f4fc8d6d88cc1ab436f20434031cecd4e85e27b3eff00af81a3eb6b

    SHA512

    111f684453b64395d363962716262f49cf0364bd89422a321b1c701f2fbf2caf4961f61f7c5bb70fb52d6b1d60480cc2fc519a62ba2fd10c98e2ace0923bac31

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dc2980ceab93a5cc4e57272feec71039

    SHA1

    0155357ddf713f348374e2abd94d5f3d87c5ccb8

    SHA256

    ba094a93e3a9c53f2a3a9f0710a23874857800245448f431eeda000ebe559c3c

    SHA512

    96a9322fa2f5f6e23f482708cbfd1ac17d075bb7f187550a8ce81fd5de7d726c8d35da6facd24fd851b9013fb0940e57a5abed6439ac2065aed2ee557d81c499

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d553b01df613f260f607ffaf34e2f44b

    SHA1

    6f53ab96f54eb4a348cbb5905a6abf23d96ee958

    SHA256

    4803261ea354e8c92710f12285b7dfdb55be8cc401e753c2f3685e9cb48e816a

    SHA512

    d7d3cb25301cded794a4e90608e95815aecc271837259300ac2145b7b029de9396c649265c92fc47d36d18ef86be4e7864df9d6f2d6a3d75347a8e5dbb423daa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9e9b7faa7b859664d2eb7759d33f6091

    SHA1

    753fa412c4e3afbecfff5401fe8ba92dc56e7756

    SHA256

    5d5f01cbb176318eef5046a2e3e0f1803db80520163d1a4fceebea657c1c3279

    SHA512

    86692e76e5e304a9d2517fe5ba579a96bf3f6e974b07b33d4584316d4a27843be6d3a535e04588e9270bc3d0a780f7aab49bb5df204486472a29494883aebbc2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    172eeeb0b9e63fb24c6b32811460a3f5

    SHA1

    5a339584b1cf06db9094f57b41887f8c8a872278

    SHA256

    7278bb40bfbb7f90afbfb675514607ce6119dc66c8368a5751fc14cd2106a2ea

    SHA512

    cc74b9b35fdc7cd4924b716659a4172dfb0015f48d1722379a0e2137b0d26a94a4f4aa1f317a11bcc73200bdf861fc89bd16dc86546d2aa3c7e3780ebe5ac80f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4e2263ba48e152de3849b9fc0fd40ad9

    SHA1

    2b931c5238643b5dc79f90f5bd5e6205a7cfe6d9

    SHA256

    2a60ae4542e3bf059071104c0ac9de413cbe6cbaaa36c57fcd45a4d495e7d532

    SHA512

    62e049b778130403ce9fbcd96eacb4f5fe794cd9951baa793168e79ca59f52b9006d1ce5755bb963dbe5425b11e7ebc48a7a2af34d21988b85fb01fdb4304f1b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    42b032f3e22080a1492eb8809b978781

    SHA1

    c82dc95d07e94807e51d30ab74c53496ae2f259e

    SHA256

    08eb47b4ff5742d18c0578cc3826af08ac86003ba7ca6b388021a41cc6007981

    SHA512

    469ef73eae08a09afc519a53f684aa3ae9c92bf4ae93afc8db2a84ffbfd22b8f61e331b8d603dcfbf44f2d58c2bc43e09a74fb124911948c9e3e1aefa2f66f72

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4796dd3c8f31182017d54200f36aebf6

    SHA1

    d5d6cc300f2d61c3ff828ea95c6662bbe1573e41

    SHA256

    e9b6272c9ea1fd1dd43864e099a65eeedc881475d78ad2a2169f788ae431d716

    SHA512

    fec102a654cebe8ac40d93e401b3fdb979caffbf2b520035bd6919cb945aecd46d8376eb4fa20300cf312bacd97ba10ec5d5ad4647402dab20614b570756497b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3ff77fe90d5df5ded5613c3fff4912ce

    SHA1

    07a05ce5d6c4bcd0a1855b1f5a5d7190d9c06854

    SHA256

    ac8fc8abd017d6c59267028494ff2f12b704d9ff92e76aae18b7aa9078549159

    SHA512

    a0319d03fd7d8b4ed9876ec30a3b6cce797a83020aa6eb88f07c0cf90ce7bb51dc592981bcaeffc7026a999b7cf05250d4162ad40d6532c1b4cd93c2425540fe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    03d5c01592c4a260bc0c9b3fc6720eb7

    SHA1

    cbf6a21764e298db1ad3a0da0ac1bde91d32ad0f

    SHA256

    b5a0c846c4faf4a3d0ead4b1ec9459c1059c387b56d7f1c38d44dcab1682b547

    SHA512

    e670e2297d35753ece398b70a6df3ec3502268c9fe8c44e7cf6c161a775c7dfab69f6eb8b1a925cc9de1338203e76602dc1f1fbab8743f530155f6a809ddf493

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b747621b990d0483537aba8e77f07eb8

    SHA1

    6cf6651c7cac7c52ddd9fc33ef8f7fbe116cfa7b

    SHA256

    1e34e9c4d9e8a788439e77e8d99052965bb13138b63a7fc68d0c5193f55e4006

    SHA512

    688f3f6c7c3142785e862354c5214d2a753982ed5cf727882bca4fa5c4b627002a980b035fd77486a8ef3679ae5870a7dc624582bc45d5b58a73e422de394786

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6a31db66eef85b7c47b283577f7a220d

    SHA1

    873ff227f9db1a85d188a9d62d717081d6054c97

    SHA256

    37a708dac4a44253d8d8ef9a29b1fcae6aa95ffd0e686f3c73e3c6ccf08fb81c

    SHA512

    50208538902c8bf432501353584044731176d4132f666319b00f712bbbfb616747c69d39ae1d380c5ae47b7708661618b784cde216f1ee93b6492847f4630dc1

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD579.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD639.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit