Overview

overview

7

Static

static

3

ArmCord-3....64.exe

windows7-x64

7

ArmCord-3....64.exe

windows10-2004-x64

7

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$PLUGINSDI...ll.dll

windows7-x64

3

$PLUGINSDI...ll.dll

windows10-2004-x64

3

ArmCord.exe

windows10-2004-x64

7

LICENSES.c...m.html

windows7-x64

3

LICENSES.c...m.html

windows10-2004-x64

3

d3dcompiler_47.dll

windows10-2004-x64

1

ffmpeg.dll

windows10-2004-x64

1

libEGL.dll

windows10-2004-x64

1

libGLESv2.dll

windows10-2004-x64

1

resources/elevate.exe

windows7-x64

3

resources/elevate.exe

windows10-2004-x64

3

vk_swiftshader.dll

windows10-2004-x64

1

vulkan-1.dll

windows10-2004-x64

1

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

$PLUGINSDI...7z.dll

windows7-x64

3

$PLUGINSDI...7z.dll

windows10-2004-x64

3

$R0/Uninst...rd.exe

windows7-x64

7

$R0/Uninst...rd.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    74s
  • max time network
    154s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    01/09/2024, 15:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    LICENSES.chromium.html

  • Size

    9.0MB

  • MD5

    f017c462d59fd22271a2c5e7f38327f9

  • SHA1

    7e1bbeea6ac2599bd0f08877aa5811d32f1aceb9

  • SHA256

    40f314c778851106918aae749d75b2d913984327602a1bfb7ef0cc6443ff2a37

  • SHA512

    72177281486f6ec26ccc743b43481c31470c7dd53f17b0a67ac087dded190c2e3dde5570260150c2e9650186a515740af7f81e31965c95bb762340f9ac100c07

  • SSDEEP

    24576:G8QQf6Ox6j1newR6Xe1Vmf86k6T6W6r656+eGj7dOp+:fG6eGd

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2288
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2288 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1836

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e254efe1ec7af57a52f9ebe3c27638bd

    SHA1

    69c576633b104d7fef27dcef29ff63d34909bc4c

    SHA256

    5813b01ec3ee653c62ad40816b2f71b80f4fffede3acda6dacec3ef60e172a8d

    SHA512

    d9de212cf66b162d63d33dbaebadd80853565235477e0e13c06651ec04288517d778bdf4d3036c34ab505f2a036c84b04c37746cd5e81cab231bf8ad4170cf2e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2f5456281690a2731ac34f3277edf8ac

    SHA1

    22376edac7ef1c3932495af1dbb98e8a6eb91d57

    SHA256

    6292b4c4a878f40456a5be4799af0c1dd405e5f098642a4b8947f52eb8e22342

    SHA512

    af65d29181294bc00019e2ef77570ccf03a288f5fa2668d0c0721ca2c46811f3221ca4b76f9f2bbae165bfc1979d12ea7322b28bc4446e68522065f8a9396c67

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3e0a4b6ebed28b5244c5864becc1ad19

    SHA1

    fbbb6d04cf5c9e5c5112bcbfd0649b9b72824b64

    SHA256

    159db2b37b5c6a19c76078e64cd482aee721d9d0937f74b20cb672f13f2af72a

    SHA512

    04b65dc9fb9f6bf4c38289120c17d54d075cb1c0af8cd045947ad085f9ee352bbadcf8701341803a498ae45ab4d5c1ae7098d078032cf9cc60e7aff26c332264

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0060979c8621264ae0460afbc1a4083a

    SHA1

    7905bbfbec9ec1f3032853b2a8531d4d964a81d1

    SHA256

    4ead8c6e7e47d59c6042ec4bfcc4c06b74b4d6022090b5c58578a1df5b0edc7a

    SHA512

    4dd2c28453a811a4d91b2d71142c552168b65ba73db16d6da76245173457beff0cbb55d998401cdc671eaeed96ba24faa4a1b32e02343d01dffab0793001e838

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9876efb596e4c86a927eba06aa86975e

    SHA1

    be6e5e9f3b9c355cfb847d7115756a300da51bed

    SHA256

    d0d8cdc34c635569b894add91bb4097ff428b69dd41d2bb1e9bccab655645dd9

    SHA512

    ca5eefca326fde9e4b099a4023b711a0fc378d17de99caea49fe3d4fac467e48abc3378b95bd48a2b7da7d27f0d0ae8fc3bc7344026a82d04ffdd67c5845d250

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3a60169f0d4554416e19adec62eb0b8a

    SHA1

    dc64a8e95a8292cfeb0c60b25f57c072389395d0

    SHA256

    f5256c3b72bea98cbede313aa004b25af8158b36161526ffa188bccafa7da783

    SHA512

    972522651c5fe292bd15c2a13ff392c08a1a1863fd1d16bb98a9ae20035fb573322afee0a32655c32091185364cd45a47d9817b39d2b85c5097d38a62d23989c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0c5caeb5b98c9ea75edc49df70e9b1e0

    SHA1

    284a9e22f9c74096e722fc199514884541ec1ba5

    SHA256

    dadeb08c11619137a2316ff00a4c34b0c8f778d0bd96d9bd14ef6f811d12368b

    SHA512

    5e9f4a7eda1c185f827a4c74f5cfea516355207fa112bfbb4c5f1d519ea785be29572ed0521134a18de1933e62dca831efdec8e82d87e34b3cfe9822fe10dfc0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    14aefd466333fa4e836559d508167356

    SHA1

    bc23d30c50b84c429d388539b8974f7221f23b0a

    SHA256

    95deea901db0ba18d3b41ce64c77d35e067f447209f2db755bc146a9373d84f0

    SHA512

    bee5cd188f13f7bbc9f685d4a9ea698e1e719f26b8ae3585991a84498201ea96252076ed3b5a6f45b38abc554773bb3eabdb5b3afde9eaffb8af7da7479be41e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2e5b68becff99b931ebb10e071d5b05f

    SHA1

    4e702124cffb38acd7c007029bde0e965ab9670b

    SHA256

    6dc82674f816eb9080ae68440d8b6c1265865c18fd9b83a720aca013b5931771

    SHA512

    c8a5f0cab7d3d41c174820a178f413742e14e23303b35cdb541981f22c6c1878ca9e726ada850b0234541a9bf21c6e76d86cdf3f0b619a9ee95d97077efce03b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    094c3af695553d0aacae1392f5f01edb

    SHA1

    42dcce2633266897cb9eb9c9e545aba225fe7f07

    SHA256

    f3d76fcd532bf4f2527fa96c41fd434a054d402dcda6568f992a88f3c249d5df

    SHA512

    f037edb8b82f1d68292833b2dd60bb7cff5e3ca47081b537d461992bb8a34ce628071a6a31bf368f9a5f699f20ce6ba3c202db1a0f760e3d096dec5a870a029c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    54ffe0838a56032faf639a0d77d5ef09

    SHA1

    633ef0ca53ca70311a20a6bacf12f45aee6cac4d

    SHA256

    87db12c0484a13b4e7ba473fc496e151890f519558711d296ce40e524b5554a2

    SHA512

    5b926b29da36bbdcb952d751e484a025cad4572b84ebd9e6fdacabcbc57e821bdac68c13bf7363db8d480be0a38e4d98fbc0cff0b936e35d482923d22b51d5d5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF7D9.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF8E6.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit