Overview

overview

10

Static

static

10

Kalkulator...g.html

windows7-x64

3

Kalkulator...g.html

windows10-2004-x64

3

Kalkulator...ni.doc

windows7-x64

4

Kalkulator...ni.doc

windows10-2004-x64

1

Kalkulator...n.html

windows7-x64

3

Kalkulator...n.html

windows10-2004-x64

1

Kalkulator...1.html

windows7-x64

3

Kalkulator...1.html

windows10-2004-x64

3

Kalkulator...2.html

windows7-x64

3

Kalkulator...2.html

windows10-2004-x64

4

Kalkulator...or.exe

windows7-x64

10

Kalkulator...or.exe

windows10-2004-x64

10

Kalkulator...or.url

windows7-x64

6

Kalkulator...or.url

windows10-2004-x64

3

Kalkulator...ja.exe

windows7-x64

10

Kalkulator...ja.exe

windows10-2004-x64

10

Kalkulator...00.exe

windows7-x64

7

Kalkulator...00.exe

windows10-2004-x64

7

Resubmissions

02/09/2024, 16:05

240902-tjhgssvcqb 10

02/09/2024, 16:01

240902-tgfkesvcne 10

Analysis

  • max time kernel
    69s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    02/09/2024, 16:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Kalkulator/Kalkulator.url

  • Size

    59B

  • MD5

    7083e59aed51160103cb0841b9d5b45b

  • SHA1

    1c5d6903574fa2120f3e67a58c1ff23e9279cf5f

  • SHA256

    72ee6ca795f9df48342a3c14b6146708860a41de5818be0ecf1a65e18091c158

  • SHA512

    79538e01f5f3e98cb73d8c26e15e84639d89977cf6dbc3e4454fdde608ae06a26ef1c803b2512f690b9e79f29fd8740d6f8951155a01d9bc1688b50dc54fee76

Score
6/10
discoveryevasiontrojan

Malware Config

Signatures

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 33 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL C:\Users\Admin\AppData\Local\Temp\Kalkulator\Kalkulator.url
    1⤵
    • Checks whether UAC is enabled
    PID:2432
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2196
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2196 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2872

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bc2b1729bfac5fd787904f390f27904a

    SHA1

    7db67e79b38eefddbd90d11272912a4a8245a48b

    SHA256

    c228f164e1a907513a81f05b258db86c3931c55023e2ebd4899de4ebb91ab4fd

    SHA512

    41d8ab9de9b6d85df2593c4352eeddf4e671eb4148a57d1b25fbda23dbd95ff6991dc042b03ebe27446fcb2a48876004a2c506764a79429014356ac71df88ae9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3bb3ebb99bd70e0c3877ddfc24412bba

    SHA1

    3c9fa83d30784873fb3744094d5316a54737f16f

    SHA256

    e3f1f842bab122bf4783dc04f50179e41528b8f401bb1bf63adb940f491441e1

    SHA512

    2d25debbdae5c0fb37f4daaf25c0b705617964f617e55fd505a9e19bcd46592f7b7e69bc13e1921d6d7f2a18692f5b586033be784e19569cdb65b3dbe0daa9f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0f16e8af6e9a5660056bda91f52c4bec

    SHA1

    d384245d666f3d3a884eaf55214d2954155df1b4

    SHA256

    8e7206a9ae728279ab73f96f8921aa1420512fd51789589c5f4aa129606404af

    SHA512

    654f4ff14761966656494a57de89aa6145e4df5f43106c8b3d5eb4659569a5c660073943f9105618657dabb2a7ca55b207657e8c303812f746a2b74cea99141e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    71a75b0c3e6ce7eb384f0798e337b060

    SHA1

    f3539bde964944a31225c9e88c24963b33c5281a

    SHA256

    79ae1a991dba2c526e32e02541ceadc43c0e0393dc8a8a9386963a11d4f6d18b

    SHA512

    5afb46dd2fd5b2d44fb3f71c51b666e722f595ec029f554b5cbab384e46d4ce0946ba4b9e5ffeca71adf91de685d259970c2e3cd4f95cf42ac20b7a03a29f654

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e7705aebcf59bfaffcd8170baf4645f5

    SHA1

    5528fc538207cb6446807204401937353810f3eb

    SHA256

    681ec8431ca25694a8e744d59aa471743d5784add5671a403665e45a17272801

    SHA512

    282ba2c55d8ff358548e51fec6d20b6b5723e24b922051c7fe20ae2f31efe9f2aa5a5ff3e2ea17bff52c441263c5d17ff644aa7b9b1e16c8c514b3e96d63d3f6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c61fe5f878478da029bb6f0b5fd7f15a

    SHA1

    0896479275d37ad1ad8f9331ff9a8f6a45fda286

    SHA256

    d7fea11e9c8b61a94d817e53308baebcb046f714a111bac3a312dc2e336956b0

    SHA512

    1581efb02cd46165d13bc078fee4a4fdd6f03a78c0dddd5986e8091945558ad6215db597448d1158f709969bb868dddb009e0a45794acdffd0d737b16457ef0f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e9d0436c36233a01220192e5fc517e54

    SHA1

    16b17dcf8ce4bb36d9bc451660f5542493c3433a

    SHA256

    6e279691d3e640d4a00d9f40ae6474e1eac2c09b60014403fdac55570f4a8c07

    SHA512

    a7e185643f12a1ddf6a62081a807f3e0ee6371bfb7d8c932ce9865202633f5058d6c1d17460fd326d3abb0a02945a7da358eff5b92158a6f860cc94f9bf82791

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    59761215f8452195f18a8336b9346042

    SHA1

    fefd8906a3d5427c15075a2911621134b435f2a8

    SHA256

    70c0d5942351a60ca23a9ff2ccc5e22e5d585b8574509cb0aebe4da35c3bdb5e

    SHA512

    0aab8f89e0d02eb238bb982fce71fa60469ae90dd36fa604dacae58d5b8e08feb00cb2aa475ddd9127da57c3de03711c88999a522a7e2eb0ac802866a9f63e51

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e72054b2b6041f0044883903b751f3c5

    SHA1

    3f8c4adcfdaf547012ab8e66640742ec3b646eba

    SHA256

    52f6f01a491d78422a4c23feaa427d2b640306f0bc692324bb412b079a0dccde

    SHA512

    8a8802ef4266a74a703bb367117c7a6d1cde2b41fe100e7d2f9d92a779450e9b13b5f5be6977a3d4b45cc610408540d2eee8a067b2eceadea33f10f59b7de42b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b61b24404620a05d82f39807a8d864f1

    SHA1

    0c8de89dab654235dfca55641f54d6d7b1f93430

    SHA256

    6b4fd3b746f39b6fffe3376568e977383a4be0a8239872eb597cf0e47cdb9314

    SHA512

    73fd74e05b745fe9559b48070e90fc1824b0c83c1b16af68844ce26b4018b9e469077e9879a3e50c2a4b93ef0c2218f593a972bee761bfde79216492d0cc82fe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0672c8c00c15f0cdd632f26574b1a5ac

    SHA1

    89590f99ac50bc8ad721e5181cf65a5fe959b48d

    SHA256

    53a6732e0612a11a3be87d8103b2f004d127476aecb24f99d96dacba34e68590

    SHA512

    4cb676ae0728eee01f72e253efdff83eab8521b08046509394c7b195f75d2a648a9834fbb824a9c0c7c77f92c405c8073bf064b8f2102df9a7b691522aeab98e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d5688f9b8fe2a485dc65cf37b7c69c94

    SHA1

    c3047e9156a55a2560189e1824364d8fc5b1e89f

    SHA256

    b0940aaf218d43dd5f6f3bfca21d686a893e120bc9f4afa16feab567442606a3

    SHA512

    44067983d9dd0bd9e9f19966ea9a34d17cea702a9bbbc634392de0fb9f194afbd64856e378e5d35843861b58178b73c61ce05a05d269e789a57c810429817940

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cabc89d48b853436659cd4a438173229

    SHA1

    2811ca2f808b1513b670791f8f2831283cf89936

    SHA256

    216e774d83a98d18d3852dae465af8bd7953e8e8af866f6f6eff75270ecca6b3

    SHA512

    4949294542707fdc3169754c6570b257e1163d2793580af8d49c993bbbda294bbb1d91c00b5503e30890b33eda173d65e35a737e6ec0c9cf1864162f1537335d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9e4ed9dde9ae7153c5c09bd0c612bd64

    SHA1

    5744a299debe250ac042d5b87301048254fa69dd

    SHA256

    6005546731d25cfc2ffbcdf7218d992d0b959be7804d2281f496c909edf27c62

    SHA512

    a9fbd3e49b59907050f491e4ee217a5af320ee2718486376bcce9bec496f17441c76ee8927ca379fcfaf2a24d812b2555a16dced3a3392a3afe118df374d9e20

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d220c7ba7dbb1caef60660b9c485128e

    SHA1

    0aec94567f14fc3e4cc12393c37e91dddcf99407

    SHA256

    f11284319a48c7be718c2e5416d0e37b6ef73f673b3502c031ee3ae51495463f

    SHA512

    df5f886e368336411fe9ffcdfee4853faefe6ac950cf5335065b6ad21293a1c5e072965339a5149c622de607f898e734796a1d6d61023cda226f943acc3528f2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b07bd930a537f0e6327205c559cc8112

    SHA1

    8ebca3c8243214a8baaec313d456f4a429338cba

    SHA256

    e52ec8f15584e6e89d00d2f00953bb5694ce937b445d2458664defe1283130c0

    SHA512

    3d73b5b48172ece01aae885d067daa1cf35e1d44b4ba8f150bba8ecdd1bf30a4f99785d05bb9b506cae947407e1b23bcbdc5f9337a3d373c8559a1bcbda62ef4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    adcbb531fb49b24aa1aff963542ed33d

    SHA1

    090eea9eba120b6c8782cdbba3632e6f73211075

    SHA256

    fe8f0d566534aebbf13df5e37a3408669ea02a4f47501bdcd6e756d3dcfcc3fc

    SHA512

    fef5c975067d8a304be79a135aefb54a4910c09ea24658ff2af5d6b67abaeb1f35a3f331322c819351f8c78de28971586fe27499b2ccd90570100ae2fce4a5ff

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB69.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC46.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/2432-0-0x00000000002D0000-0x00000000002E0000-memory.dmp

    Filesize

    64KB

    Download