Analysis

  • max time kernel
    73s
  • max time network
    153s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    05-09-2024 05:55

General

  • Target

    LICENSES.chromium.html

  • Size

    8.7MB

  • MD5

    bd0ced1bc275f592b03bafac4b301a93

  • SHA1

    68776b7d9139588c71fbc51fe15243c9835acb67

  • SHA256

    ad35e72893910d6f6ed20f4916457417af05b94ab5204c435c35f66a058d156b

  • SHA512

    5052ae32dae0705cc29ea170bcc5210b48e4af91d4ecec380cb4a57ce1c56bc1d834fc2d96e2a0f5f640fcac8cafe4a4fdd0542f26ca430d76aa8b9212ba77aa

  • SSDEEP

    24576:KPQQ/6MP6P5d1n+wRcXe1Lmfpm6k626D6b6+eGnkywBIpv:Cy8OeG8k

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2248
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2248 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2780

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4105eb5fd09dcb9a291343d923a19478

    SHA1

    1fb4716a41fadc5fe1c67b08ec5776d7496d76b4

    SHA256

    2eb847f2823497f91918a9beab6ad602fbcc8edfff62a721d4fbd5de02d569ec

    SHA512

    28e2fc17ae7ae8fcce5e793e83420a28eca72a0d79458291c5ca4361b2ec22374c5dcc39be0817340b1b688143eb3d23063092b8b87112dd52b9d906744fb712

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dd67c6d24017c7a911f496ccf0d783b5

    SHA1

    52272566a5b5b3129d9268570dc304734bc6c474

    SHA256

    029804ac3a4df0571911f076af29af7153f516b76d9244b882143612e93e44ad

    SHA512

    d5a2259865a1e203d7af67c2ac35f149f1317d104ad088643f2228a746448085551509ff2ce5c9a02af23c232f6fee8dba7cdfb3f96a11a4e7c89b1e0d161713

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bafcdfa3832db28822db718a81fad287

    SHA1

    f3a362bcf6c9bdb5e63cf0f54011d6530a2ee1c0

    SHA256

    d7a9c6a52a779fd7d049a1df83f7d9cfe428c9f3295c8c734a39a4e30bddd27e

    SHA512

    aef3f40e153621f36444397ee4478c685422414fcfcd8b31252ed6418b279eb10df5a33a14db4230173ddf9400966fb45020dd6b8eff31875e6cdf2bcc7c144c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5bcba7d22c5636b42a5e9845bbe4f5a7

    SHA1

    7ae7b715a8cd0b46f94a34c553bb50f8708a0b21

    SHA256

    d3d7db12101b14fadfe679d6a000287eea8402fcaf876a5e419d802896528b63

    SHA512

    3026e9c770b807461a6c606dce5a05532b4bfb2a555ce30a44b0b0eef1e99432a5057b87744ecb717eb072fdcb41d5cf219028076ca52829d5a89b149cb1fbd0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fcbe0a3835fb2d95a28e6733f8e25010

    SHA1

    e9c71a7d949a2a30ecb0b9c65d72cec64c76c59b

    SHA256

    458ee1eba935db2a4d0bf21ed57d22e1cdd334f0171ba3e18ee2f1f71335b7c0

    SHA512

    34e5fd6832d4bddbf0aa900aa7ea54ea3d019f221fcc53eb89f497b02a40f9dd2b6d78bb2275b269f36766a3d777b51c34c2351101ddf27f773f91ff438b3af7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1796f802845ee11efed40fe6772502a3

    SHA1

    b4a34c728f2b0989de1d634a8f3e099dbd6cc448

    SHA256

    4a3dbfc235b4b41c8ed22946c49c4d5dc03d4ee2e8d60ee2c7f0d7d5d544e513

    SHA512

    7b51397e7baa764cd88f3dc3c080ff4393bceabba5b257c2ca3de4acad89885f3164174dc569e0cccadb3d9f450312feb9cbf3ad814704633b807ccd02b21adf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    040a174bc26a1673e4c13cf6042d3dbb

    SHA1

    a17ddb58e9aae52c238b151f6ed794ea99d8447b

    SHA256

    81d46cfbec235619ad2e5326b65a702434078457ecabaf560a36ff37c3d5dc57

    SHA512

    77a8dc9a44016486797fbc533ab566981deab96f6f777c40d7c4acba128c499556987174542c3c553f1da03dfd6bbff238900a2806778fc37abd8cbebfdcd14e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e137537d629d3fc3a75ef33aeafedc44

    SHA1

    6764b234ea3bd94441abc809fa2fccc732f2b176

    SHA256

    6944cd833d9ee08588efa8efa5c85e21cf6487b48a85407bbcd2b45587d5d36e

    SHA512

    d65401136afee0689f0da3458f60ccde01f56a34d086be6267c9316da67c2e156d3ac268ae54c02fa4634223007d90c4450269979d0b5f15fefc2b0bbd9d4e0d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0b0fd1360842a3bd2f4109770e671936

    SHA1

    3acb606580b8c9d65c208c379c85f2e4e04d9425

    SHA256

    ebef4ed1f0759dd68afb08d4dbd6c4c90089e80ee82a7afc6391441dbdd18bf6

    SHA512

    e853a131283d3afe39663b286e41ff3b2daef4fb18e8fe59948de065ea77529cc94ddedc3e238a4274f1ee92e5e10e43e47ef4ce23d599b1d800e16d7b5f35bb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    39df1e3251b8073ef52a767f294b745b

    SHA1

    1f0dc4ae9180920c69e70de67f1a8d912abd840f

    SHA256

    c30638c006bbdf582677b90b84bb3f8766283fb1330da8578223e97899519b42

    SHA512

    f4ad2423bd19761a14b3ab8a9047ecabd9c910eb6b67164edafa4a72372f7cedc190b6588067568d16da52623adae3de58f876f2968366874cdd0bfa1328d05d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    758285f4d313d9f09fc77727f3aea8a5

    SHA1

    6948db2577e9dd0af8ccb14fdd7a48426ef71ed9

    SHA256

    99125ac266813a77f4afd60eceb43a7182cf97afd2b524741a7fa73b663f3de6

    SHA512

    e7d0139e6111fe95d7134d3fee85f742483a2bbe89ed052922f3c9317105a1a453d1730107c8e51a8d6b2421146f4987df2e064f816e2083f345708aac4b87f4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ca74afea4d54eb1f9b8cc3ac91d60cd1

    SHA1

    f5938d7cbd901e152a08c233086f44c6ccfa9143

    SHA256

    c29f75cbff93ca1ba64b9c4afeef19430725965a9da3144ad65d242628761122

    SHA512

    491a6f646b36bd5d19824de92ee6b3b0275fad01776c2220c0b3ba38d97ba8e538cbb66becb96aa5fef0960447401b3d0148a9b5c1b82177edabb53edeb7b915

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    73034953e91ea1f571ee84ef59eae3d8

    SHA1

    a9794718fc9bc50cf5a318563a8653664eef1346

    SHA256

    dda4f44c97646e175d8fa1d5186c94a7589ea3e1606d9222ad7548db11a5c24b

    SHA512

    2444ce8e4f940faa920c7d97f3c6f6ff7e5e0f66cb91e219a155954dbde18a047436741fe79fc94d3f8efc3698984250f12cff9701865488d2157a58764a0d25

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d00393a148e208c7dae3f06f37f02704

    SHA1

    95bffd6aceb109e0a91f9cef3de3672203a4aade

    SHA256

    7a9c3424e9a7005aca3f7ba99900609662e4a8f037feb1a4cf1d6702c94d26fb

    SHA512

    ccef0cac21779a76439963c2fddaaa2cc17d845d15ec5c1792a1ad5ce8b67456fe6db7bec7a4dcaedc46f8d3204383c2150ffc336e2ea5e0339fa565dd57618a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    36ea923891c3dd36a2486d40969ae364

    SHA1

    62663853a3104e1e2d585ff35a4e532108e5cfb9

    SHA256

    5c893fa13eadc23adc5eb17c8cb1c73a3994d652c1e8579d4d79897bc689e7bd

    SHA512

    46d3d2ba5a83c00c4635076ee685aa9605568515c0fcf7aa1d5771d06faffb727c63f5a780728c3e41b8098f9898f10e18b24bf2a6fdb4445be6b0db2fcce261

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    80b431b2915d2e584b192559fbe89b27

    SHA1

    bb2bb342f5c652a8cca385f646c23641649138f7

    SHA256

    81664db773dcff19e3b609f9a1471e3decbd8ea01eec42d4c3e5ebb6c497bb28

    SHA512

    5aa2dfbfa14b4e5e0155aa8410ac65c1848bbc6d5b70f26a7e4c316331a73c73f9a629216518f22eebf80ec3d2454d77cafdd5190c1674cc5aac2d352a8c8504

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a1f6e88c8533d07a48a443eec369ab70

    SHA1

    7fd8e4396b7768baa938abe7e74456df29eaa67a

    SHA256

    64666c6b0adf7bbff5be42cd3cb502eaf2b1795ac0a7982ad9f03e8307d3b3c3

    SHA512

    3ac23e78908802d248913f0f8662d4b9b3b492be3f86d4129b74dea632241f09bc30fa2c3fe6c3ab780cd931f5dc848545460eda8eb4c740ea2a53060aac8cd1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ab3518ccda8c1c4e457137fd489a1acb

    SHA1

    4ec1e922417fa35eee29146ce3ee0501048d63bf

    SHA256

    1807fefec19afefe8fd9144837939d8ae208aed106468f9b5653103d568527f2

    SHA512

    683db7878ecf245a62f48cc88c19c71f581d529c126823d65915fe8be1146ecd6f061a7300a31d66bccbf063decbe5b5bf49b6ad6ee453cc5621483ebd9fab62

  • C:\Users\Admin\AppData\Local\Temp\Cab5A32.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar5AF2.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b