Overview

overview

7

Static

static

3

cdba0935f9...0N.exe

windows7-x64

7

cdba0935f9...0N.exe

windows10-2004-x64

7

$APPDATA/G...ay.exe

windows7-x64

1

$APPDATA/G...ay.exe

windows10-2004-x64

3

$APPDATA/G...se.htm

windows7-x64

3

$APPDATA/G...se.htm

windows10-2004-x64

3

$APPDATA/G...er.htm

windows7-x64

6

$APPDATA/G...er.htm

windows10-2004-x64

6

$APPDATA/G...x.html

windows7-x64

3

$APPDATA/G...x.html

windows10-2004-x64

3

$APPDATA/G...AQ.htm

windows7-x64

3

$APPDATA/G...AQ.htm

windows10-2004-x64

3

$APPDATA/G...ai.htm

windows7-x64

3

$APPDATA/G...ai.htm

windows10-2004-x64

1

$APPDATA/G...er.htm

windows7-x64

3

$APPDATA/G...er.htm

windows10-2004-x64

3

$APPDATA/G...rs.htm

windows7-x64

3

$APPDATA/G...rs.htm

windows10-2004-x64

3

$APPDATA/G...ew.chm

windows7-x64

1

$APPDATA/G...ew.chm

windows10-2004-x64

1

$APPDATA/G...ht.htm

windows7-x64

3

$APPDATA/G...ht.htm

windows10-2004-x64

3

$APPDATA/G...hv.chm

windows7-x64

1

$APPDATA/G...hv.chm

windows10-2004-x64

1

$APPDATA/G...e.html

windows7-x64

3

$APPDATA/G...e.html

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDIR/fct.dll

windows7-x64

3

$PLUGINSDIR/fct.dll

windows10-2004-x64

3

bin/IeSear...er.exe

windows7-x64

3

bin/IeSear...er.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    06/09/2024, 04:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $APPDATA/Genieo/Application/license/JDOM_FAQ.htm

  • Size

    77KB

  • MD5

    3d9a7c1bd514b292beefb4ac53e0589b

  • SHA1

    dcab081d7221da2819cd633522be981d31aba88c

  • SHA256

    493fa128494447a50a45e14d5943f6db7df4e5fe2af10a55972c9c14a917721a

  • SHA512

    4cf28c31b0ad90b56c52a5cf0bf1b3bd42775908593a731af2592e546c62cfef1ccaeb1030ac73677d06b69aef437a1f45b912ee8e2c9bf57a44822917931120

  • SSDEEP

    768:hkUhH2rvZ8O+WKcL9IX9AnRxwYVqqYK1GPHU88IRrCUh2:hOvF+6G0RqzK1GPHIIRrXQ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\$APPDATA\Genieo\Application\license\JDOM_FAQ.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2144
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2144 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2700

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6efd8c368215e087827c8b3ed3d49fd7

    SHA1

    7d003f998d59ea7662bf4b9a9b3a96283da0fd41

    SHA256

    ba4765f3483c27d75a8eeb83afb105c0fd233965bc5933b31828f7143301c566

    SHA512

    9e08f15e9c4d8fd03d64d11bc6799c1102a36e4e0356b405d98810c42b32b56eb76a5bf297fba9ad868628e68915d52d126c5e4c6baebc54a117aac5fecc402a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    893f3ad474b3cf47e74b4854dd499825

    SHA1

    c2f6649da876d612e2260c9d50855b753105f480

    SHA256

    88f0802013658f2907223d14f1ed911442a3e7fa1eeec19e500ac549c2a99869

    SHA512

    227bf3015e73cd3842c8796a52a423c685c5ceec727be6c31772c6ed97908441105601accadf30c3df37e9d9e3c8f888c3682bae079502b6d064652aef98957d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    20a20829a18ab67533d98cfb5c3846a4

    SHA1

    7bc89b3ac197c886cb10ed4302c78b6e45dd101e

    SHA256

    7bf41017b26709bda9085be98451646b8f1a201f0ca18d22e7213a5dadc268bc

    SHA512

    a914d9f6f10617d41258b28a7f1c5600a8cb29b3645480f095d7f37d07518da4e799f80d7ca9a4109101e792e21d2f89ee8bd2ce01fe3c93832c8860d70573ad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    22da7178c45f28b5522f5c1a35348c58

    SHA1

    a34a5489e89690022f1f25af395953da262bca37

    SHA256

    3e6b8bb99d9e5533b3ad36d9f9b5cea865ba05aada434b5e5c8fff0341268bfa

    SHA512

    9de630e612bdf10fb380740adf04f176cdfc03353a052ca7ef466b605e0abddfc720e62bc14ab2459e695b4dc6269997f15b5d5107e7e51a193966734630f87a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    381c6dd0697c50e8088ed37bb07a2efd

    SHA1

    3109edd3982f5da2745c513be6b1082585c1731b

    SHA256

    98db5725dcbf966f98095e6d05d32f00a280b7ef982d7b4c884e02f2d1b169f4

    SHA512

    37bd4c40484f25a95f8cdea821b84cd52722fe1ca9b40f5c63a9e59b403a3d3e0ff46472ba5952d5dd6d6ffca135f64e82b3e61d5cae3e4cd33af0eb909f4c21

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4841c91ced53e390142a7284a41a68f3

    SHA1

    eef4ae8bc7635716f71729c9b3813e8062543306

    SHA256

    f1e27ca8b6e2bad64426770a7cac96da7d4740ed43d8e7042ce6ed50fa84be72

    SHA512

    06a7bc82a6fff9e27b591ea1afd3ce71cd44731b55f07c654af534e9f49df2f59b17b13ad02762ba8a0849c9f38243292abfdad9379cc61ec65148e900a8884c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    314f84cb3ef9862220f94e62b3a77020

    SHA1

    65b8739d9cc2501aab524f443cb31cb0d0af446c

    SHA256

    fafa2dd9a201128e2bcc2818502cc09083d54930c3b40df6e849dce12f34a514

    SHA512

    d06dceccc7c217a0e90dfc05932defcc3bf7d5086328fbb601a38c3f6015f8efff44598022729e57d9ff8a30dfda51035874a184212bc77dbd0c706e8c8a021f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a774b7513f7aec09392721d29967ca0b

    SHA1

    df63d58128061e2862e3e192dff7518536cfca35

    SHA256

    16359dcba59fa304a4c2ccd2bebdbaefb88c65fad161d8827bbd6f80e0c31820

    SHA512

    932871a395a4c2384d9f22380ef9d9bf21924c1cc7bb7d02736a2c4c890c66a3642ea46f3b77e75bd7dbda0628d789fc1652ae6749f62abf0b8b1af495c1c0a4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ebe9eef131a1187acc777ad91f2e8730

    SHA1

    5868d915bd7ae6fa3819a86e7d00a9be2ed11cf7

    SHA256

    d2dbe03dd826c7f6a4e9a8f074f37eedc3cc2d7ce3cabc0c1a52ceba33d92ad4

    SHA512

    5471a5a4613a881bbe59e790b578473060b2dfa58a31a263aaf7a5c64e2ed71125647b023470b423c982c64a5ab73c1abdc717e8870daf22e23f7687048fcb8c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    848dd7c003b97a30a4fdaf9fc91b0212

    SHA1

    300f3b1adf234da99c5d906b382118f0f64dcbf5

    SHA256

    09d0ef4f0866c9538e3007a7d20940750f9371ea0dcbe46cff2836901a71833b

    SHA512

    b3c8ba1a6aea8a7aa077c7f6fafcdf8aed929887d7f4a7d008c2f80a4d3642fbcc775a171f9bf34eeae010979692a34a5545136dcf8c62d7b7887186a3818a44

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9996ab160091bf08ba1778b615f47718

    SHA1

    6164213c475514ac34534008f9c99664e4d69e9a

    SHA256

    39a093e213c1f6e85ea050c4007153ac6486135c1001d595f8d9201f1e6daebb

    SHA512

    ee6463f4b33bcfcae0453d8d3382f790d01624624a274aafbcbff8a18cbe186ab9766eb99ff9a0046cafccbad599c2fb140bcb8f9f4a2ae87ad10c27d004e43e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    94b4320586c8a30d0803e2b250cc03d8

    SHA1

    3c9404d828fdc492a41386da512d0fac7e4f4c69

    SHA256

    35e623f2228bc81fbbed06160de55b9776dc6f17b85b5b417862180c50a7c23b

    SHA512

    f8a8f76c0fdf42c54e5458f921ea5abdcdd690c464032ac4b5c89faec625208b6c2293ee8572ccf64eb1aa063175fe702487c972854f0a81639fcbb5d9ae7eb0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    431d97f24ee891a7ffa03abb6af39073

    SHA1

    215c05a37254c0382cc5d86db856ad6f16a4dee0

    SHA256

    afff5a94cce05d994c9011d5977ce6a8d9d7fdb878c66ef45d4366d2135c7f0f

    SHA512

    483dfc1eb5d9de466d55c3921603b9dd1b31fcf288c8525dabb0ba220bb31c0e721b4ed2c45995184b47578ed2598e251b9579064e03d469c4310e8e49dfa24b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    59d1d309f21aec6a7878d3edba6e50ba

    SHA1

    084c1ffc7c840e0c80ab4c0952a2d6a383d56fdf

    SHA256

    6281707ea6fca4c281a6aad9d5c139ca86c148848111151de038cb994b4e981e

    SHA512

    ea1ce906e9f7709beeeaea1715b754a6223647a00c474553fb7949d844b02d3a71fa4eee63f772538d55f6b68edbbd64179e1991d58a9fb3c1f43b3493660867

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7bfa3c4e435d1f0539a3605cd7ddc815

    SHA1

    1d8d8b26d2cf5b2269667dbe7f4f343350665515

    SHA256

    db2e9c7f6ec7ca5fffcfe780b3163b28df44dbefa74523f94d8670a0d1fd0283

    SHA512

    3f6c3029818186f33579583153684a07413f7fd39e6f370816c780e94867be76587f72842352dd3d02eed1b241f8f3c94d774cb65e632eb0ac35d7513b92ba28

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f99704e934d9c98f4f1a11643ac460e2

    SHA1

    9f6789186ad9c41ae02d1e4bfc24e0eac4fab7b0

    SHA256

    82674401edd51714103add503d09da1f2b11d1e4ae47bfba5ad1d4ce7dc45845

    SHA512

    3a306cc86380b039061222c27b61a784915c8b2eec656b7be165f3be615c0bf212b3bb5240915a08de42e88ae47e89c11da017c8b3a9d18ae7b4768287fc7f11

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9fef43ecae2eae04b8ffc847728f25b3

    SHA1

    089b377fa9a0c0fa98b2b200fab98464b8f815a2

    SHA256

    3e97943a977a725413c46c6fb7c86bb644fa7003c8b6100d845292b3c67654bb

    SHA512

    3b43096c2e567a05f2deccdc13722a09699f6de1eadb9182f5863fcc933f509c84a76f713369aa3cb425dcd819107dbd55180e6a0d62ccf323af29ef0d02ea9a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2de7b6b8f282e8b779e3a1b22804d97c

    SHA1

    2ccdabaa777d07db9c6eff79330a1dd9b627d8de

    SHA256

    696a3e529c3260d9d4d2979524e7d49d4f95854c98408f48e145bbbd34b82825

    SHA512

    83e8e99e14e18dff4c338ff93758abcd37dd3ddbc18952e63dfa77abd9577f4a05de0848b699fac7c74a53d50c9c7641903ded1af5f42b1ff19fa4d9ef5bbc35

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3111.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3192.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit