Analysis

  • max time kernel
    118s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    07-09-2024 11:28

General

  • Target

    LICENSES.chromium.html

  • Size

    8.7MB

  • MD5

    bd0ced1bc275f592b03bafac4b301a93

  • SHA1

    68776b7d9139588c71fbc51fe15243c9835acb67

  • SHA256

    ad35e72893910d6f6ed20f4916457417af05b94ab5204c435c35f66a058d156b

  • SHA512

    5052ae32dae0705cc29ea170bcc5210b48e4af91d4ecec380cb4a57ce1c56bc1d834fc2d96e2a0f5f640fcac8cafe4a4fdd0542f26ca430d76aa8b9212ba77aa

  • SSDEEP

    24576:KPQQ/6MP6P5d1n+wRcXe1Lmfpm6k626D6b6+eGnkywBIpv:Cy8OeG8k

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2120
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2120 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2928

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b364a53cc213f95a0851a4af6c5294d3

    SHA1

    1b4470e3478d9e58896fd3feaa7e65ad5677ac79

    SHA256

    b37e2de9d10ab058393bf7084f7f08a7152f9831c94feaf668cebb7be8ecf4c4

    SHA512

    f154ea41bbce6a8678c835a1dc8565ef62382729e6366e4d335b03f8c2d1feeae03056c3f6dad126db7ca440b2662169b00a95ce66976e6f186c93cf8238cfb1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a6eb60649684932584eaf499d52d3a68

    SHA1

    f4a7c4dd0c2904fd5d71b74ee3579029b3546a3a

    SHA256

    543fe81adbcd1f99b6bf6135250d83da1db6a57d1780816a1c4141f9a40e9182

    SHA512

    d531f5b64db665a07be73760f8260601c7112cf863ab738ecb564a3ae774cefbc0909732e00a37d3651809128fd6d6d5119f7ca2d1678d340ee2c094468e8176

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    be2dfbe4408150425fe6a4a434516a31

    SHA1

    c8926a098cafa6f6ad06c2cee044c54a4dccc8eb

    SHA256

    98f40adf6fd02dab486da461bb74e02c322f46082d7108711a552f32f82a7a5f

    SHA512

    1553096e00962c6e62a35fb4bbc9ba3c294918eedc882ad28dcdf91bef257493e72cdd3d35a03e02a88cb28413a61a381a62834b4ce5b83ca58294f01c7300b5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    94dd350368bc568d92d6329ad0f201be

    SHA1

    e85c18de56861caf482eaecfc04d73145beac225

    SHA256

    ccec0f69a61e949b203fdb7d10721e11283dacc9c30af39e0523b52256158e0d

    SHA512

    dadd027564b84c56be4ca68816d1cd6f92c9687367d1e20873558946ef6be3ae072b17ce750ee9ba0732b183414a3d5f1714f3a450a8fb714ce4a96eac224639

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ac9e3cb85fe57e24e096de14286f2b46

    SHA1

    09f5f57cfbfa88c68fab6c9ffaab5ad3aca8dd09

    SHA256

    eb6b9d5a40391243c36c00b5f2fe7151beb57236203b01625fee4c4afd9468db

    SHA512

    e6a6295954ae6156445d72184bbd5df7285d7cc513a23c9f4730bc69a294975906f1d4ea1fafa7c0dce5a84bc414c3dd1742ae1cea9675d06a10c05640052873

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2c29da2788293df193eb8f1474b18cf7

    SHA1

    0d4ce793dbb47bc5ba363b79d9fc75f4d54292a3

    SHA256

    493fcb56411ae132eed831bb9b49614f7993a69446be83ed9877d8b35d4fdf06

    SHA512

    1a8eedcc46ec5d1edececa42115d9a5a0ba90fc2586035e66e024ab15dce8beafda1f61cca9bde35b799276fc6604868b39f4c3c88af505b8ffcc6adfe684f01

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c63e62171e22d87d64e11d6e9f52901a

    SHA1

    0b4c943e25a54ca156804073daaaf74ea39b99f3

    SHA256

    e6086ea5e7ca3333b8704907b2d9bc6f5c68522e2550a5d1e010e6d506b298b4

    SHA512

    218a3801dd5d9b66590a4e50d87b7ffcdd55d81dc95113c11d4b8e4722530558c162a559d81f1fc76518b116d5ae9df3be4523adca680cebe3fb466e56e83b42

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    86f59d2c639f8d2ee3a9c1ddb04dae4f

    SHA1

    0f85bb342f8984972d16c580bf6f9f16015f7b31

    SHA256

    5d0e28a5d7838de6be0cb26c1c8edb669f69eb9fa436fa737ec7d098dafebddf

    SHA512

    fefe2f9a3645b6be5129916a91f435e6efc022a6160d9816fb59f90fdccdd47363c0d301e55b1521548b8be49b672db6c41774b2bc61a6b06654934b5e95056a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    424285542951798f787f2585e59ec938

    SHA1

    7292cb4c0049349309363c7fdd88e156a1ef1806

    SHA256

    3e8b9cdba1916e611fdf9117c45d8a1082268f4663540cbea6bbbf4b157c6df1

    SHA512

    84767ef56ab591d8a1dbca874f0e4a46c0d09eb09a32aaa69e767836c1ba32731efccdd89f00cff1e0a247575db9104808f9cbab69f6cc5066c863e642630a6c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7f99675bd222a30c0dbe4e3e5e5d7d21

    SHA1

    22bbddce79f1df36c2640673ade91cd278c21040

    SHA256

    42a0f0e12dd2e5377a0cd0dedb596c247d7a7daf0c19d6dd1652fc1f43a3937f

    SHA512

    d7da5f6c2e9baef5973b4848c309274a03143ced0ab5d69001245ec6df294e857c00f8adf51f3272ec375be8d0734c30ee6f5377c8e92219786f6435b8759390

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0b2892ae9cd208444506789f4583b764

    SHA1

    5ed4b642b47173e853005c869772271f0a18951a

    SHA256

    cf473e86d8b260f0a80b452d3eb480010ae933fbc0694eded3c8d2e4f4c115b3

    SHA512

    10138080e88864b9a56f549bdbf51e4d7fd4a9eff70e48d6ed15ff1a3198cea66b54ada942e6ce0cab3a7c0f0abef83c1c686f0bf6d4d173291e06ebe4e2246e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bb02575500f71602b8b392d92a508f57

    SHA1

    cda5f1f8e525155358c05cdf6015ce441dea6fd9

    SHA256

    39804929ca410b3e0532e6615e78502415e09519b337600b278a0ee9a9e9012c

    SHA512

    dbac0d43f0006db3737788c9a812646cc3bd45c7c518dac6d387f9b0ce08deb60d24bbf1686efbc0858c58eb2bced5b53bd509c5c76f9c782bcfbaf34be31066

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    063d1e77ec5282c24d67cb1abd87f366

    SHA1

    f43f557192e9f89237ab1e55f403d035fc52c16c

    SHA256

    00982ad81b26ceb79552d1c775e8f4d2073b246a247b953d6af4949c4631abb7

    SHA512

    c6742b6db523ac9d3842b58b4f0c6a9e7a7e8437978f680e304b884afd4f2b922b7eaf5aa372ee3d3fbe21a37061bd29e88cb6ac9c02d315dc90debd540131ec

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c07990a676133fd6903a3f1e4b98343c

    SHA1

    d3678f55cfa33187fd687517533dff4b90b70039

    SHA256

    3f365b15176fc4a494244c7a674f6a863162624ce780f5e518795fcbcd0a1b21

    SHA512

    7e8a98f9aceafaa39a20c4dae58dbb7d89e0f95ecd56bbba0978429b632756920260140e9de7d2ba6641baf25c7bb3015d058869a104f81d9d725cba96632eca

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5f5d5f6eb6284d52dccfb7955a856d20

    SHA1

    39a0971139cf5f4312a97e6447bfbbb800a3c6b5

    SHA256

    8ee4617605123c77a1349b8a28c0dd9677ef61cd9d556dc53d6f891e1d566fcc

    SHA512

    f7fcf0c1c148b4693fe097ab518b8f0aead3db83f5e934509116d4976e3e5766ff2845d677b530fec1b2abc1379ba0dc330947b511387b073804384b5e7bdc72

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    56b205f712b6cbcebb41184dc0008ac2

    SHA1

    d5059d964275a00a93ec8bebac65951437e266fd

    SHA256

    029a55be49b6b2946f98a24fc27dfa31158bba888a7344fdce442f6b5be113ba

    SHA512

    9b6e4e99e9c6ed74f5bfd81c82f235d5c132caeffe93692f1d8fe4a3f265f91e7e012e854e54993b3813b2ac35c98010f0a6d6bb8d7f2f90c14ba98eb804106c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e31ea80acaac726d549763272a77b73a

    SHA1

    35a66acb4c0e964697584203a823a79e13d1f698

    SHA256

    ba27a2cec8c753141d432fb229c71c68836646c8f8a882afa9a5120370ff2e87

    SHA512

    ced9472bd15d2249832d7ca291d51ccfc63148ad7d23170e1aef01febab335b718aa3a6a633484f38ede080d2a7773084649194ee934a37606a0a24f4c471dbc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a4eb02af15ee5aac51207644fe17d6b3

    SHA1

    8f647b8b3a4eb5c7a965812d30f1f231e2fd86a9

    SHA256

    ca76330790235680211759c48ce90c2b61d2a9713bad3cb3336552bd556e62d9

    SHA512

    df18655f89b8f0c2f1a6987657718e1cc61e9840906de96fcc5b6d5e9fa512df881da3f485e0c6b43c381f68891a8b090d05a2daa9134f8ed164e859140d209a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c67b953545551bee4ce617e3fa53093f

    SHA1

    eb36ab2c61c5c6cceaef07ebef7439b0f61b9add

    SHA256

    c428452443ddd7e2eb586cdbb745d3c4f7bd6d9aae2fb7751d12463bd3b80807

    SHA512

    efeff9d450b2c4478eea7b3d258a7093ed441a2b6e143b58bb34941267724f257c96a86c24c5440c1c17a75958337c072af532f515204b88ad086e11691b3a02

  • C:\Users\Admin\AppData\Local\Temp\Cab3076.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar3115.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b