Overview

overview

7

Static

static

3

ArenaWarsSetup.exe

windows7-x64

7

ArenaWarsSetup.exe

windows10-2004-x64

7

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ll.dll

windows7-x64

3

$PLUGINSDI...ll.dll

windows10-2004-x64

3

ArenaWars.exe

windows10-2004-x64

1

LICENSES.c...m.html

windows7-x64

3

LICENSES.c...m.html

windows10-2004-x64

3

d3dcompiler_47.dll

windows10-2004-x64

1

ffmpeg.dll

windows10-2004-x64

1

libEGL.dll

windows10-2004-x64

1

libGLESv2.dll

windows10-2004-x64

1

resources/...dex.js

windows7-x64

3

resources/...dex.js

windows10-2004-x64

3

resources/...pi.dll

windows7-x64

1

resources/...pi.dll

windows10-2004-x64

1

resources/...act.js

windows7-x64

3

resources/...act.js

windows10-2004-x64

3

resources/...e3.dll

windows7-x64

1

resources/...e3.dll

windows10-2004-x64

1

resources/...ing.js

windows7-x64

3

resources/...ing.js

windows10-2004-x64

3

resources/...te3.js

windows7-x64

3

resources/...te3.js

windows10-2004-x64

3

resources/...ace.js

windows7-x64

3

resources/...ace.js

windows10-2004-x64

3

resources/...kup.js

windows7-x64

3

Resubmissions

04-10-2024 13:28

241004-qqpb5s1akh 7

03-10-2024 22:49

241003-2rvfbsvbpb 7

01-10-2024 17:12

241001-vqtdbavcpg 7

10-09-2024 12:08

240910-pa23maveje 7

10-09-2024 12:07

240910-pajlaatbrl 7

05-09-2024 12:10

240905-pcfx6s1eja 7

04-09-2024 23:57

240904-3zwtssyepr 7

Analysis

  • max time kernel
    1563s
  • max time network
    1570s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    10-09-2024 12:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    LICENSES.chromium.html

  • Size

    9.0MB

  • MD5

    aaea51a605688fcb2f178fd60e4ca64c

  • SHA1

    69d4791bf3cfedb68bc4d8f766878103578171cb

  • SHA256

    96837a4a521a61bd3d34f2f660e29902d228aaec501eeb2a84403f1926c3df9d

  • SHA512

    d328bf2f9ff7372a716a09e5882b9e3c0051b0135412b3258453085db1de2c7699c8aae24edfaca7798f468802db975977c9976e19fca84fffe884bf8594c33e

  • SSDEEP

    24576:h+QQf6Ox6x5n1nZwReXe1GmfL6k6T6W6r656+eGj/dBIp+:oAZeGLp

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2692
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2692 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2352

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d13bf2dd719b7c14fa65f146688fab70

    SHA1

    c0f9234b65258d16c9a1deadb3e2558f19f5f7a6

    SHA256

    2879d8c5aaec8801979df21d9b71a091952c660e688552cb3cfedc277dda4e45

    SHA512

    360d95d0444503297589e95b48f3349446b456151acb263596a8bea75e0aa7ecd277714a3a5335960763749e4403ced027370ac3226e23b3030bb894db731fa2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d5b7028b0d66b1516182f6c4e7bb6f3a

    SHA1

    28f0565bcc819624dba60543685fc5f043d6a1de

    SHA256

    163603ce130842da652462c2b0b855106dafb45faaccb740733b88f87360a1d0

    SHA512

    e3e7c010314f731c5664f1ad7a4881cb94c9632052d1445a883c656cdad3dfb09ddef950f6d947d4eecef006c266a9b3277abdabb6cf6f4adf2f00b74d512f45

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    af0a5d520d7aff66777f73643fa964d9

    SHA1

    4c2e807a0c020fbe34ec0a06df2983f4a628d0bc

    SHA256

    77f6abe41b88b09967cbf7a723fa985c2cadeebcf251610c1530e8509ba19e3d

    SHA512

    7d794f28907affab5d82ba0663b26ece18974ea12f5e5b09d41a81c3607d73ae6cbaf03d67e572ed59b8ab41f45880e74ccd8f8919d4b85a0cb46c2c6959f04d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e8652f8922b80b9628566d7bf07dbc77

    SHA1

    3e3c79cfaa0987f3f2dbfd9af3500cb2187e433a

    SHA256

    9e6bd49740ed77a50fba980744e00b5299770ca2c78188b5fcb880eb01dfb5fb

    SHA512

    1ed31982e100154b9bb4bc0d26026a0309406ad7f001e91fd87e47163aacf31d67b9a847e518d59e213e56626f9e1c396795c6a8b63faf5dd97d3b6f4fb7ccca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cd59f68a18f2c8d73e6ec02d39016d9b

    SHA1

    959c3fb529e088b15455482420a04d386ea0e5a1

    SHA256

    a91eba0f139f81a21864fc0f7dec2d8468ed67b979f27c625c9b942987f1e88b

    SHA512

    5afd67facfdc395defbb9d552d7e5348436a6c8174da74d4754548ba8332c9ff805b916a51cf53cd8e9df374490dba2946e6bdbe6c989f5837f6384bceb8ea4d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7de48539d26a04341fa037247f894cdc

    SHA1

    6500146d7d4faf4520b1eca933a769a938484f19

    SHA256

    99794aed02f9ff38c67756a43108d6372401f89d26ce3f624f8cf96b2a29ddc3

    SHA512

    e98a7b90fa5208a250d4d9dedd40bc346f87b0c1a31c709134295c3ac4bcec2c9ef97ae6100c657871d6edfa6e755225f5844fdb0011311593536bf9c84e4fad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5d15e24ebdc2cc5d86afa3865a8b158d

    SHA1

    b7f9f5580f4f3196751fd56d24a7906d15691c5e

    SHA256

    e52a4d1c35b08ba94260729be3b33709e07d9448ec00188321d1adc72e21a0b6

    SHA512

    91e67934258e12835a83797bccd959136bd11c11e83a84bd3b928be2599ab6557871060b25f9806025f0a2be4f28afc8f9a1d8a0997c343460b3fb07208f3460

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8c6e93d745975cb30ddd42d0919f99ad

    SHA1

    92a5fd76fe9b654af510c629ee432f525536b0f5

    SHA256

    2227fb17d16c441b832515152ec6661e0918691397dc321c62d5e9afdb0c0baa

    SHA512

    c1270761b601086e8aa0d6d156bc89ecb6beea41d1049dcb96687a6b7b656e74874c1c185980db5edbe8b7446fb8eae50f0346b0fc6048f88ff7beee6e9ed8d8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e0a3cc8a7c57e3bc2e447f91b58a69d3

    SHA1

    5746f626f8386bff75b2e2c3eaabef899ac2e46b

    SHA256

    100e9a46b89358e3fdcec23dcd8fc703341bc1bbb001f8b26375606210e049a9

    SHA512

    5275cb56dac94152452dae8276f5c8c6ea47d7a42e88038eb830d321666807f7b869bf604f17651022f1f168b5b6ee4691e2449f27e141de8ab0a23ca84cfc67

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e7bf38fcc8ca6c3dbbdda5feba9cf84a

    SHA1

    0c941d36fbb68919080e8a29d25c9c5cd622538c

    SHA256

    241367cc5c3b2e401da1449e16c815000ac430c2b0f96412c0f84dcd40d56fde

    SHA512

    2cac4193a2a84addf7032a085540b2689a11dc3b34323e102b478ecaa673a6259979236f59577b2e56bfdd7b5127b3136337f4fb14e48bf0851d6e16b5724936

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1004a85f7fa9bbeed16c6f114ae4c234

    SHA1

    b909772608700c2e915b15b57738cf4e83bf88c0

    SHA256

    ea6d8ee65e56371b7a93a1fa33121bbb43203b41f4bcdfe4e2bfb279eb6982ee

    SHA512

    5a8a8ccef39ef6df9f3d65fedf9f2850abcd46fd3e434f5d95bba8f81555f45d2a8dc0b47c797c2690c70053d03a03f64887cedd779a9ffcb39d9bfdd3a04fc2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    562e1ab410c1737d05c70142a7becbaf

    SHA1

    b00b2b7bbfb2da11e584cd4b4ec7034fca7fd519

    SHA256

    c060a9052203174d5a80dc62e47760174195610906285c1cab08cc8b90e95c6b

    SHA512

    8da3e7e7a2205d210fe9bcb2a81ba24fc9672e746f419fe735c6b0b4467064624419c6a6f9da1668752b07e7dcc8a818cc2341c7438c5457e6fedeb3846b6778

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF7AB.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF7BD.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit