Overview

overview

3

Static

static

3

d9cff9433d...18.exe

windows7-x64

3

d9cff9433d...18.exe

windows10-2004-x64

3

$PLUGINSDI...os.dll

windows7-x64

3

$PLUGINSDI...os.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

GDIPLUS.dll

windows7-x64

3

GDIPLUS.dll

windows10-2004-x64

3

MFC71.dll

windows7-x64

3

MFC71.dll

windows10-2004-x64

3

PGL.dll

windows7-x64

3

PGL.dll

windows10-2004-x64

3

Usermode.exe

windows7-x64

3

Usermode.exe

windows10-2004-x64

3

advapi32.dll

windows7-x64

3

advapi32.dll

windows10-2004-x64

3

dbghelp.dll

windows7-x64

3

dbghelp.dll

windows10-2004-x64

3

doc/ChangeLog.html

windows7-x64

3

doc/ChangeLog.html

windows10-2004-x64

3

doc/Interf...w.html

windows7-x64

3

doc/Interf...w.html

windows10-2004-x64

1

doc/Interf...w.html

windows7-x64

3

doc/Interf...w.html

windows10-2004-x64

3

doc/Interf...w.html

windows7-x64

3

doc/Interf...w.html

windows10-2004-x64

3

doc/Interf...w.html

windows7-x64

3

doc/Interf...w.html

windows10-2004-x64

3

doc/Interf...w.html

windows7-x64

3

doc/Interf...w.html

windows10-2004-x64

3

doc/Interf...w.html

windows7-x64

3

doc/Interf...w.html

windows10-2004-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    11/09/2024, 06:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    doc/InterfaceDeviceInformationWindow.html

  • Size

    7KB

  • MD5

    447fbf3422c78d56d3af97f507036c71

  • SHA1

    4563d496a36845d2588d0f8eebefd5738c7ef48a

  • SHA256

    7849562cdbfad4b57c65480d8c40856a881c94752a481c38d9948920773261b7

  • SHA512

    c1678359e95d1c64709c4d91d3f0b69e0863d3c568797f3064b00b421508745b9800a3f54e9752138bd6fb119b3a0e862f84d2e36a47fac96629f01d7e6604e4

  • SSDEEP

    192:ScQyHeiCuhMq33+HRDk/wKmg16pt+sx6FEu36F+UmZv0OA8D6KSWkUzyhww8gntO:SQeiCuhMq33+xwoKmgwt+sg8+UEvvFS8

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\doc\InterfaceDeviceInformationWindow.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2708
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2708 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2712

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bc7f875c6c2e3ff48751573c2fcea110

    SHA1

    20bbd55817c7104ae77867cfd41659e5bb2b1a35

    SHA256

    4d89d0ccef1307c59a9b4375fdd3090d5d164f1033608c99d8ef1ed04fe71f14

    SHA512

    b1e9bb6df95e1d39e566fac5c56cd453914d53a1056445d97109da5840f06c94291225c691a87a5c422da427caf7f1b33a696e25fe74f22ca4347e10c2e79777

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cf7fdc1ae908e3060392ede63cc784fc

    SHA1

    1094e09d9557f0aca78deab7a0d02288918927a1

    SHA256

    c83cc4199816d711f4086322c81d1fa81dbe2ed84500c95afc28a6fae87e1fe0

    SHA512

    506f4a30e9b081e4cff02924c537c8a748b894772a31150c77671571b287d4e174ccf06f1a894aa362effcc63f512d8dcd1cc2cb0aaa1c6d0d16459cab9ea899

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aff05c4aca493554336d3ab529dc6fbc

    SHA1

    9f9aeb6f993e76cdd912ee484a7d41595d47d617

    SHA256

    777eedaf89a7731811c973d1c87858e5fa3ceee8fa013450e676eb1b048fb46d

    SHA512

    1597b5c400607b527597d10f1b63b32fe3b05a17f6e66bc7940157957c0a8436b7bac96ecb1c8f3658239e680b6ff94691ee2e029917d59de5c4184eec45bb78

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e048d7b1e42b9684055a39a5c9bf9d7b

    SHA1

    b886ba7e8b1dc2c03b897ceca5365c5446f71f22

    SHA256

    15897d75a3b4af56a6caa550e50ea4c641557737cb4ca3f68e7ef7bf526ba15f

    SHA512

    a95b58fd5c42ff662e15dafcb2c4fce012297a7af735b62206a0e14bbf275198555d68be63280a8607ab373c743f92d2ac2339830d29db67a1abbebe8e2a98ed

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    adf418bddbc5fd90e4e539124a23c150

    SHA1

    fceb00bed8a45d7b16de8b939d0fb334811729f1

    SHA256

    d256c7dd67c85ded58ab8a609125485f1375a846dd35d20624055e4ef91ed81f

    SHA512

    79d2d1e2cc955c9954fbc5779c780b113554cb02887f0c334fd6984c976bcf7d33b0a7a6ff1629fd1a2ef000eaf4eada02b4e355ab29d72f8d805e32c3bae61f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    57c275d1e7c2d7317f8739a0362fc715

    SHA1

    993a79dfb38cda9ef632c65f4f3ad9f8c0230ad2

    SHA256

    65e6c50558fcd900280daaaf7d61efb832a4b27bbdfcfe573a4b7d5bc09eb0f0

    SHA512

    d80d933ff48f215537e9f8164ba399096e850c52d4a8c7f116c9b9aa3930d46aa9491394be6a77e64a7f5a4e604e17a869401db14afb813118c66483748991bc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8e26165cf0f331f083744441a1f06db7

    SHA1

    2f9349485da96975336d93a2806805acc5366775

    SHA256

    e91fd43e0192b9e868c8ca2ab079c2b8c529ae52565f36f7cc2e025ec824f819

    SHA512

    b085c1c01fcb869d0eee6f1d2445a2d382e99ab4e70f87bea852905b55f04d9b8e8f25688a1dbe8eed6be3154eb4881dfc2fdd3e8eaf460bba5c85ab7dca1fc3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2f36bce0a573585943b1efe25ffd5f16

    SHA1

    5339269a665917d5ac61f467662e0de66a033edc

    SHA256

    d3b4541c4dde9d311f3b2b225c08c7c555a5e1705e7dfa198b081c7827c09501

    SHA512

    01beb7671a916086eb3d11c31920ba492f7b2361bcc305331170b31cf565f0486130431f69a704c16cd71e4bb5f7a48c95a26d815fc8f5798a0fe193aecc83ce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    45e092751a8a896c52d5ae328ae67815

    SHA1

    4e7b60e106679a89af7f01695e745e0610385565

    SHA256

    18c79027ec848c6a59b2508b30004bc9260d3b180d09d382891c88dc79cd7bef

    SHA512

    5768a5cfb76e2e7145566f8dcfdf982f3124e888abd5082d8f4a2189cbb2416e21393981a3752c00cb88782a9937ff69e54a63079936d1c073d8a15f7e198ef3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fe5e7af90211ffbd2c7159639af49640

    SHA1

    0df37ce6b9c7ee604fa5fa556035abf78a394246

    SHA256

    233587acb7a3b09c537eadbf22a42a7dcbbf73723095d08b7d972158f3e0c516

    SHA512

    a557d4e5574f60a61ef8aaee8cf6a229784135e81863c9e30c4d60eed098b775df7892505c0301dbf3b9e47d08327d60d262256504aa9362ef5f36f11a657943

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8963c0d33f8efbefec151b5325b01dc8

    SHA1

    4b296fc3806b67679200d8e0286676571659eebd

    SHA256

    df7bdd77c91d7181e609a0ed26abc8a9c411e9409eec5d3cc9da60ced1055f2f

    SHA512

    3e5866785d24bf83d059682c3bf4d4b1d7cdf311134dbf47dd94585010f08eb5e85cf0ed651bb07c2da9b564444fa27a3dca815b13281a0a5640befc498612db

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ff3a2ede5856cb2f6e0ea111e82df1a7

    SHA1

    9b6132719b09e64a4697fcf81b9aa8b01f9e659e

    SHA256

    b47dec0391f2472c832ccb50e6808c6ae03e8669e430477ab6dc307d013bcddf

    SHA512

    fcbe0f8c3bfbf24d1ae048a106b9f64acab70c401f973b40902166feb9ffd2a410767a7ea013eed3f7705705b394da7e4d6a21e920a3f5db30477fb48e1789d2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3d4d1e38ad7456eca3374fd5ed98de00

    SHA1

    87944c9820326e2132c8c7de46c4a862920ccfee

    SHA256

    c071695bce40c83f5acde22990a04398f8193e103a431905848daffc4756b937

    SHA512

    48bd8e49173c119cb02e1cb994990d613899520a2e38c722095fd699f7847b82971207ecc1e33b76cebd8ed53fcd5a5ac44e16e0ca70f8f50a03801cf212682a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    193a7a0f1586561999e6aa206e16301f

    SHA1

    c3b86f326954e9a4f1bf5b1f5341baeeaa9f6d2e

    SHA256

    38b456cf5e5e03f3e3198164dc466a74eb33aa15f0f37c028d6cc84d58f407de

    SHA512

    1c75025b35cff99762e8f26481046057feca769d3027c10fe38e21daa31436c659ee51a33107921dd383840fb96bd1bc89c0e5e74db6454dc2e03c0e4ff44d28

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    714ab07bcd48f387c7018c072d8f9fa0

    SHA1

    cf28c5bc3506c4912ee8b8d60350a456106def77

    SHA256

    5391c47de2dca8110dd40dfb3d7d530f5d1b85edd8f058e2e33800d2f53888b7

    SHA512

    3bb7f457e8e16eec4b5e578755f023e872b8572ba0fc5efd756c9af0e2fceef37901e9e09e1f74209fedea2220675ca0fb1a0ae0d06c875e0ddb10fbee48f7b6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3150388f325aa40e29635fbefc548b69

    SHA1

    a5e490e31844db15cdf987f8936888e8083f74e4

    SHA256

    f76e26e9b26cc1ceb2cb97d785712710362f95008a995bd2a54ed83b45b8b18c

    SHA512

    6ca5b700d5895218e8a0e9720c06c6e84f25ff6146f7fc0c5c29a886617c753c2d8cd3a8526039f4faf16cbb694684dedea7e6db5cb3cdf25215e96b1e58511d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f301c44b541342f93a56310c3a6a1868

    SHA1

    718e73cddef92b5e76cb5552331fa5d240e0f3d9

    SHA256

    c91ef6dff244df48f5557078ccfbafcee3743af90c91f96da606ff89582d18dd

    SHA512

    8e85f2ce84091afc758cafe599eb0f8a6ebde642c19648bb301eedbf345f7ac09768f1e8b78f301c84b7ad8e0bc73ff5f5076be96d6643d3a42c92e13c95bc0c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6ba5543bd673e70e50406ae27117ba0a

    SHA1

    c2414e1fb03b20334f1609f542ee541eed14d14a

    SHA256

    4323fb7063b2f45b2ff3c834d2cc9419c6963fa246b3d22633e03b1dd09e3438

    SHA512

    efb7bc2b318407e8a756a5c1bf19dac60c057ccb86172bfc43c2adaeff70659441a3fe1d61a623eb1e21bbd1f68018d17f8c1053cb58d862b9f6215a5326e552

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    750969b95b5df2849205e4fc6588fe3e

    SHA1

    e1dd4b92a4a82cc86dc153ce0c7341607a62e91d

    SHA256

    1a248ecd194c3ab42d09b275d0a4d08502a19548ac76969cbd96a3098ef4eae8

    SHA512

    831776e73f580559e5285f1ac4c1337fc04f2c82279d12aaafca00d4ad9976df41fc00274b3bed82ef88516b94a0c62f8b7aed561b7c73db0a85b4c38201363d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabFC2D.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarFCCC.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit