Overview

overview

7

Static

static

3

dbbaae6190...18.exe

windows7-x64

7

dbbaae6190...18.exe

windows10-2004-x64

7

$PLUGINSDI...sh.dll

windows7-x64

3

$PLUGINSDI...sh.dll

windows10-2004-x64

3

$PLUGINSDI...ge.dll

windows7-x64

3

$PLUGINSDI...ge.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$WINDIR/ls...py.cmd

windows7-x64

1

$WINDIR/ls...py.cmd

windows10-2004-x64

1

LingvoSoft...ar.chm

windows7-x64

1

LingvoSoft...ar.chm

windows10-2004-x64

1

LingvoSoft...fo.chm

windows7-x64

1

LingvoSoft...fo.chm

windows10-2004-x64

1

LingvoSoft...lp.chm

windows7-x64

1

LingvoSoft...lp.chm

windows10-2004-x64

1

LingvoSoft...te.url

windows7-x64

1

LingvoSoft...te.url

windows10-2004-x64

1

LingvoSoft...ll.exe

windows7-x64

7

LingvoSoft...ll.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

00lsFRAR.html

windows7-x64

3

00lsFRAR.html

windows10-2004-x64

3

LD069D~1.html

windows7-x64

3

LD069D~1.html

windows10-2004-x64

3

LD13C4~1.html

windows7-x64

3

LD13C4~1.html

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    12/09/2024, 03:28

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    LD069D~1.html

  • Size

    759B

  • MD5

    dbd3525dfb01d2aa4ef583347423cb28

  • SHA1

    b87aade3040a20b3af449e81f6550ff32541dcda

  • SHA256

    7fa9fce493b852587e1cbe423f1364e79203b8e70663e4295c9d0ea65eedc1c1

  • SHA512

    764cbb1174054e6ec2826eb660c21e309c7d0c400e5cf512fd1ea96286b30f7a549c6a56f0d46dcc4c9d3eca8dbb053577d6e62f5fc497bab315428609461e21

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LD069D~1.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1984
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1984 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2564

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    50688ba59138a28f2b75d3042ef6ff67

    SHA1

    934e296875f452e6dcdbacf9f6ab6fbc4de78ecb

    SHA256

    732704933eaa22d8b0abeed60bca470b47404ba0d3519dfc6f6b6677264da2a1

    SHA512

    5789f2318d28b04870b5e092e49342fbf1221d565baf7105573dba72b45a52436b57cecfa9e91537c9f1a8a1992aa5310b2e4cd56775f75f4b26f42969e50a3c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5fa8042f4647f66d824704edb7bf2801

    SHA1

    078fbbe6bb0b3bdb1185cff7211bb69734779604

    SHA256

    4acdbdc5400e7d756be889be539b204f1213dee5c2826b90d93f028ba528c274

    SHA512

    8f9744c0dd909aec37d888af01d999417337ba8db6737f78ce5603447987e809ee667d1c1a33b18e263306d11a1dc7d3973df9e0fe2a9a85cb9392f1f57069ce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7fbf788e5672d10d59d0cf400c9b7c16

    SHA1

    e715731a9444503c27d46116285cde88a0d98ca5

    SHA256

    d7df47c569f44fbe8646929f0e36d2e00f6c6465d08c790e11b6940b2e37a2c8

    SHA512

    9ed1ef280e1c05cbbe084edee85644e8a81b936a45aeaf8e1acdae998e9785e20cd8a5a800386151f61f1e9320e904cc24b673c3e0b525d36b79e5e86c02c51b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5d5f27bc8d3882be6d4ef72a7f18dc99

    SHA1

    78551a40ef991770e681c2e0025053417113aa98

    SHA256

    3d6dc6a8b75537c2c4d912a4836894ed88df1255e4548528912944d5fc405df1

    SHA512

    e2f57e60ab907d3d68bcda0978ac22080866e58edee8edca0828ccf405416623c93390b7104c99ab848ec59f5c4d1e2651cded7b3f1178ff4cd7de3dbdaa9e43

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4f35d0d00457ee780992b4e91cd3ac79

    SHA1

    a981afaf9683d9b522af18c5dbadf11971ce242d

    SHA256

    fdbaccbc52dc4a62599510d1556b0e972d265131e829c217b375c6841ec1d983

    SHA512

    cec6397e94dd94205182d35db3c293561e7b4d62a9b0c0353b51e362b026aa86dea554e26cbaa7f57f308fefb6e66b6bcaf876fe6f1c8114b97b47f5f5361ddb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    832336e53ca80af8f6c0a9f9506538f2

    SHA1

    79d8fcfeae6a7ee8ff0e1526af8a53cd49442276

    SHA256

    e995b147535b586d4c9fa65e693b5344a4d28f519e2702046f849e70da9a5ad2

    SHA512

    58b3d3ea76d7836c083ec28591b352e54503a32fe7ce8c7b876478c47891c09ab5d705a3abc14e42beefdb0113e324253791dae42162292b8d08494bc9e30e70

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f64a797bf176de645bd02e75f93cc319

    SHA1

    8cbb7498dc3e01d9b31033289cea9e16de8dd043

    SHA256

    bea9c2c0408e65183ad00364b00b34a102f03973c32489aa86f8cd0294b93039

    SHA512

    9729876d6c1db38e45ce9f34a05f16ea1ad6176548f8e6b56e2d1d75ce1a306b0f312b806ef0e27cde72bd0ada3edf1a20bafd7d7e4629f9a64509e0ec000616

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    88c81c153f7b9d30760c633d219052cf

    SHA1

    220a98e5907574b0c123a43b387dc8a4e74a1cd1

    SHA256

    d85d5881ced60c930bfff369068fe2662cfcd22d0c297f665bebd94eebead95a

    SHA512

    e2778b2272b77698cbee52cd98963425bd72c7c1769b37a14fec2b877403bb4bd5467fbe73e7e1fc7febd601148f05e56ee9945e130e4933c41339f5456e9424

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    165007f839ae4b28f1d70ef4d80af673

    SHA1

    8f005064df4b497ac6a873fb402e953d22249202

    SHA256

    3f229a7ee65cf9b8d302d9c78c2d4edfb61852ab98fe4942e81e706037b7ad89

    SHA512

    2c2ab3eaa5299ff541dfaacabcbe347d970d97f617e11a26db7c6463c188eb8b19abb1c881334c764fe69fea26d53bf16290fd8c04804f3318f6604e46b9b7dc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e5cd05fff928b5c8b362f6c222908465

    SHA1

    5ced0d70a515c6cd173d6106fe2dd16535eff0a9

    SHA256

    12c858d1fe8446e14708a00ee18a896aca55f59894d669a9b68ac45d3d3b6696

    SHA512

    1848949b1cf77bcc3e46f17b99bb47921d7e4cc149b855c4c1542eaa3ab322b2938eb7108c914b320b7cb53f73442da79066dfa1ac6808a8a6dddc4073745296

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8a6e2bd9eb59e520a89ea620dfd7424e

    SHA1

    641c59cf1ec70462af57163bc11a445c8685b08e

    SHA256

    4f98a333142e087a7af28171bbbb7a8054002a9ac5742422797039f3dd63e23a

    SHA512

    aa883f382754f4bf38a8537a9591fcc55570fdb92897869efe7929f8244bffc23ebabcffe9d2a2a2505ca19c5a7b6a5966bc30b61142327aa479cc5d9eccfb38

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    405783fdd2fcb3c1a31a282c5a5f3355

    SHA1

    c75467108b217ec5fbaa1fac84f606d20ba19603

    SHA256

    2570149d92af511fdc88a3bc819a160e8115aeac2b0ab0090695a20e3017ec14

    SHA512

    bdb6531ff0f91008ef877c8b4394fcfc5882b893f91ea83b77a7bce127661ad8e3bd1f4d5de000ff853f904645559a5b0034ea33a1589c0d0767eed3aafc033b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    17d0410fa2f45da186894072a19914c7

    SHA1

    c8b859daaa5fb16761d1d58f77063e8f0c097604

    SHA256

    6788fe9bc75982e9935caeb93e3fb6741022867cea3df1ab244853fad16c98d6

    SHA512

    e5ce3ccfd611d93be9e7c8bc02a0b52286001b2dca6e1d1c3f844fc94fa1c47c1f50b32bcda061d22701601d82915d1f4f5203ea2d8005401d2b4a4617b6cfbb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0b9e3e278d0b34d1de3c439f2d88f53f

    SHA1

    9b50399f18d04c57006a5c2dc566a37c9e2fe149

    SHA256

    5058e659dd1335dbe18cb8d343ac120f2aa80940bcf27311deac7a5cc64a9e4e

    SHA512

    97cd0b05168a5681c336d40bfa9a53ca02c227bdc2edfc0888edde5f76fef23fbb2810efdafceec6332fdbb58b7e184c537af686fb631e608c52b7aa6774ec32

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9e1b46e5faeacaf625f7d781b7d79fd2

    SHA1

    dfdb681becc78d6f93fc7e0af0f12cb30b624a6b

    SHA256

    8a4265adca5e8ffa65878f174e2ff75171e789f67d1d380cf413a303a7618d07

    SHA512

    8a79ae719387ba2a20630ed6c90373623b37b32a5a0fb636ccb757a22c19631a6128abd37955ede3f7a98b44c4814df608af4d58a40821ac23796b7b4d94014d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bea3ead1d05accbd99d97a401dc92825

    SHA1

    69d11796e1b3187e9798db064b1eae5c2fe90826

    SHA256

    d1cfbb4e614bcd751582e696db3d299573553d0f8703a4a0440d7498058092fe

    SHA512

    81207086b1318e5d74e9d8f913f0dd47467cc0065f651674bdf0775a8506c78c9dd90d3e5ed288a6f618dd0ba74ddf8ba15e7f76f9548af5181423c439bb4a4d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ff67089bf350f937d7e3dc4597ac145a

    SHA1

    e549eb9662127ca6efb26a5114b6ee77de460d91

    SHA256

    18797102ea111d5d1d7656792139213c94d8e131f10a562b845d459e043119e9

    SHA512

    edc94f4da4fb13d96c0477df365a6aa20a4b46d2cf8004ade0a010b67e44b724fb709f30cceb4da41d433338461de48dddf6e5a86c72d15dd7009578cc68005e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    46835da4564a286f5148920eeb8cd7b5

    SHA1

    eb95bb883f8471c3074f4467ea03e6c0207efc14

    SHA256

    a905826c1d7ee3b25c85e1974b91984ae8541393fa7e699d3efb7911a1012574

    SHA512

    fe7d01d389b05940b5c397b483df91bac7e6193a3d5eb5e458de304f1bdbfa69ae351f73ae66f8a6fb3af4f64052386d330f455c5e85ca83d2fd77cf462d6d54

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f6e801d38b14f5da7f067bad06ee5e57

    SHA1

    c3d683f315ab9b5b5b1223f3ad9ba490734fb30f

    SHA256

    063b7a1c87bfbdbdd7d985c01e013e2ace5356edea11360a1e2e5a3699096fde

    SHA512

    95f560355b571c811eba62577671f5e8aa7830e618f0fa6792dda638b41d379b0eea573231e2d167f2aa35caa8278ce3af3aa784b7c73a1faa55b4f5ae443131

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabCC17.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarCCC7.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit