Overview

overview

7

Static

static

3

e11f716f65...18.exe

windows7-x64

7

e11f716f65...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$PLUGINSDIR/spd.dll

windows7-x64

3

$PLUGINSDIR/spd.dll

windows10-2004-x64

3

$SMPROGRAM...es.url

windows7-x64

1

$SMPROGRAM...es.url

windows10-2004-x64

1

About the Game.htm

windows7-x64

3

About the Game.htm

windows10-2004-x64

3

License Agreement.htm

windows7-x64

3

License Agreement.htm

windows10-2004-x64

3

Uninstall ...ne.exe

windows7-x64

7

Uninstall ...ne.exe

windows10-2004-x64

7

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$PLUGINSDIR/spd.dll

windows7-x64

3

$PLUGINSDIR/spd.dll

windows10-2004-x64

3

Visit Sony...es.url

windows7-x64

1

Visit Sony...es.url

windows10-2004-x64

1

Visit Whee...om.url

windows7-x64

1

Visit Whee...om.url

windows10-2004-x64

1

Wheel of Fortune.exe

windows7-x64

3

Wheel of Fortune.exe

windows10-2004-x64

3

aminstall.dll

windows7-x64

3

aminstall.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    119s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    14/09/2024, 22:00

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    About the Game.htm

  • Size

    9KB

  • MD5

    1be54fc973a1667d1f3afed72d9fadce

  • SHA1

    e3e1d778e5a93d00b768676dd7babb98542d57fe

  • SHA256

    54bb10d06ac4005d2b0670f499ee65d711c547aee87c4511486430e674c33543

  • SHA512

    d3b34389eb2b5f8a99ca215209da03bc16a5ad19549e8ade92d434ab268f59a5257ee5938a1c5e2ddb1246da42e0111d9d33bfa4671460d885db5155223ff83f

  • SSDEEP

    192:nYBysQXnENKjY7iE7MUkJWnON+jwN1f0IEf2kMT5c46d9T4MXn1jz:nYY78QBM0fAP

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\About the Game.htm"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2948
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2948 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2476

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8c97bab8614e45aaf69eff702c5b2da9

    SHA1

    e96b8b737556f0642ac8bf4355c5d0b55886c731

    SHA256

    474d001b17e113ced711628d582ed50b89b46bad92b9c2aacf6f63eb0402b110

    SHA512

    9e29a7a0fff4bae049834b6d56baee52b0eb4b93b63b7c5d56115022ae7440c5801bed2777913c778910016dde55447b3b48200ca9b311fd00cd9ecb7fd39cb6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    22cc96c795b5910c61c1d50de1be0579

    SHA1

    51818d9e06096cc849bad82e660ff403aa18aa8f

    SHA256

    f17a76394570bf881d4df5bb39f8aae1533b44fd7aaf62a0390067d82648fcae

    SHA512

    13568084948d01fa0350ecde56bd790ba3b225fc3b748eee8fd0f7c82e6e16cea2e2597d9bc9833a4df2e8e43c566b6e9b36b3bafb13952b90fe75bba2a9b52c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b37ed97b4449e3788885ede22b7d0077

    SHA1

    fd049f74666e79829cf1f7f1ebd18b16a3582cef

    SHA256

    7f385e53c1fa5e7888e0deafb976815ddf2c3cf59b63916791bcffa3eaaa773f

    SHA512

    00b8ee6609682d9b21f3b62fe9fc85296d29be33fad24354b10c47ded3967f6eddd4ab6d716b3119226db2bef5bedd164a0a5e37bd3325b8de80523f81391653

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7b49da1066ed50f96ea9501377bcc24d

    SHA1

    1eb59d0c3a08404cb418c6fc47ae4b5739899bca

    SHA256

    b56bed25649a73330c2e04a82014d7f5b1b2c2402f7b008ab86af1bb66aa1beb

    SHA512

    2fcf83264e5a9a575f677f744e93a92034cb240be7721b3cb61943bf9c195592b1ebf8893c7e852849fa9c3cb3a2163e7b2aacf554fb6c3fbd40ab78f466cf57

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a4869a5a245c50aa8ed33340f7df9d27

    SHA1

    65734de8c32140e89cdb6e3242038c8665b4d6d6

    SHA256

    9580feb76d55c90cd502dffc98310fd03f5aaadecb4dbebd12414d0758fe4b19

    SHA512

    d76ca15841182c0fcbd7da1abe4867d6111c5eb828ee61b854e46fb77ab1899b7fcdc38d01ecf744b128bd951ef774a0ad0d30b1d11a51b07fa69c71df45c2c1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fc70152c2a341cd9b79a5ce52c9cdefb

    SHA1

    8c7684097d6abaf04b2ed7c253e170ee3d19dd97

    SHA256

    88bc535ea5579f10da8c526244503356a6748cdea44fc03a7dfca844826e4106

    SHA512

    7a824a89551a8ed3cf699aa9c6c5ad8368c01957db2438783814088d883ec2d1f7cde4ed43ae10e43824d7860dbe6d0f3e51934b4b0cdead4da5ad083a1bc9e4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1c75082336fe363c173d8f1ede4efd7b

    SHA1

    cf7309d630187076ea940cf6dc6bf62819f4d67e

    SHA256

    92154c4c4feb2aa14849af1c20b45d3f9942b1dfae16380bb169b16890fb41bc

    SHA512

    a2de6f7cd9d3ce2b183872d2e0ea99004c8b3d5d0a9e5f73e873ab84f6426fd130a3af9be53067b00d368785c89d887de437ef3dafafb8b9dcaa2ca432829cc0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f3bbb6447ce690a7efd737b49ff826ce

    SHA1

    2603087160dbce678118dc026dad2aa146ea7761

    SHA256

    88e6b73f59632c4ccd37973bea28a3193d7d9ac974c2f970ff16ed7b3747ef4e

    SHA512

    b07ad27d6a6107c95e55dec6b3cc67e6ac23f297cd3afb804b2f6635a59ec7404eb2d8b99249ee2819f6cf51426a367824276cb2f37b09549d9788dd747d37d2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0a0c4bcb08441ac6a02e89d440020ccf

    SHA1

    1f047769c2457c3890b1f7e90e7934121ac464fa

    SHA256

    94202398add96c1b8e2d3e9a11fbb5f5ba1e41b81d79b3b4f6b8edc85e2e1223

    SHA512

    998f54c091d5a6b7315ffd7862aa7fb623657901bbe729fa36a3cb33badc7055a2a410cf48fa18472237cea2d4e8d545e6da1be8b4394610ba7ca0a8d6e2dafc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5a3030da5223414375cd4eeca4caaa95

    SHA1

    d62b9336d5e6c5cab491de5feca69a6062d39d1a

    SHA256

    1905ae1f54cd60da6a05533eea51e223fef9eafad571e50399756d3a84e4c204

    SHA512

    4bdb6b9e9b4335fd3558baa0b9b86b73b4a343cb0fe95152441a364d415abc57c90082c74924b28de24e8d4cf177d4bb6d6120b189df189d78ab629bbc93425d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bde0c37e18d7bc30c4311e975ab8b14e

    SHA1

    08f67ec54fd0fd494df2ca0f7a8e50f15dc2cb96

    SHA256

    97da7601fc858919607b324f16881edafa9519323176afd941dda1fc970bc5bf

    SHA512

    f4ac129ba04c7bc1ec98d162d01a50d8a78b986a7ffea5e710152a101d964212457b8a34b27dae4d784938031f1598793c317ae8bae4c774abd533c038a4f1aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3b36aab678581272ddf03bb683724ba7

    SHA1

    e1bcdf14fb2352cae6f6c37b6e8dd6860d3b29e7

    SHA256

    0b41fecd2b5c0d0cb60c8129d37b48ece1ab0abb15951b2093a39106dcff848e

    SHA512

    f5cae5e1abc0d1793317cba80afb85766a628da579f4388d531a5a31d28c62d70dbc163e5d70441b10e31a9d44f9b55166383b9db28abd358a1104c0b7dcae97

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    72e3dc6a85a842317c5b48d0129739b9

    SHA1

    6604b62ed4462690cbb81c171d8e0c930bd7716f

    SHA256

    d55974f7084a80187a9aa810e9e7769012a8e51a0f80f690941d92f1cf2bfa93

    SHA512

    2aee0ba7f508bb4b0e05ac7d418e4ebfa99b079817b77f94af03dc7761ae8b85b77f410790a005d60532bd7e30642da71309ddaf81af4e6bc28dda9d1556c6ed

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    149171b11deb71c6fb5bfcf1f412035b

    SHA1

    97199dfc35b4871e8b4ae0a262e4f4a8e2a5e12c

    SHA256

    ca456d4f76522211fd032915e8ecfd719ef4df3ea51176c05bd8bd8f07549ac7

    SHA512

    acb0e2637369512caa6d3899c618e5fb3db3091f3d1a2452370e15de3343ca2b12eb826163635263fa03b62445735eb9509630d1be54806b0f78522b54eab0a4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    81cf9a0df50f169943a1397218b2129b

    SHA1

    f1135be6076ef252d00a0d8aec84faa7fe0611d3

    SHA256

    61b3290574180ae4208b774894ac6447e5c02f37c74414355e1f1d539883be29

    SHA512

    bab7110ab1313b91f1bb02cc77f04648438ab987b7a2dbf56629244f37fe71bb826ef4f7766266451f056a2ccae6e34af22c64b0e15c021e4c552e027d453e69

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c98342dc6fc0f20402a3970331010b83

    SHA1

    0bfc88b256d3ceb4cc914aeab8af46789df2311f

    SHA256

    5659800351622c82a4076b46af9f7efc694dc5389dcfc889844af786b47dca57

    SHA512

    f87f4b14b50a901967164ee35989766e4ecd093ace68d50e572d089ac2ac822d8f14783e2520a87715082ffb4c065380c160dce35ab3ee9442ab83424001218f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    796f5aad3f182836915dd65ce0fca1d7

    SHA1

    468ce889c8b8abebbecdd92713f40a046e1b94a1

    SHA256

    61b5a6cc0ae858cabfff74570bd88ef08cd935df13285eb44047500efce52194

    SHA512

    fbf8db6d6cb23348bed1661919f8379f8151b70ea43f1aa0eb8394d880aebcc315ade469ddfb98afde2c657efaf81df81fd4866e2f98dd47df7e1cadb72d2d1c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f071dcbe2dd48039ef1ac18507c5744a

    SHA1

    f5e4d9cee846ecf4091cb9b4deffb9d5f1fbffde

    SHA256

    f56c4dc45af00c96f7aab9b4c00ad30a64e9b58f859869eb9f124f397c3186a9

    SHA512

    c553a7bb621672efdfc30649d3f06f008f1faa96708f16e315dbad8e28ea7debc120959d7a3a646a4d82c758dd05d43c9230108c5c74e43f3113112ecdb8da07

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD175.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD224.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit