Overview

overview

7

Static

static

3

e11f716f65...18.exe

windows7-x64

7

e11f716f65...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$PLUGINSDIR/spd.dll

windows7-x64

3

$PLUGINSDIR/spd.dll

windows10-2004-x64

3

$SMPROGRAM...es.url

windows7-x64

1

$SMPROGRAM...es.url

windows10-2004-x64

1

About the Game.htm

windows7-x64

3

About the Game.htm

windows10-2004-x64

3

License Agreement.htm

windows7-x64

3

License Agreement.htm

windows10-2004-x64

3

Uninstall ...ne.exe

windows7-x64

7

Uninstall ...ne.exe

windows10-2004-x64

7

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$PLUGINSDIR/spd.dll

windows7-x64

3

$PLUGINSDIR/spd.dll

windows10-2004-x64

3

Visit Sony...es.url

windows7-x64

1

Visit Sony...es.url

windows10-2004-x64

1

Visit Whee...om.url

windows7-x64

1

Visit Whee...om.url

windows10-2004-x64

1

Wheel of Fortune.exe

windows7-x64

3

Wheel of Fortune.exe

windows10-2004-x64

3

aminstall.dll

windows7-x64

3

aminstall.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    14/09/2024, 22:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    License Agreement.htm

  • Size

    16KB

  • MD5

    dff9e061ca0cbe9f428c382152a8fd2e

  • SHA1

    4394b6db510582da03738cb8ff7ce76f200b8dfe

  • SHA256

    36adde3f43a4a2ab46fbca5dd4bd7972982617ca9b5afd6e632d994d48cd56c3

  • SHA512

    3093ac306a459a03771f78f5650b370e746847af429460f049a6c963936cbbfd6329f2719502ce6eb7e5ae6bf9ef719f72fd0637f7f630826ed44389ce11d7f7

  • SSDEEP

    192:nYByumX4zaX3Hr2IVOoLG8eobQrHnhXc0qT8oJAEC4dZ9/Inday54pvG46XCuO:nYRzaHyDoLVbU1p1Ygnoy54VG46XC9

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\License Agreement.htm"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:948
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:948 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1892

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    196c91679b71d699c85a33a7828a8189

    SHA1

    fdc8a43368cd0d266cba4562c1777007d66082b5

    SHA256

    45281f3bc88c41e6d8dec09f0663b121fcf3bcb30c5018ccc818aa1ff7c987ac

    SHA512

    208ba530981905e59952a0c801f3d5ebe70091f543a0d89b74085729c81806bccc47cea0d32b2c378832455a9e494702bff4163acd4f3371372cd3187650997d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f8e4f3b529648fca127446ddfd7fdf3e

    SHA1

    68675e573d6c4d95ae00e4261fd067d242542326

    SHA256

    452012c98f9c9da812beee50f0c5ad0489c59af981bb10e2b40b35f6442dc690

    SHA512

    4e050ff07380e47487d3e410083c8b1210dcae8b942644753d196762d3cdc43312c7a11e33e91480c290a8e4e550c132147d83f89f76daaf007344ff3e7199c7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ec3454617f5030ac619256f48957afd4

    SHA1

    9ea2140c4e27c0d3c41b78940267f505b5e7adf1

    SHA256

    b400b68f0dc0ca1703451470b24e971a7983600383b9d4c611f5a054a4a0b897

    SHA512

    e514044d156e9ab033d676653f88e15509c64ba4ab8398c8ab424ef24e3efceb7a73b8f565265056d3c94f934e0783547eac75acc1f2bda11f789682fd9e8e3d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7a44b45c4590b3d4ce24958dfe9afc5f

    SHA1

    40cbd337f2acc3173763470e46204e04d2dc07f9

    SHA256

    f561cfcf47426cc8f66b608afb52a11c1706c8af0555844b5e1c6590ce8cf85f

    SHA512

    553c30fc4277e706e4c8188f341e5b38ce92038ee0149bb743d2e69a1910aba06ce25668d0b918db4bd7dd7a7c1f11e955baac15fcb8f83ce3705b5537226540

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4bffcb946a73ad4e07e1b8379d38f698

    SHA1

    e8a7563119b81a0e8e7e3f5660ffe9550172f2f0

    SHA256

    3e200b1840cdc22bf62cf0427a2f5c805182d964483d92faae3af1f496ee122b

    SHA512

    313874dbc53532c5ef153fe3ed898930da3edbca8320998d3d1694dedb8157d27ae7909a51db22af14040aa2a5cc0c7eb22fb562c1991e5c52e177751f5b312c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2ab68baed3b57376ccec2412bc097c98

    SHA1

    cb0bb9c4f98c6cf74eb62e9b8fa8286d8844bb8c

    SHA256

    703f21d65a82bfe34049bf32476d295e6ec4d0510effcd20b87c5e26600eb629

    SHA512

    ffda5b53747ef61a3f1ea5a4e7a30dc2af866c7099a5177514e1964ca2b0adceeb49f127f402093cd337114820558e353412471f3ec8d527f5a3c31ca73c37d7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5b8d112db7b4c52186d93cf90fe1e5be

    SHA1

    9f35c317bf6da67adf349956cd418d30f6989d67

    SHA256

    46aa0dc35c8a4993a45ce5493b6f6dd91271edce441a4fe2d889a68d26136658

    SHA512

    ded7a9c22516a0ba2d704e007e7ca11afa3744e517558f7b0ded718a3f6dc4c2ad03cfb29e1201b545ea14f4de847dc12b1730fa0cfce1b72466724434964fa5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3455ee0618d99cd9af5484837df218bd

    SHA1

    9a6284572808f32141dbe3eb67e4859f8ee2a00b

    SHA256

    305bc39fad1148c53a297a498ae2556878b6a117099d9ffe6bebf6ae4b06ed25

    SHA512

    26b68c8ac6c92d1b1917f760d1d3d5b8c4a8d6122b8741034d58413f705a9aee4079b7d3920846e4557b71d1431d5b4606eda5a1e247b5678b8bc6f8a766b53e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5164f2e0d4365a0fa4d02fd798f6a153

    SHA1

    ee107115b76d4867438aadc41bc20a8d62b8c140

    SHA256

    7aaf4a1fa16e9cb95fee5ff225e3f9d2b2f3a06d2befb73681802ed2082b509d

    SHA512

    640e8d87db1394fbe6b233f744184677adf57ad864053878d11f82f181afe1598b17c688384ee859daa3afc94a3fabaef6d5ee6e84d6e92697d89272d0986dca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    708026069941d651635ace0a56d11dc3

    SHA1

    ab5dc7e3613e11b02c81d54615514f7a605ec494

    SHA256

    bcbc84667d318e5c0844afd07ac909ff7b5bbd8190a0d49226f4329cf588f2d1

    SHA512

    67a93e7262ad4d8f0880b544b5e8a1583b4529a3e967c5fddfe6d91a02066f0474ce9f40a2dc44e6a514384056b02a6323c155c89d0d3a3456ee934a8a0d41c8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5bce2a0c94619691137b1d38408e4985

    SHA1

    eb79592524b31f51ce2c7e7df60af93b7a6cfc10

    SHA256

    085938439feb6a5bcf866793d36f439fac7a6380f73f57eb611d8d4b21c506a8

    SHA512

    b26ee28741c9da1ee2afd8bb92563fc7bc054d957ea7463361e34a5654fbdeb48505ae85ed0ae8ffcb06a312190a7e89066eb9c5f36757aa15143799cd04505e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1980ba3e55f173944274279cc35bbd95

    SHA1

    0d2cc7fab55baf550b9a56cdf033a47c6e47dc9d

    SHA256

    b65da8189bd10419b2ee23c64721b5b25f6e574c8d7b07d69d4d8bfe5d51962c

    SHA512

    4b292f1f88ed16060f45607a9ece310721f37c2e434faa1c8e90e3bbece2db90dbf6dc949953aec2eddb103afabcd37adb58d2e6f2c48ccdde4583f717636dab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6ab287a63b34033933f61a4495015045

    SHA1

    6bd33fa9293810569eccd9a405dbc8fa4204a809

    SHA256

    3517750d4ceb56adae8b8d55ad1b4b4500b6467a57068e2442e3bac2191815a2

    SHA512

    8011102266e40961357bfa2956ed1fe5d6b29861abfd8c964cf530256444ce8b6bf14d8adb21ad1670bc05306ae178ad10d329b8f80685e4916a8e1dc399c12f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    46006ff20474a39bd7f26cb78726ae95

    SHA1

    c3b68b99cbe75467e57a5546912e6653a44cb4f6

    SHA256

    9d8fdff272bc565c6ba5685d19f93a0bc958eaba5f8a0f6e9b3ffbe0f5270284

    SHA512

    847aa75a7ac1de903269fd81ae8e24ef31abc92169cfcb8a2cf0415f31b6c2dce1ccb5ae1f09bce6cd143cbd1f8a54ae8aaabcf913612c219abb06ec90e7645f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    76229506f620f659f99481dfb07a0472

    SHA1

    adf451b840c9550ddb7eedb73cb19c27f083c315

    SHA256

    3c53540680126b51529d6ef2d107d4bea303c5161a08a1cc53646c5d723304de

    SHA512

    2a9249464c6df359f626839020418bd2eb612c8935765c65d95d9d0ad3ec3162e6fd31c9810e3f830e74f4a1f8c3d7b026181223b5e796087a9d96ad66d235a3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1bd209103d5c588fefd1b8b358207650

    SHA1

    80ea137480091e3111a894ea0362bd93f51d5be2

    SHA256

    fb8dd3608c9d4d9f24cd0c476b821592400beb241fc227b96c9c5180ad039c9b

    SHA512

    7194c4d88505013cfe9941739a6caecf6458e0852db1f7165dc78f883f9b24933585230ec057ffbf61e49974d067e28ec055543e84f86dc3dfa76e63b1d09de7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a37c5208d174178bc556c297d149bf51

    SHA1

    8a61f7132739f5e3ec16144454a2da430a081247

    SHA256

    557acede4b23a40d413aaf53d13df4395cc7c77329f357ce5ae1fcfba43d6ea7

    SHA512

    b2617afb6ca0cdcbe66cdf0ff786b55ae78e40e548faeaf47d5988e36992a0d65d930a7623706ceb83fa56b055d685362f51caa453e6167538dc4153d7931e96

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    45db4a4c0bce6085648d74b30bac5061

    SHA1

    4eb4e13fffe483c6581d3a6c637d67144109eba5

    SHA256

    0e4c76449a0ab144e9477b8302fe4afc8a42ed267ed79d08f30fcdbc1d663e4f

    SHA512

    ae4cfb84704e2122e32fe0e2699dc98c95c9fe8ef7e8619151606e6cb27512f7ce5d98747e04645cac2ea6ae25ed9cf32203c1f648192c8841f512329d110876

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab1047.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar1126.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit