Overview

overview

4

Static

static

3

Notepad++/...er.dll

windows7-x64

3

Notepad++/...er.dll

windows10-2004-x64

3

Notepad++/...++.exe

windows7-x64

3

Notepad++/...++.exe

windows10-2004-x64

3

Notepad++/nppcm.dll

windows7-x64

3

Notepad++/nppcm.dll

windows10-2004-x64

3

Notepad++/...in.dll

windows7-x64

3

Notepad++/...in.dll

windows10-2004-x64

3

Notepad++/...or.htm

windows7-x64

3

Notepad++/...or.htm

windows10-2004-x64

3

Notepad++/...or.htm

windows7-x64

3

Notepad++/...or.htm

windows10-2004-x64

1

Notepad++/...dy.dll

windows7-x64

3

Notepad++/...dy.dll

windows10-2004-x64

3

Notepad++/...ze.dll

windows7-x64

3

Notepad++/...ze.dll

windows10-2004-x64

3

Notepad++/...ec.dll

windows7-x64

3

Notepad++/...ec.dll

windows10-2004-x64

3

Notepad++/...rt.dll

windows7-x64

3

Notepad++/...rt.dll

windows10-2004-x64

3

Notepad++/...te.dll

windows7-x64

3

Notepad++/...te.dll

windows10-2004-x64

3

Notepad++/...FX.dll

windows7-x64

3

Notepad++/...FX.dll

windows10-2004-x64

3

Notepad++/...er.dll

windows7-x64

4

Notepad++/...er.dll

windows10-2004-x64

3

Notepad++/...or.dll

windows7-x64

4

Notepad++/...or.dll

windows10-2004-x64

3

Notepad++/...ls.dll

windows7-x64

3

Notepad++/...ls.dll

windows10-2004-x64

3

Notepad++/...UP.exe

windows7-x64

3

Notepad++/...UP.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    142s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    14-09-2024 05:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Notepad++/plugins/Config/tidy/W3C-HTMLValidator.htm

  • Size

    236B

  • MD5

    d80ff86e9c9bc2a5bbce537380a5589e

  • SHA1

    530344a41c7be15d669d09339e5fa37b539c7a06

  • SHA256

    489975bd0de1682a107e8c003976f9fb41d6c0fc49a0fef4ae8cc644a319592b

  • SHA512

    2442c52113a658939040708504692213787f8deb41dc15ed950e168b4179689e1d8ea1878038fb2a0632bb7027f3aa393a5f23e2621284e7324975552481f27f

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Notepad++\plugins\Config\tidy\W3C-HTMLValidator.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2196
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2196 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2700

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d7ce4364f8868c0a79ca0f74992271da

    SHA1

    42f248b79da15ed1077419456733ed160b3b919d

    SHA256

    871fe1dab5659941d21c1c34f7b0586b663ed82e07873b56b2de4e378529ea35

    SHA512

    700c9375913c2eaab67b6b5f56190201d1234674cc18fbf138a22fe1a9eeb9f7ee997c8c329e20f51d2c235b024027702b8c0ff2188498cadbbe6a223f06cada

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5811469381d7e49a53d3df4bf63e060b

    SHA1

    97a94f884070b0efdb370e9be40f201a489caf97

    SHA256

    4acad819d5b9c61fbfdf18c68cfc13ddadfd09f67971358abc6c33da1d709c68

    SHA512

    5ce7d6e7730633ff533c2580e4f92a2d59304852a975c68c70224045329ca33b7cb2a5b0154b783bdf1076d11679cbc14f348b62b2e81f62669c6ebd2ae15ad3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ca69a69cd49594cf00842c3cac32d197

    SHA1

    59eafaad5d743d3319b31ad8d60971514b431d50

    SHA256

    8485e8909fba89de0817586fde043a11641b9550102c2b4dd3f4360ef7e8c9fa

    SHA512

    36785520d6def5d9a59346cdc7245bccc853cc643687436cd65aac888fe1e7e7e0e06da56f5473082a4b4a6681baeb73c8abbae3b8ddd389cc42fff01f4d736f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    10566cd373bffcb85f1837c6bef58f1c

    SHA1

    b1a129b9a7518b5aba4c70cfb78edbe3ad612fc0

    SHA256

    5df6554ca19795a9c2ce09a10c2efb4a0d77c88f07526bd39a61c67a6adfe22c

    SHA512

    17c2cf14ce1ef3903c07dbd5c2d2e70b029d3d72d4bd6f7c7db329621cdfead8a0ed8bb25459057f86e0adfd2c1391d9a000c29aa8abc63fbb35b6225000478f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ac49a7ed387b5d5753d36d4a250668c2

    SHA1

    c196da426350230d12e64d30e78563a372e398a9

    SHA256

    bf1a34167deed2fdc41616d4a879df1ef196c33b88703f81e45e4db8b42797cd

    SHA512

    8091a2d5bd8541b77f51253b1748864d64d88b137f3218c2b942d865179a5519cee83aab8364067a60aacb7441b5cd850eaf4d5a537ffd800847fd950d69f746

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ab4b0f327139b14d155e588acb6cc67d

    SHA1

    8d94d518f867d02dbe304285306a9c603564955a

    SHA256

    895b9f882b51dd227fb9d82b546ab7004b57b34715d4ff26a2832366be61645d

    SHA512

    1c9f56272ec534839fe363d7a1a4bb3529692f911e8dc1207b50158ffe8e4eda400fa0d8b7d0cd8b502b5e530ee107397f86a0997b9e37a8f6d75de2a657822b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4bf0e2e91b11cbccce1fd5cbc7f45e23

    SHA1

    15d0fae48f31a18d227513b18d9c9d139f30612d

    SHA256

    47f7b1de0d899f1801689ac5c8802209d5ac0c8813f2689a4fd4a6edd587db57

    SHA512

    09d82f748dadc5881aaa6e5dec41a582fe47e27f293635f37ecb7f557b56ad7a9724b29930c22a92695a2553795e3f962e1c0d10f9acea1c6ed8bcb4ef66ef4d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2682d8999711b1b0919feae564b5cf6b

    SHA1

    1dcfb9640cd347031118724db757d9791001856a

    SHA256

    4ebc3e606c1c8e3938b39d1244f7d1e20baf9feffb6b1cd83874e4865a6a6a66

    SHA512

    65059d992bd7f36210862698228cbdfb42dfba3394fecde262372a70602408e7725dd7533fc06f5e620b8126e9a4138fe6ad6bb1123147944551c2f179b3441f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9be32fe2e952c53f5105b113d9f702e7

    SHA1

    2aeff053de79e7a29439fddc53e7b1c40f240b67

    SHA256

    104fd6b8bac35d209aca7fe778bd43bb36325d1c44cd2dec8875e9561afa9e70

    SHA512

    911941c476ce5fe11fd3f3865b0a1720293dbe3104cf2e51af26ccd8c1beacf75cec423dfc5477e63489b530b8a14536a5d56c5213153ce39aa6c3442bb4911a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9d5905e82af2225eeccd113afbe5be37

    SHA1

    f8e4e7aabc2151aabd957c135f02e8a192bdccc8

    SHA256

    70ee2834fd9222c59f234b84fa5e160007fa52fa6434bd2143ccb17a35584f73

    SHA512

    c1edfa76e553f9531178d5666fe8680d3baa9250db1a580d79dd7069b67e368e7fb030f037a9876d970c428c5efdf88134bfbcb6401d8c9ac80e5d0afa8209e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    acb8c59e71cbdf0760a9fbbb636ba4d6

    SHA1

    6f5fd64396bd0e416f8942a76ec81c3acc9703fd

    SHA256

    8e5cc34902edbd18a9953ffe35286a9e16b91029995409fd829647d08b9cd703

    SHA512

    335e4e22afc5e7cea765c36e5252a29390c8279714d765956dd7cf890e4f350eee72278e9c8e86c02c11c10c40d75b01a91445c52a159820ae43628068c81b0d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ca2f68e67317046a42f97dc22f017f63

    SHA1

    1de4d98c8344ec811e1e97fd6b9ecbcff868b8c9

    SHA256

    cb9a02d338ba9a8930ec30b4e8f1600b8b14558d2fd29559d465898517638e32

    SHA512

    84062919ecf09a7471d997efbe5a1cd7d64b517481c0746b7a480c32327667bac4f0399c0699ee53d92a582e61dd49d3643a10c6e6036713ce9f406bf45ae07e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9922c874f940f422c05a6771946178db

    SHA1

    807cc194f0c0a07174e2c5135646a7a94b9d399f

    SHA256

    2fbdb923976b84547322921976cffdf1f4a0cc2eeda03c98747a82278ca29b13

    SHA512

    6b67aa45be7f82c2aa8e59d8f5a61680383b5f14a7abbd8a6c8ee18e0d8ee7e5e23974e2d776a0025af77b1cb879392cf84fff2974ab6286a2a3c5b4417ebc3d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7d8a7526e0d21c017e78a5ce89365501

    SHA1

    3416350175cf967f93f3cac43f6c8a9899441939

    SHA256

    f72b4a7e4ddaf9041fb9d2bd13ea3554b449aa8eda0e9b2d61e26f441d855517

    SHA512

    db6342f37d98fb0de4674bcac02f16cd3f392dffed384b2ec5a00c9f3fbb21e3cb4ab4408fbcc45b3d3fdae6d5c15982cb6773d23b365b095c0ffdc06b3ba610

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab317E.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3200.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit