Overview

overview

6

Static

static

3

Ditto/Acce...te.dll

windows7-x64

3

Ditto/Acce...te.dll

windows10-2004-x64

3

Ditto/Addi...il.dll

windows7-x64

3

Ditto/Addi...il.dll

windows10-2004-x64

3

Ditto/Addi...00.dll

windows7-x64

3

Ditto/Addi...00.dll

windows10-2004-x64

3

Ditto/Addi...0u.dll

windows7-x64

3

Ditto/Addi...0u.dll

windows10-2004-x64

3

Ditto/Addi...0u.dll

windows7-x64

3

Ditto/Addi...0u.dll

windows10-2004-x64

3

Ditto/Addi...00.dll

windows7-x64

3

Ditto/Addi...00.dll

windows10-2004-x64

3

Ditto/Addi...00.dll

windows7-x64

3

Ditto/Addi...00.dll

windows10-2004-x64

3

Ditto/Ditto.exe

windows7-x64

6

Ditto/Ditto.exe

windows10-2004-x64

6

Ditto/Help...ig.htm

windows7-x64

3

Ditto/Help...ig.htm

windows10-2004-x64

3

Ditto/Help...ll.htm

windows7-x64

3

Ditto/Help...ll.htm

windows10-2004-x64

3

Ditto/focus.dll

windows7-x64

3

Ditto/focus.dll

windows10-2004-x64

3

Ditto/mfc100.dll

windows7-x64

3

Ditto/mfc100.dll

windows10-2004-x64

3

Ditto/mfc100u.dll

windows7-x64

3

Ditto/mfc100u.dll

windows10-2004-x64

3

Ditto/mfcm100.dll

windows7-x64

3

Ditto/mfcm100.dll

windows10-2004-x64

3

Ditto/mfcm100u.dll

windows7-x64

3

Ditto/mfcm100u.dll

windows10-2004-x64

3

Ditto/msvcp100.dll

windows7-x64

3

Ditto/msvcp100.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    18-09-2024 01:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Ditto/Help/U3_Install.htm

  • Size

    4KB

  • MD5

    19e070c7aa48cc298da8a771f9680d81

  • SHA1

    4263291a449bffc2b5d43ef2222ea32b5f5d347a

  • SHA256

    15aa2608493c3638fc031e18c384b1983c2b88610c32964349ed8c6e20398ba6

  • SHA512

    d39e49e0a387365efb59a20d8c35c4545b12591247e48b501225c205d8f4a656278e78e1a96d7d301eb1492fde262c5ce2417918787b711f0ffc3c4ac5d16162

  • SSDEEP

    96:4fEdG8ozJFH4sPtkJ5aUJxzsuJFaJ1WYJ1ZSZSnS/S+VwtJscn886tpuTIZfECs1:g16gODFgDzqYgDi8fuT6MwDU

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Ditto\Help\U3_Install.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2116
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2116 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2832

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e2bfd493b2fc4c03e27d862989366bfe

    SHA1

    57454d7265e2ef93c398d11ffa05dda7d3d92cde

    SHA256

    36114dbcbc3a59dcaa628be8036bfef0a96054aed2ca0f633c7e1fbd7f0666a7

    SHA512

    f1189007e6eb63ec57ee493d439d2108e391bcb1e5d72503fe0bc35437706e1e1326485d187f01428f5fa518e86093a48969970791b2dcf2d2c011957fd61833

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c51e3d34b18488f00d2c940f7ebae559

    SHA1

    fdd1b503c4c571c1867ef46f00058325c4d212d3

    SHA256

    79c268bf530c87be4ff322ad1c3e81065cfacb8b3d72d9501457550aff5bef00

    SHA512

    0ee5976c6e022c2216fbf5082974cddddc49c1ac8e8dc66bdf1fe41b501c759bea3625ccd956affe9e06b10b0c6571fd0f93abf740a494a2b86b8e4ea74740aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a8a7fc41f6d46ef7132bf23e22c181dd

    SHA1

    eb3a73c87c3d1a13d0b01e81c3a7ace19da025fa

    SHA256

    0935aca42d5124eb0e7691bd70ba9e0bccd0b3d1f96e3d6b95615a835fb703c2

    SHA512

    399c7e1af5befbb9983e4ca6c9882890972a19a9acf9d26e6bd9396af2ccd0b22a3b650733a84c7cc4729366ce8a7c6a86bf7e509d90db02823238e971a6f914

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ae14a81dd2445150e5264a02d1c78315

    SHA1

    3011c83338044f426a24c0e838768e93fa9756a4

    SHA256

    c30f21b04faf5b4ffcef4623ac185e691b40ad2608bd3546822ad21972914f29

    SHA512

    b7225f4496911567af1131c1b2eecc500a508affd1f87d3bb0418ebd6d5277a2c1a9b5024f2397ada99d5ef161649602e499bbbd2588ad6cec39946911b718ac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    43c699307a6d2f0554ab76e9b0bcd2bb

    SHA1

    e5b4f731ebc397457e4db9ba7d3ffb258000a107

    SHA256

    56a64e4b14b321526e580c9ca017a0a2b5ca3a7fa26a5f7da147b741d1b6ae02

    SHA512

    03131adcb1e1467bbf4f709df9914d55b382186ea4f58fc75b1ca83e81d6a3d56fe40fb221d860c12278f0f121c7539286ed63a2b9bd0028768428529a3d97ac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0c4172c1ebe0323baa79c0861179fbdd

    SHA1

    e66861cd80acb5d003dc5771e257125a924fa8e6

    SHA256

    e945341b79ae64204e4d009a61f21c4fae222a222a11fb49ce2b93d0a9a8acf7

    SHA512

    e0e8f65c828ec8f9dddbfe16c3e8a46d00ab1ee909029d6a17cc54bc25d5cf62b2e1bf18d725a2c45ffc4e1b9cac4c169bb8b18009dc35522d338e2dd1595f11

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    28db0138888005c68580d35e11b097f3

    SHA1

    e07b9c1fc736d48f299fca7585275d18b73d5d46

    SHA256

    923d745208b1f24651e16700508fb40bda8f0c5ebef6649154434d077955ac14

    SHA512

    27de697ab514e6475d6b8a342769d1b08e3367bef963d65c165b6f84f5dbd10d4b06da1edb20734aa326bd484560de0954c1dcd05690a426f53c0be47c291352

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ac528e6af1f0b65056f2769fb523916e

    SHA1

    5fc30ef503563d18a28065b6ce7c07d657521dfc

    SHA256

    614ec41b753495df37eba92c328596b60caebaac79dc2b40bbd528dc6dabf5c9

    SHA512

    75e0b43943a051b90fe5298056a9b6e2c81d9c37576e3aa5f4a70f945b1c5d1254a5e54c3db77b77b28ba2512a271284cbbfd280ec17bb330fd26930b004ddf9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e349195b069fdf8ea3650b123a1c0b2c

    SHA1

    7131e49176c8ca012969d16223366efd4a050106

    SHA256

    a9ff1b544b758391e564f2b5e7e53f89ddcbb835fa8f867147d15552f5fde7b1

    SHA512

    d519ab61e363be328701ebf3f835e2d7c1b5414c25bdac5e5e7c8cf90debc4fe5d85e9a74f46ac8a0ad7c67c080478cb225f85c46428e44d8af897f58cbae5fa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    358a645b073b817df704fe1ac080f71a

    SHA1

    29a31dbff1f5afd2c63a22f19ab7d03458dc1ca3

    SHA256

    a4c57943649dc46c71711d77592eec632d838084d7f748a8116c0cb08935fecf

    SHA512

    9f1c49ace7ad305d192cc4e8932e4377fe13629fe036d1d85def4e94f6b9a7150892104fada6af31ce8a3e4ccca6e352550431d5c53d46a78c3d5f2d616fdce3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c81044f8b2f76acdf0d9f0d6a2c59942

    SHA1

    c6771021671fc23d0c1ddaedfde41fb9bfd2a6d2

    SHA256

    eca1e07d2997addcc8d93d759ad4457b4f47c1a38e5d4719a6c85de3c5c1ce0a

    SHA512

    1ca2bea657f0a620aa2f4307270a441cb44fdaebe00db51da20902134b650f680cb304d90cb3a1f26cbf00f26b466704af38c2cac5af04f4a4576ee5891c1848

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3d51105eb46c5f799fa56a4afcb6487b

    SHA1

    c5d351da478ee0d8c6a2060ea66cb5b7c8412a9d

    SHA256

    2cb21cb5bf9921f4d4a69d9bee83406c981ae0092705387fbeaab11bb1931c66

    SHA512

    140969748e622b5ce8c94a33f94440b94c880d0fc34dc47ef2b84e2c99dc13f30bd2fd60aedf6599df718235be145096c37460c38445c6bbc029f4275445ed1c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9b2f91615b7c2faada59432dc9558e1a

    SHA1

    2b235c8f567d32e8f37e6a7a041afa03b7bb1779

    SHA256

    bec4d431c5f19f73ab67b84972ab55298a1dd6ff9a7f2b3a950ebcb2b9ea1459

    SHA512

    f66de488a44f784536e23569543fe061b6ce035c767b7d9f0e68679e7baecc153701a74f3ea7fa7a6641603278a4f8b43570e3c8de7b384d9fcdb8a934f867be

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    05ff72404153f9051a098ad97dcf4788

    SHA1

    9905cfe01bd4f4faa575234974166baf268bd185

    SHA256

    562b77544f9220bfcdc814f676e809113269ff3129266951611b7582edbd4cef

    SHA512

    f4c785bcde96f03cdee917599471801d49a484425629f0dfe8ec5e65a0ae9ec40ba314a7c19ad670be80ba558c1b115795d17fd575af4cda1610c63f869b94d1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1f8f6296ae55569491f8e4175d3ea10f

    SHA1

    4b094a64ded54578832d26cc14be93b1756a3613

    SHA256

    c3d312af7992ee406444c45ec653925d2d99262638ee1709232aeb799e241f3b

    SHA512

    2d865470a054d27262e737d85fbba363db8741fe9dea45410ab43f805686d943ed3accb0bc3e3b7b5deeb2458bf1c8e1aa502790933e1c253bbfb0184d6eb864

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eca9a55c44e3042accfda701627e1c72

    SHA1

    4bdce3b83dc4302d1110f1f68fdfe5c56720dc09

    SHA256

    afb8327d9e21e1aeddc682a7e1e5a823c16386b579e4f56213c3856b42c330e5

    SHA512

    f39b423b4a84c957c17a319171b3b8b36d833c9e6e4ffdc618b543dda1414164327bc099550d721b2c0810c9567cf71770c9e1d8d7da9fccc2a2017826808cff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c8f24aa6c250d2ca7e91cdc40f15378d

    SHA1

    1d2208ca25c49e430d2ebddb52b0c89d7b3d9a74

    SHA256

    0da4b2af99eedf222a7fd2cb8e2b4338dbc1342f57e0d4260338c1d778345ffe

    SHA512

    86219caebe9600908a7e246917950bff4d475f5218773749d4a62886d7b88bb7e8fa93367e814f22583d4bfbd44d4e071580ba7cb517a8d7be361b89e03778a9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a695a1798a39bf8e0b52675b225035b8

    SHA1

    e6ddb9b98cdf3a7d50b85c09926ec17f5a5a3dcb

    SHA256

    5a1f09b83b3e50dce6349369739ccb4750dc6089f346a43bc368f3a175ac389e

    SHA512

    68ea0426326af768d7b036fe6568736418b06469d369286f81c4e014214499e0fc210c8e790a87ed5ba7bd27cd2151124c8a9035a259451373b0cde66af11574

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2d460d02518edab459863228d274f45d

    SHA1

    5d31ed4d2130a80abb53bd8bd3c685f3470b05bc

    SHA256

    24d9aa5a500c7bf1b3259cac98cbf5601f977edba54a1bc95205484c8957619d

    SHA512

    48a87813b11a9b65feb6a3888ef74b0ed4253bd2bc2e14d91c5a50956e7dc620cc790a83ad48eaa3e07291b03951fa51a5d216295c5af8dc0d78a1356893e2cb

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3121.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3192.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit