Overview

overview

10

Static

static

10

c1bcbc47df...e8.exe

windows7-x64

4

c1bcbc47df...e8.exe

windows10-2004-x64

6

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ll.dll

windows7-x64

3

$PLUGINSDI...ll.dll

windows10-2004-x64

3

LICENSES.c...m.html

windows7-x64

3

LICENSES.c...m.html

windows10-2004-x64

3

Signal.exe

windows10-2004-x64

6

d3dcompiler_47.dll

windows10-2004-x64

1

ffmpeg.dll

windows10-2004-x64

1

libEGL.dll

windows10-2004-x64

1

libGLESv2.dll

windows10-2004-x64

1

resources/...ns.dll

windows7-x64

1

resources/...ns.dll

windows10-2004-x64

1

resources/...e3.dll

windows7-x64

1

resources/...e3.dll

windows10-2004-x64

1

resources/...nt.dll

windows7-x64

1

resources/...nt.dll

windows10-2004-x64

1

resources/...64.dll

windows7-x64

1

resources/...64.dll

windows10-2004-x64

1

resources/elevate.exe

windows7-x64

3

resources/elevate.exe

windows10-2004-x64

3

vk_swiftshader.dll

windows10-2004-x64

1

vulkan-1.dll

windows10-2004-x64

1

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

$PLUGINSDI...7z.dll

windows7-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    18-09-2024 07:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    LICENSES.chromium.html

  • Size

    9.0MB

  • MD5

    f017c462d59fd22271a2c5e7f38327f9

  • SHA1

    7e1bbeea6ac2599bd0f08877aa5811d32f1aceb9

  • SHA256

    40f314c778851106918aae749d75b2d913984327602a1bfb7ef0cc6443ff2a37

  • SHA512

    72177281486f6ec26ccc743b43481c31470c7dd53f17b0a67ac087dded190c2e3dde5570260150c2e9650186a515740af7f81e31965c95bb762340f9ac100c07

  • SSDEEP

    24576:G8QQf6Ox6j1newR6Xe1Vmf86k6T6W6r656+eGj7dOp+:fG6eGd

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2340
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2340 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3044

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    20b56f1fb54fcf917982a4e34c763e6e

    SHA1

    d2752951122989c81f9a1489e6ea3f7474c05694

    SHA256

    7d67d162b5ba435b83d474ed47a2dc5ef35896674729198efb8178314afe1cb0

    SHA512

    6fbb5fa9a188d0da0e10968781241757bd049b267557592ed565ac809421e51a908e9efd38b899fe1f535240ac54753c9b9c5cc47025b481b1e9af1c7f6b7865

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a417f29589ae08179a574b17c198da24

    SHA1

    7f0c208fbf24112d24c3b6b3ee4525a7d2384a34

    SHA256

    3d7487a58c0674853797ab2165d3cd932e6c3a6296326186c57c21eac2498bbf

    SHA512

    b4a8fc398795f271b14f81996dd77c159a358aca3841d35b533893570de05af80f72334e5a6ddf1e73826abc3f4c70e0ea6c9a68e4d411e5a803e94b44cab8c1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    451ff05a995d3f09896a9e5fff0961c9

    SHA1

    7a29d8b05da07c4bacd3431f631a31b210a09f27

    SHA256

    970e7907edd7d4d2d78b572d786009796a3eaa181c08f83923e4dbde32a681bf

    SHA512

    039e592da5d7d70ef438dbddeaf119de19517ac954acb545d876472317c0f0ef164b1c16c899bae076d181be6af0127600cf6fe9542298444792503e9f3f25d1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f55763ff00e5ad1c0031e91e25c31856

    SHA1

    1f34c3ac7267ffbbad69862738c81dda66d1d644

    SHA256

    68d3644ec9d380dd9c8fb5bba79f9e10d14da1729b9a7ff6b3fb0e686c96ff22

    SHA512

    c9950db3ce417c325217417eda1d19e64caa7bc20f60fd2f04dd68c508e8fbaca8285b1d0c7ac14234b0e55f9c7f4010ccba53051d7e4eb1ca3d75460d809b81

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bfceba30db0e2bece043be00ef3089e7

    SHA1

    b11abfd3011567fe7a99a7b0025d5af9be55e37a

    SHA256

    c0add8b993bde1a3e4fbb8cde8ef14f34a5cd449549735217cef9b2c811de02a

    SHA512

    2924b5153bdbdf59883605b0614977ab66bbf5687964b1ae0ee576558839a3fd0eb4edde0e229e38de55133bc314c2d1f6f308e4fe1ea846d0bae1d76673e22a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    73480cc1ee084a9011a2a95e39b3de19

    SHA1

    65ba47b80e80f74eea72b48e65c713fd0eeb7483

    SHA256

    59a1064d1ae62311563588a6e8ef6ff1ff86f836cc94d13e4c9dca32848eccc5

    SHA512

    9cb67ffe64986e9f87e0ec7ac3c9417e8e3c3147f40a430338262887388290cab8e8ff71ae659bbd69946feb8576a0652ce648e634dcde9e67ff53c49ee67a95

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    47190fc458f67b637119dd3404bccb0a

    SHA1

    ae6e95856bfe8b81945fda5556eb57c73924acd6

    SHA256

    101606f6910895161397b01516812e697883b6a8a98a279ed3f4f275513c9add

    SHA512

    02f1fb3529172f1eab6cc13b16d9f50209dc50c293aeafcf9211d87df0b574f37aa8ce79a1f40101aefd0cd3028538b3181731ee73f3f5a0a3fd60bf8781b03e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8db843a910c127c9209d2bc2618497f3

    SHA1

    1f8ffbbc5c358808fb4da38d202ee6a3d3af162b

    SHA256

    16f70dd9f427ffa79375ac0dc0ad37d067314c877217cb68615de6aad8c2f4d9

    SHA512

    648ee8a7473b913abccf90c3c3f97780d58f79236f7b30b5a110a58eef36a9adedd78d1171fa96baac3947f4f5f8d847a066e06d3cdc66aaaab6c7f7ac215dfc

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC18D.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC3B3.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit