Overview

overview

7

Static

static

7

Tradutor B...om.exe

windows7-x64

7

Tradutor B...om.exe

windows10-2004-x64

7

$PLUGINSDIR/Aero.dll

windows7-x64

7

$PLUGINSDIR/Aero.dll

windows10-2004-x64

7

$PLUGINSDIR/Delay.dll

windows7-x64

3

$PLUGINSDIR/Delay.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...rl.dll

windows7-x64

3

$PLUGINSDI...rl.dll

windows10-2004-x64

3

$PLUGINSDI...sh.dll

windows7-x64

3

$PLUGINSDI...sh.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDI...l.html

windows7-x64

3

$PLUGINSDI...l.html

windows10-2004-x64

3

$PLUGINSDI...d.html

windows7-x64

3

$PLUGINSDI...d.html

windows10-2004-x64

1

$PLUGINSDI...l.html

windows7-x64

3

$PLUGINSDI...l.html

windows10-2004-x64

3

$PLUGINSDI...flt.js

windows7-x64

3

$PLUGINSDI...flt.js

windows10-2004-x64

3

$PLUGINSDI...l.html

windows7-x64

3

$PLUGINSDI...l.html

windows10-2004-x64

3

$PLUGINSDI...oll.js

windows7-x64

3

$PLUGINSDI...oll.js

windows10-2004-x64

3

$PLUGINSDI...pl0.js

windows7-x64

3

$PLUGINSDI...pl0.js

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19-09-2024 05:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $PLUGINSDIR/scroll.html

  • Size

    22KB

  • MD5

    c72424f1826536ad0f60b08cc6e35ce4

  • SHA1

    8792db36f8e01b5197681e29ffc5908e4e553ca0

  • SHA256

    de324067675b39b96711b09263cc69270c685d6ac3bc611031775ae236348d5f

  • SHA512

    eac150ee3948d32f2adb4fa16ec7023da8620205f61f56e5dbe40028cc74722f624585e69693a6a6c4baf59d561443b00efbdf3e891b4c402046d8ea79e80771

  • SSDEEP

    192:UB8178T5+KHxCHoN+TEMBSX4dOjUNOKi7KRd6ITKzLHxvXtX5GtAPCJza2Aq0Fa0:4y78TsXjY5IAWMFB3

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\scroll.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2132
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2132 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2840

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4ff53b709eeaab92655242dcbf77a570

    SHA1

    a0151ba1f38ac6f4d2cac51835fc45193e62da01

    SHA256

    f5fb16a9e3607332f19a46aaaaa474f05f9fe25c3ed35d2fde7869f5aa9fb04a

    SHA512

    8c4e6ef78bb00b75c751a0575d28c1c5f55f48410f67bb764764c2f124e1051e1ce3cdcd66924598e64b3064b7c6075d9b8f202f728f19e887d75af8d8078b02

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    480a22473c8370e2fcdacc23df893779

    SHA1

    6f6881cd31dee1649cf28393c2460739191afa1f

    SHA256

    23cccb5f5fc42781bdc30acd154db6d42805a58a62523e3dbf9255bfecf4de2f

    SHA512

    90e6407473983f63cc6ba7914ce61ad4499b7a4761c9420d159d5987c78de509949a75c1ab0e4cff4403bcda4c3bca4cb5ddbb6a2a0a9996c485bcae1583638c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    91963d20f4257572cb60d486c4eecbd7

    SHA1

    93d9ce1858d13d4b45713650212288e4b210f4c6

    SHA256

    da14c708781a650a87d4a0064c86bf1543e796e6bd67d9fdf6b460dda5703509

    SHA512

    d69f91c6256c3c37c2fe6f892ace4bc96c043180535c2f4ae05f9d01c87638bc75ae4214e185b7344a100d61844f84a3b96c693facb50ec868dc334fbf1cd865

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    15eb2373bc8fc482b4a4400b9a357c09

    SHA1

    9c11db40cfa100dcf3049bd63ece7d7f556d50b4

    SHA256

    545c7d3b12cc1735d6bfaab463e20b404957c0d69916a32915308f303ccfef5f

    SHA512

    b5ac3f63639f6db5b1e35ce10c1bb90cd741153fe69c93c64f19d82563e9c98aa132b4c519e34e5ab480872639d3ff6361de64142b275ca0e3a75a915ddd4c63

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b8f2496dad72358e82d16bab49b8a01a

    SHA1

    c8405f7cae9e4b5158e26298c7e34d574085a249

    SHA256

    65ef026399556d1348719fb5aa31db48924819d28ecd8973ad4263e57215ce4b

    SHA512

    4f49bfc57e3d7253c24555d247f0aaa42581ed3761e988666fa9d9e0ea9508697118eb307a3baff9e44bd8c1cb52ee0eeb0570a1ea8006f2d535eb569bff589f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f340e5f75eb741dd1d260293fced5d77

    SHA1

    a970fb4e62d276c90fd6d5ea06fd517d926eaf13

    SHA256

    32e591bc5b5d461a7dcd7d7a5bc5887bbd314e47458228dbdbd6393fd70a03ef

    SHA512

    bc7a33d7bb52fcee1c9acbb8bf71e2536f54bf93f254028804ac6aca48beda7567ad2617bd957cdf5ec374b711a5039c9c68741507a2dd05518f7d070fba0329

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cb3f4795ff655d506941ed506ce138f7

    SHA1

    8af5397b0c36b40f3be6cd9ff413c65582be2284

    SHA256

    fc046c3d972c15d3637f7ad14d9d673a150a5ebbd282d3f597a9c84d1a51a068

    SHA512

    ec18d3c396bbb873e6a6d4959d4ee8b427e2e639e793f1acf25e9156b41522e3670b88804405ca36e038012d4b39e4ce656ba3ef3cae445309b4203a335da995

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b9522ae320e74205abd2b4c9525c773d

    SHA1

    397141c718f5c93da36fc4d6148917fd92e4e6c2

    SHA256

    b36f39e9f59158a1b706e87bb0ec96632f92c6f3c8e5ecc5cc9a4445993ae0d4

    SHA512

    8ad94f8a9853d00f2a25d1d33059b91d578ec63c9adf132567c4ae7371bd03c06c2523ace6a2232e38e0588da5101c3969de7c577e1e61c6b9a2fadec513b415

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e5a0879f78774c8485ca0f8a688c4487

    SHA1

    f68747074992d7dc625b9543b6198e212b102380

    SHA256

    86e1c4b859764bd197b7d90ffbd5cafb42ead760094ba56a622c64abca2c4803

    SHA512

    d020bdae4798f9aa9b8c35ea36b09edaa07e2c565fd491e5787b7cc20d75bb4f61dd1e805a2f5003998c2d51ec88d7266b1436cccef3cf336fbe5465f2b1d512

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3a7a1029356e6506b37f84125ebd8ea8

    SHA1

    3d306096f9a2843e01a04403e60d20d55809e79e

    SHA256

    cc77816d76ae36c9171330cb35710183989fd69960d71d1f598b54642f20eea6

    SHA512

    4e93a148c09c84e516d25a13bd86e5abe5ad5b5a0f83a432bbdf8148e3906d7442898e362e7fee5854e3ad7e61f33c42b1a0e490e836f89e1a2ca60ea7fb46b2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    967e6616120d260a22f2ab90d90692ab

    SHA1

    766409e9b3ae65b5e0991af98e23b2e2889f214c

    SHA256

    5420849cd28114c2ddcaca987ec39e9f2419db8e91f8af2cac1df43df136cd6b

    SHA512

    047165b468239caa475ed0490238cff590a430d48a612395140f7b174b8885225283a11e03fca6ec5a44ad8cb3d7eb7bf54fca75765fba63fba8e50d3ad2cae6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    22d526d477723003a03ce3239fb6a553

    SHA1

    d09d33ed102ee2767733d83a2fc850a68c4033f3

    SHA256

    9bf4c63cb36610b56d93e5cc0bea347bed79a7f723b421a6c500c5ff9c54a8fc

    SHA512

    e0ab97f61346080ea4603df3dce05f34cb5c43ef6218270225ce9e63c60a87b767e0fbf1d819c33a4e4828b9fea9e158eeddaf09b5b56a6ced675b126d8fc7b4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    de6dd934d2539a21ddc15f1a2ce2a4b4

    SHA1

    2100fcffc7b22e8ce9bc79e85596821330baac0d

    SHA256

    8d5f2d4a4e02d84f464d49f203d774797f183470f71a2f6e8c3ca67f3abaa400

    SHA512

    f34f39921d543c0ab99d47c35f1da866bdfd378d02d56c31a8ddad1bce0713b9e55446ef4c5ce8b7a75e80e5f4e39611a97af2e7997475e2dec749dc2f06e4c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    36776abc9147a966018611d805a91909

    SHA1

    3055134fbaf2c65a1e7f493c3a42a63217550e7e

    SHA256

    9701cfcfda192bb4363d21299addebe2d986fc573e0129437868fc94b71ccaf3

    SHA512

    fe8faf69c68a2f74eea568d0f27f169675ba307c47737296c0cb3849ea016a1f1aab8c62d1829fd918e0cc7ad3784c9ff5bb10be092673c715bcc22486b82cd2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ee78d0df39f1ddd7db06ca4b792930fd

    SHA1

    702ca00e5ddc904eec6e02c0d016977a16fb6308

    SHA256

    75dd4208a4ef809543a231714838734d8be012aa6c53e938724b82c6f863e076

    SHA512

    2f39ab7dde890d3a7e1a98825389a19c82844d8c677da2700738266d7efce3070bab69dc8aa7506682d9cc6d9d41d361d2498a642c0996733cd6171ea217ef68

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2557b4912401e80bc3dd1ff73cd0687b

    SHA1

    1d7b3c80f7b79cb085675c996c9859017cac669a

    SHA256

    1c2ab456693e37f1b832beee1809723e320be71e8d481977fd38d75678fd21f5

    SHA512

    dceef0b6b6e92581c12a179cbc157163b91e2b45f96235bd217e8bd4fd45f1154d59f59bc06590fe9af154817b737e3745d7b5999b586bde8b5b5b04d2575586

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8af88459e7b687e72e9342cb082cdd0a

    SHA1

    cc0be56b063cf4db9b94e79abc588504fa186d38

    SHA256

    f212f8ce14f9d2e51b6a59ae163fc3daf0cf29cda5e04d23c5b90268375e6658

    SHA512

    7b9c1089ae42b4f7bcb7cc2f31bc17b2a9e4e824e18f5ae99d869d58881d46966d7a874c54be9e39ab7b3409a7b7609013acea58dec1dbd96f0f7ede1855ea45

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9676.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9775.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit