Overview

overview

7

Static

static

7

Tradutor B...om.exe

windows7-x64

7

Tradutor B...om.exe

windows10-2004-x64

7

$PLUGINSDIR/Aero.dll

windows7-x64

7

$PLUGINSDIR/Aero.dll

windows10-2004-x64

7

$PLUGINSDIR/Delay.dll

windows7-x64

3

$PLUGINSDIR/Delay.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...rl.dll

windows7-x64

3

$PLUGINSDI...rl.dll

windows10-2004-x64

3

$PLUGINSDI...sh.dll

windows7-x64

3

$PLUGINSDI...sh.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDI...l.html

windows7-x64

3

$PLUGINSDI...l.html

windows10-2004-x64

3

$PLUGINSDI...d.html

windows7-x64

3

$PLUGINSDI...d.html

windows10-2004-x64

1

$PLUGINSDI...l.html

windows7-x64

3

$PLUGINSDI...l.html

windows10-2004-x64

3

$PLUGINSDI...flt.js

windows7-x64

3

$PLUGINSDI...flt.js

windows10-2004-x64

3

$PLUGINSDI...l.html

windows7-x64

3

$PLUGINSDI...l.html

windows10-2004-x64

3

$PLUGINSDI...oll.js

windows7-x64

3

$PLUGINSDI...oll.js

windows10-2004-x64

3

$PLUGINSDI...pl0.js

windows7-x64

3

$PLUGINSDI...pl0.js

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19-09-2024 05:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $PLUGINSDIR/tr_data/legal.html

  • Size

    26KB

  • MD5

    2e524a71ac033c0619db0594856ba6d5

  • SHA1

    450941553b685e48d6fab7b601b4d940ec73337d

  • SHA256

    228cd4bbb92734f1ee76daf0cded20902fb9b7d3ebff857f21ba60a798f3a511

  • SHA512

    444a7bd0d4a2e11675a7b43accda32932b16b727ff31daff56293014d37f0f081480c32034db9603999e7d3223c4407f67b05af577a66e17e3a3ee0df1c32ead

  • SSDEEP

    192:e78T5+KHxCHoN+TEMBSX4dOjUNOKi7KRd6ITKzLHxvXtX5GtAPCJza2Aq0Faemkd:e78TsujY5c5zJAWoJxly59V

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\tr_data\legal.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2548
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2548 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2400

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c8b54b7d464f5049d6fd16ed8c6047c4

    SHA1

    d254578cc58cd3e42589becb4eef3da03ba43627

    SHA256

    c3e6fd9dddb12ec2646c4d1307a8dbefc0c0652d79993082083599c6c48fc7b7

    SHA512

    cc5001cc5cd57a2fcf34d86a5a07b77c07f221da91ccebe99b0c0e3152e6ecfa942ef693f281ab69536fc9a327e4f5eeea934392b705bd9fdbad5f69ddb38a6e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8ed81efeb76dfd2a83e7a67ab9a11d72

    SHA1

    73f81e02a07378b6deda44d45b293a6cd13197b2

    SHA256

    79de793f1cf2498a2d3133b09e68177a8063c82a0013e4f1a98de614b0cdaa7c

    SHA512

    7d2912a924bcb49a51c4133de6adde378e007de144e0feb50616d97f3435005d388683857d28b514dc02c830531f7017602888b07a4edce5b0ce28d1b136e466

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dee2f0894a1e5b40541b6a11457b14c6

    SHA1

    6c309c0151da5199d7438a6c5cf9084ef10460bb

    SHA256

    2b36f52c78d319c582ed1366b2d4b13e5f4592f0163bd59b7ca2d996b22d9cac

    SHA512

    b2a5f8095e36b78e33ff34fa7278e5ec49b540c3209bc574e514c61ced035c96980f481cb59bf426600728fdac0e944bc96970377bd7a598db301b2a980e5c72

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    be5f587f7f1ce6988e2313683a96f5a4

    SHA1

    bdd362f7b8ce18d4b3f1b9d0297750da2a3e36cc

    SHA256

    3daa225d2b25a7a3ecc42701c04db42db0db3128fd532c34110d4a0700d7ee4d

    SHA512

    8a3a46cb211f79ee48e09b5509207fe1409e281699d4e65f694fb1429cb2a1c28f78cd6edd053492d1d8738091673cee047d8d4d573aa1c3cc22da21e3157b05

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    24d2288d05a464261b9be9fef3a1a4a3

    SHA1

    1de628a303942639c14f6e32c415efa675359d66

    SHA256

    b8fca11784dc4555edccb7f1fe80d6c5a654352b243f6c5020f8a4c0f62c48c9

    SHA512

    b9edc03a5166d7c3cdab2e8a6ed7a360bbd0bb6fce45de448f167ad78ed22a00baccf65a4ceb0651b853fb2de2eaeeb31b3abc4477f7d5fb84dfc181b60ce9f1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    999721f507a7d0fa2bbaf395645b960a

    SHA1

    5c2eb9db054e63cbe81669f1d3d54788cb823f54

    SHA256

    e4886c4add80d55f75ada09c3b5c31d205172aecb405ac390b3d23a537c4a52f

    SHA512

    5b99b2a1b8e280537d7685584eb50bb034606021a0c4e2aee2baefb99e06e171b80dac0c71a0ddaa9b08164a7288bc437bb1df33a8214a5f8739a65472d52db2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2921dca21afc951c6707b402e418dd44

    SHA1

    23f48eaf0448ad4b7bf8f98b587c2e9f1dc8298a

    SHA256

    3391264549c50bf62cd716bad0c270dda13d9dc50309ce612f03814f423bb64a

    SHA512

    d86739629f6d721d5619450d87ab5ecc600259a8581abafc3ed2a852b23bb1e232e2b039a020a9af4f52fada5049c312b2a4c5fe5d7fa3566cc8570b1c978078

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    189df5bfcc3502c6a56c14deb342c9b4

    SHA1

    9b16aa5fc22f1b91720b271804fd5afbd05babe8

    SHA256

    1f70f0ea75c64ad37ab9a6a6eeb39143603c089dc4b6df81505cb1741e45b5fd

    SHA512

    906409c9733a11a5cea82625d6d4c9918bfd0889e77fd45041cb08163a8c8af5efb29e096f6c357c5e9a07d39af3f9f321ed14a90115123f268a53da2c6c1272

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    94ffd6d00c7bbe53cd6cf493788fbfc0

    SHA1

    ec33046e680085aa3e952a314e52164bd87ecb63

    SHA256

    1aeeb1ae285d1bb19895a96dbe5ca61008d4ab0d6f17ea4415937d997919b3eb

    SHA512

    c2883544e6d1734505f2fa01b6109e046d91d615f17e5470ef8e6cabb2996de5f0a6f3190f081aa0ffdea688c17a16b96a108790935a06065468694ac05a2259

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    80921c9d5fa1d37c800c61ca761d4d22

    SHA1

    72788cc69b314f118746f8d004639c1d7d2d107e

    SHA256

    107a4cba217859b2d07445b13519ace768e490602aefa774d77543a7a94558a4

    SHA512

    8a963cd198d9d24fed2f198c65251bc07703e75cbd483827d3321a38d5e6614625e8bfafc99f4b12e3fc8a5a640e3ea38ed53f1597a833f9cea5eace03cb5cd5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    80c69c6ef130e3d266c32f6e2deca8e8

    SHA1

    4b91e268feede3349ec21ee0547ba899399da77f

    SHA256

    7d76beb825b7be93d8c72b7a4c11be46961ac9670c45782dec6fd5be3d450b43

    SHA512

    be8d10267b721c8e6a71a9af647b6711748e858bb8d9af3a7c191ce0f9cf8959fb5f58daabeadc4fe3d4621eae5f5d65f491f2675e67013560e9b7cc39881be0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6a9567539d0cdefdca50cb641e14ba77

    SHA1

    68d61ee6088142ae38f1bb3870799829346f7d43

    SHA256

    6e91daa003cb7a38df10b98a3bcc5e681a7ce21dd9624f3896b41b9c14631baf

    SHA512

    cbdeca4f0fc671d21809733d6be0d5391fad0dd741f7dadb3d7497fb3821a5c6a6887eaa69a75a6d1e8a66566e31ce9b56d0cb80e76e6e3689bb0ab9ab294bdf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    86e85f395db0d7fe1400a7a2a5957cdc

    SHA1

    4d50349b4eb43df8567ffb0cddcada6650fb0ce4

    SHA256

    3b5e499a00883f094b1998a867a9d3ecd5d0e4e1ef384f0235e09478e5c7a352

    SHA512

    40a1be57c466242fe8c4f6b160a62fd2af06b549f9170fb639ba6386843393989dabf22616423240597506cbad49f93544eef725eb85f0dfcb69897c81274964

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b2c5fa4898c831d06dfdb5c1781a3ef7

    SHA1

    2f90abc8258ddfa2c289695447cdf148b6462cb1

    SHA256

    6f09826a716f496a5e66fce1437b250a2feb0f97ad72b67274a774078b69db68

    SHA512

    a7f64e3b0925cf0dfe8dfaaab911e465c0d16d90245abfa7016f97b0293ce3b61ab3178522a82acf3c66b40a0ca38a23e09e0d4df25aeb8dee27d83c7ec2b076

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a3fe972253c3734caccb7733c1972303

    SHA1

    69678199ccf89d9cd5a782311c1ec0a7f0424b80

    SHA256

    e2647fd1fd6c8a92a52b5946da0df48b94ff2607c1fbf6a46f81fa4b029ce4ec

    SHA512

    d1ea8e62715a8b0a4481046e95269df6b1077948f369ca33aa41ea65692dcfce895fe323a4a29b6dff77c07d9c343c6c3835b3765da0a6712fa56349c24b8dab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    155d63d9897c2a4ffb603f552b556ad8

    SHA1

    392a90f7842016a48acd8ac71165e23d4d776092

    SHA256

    ef1478c884c1ac0378098d071d15b85d271f60c520b15e668345cf2162192307

    SHA512

    ef4027da82f326a411e7b7cab54df455cb2898672228b4219d2cab435932a35b0e99419bd4241783736bf73be657d65eb7a79e7d6de3dbf6b862ea4c91476177

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6c8267a4247e04b0344a24f6bc9d00e7

    SHA1

    7dfbd333aab44b69e97e7ede596e1d35b0e649f2

    SHA256

    d917ba82c91393ed29e7eba7baec651f109e3983fe5d41572f3c07af63649391

    SHA512

    db8b1a3614a898c8a6de00b710228ed3c8b2d141bebc5b62aed988a4348368fac55f97c3805eb8935f3077b8d3c55a30d124a9f4958760193b3fe4f77b2a6106

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4f00fd42c1687f9233363fa679f33e96

    SHA1

    ebc073c11fce1ae16b831c13992491156514839d

    SHA256

    07781ea3a7fb46002f4a74acc638fab0cffcdae0555e14eace25f0ea0b0ff054

    SHA512

    beb618b612adf1746ee529a0277f04d63ee2386780dc83f0c8de690b1d53e92d18f39b8b32b6dcbe88fc4db9c5c8d659f02e38925163bad257dc50fa7e90124b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    71838c12100e6a89cdc9610e8247c963

    SHA1

    d1d5640e835e73a1946f07ae4058ea5d313b97ad

    SHA256

    8cdb9850accf8d41200a335d8e291f150bb1ab89a1fa181b5a08524d24b2eabe

    SHA512

    979032fc61e060ad8f0e0e5f8df3b0d450af66a63cb6fb672bbb5456a9a0aee6a1ec9648502b3baa0910c0617b26d325e37c788bec31761061614dfd67f1f0dd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c1a33b560f4ec5a086d4b378e84ecc8b

    SHA1

    c01bd075925fb013ff59cbf43cec04184a033487

    SHA256

    09280bdb54e6253d8006a1262cd4974b476e39417e6f36ee11cdd75d94da3e81

    SHA512

    685e6e1e7f14ed0bf6693863a191d731cee26092233107b90f211494986bd68db25052de5377a3a64b50479733faf38c87d60e9aa4444179a401f4b28efe0337

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD185.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD1E5.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit