Overview

overview

7

Static

static

7

eac23a47c2...18.exe

windows7-x64

7

eac23a47c2...18.exe

windows10-2004-x64

7

$DESKTOP/�...��.lnk

windows7-x64

3

$DESKTOP/�...��.lnk

windows10-2004-x64

3

$PLUGINSDI...RL.dll

windows7-x64

3

$PLUGINSDI...RL.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$SMPROGRAM...վ.lnk

windows7-x64

3

$SMPROGRAM...վ.lnk

windows10-2004-x64

3

155�...վ.lnk

windows7-x64

3

155�...վ.lnk

windows10-2004-x64

3

Bug3D.exe

windows7-x64

7

Bug3D.exe

windows10-2004-x64

7

Bugatron.exe

windows7-x64

7

Bugatron.exe

windows10-2004-x64

7

ReflexiveA...de.dll

windows7-x64

3

ReflexiveA...de.dll

windows10-2004-x64

3

devil.dll

windows7-x64

7

devil.dll

windows10-2004-x64

7

fmod.dll

windows7-x64

7

fmod.dll

windows10-2004-x64

7

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19-09-2024 06:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $DESKTOP/ȫ.lnk

  • Size

    346B

  • MD5

    3e3799d9a26437746f9f9f5f9ac0c6e8

  • SHA1

    70bb530d53dfe59637dc6ad6da4bccaef869daf5

  • SHA256

    6d0c5589f63999a1cf80e4fd809b74096f49952aa43e648ae80cd0a5aa55f8af

  • SHA512

    3848f33a744182561b7b3b341e50caa3ddab1a5d54d9da8fcecb43490e389ada88629c8c53eea426128b513581b136afd1103c46b55718417dedeba8e4d6ae74

Score
3/10
discovery

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\$DESKTOP\ȫ.lnk
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2100
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.1122i.com/
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2744
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2744 CREDAT:275457 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2768

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    62eaf2eb9af2e2761139d55d6c6d3e43

    SHA1

    a390b60d3442b5917676ac69a237b57eccb45ab0

    SHA256

    3adf22e0d2bd7edd224d84fd5316428027689c81a2224cd3a1790892119a341e

    SHA512

    f98a92bea9cc2528b4a2ccad4286eb0d756b3bebcfd026ceade63ab79817afe89c160e6fe4dd3def03e7068e047615cfaa04c85c693199d29e870010f88bbffa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1342446a08d2d4c59cfc21f9363a8273

    SHA1

    bc9baa3655a200221db48cd22f731c998eb4bf90

    SHA256

    e7ff42bc91da402b6de99820b51d444f6bf352271feb063b03ac2e12e9624ae2

    SHA512

    0a909b62a3a05d77ff7ccbd1753da1d9c5c73ffff98871779596f4efe80cd9b20c464f4b55a234e027e80006fe22b6bfeccdf57fe6aa4dfc41257eead97bf34f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ed84c1c41f6ccddd09a6d2ec3b9e0444

    SHA1

    4a3c77e39880983da785dacb0b3789c395c4e281

    SHA256

    e47fa6e5acf852b1394db73dafae9453f186b311c550058cb482b50330d5181c

    SHA512

    850165a4f2a1131bb0c5e634073976c6a0033ecff22fc3711897afcc58cc34ac56821ddc6de63511384772404097189bd03305d8745b0b9145085c60fff36d68

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    16a290947c9d4d5e89d8e9bde363a18e

    SHA1

    09819c5ca2fadd7eee8984a1d14610bc86ae88ef

    SHA256

    2022fba83d7b4f8e99b3497f9ab4e842a194fdfa5ab816c1f7ea1d2c0788323f

    SHA512

    484e96a71b192850cc5fe859229c920f7b935aaf2d97dc642875e067b38b4d1ba5d654a321abe1ae37ce8898fc8a33953fa74ed1c0bf739d0ebe4a40eb2ab477

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    957aeae865cf1e7e7ba5c86531282bdc

    SHA1

    9890696cbf1813e9a0764320ca000dcf325756cd

    SHA256

    e469f1fe5d85a93509e2917b98358fcd382186b49858eb0e00c59ae175688124

    SHA512

    6cfced5e95bd3a3715cb0473ffe4dd7f889112d6c17baa994e9e097071a132cd2e0950c721db753c45e16d80a1fe25c48e77c9d40a08c73a91b231fae5d35314

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    de6be052664b373ed206a3554b1d98c6

    SHA1

    2ed542bd1602303b0632dd019dea3d8301667101

    SHA256

    85db5153d4c412598a121a6979fa3669276dbdfc4da645a1f8437e06ae2d34d6

    SHA512

    d885e86df1a8af3ed8c42bf5437a8de4182afac501de294d1f36b5a03452e4fe8bccccbd86151dddea907c2e6feefbfeaf835d6b4b984102524d3869b31f1b09

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    67579e9fbd608a61bd6f545f100d8d8b

    SHA1

    7005fcb4cb8cece9809ab10f096149234f546a44

    SHA256

    44a77501fb2ef1e08f9f4d88c41e0beb8ffcd5043fc90d44b7953f8a1f52cdca

    SHA512

    ced0199dce3fa71f38e44030e0f1fa2410a459229aa5f9a0770063907f496bd7e0cf653e22239a6962965252b00736e6e92f05bd02751b2a2619d0f4e83bc8cb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    32fdfd9231b1087cb783c218224618bc

    SHA1

    a451f1bca7b10b65da7709f38ca3f028bbca1975

    SHA256

    3ff00b247b052d74e12fe448de1f452b5a4bbd6e9c044822a9a702f8852f9fcd

    SHA512

    673819a1cae1cb3567730ed9c347f40d0e0db8812893fd4127f035c9c6b9a91a19a11f7e6a9f1c403195e1f1fe52f6a9dac87a52a542d8e1aa30c257659c1972

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    be6a6b51915119b22390d4802e193d2b

    SHA1

    d6e8ef5d9782ae2fdf1876fc456ab0a30662f2fb

    SHA256

    0a64ca4236fa12f5ceeb972fbbf1cf47f62b9e95531302b0f2de4acd4349fd2a

    SHA512

    066e7cb40954cc6cdbcf2ca6e94fb504077e151249d09116f77866d05b1b382dc24fb3a0f7ef9096632671a8caf5fc4d8842dd70098525561b1fcdc880445b12

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0f4f70ab80cb39721f158ff3e9ec88a1

    SHA1

    54e00c6b5b18598faafb8004fafb095f7dd616c2

    SHA256

    a47fc236034b8e16c18f8931a2c58f19aee027dabf22e012a55706a104357216

    SHA512

    611a3008e5a7679b3586792fb40d9a89ab09e81dcf4d74864a2ab7cdadaf38a4614a518975e7d7cd8fffdfa5025dbb88eb76b68014de72c773a25afdddd19a5e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    25287eb273d0131aa275c223172e8231

    SHA1

    eb73b8261d7f0265b7affd059384d517f1225261

    SHA256

    9a41b44694913c9321ed93ab6368b99fe8027a13cd5f338175c729f294a88fb3

    SHA512

    c29e1e70a0ca3673ab7691c96b09fab902b8b5cae828d588779ad9e58801cc3eb65f5bfa60826d84ed0c2c519e772b17943216af3ab629dba4d4ae9810e3a8ae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    66376e6866ebd79749d71b23d03bf04e

    SHA1

    cf5129bb67e356d49083b2c4786ad7782ca87fb8

    SHA256

    a349621fe37700f7abce3aa06a02c939822686aae8c25d75a402674910151f2e

    SHA512

    af1f22848e55c6c2fb59e4de3d154791b20196ce148e8057954aa67c9813196d1d6b37d9181b9cf7df553d885d08c6dd1401667f1d33cf0e88fa20aac637ee10

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    264da18651d8231aa751ce283157969b

    SHA1

    20023f9e2206a8e11230c5d7f17160aedac98f78

    SHA256

    3c7f10498ef244deaf4c9a50848ef896c74829d4dba404057eec9de5b0c90ff5

    SHA512

    915b140d4d1933f0905a859ee8859e5e81d51587467149085ee2bc8a8641dd4a72f6e31fa0b8f4fdf86b42bbac3a0fc9ad884c9366c1293cd28c53874c1493a3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e0dec19e6ebc8a225441dc996ab567ed

    SHA1

    dca49e1525dd5770119ccc47f66bacc4e9ccfe2f

    SHA256

    5fc6ecb5450163c48988afc6edf8f518d307ef6b78d86f9db64a6dc03d55b7a9

    SHA512

    ee2e97d549733677eb557a57200da153237661d09f7e7d179ee8a72de3621fa71dbf90b7189ed400150fc08a11e3903f63586f34e64830f2fff5cba29ad629da

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7507c05b62bd743d1603ddb6f006d3bf

    SHA1

    824abe077f628bc4db33e9d99f5e2b099f1b4787

    SHA256

    e02843f8d341265a8e7bfe044c9597b6e58b816850031b9ab68d41dda1a14110

    SHA512

    4365c6e3d31c8c9fcdbfb73a7579c1becfeb1bb20541c8f07c29e4d91323aea7148dadec705d34fba5a3622178575795c8d74d3f61657e5a6a0ef3405851f3cf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    51ea343436b82d558bb6458baabbb197

    SHA1

    24ff606ebe9b89f238b4abd484b45390f471324d

    SHA256

    51e5ba8fa8ee2c9ec1b4e5582a56c892b534884e40c292ca4827c66f85b93b3a

    SHA512

    1c2bbb556cbb060e02e3a8393b86f089a0a17f40d667bb1a0b1adb1462ff569abe414b7b2948424aee51047661558279aeae284d5d473fbd9b58209cc9aa7437

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab293.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar332.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit