Overview

overview

7

Static

static

3

eab4224a91...18.exe

windows7-x64

7

eab4224a91...18.exe

windows10-2004-x64

7

$PLUGINSDI...nt.dll

windows7-x64

3

$PLUGINSDI...nt.dll

windows10-2004-x64

3

$PLUGINSDI...ed.htm

windows7-x64

3

$PLUGINSDI...ed.htm

windows10-2004-x64

3

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...ss.htm

windows7-x64

3

$PLUGINSDI...ss.htm

windows10-2004-x64

3

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...ss.htm

windows7-x64

3

$PLUGINSDI...ss.htm

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...en.htm

windows7-x64

3

$PLUGINSDI...en.htm

windows10-2004-x64

1

$PLUGINSDI...t.html

windows7-x64

3

$PLUGINSDI...t.html

windows10-2004-x64

3

$PLUGINSDI...r.html

windows7-x64

3

$PLUGINSDI...r.html

windows10-2004-x64

3

$PLUGINSDI...ed.exe

windows7-x64

3

$PLUGINSDI...ed.exe

windows10-2004-x64

3

$PLUGINSDI...lay.js

windows7-x64

3

$PLUGINSDI...lay.js

windows10-2004-x64

3

$PLUGINSDI...min.js

windows7-x64

3

$PLUGINSDI...min.js

windows10-2004-x64

3

$PLUGINSDI...ger.js

windows7-x64

3

$PLUGINSDI...ger.js

windows10-2004-x64

3

$PLUGINSDI...ker.js

windows7-x64

3

$PLUGINSDI...ker.js

windows10-2004-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    19-09-2024 05:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $PLUGINSDIR/manager/init.html

  • Size

    97B

  • MD5

    cda38dc637a00d09272d0e1d8e08a63b

  • SHA1

    a8b9f973bf6cd39352ba6796cb82332f25a5d2f6

  • SHA256

    b363c46a7f3c4f972910be6622a72346370c961cabc17ec43dc76f541701069c

  • SHA512

    6c4a1033ddec627f34adfb4bc294e5a89d447c6c348105a0777fb450385042c2ffd4161353da77a9e17c8f9d5fa26e7d1139196edfcc4a2434a842e658693f08

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\manager\init.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1048
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1048 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:852

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ba98730ff68e057819b1e8b639ecbad3

    SHA1

    7fa5cdd989bce9a1add024c33030b54cd67e1584

    SHA256

    2531a9392cb9a321a8f87a579d2286d087c37823a114ea63c334ebbd7344f5c6

    SHA512

    0a2c4ee25ca82ceebe01a299cb2148243b2be8ee9ff0dd94d0b06831463af0fff294c89fa2cf1ac7adfcbcf5b3e894933a5017682ebecb62e73124480b697a28

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ee1808042f1b3abbed74700182722adb

    SHA1

    aa638c0b12df167a581b093e26a2162719027076

    SHA256

    7c96f8f1fb3827f1bcc186a01e47ccce5cf7a9e3b5d97be5adaa8aca970ac3bd

    SHA512

    70cda86573e320b1b9a9528f097f0410071bc89bed81a9d1b24669d3b6b5a19d442cd556d410a80460851921f0e5166febf2eaac107030d369234c871c76a37d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cff88e5e11fb8761a3e8dc581383503c

    SHA1

    77f7b865000a18ded85cba49a3be7130fe4475ea

    SHA256

    e3221e47d826274ccf6ca790fd9cd315de05baa71810762156b4f5586d762197

    SHA512

    9dffbf6c9ad0fb1e3f1b4546b13e2f098ffcdfb2cab1cecaa75069ba881f669a53cd1f8ff49e75d867c55a0bf5391b08e1ee61fb82c842c7dfef45796ec61179

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b0baa3aac69b6dd6fdfade5744ca99d3

    SHA1

    d5d3ad2488f16baa1c42c14c770225ac44a09259

    SHA256

    98358f0a9c5ee74a219232be6ca2e39f43d3f50b3c6bcde2f0a41b0df7453d0f

    SHA512

    a1bdf938bcc6f0e712384f9e3f33f69a3cf2a27ab0d50091749d0daa8d536b6beeb66059ff03ebff5afd3e7e2166edd679e3c2badcaf8e43854873338a79d7d3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    61d081a47b4d8e0bd69d8f3ab7a4a7a4

    SHA1

    36f0ed7c2a6965becef4c90195833f164c435bfb

    SHA256

    06dcd74d5487f5f722d409e963193c94565eed896c74e6b65e9d6dbe2dd86d65

    SHA512

    1ef5ad7322963b5c1398977941f57561c67aa83e610b3f656ee02d1c4051be2240dea035f4b57705657483c842785fc0fd992b38acba05ef134a40d276c9fa01

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    50f984f38b716a1330269dcf0eee40f7

    SHA1

    7eaf75b3bec050892e05caf99db98365e30ab790

    SHA256

    c11c3d14e8870af99fe90c5aee18aa50bbc81ba8e789f3c771ad37e3ba3be761

    SHA512

    1792dc4758fb6c8daf6f381dba5021558157ae7ade0c9655d151b7d10319b8efe8f18252e440f3f9e7cfc814e42583f2d64ab61629f69f3cf5e8cdd9eee706d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dc01ff8a3409a41f3065029a3c03dc74

    SHA1

    2e50dbc4282870ada6229fbaaa2d2aab9dd6b3c5

    SHA256

    1663fa71301041aee839a2130e9ed4db36d58c1e2cde745f8300d8d339b3998c

    SHA512

    12e518974b4020d50f034cae742045aa34cc42e4d5d3ab1d7e6c9f9fbd1e373021404f4e175bed58467d2c6d443fe2156ffafb8de625bbb0743760e93597dabf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    01b6ab39beb64dbac0ec9b643b3e36ba

    SHA1

    b998187308c692c21a39a5a20dc2932581d79905

    SHA256

    f1b143cc938e5e0c0db9adf35f31e65f2a65f27aa8319805c91153950fa74808

    SHA512

    e083bd87eccfabb9c4764e81fc26d240a2547c5ba76a39c7c5d434a4e0b9c12144c5e462eea20f1766eb5d08b18342b5014505c9c80bac86d9a9ff763fe3c70a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6bd96135d51b7d13aec24364e7e04665

    SHA1

    2c7f248ad95cabe71f39f778fc255c31bddf2858

    SHA256

    a1af2b210322f9cd5c4e9e04d3cd3996a5f6336a3e84ac73e4ed13d9713cecf5

    SHA512

    d5edbd969ad83d6d034abf6a6976e26b86e767db883c66e36416615b8a39e1e7c1ba4b16f16a9c1393876df0cd38ddef58658cac2417e00061bcc579ebc513de

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dabc52066f6e6e6e4cced93152686537

    SHA1

    be5943bc53243fb2f360b8b9102730affe430a80

    SHA256

    f92b19c9455c7924159185d15b162fc7e6caf42da54ffd6f3c85a41c506ac737

    SHA512

    2385e410caf546ba550719fd499bf309de281ea3f39e781d0019a1229f0f1bf1cd4351ddbb26bfceb5e39e8f2beed0175d4de2c8ea77cbb994ce93d0dad9abae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2e5601d3c9c5c1e567d3a671e88d6589

    SHA1

    43570f3d0cd52055d3890281fec75555b5f245bd

    SHA256

    96555cc23a03fcd10f8bbfabca166b5d28641270709948461dcc22d2b4b11880

    SHA512

    992a6581992d10a1e4874f1088aa2ec2ac45a58133abc843d4bd5659c39f4bc31397ec27a66c9a1a2e0d4a31189b00b6110196625f8ed9212e239403c69c1bf8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c363dd1c72b327b411f1fa4004c5314f

    SHA1

    c395747a6d01cd8c8fde3d2f7a2518f871f9601f

    SHA256

    b4b48d9918c354d1b21d324edc15ae2f173118f89306c9510cba65442645d67d

    SHA512

    cc2f25e7f370566d751d930a8b9ea04400a638ce3fd6a0d0d308169d6bde36d4a58f7de29af93ec4ffbeec64ee9890df07dfdfc5184771220ebc951c859e78c3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0626f7c979e50f93f48faaf4c3c1e08d

    SHA1

    58208a142dafcc3095d310ae1d7e6f35e3b7a063

    SHA256

    4900be158c519f0ca55f17ee8c5ed83bc074664c63a99fcf4f295e2f7b2c0a61

    SHA512

    06b195435db25a4d965f2d1885cc7e1a07b754b3481a1ce8497cbf53e5e03e406657a51e9958f11f2747cf107e4ed280f0d0efee86b0ed6ad2c412f2d2d65236

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6141215cd67cdae60957484251352d17

    SHA1

    f70c742185a4c0b7a553957ad836e5330e4025ed

    SHA256

    b5ba606c93faa6b5fa7f5a1ee784af133e3f553bdc3fffb1befb28297b2d452d

    SHA512

    71b8fecb6388fb44c33a50a8dc1071161a996e083c5a999e4515a84202b5c5c66bb8b7bea09a0139e33bd0c6ce76d3cad6fa3cb7b41e68e45ebfc97efaa3462a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    59f87a41bc057c5a0ab86da45af45e2d

    SHA1

    8cbae569516271c3b0879a6a3d224a64601e8866

    SHA256

    a4b9b593ce36f90e732cff79497932d616cb7adbdd0ced257cc5670454e94a02

    SHA512

    04121e0962aece59b13f6e6ff001457908f822622b4d1e5ea60970d518c9497a9b36bb4f53917b58a61e881601125e56feb86dfedba234b3c8bca4ced62dc941

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9b6c3f1f17b48d446e71a0daaf293370

    SHA1

    a7f7d056e9c7c97d735d7f179c9c04137ba9663c

    SHA256

    52c0d82395e8635fa534772f232fb9a23be8e33762368f3d65a3ffe3847c96bd

    SHA512

    7d8b4d37a2c459853d43985191decdac50d90df1596fe1d1b1f0047fa2f86b7c32776108c1f8e46136a5f7bcb909b330592bb0c5ac7a1fb5b3c5798d5dc40c6a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ba200ba030c6f3ea9bf8136c5551a401

    SHA1

    09f67b1bbff1b103d28806df5703e5189cd47da2

    SHA256

    a0966d5a591d2442b79d4315a717a5fee340ca6114b53a67f502d22858d4be79

    SHA512

    35b8ba8a71cbe9c22817758519427564f00f163915564d5044597b6b0f4f25b393259bfd58228e49e9ce3e73d6e3c645eeecc20e26f9e392de72b2041a945c23

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    95ca76b7d4b661a2493ceafbf7c17ded

    SHA1

    dd4fd0c12bc869051a4a6d95176909ec63a9eb16

    SHA256

    e09b3d490684de161ccf09bd8879e18b3ed51ec25a8807869d60578825d05b3f

    SHA512

    c56696f81ad6810a3515a18774934ce8106fe67ad1f39c19210be9e40a3545f85f889eeddb7e484d0e8da61287466527e148e6e065afae2a5977f84513c02241

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB472.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB513.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit