Overview

overview

10

Static

static

10

ad515ec278...e7.exe

windows7-x64

7

ad515ec278...e7.exe

windows10-2004-x64

7

$PLUGINSDI...ol.dll

windows7-x64

3

$PLUGINSDI...ol.dll

windows10-2004-x64

3

$PLUGINSDI...rt.dll

windows7-x64

3

$PLUGINSDI...rt.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/chkm.dll

windows7-x64

3

$PLUGINSDIR/chkm.dll

windows10-2004-x64

3

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...up.dll

windows7-x64

3

$PLUGINSDI...up.dll

windows10-2004-x64

3

$R0/$R0/Ba...up.exe

windows7-x64

1

$R0/$R0/Ba...up.exe

windows10-2004-x64

1

$_24_/Pers...x.html

windows7-x64

3

$_24_/Pers...x.html

windows10-2004-x64

3

$_24_/Pers...ent.js

windows7-x64

3

$_24_/Pers...ent.js

windows10-2004-x64

3

$_24_/Pers...mon.js

windows7-x64

3

$_24_/Pers...mon.js

windows10-2004-x64

3

$_24_/Pers...fig.js

windows7-x64

3

$_24_/Pers...fig.js

windows10-2004-x64

3

$_24_/Pers...ram.js

windows7-x64

3

$_24_/Pers...ram.js

windows10-2004-x64

3

BDBugReport.exe

windows7-x64

3

BDBugReport.exe

windows10-2004-x64

3

BDBugReportx64.exe

windows7-x64

1

BDBugReportx64.exe

windows10-2004-x64

1

BDDownloadExe.exe

windows7-x64

6

BDDownloadExe.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    120s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    19-09-2024 07:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $_24_/PersonalCenter/$_25_/index.html

  • Size

    9KB

  • MD5

    3ae3cc4b0ae61cb1f76d7c5be021c9ca

  • SHA1

    ed0c9bf634226dd7ea197c223f8a42767a0ba965

  • SHA256

    47b3d9f77c16d3087806a31a07cd4503827adb71297269861dc5e67f74207659

  • SHA512

    5fea3f8a26ecb97bed4c9db32969e6d78e86c6da7b7d98475861a26217df9a32d5c2fff335b2456893ffdf036d85b80daf6295cc277e046177dfb9737bc16058

  • SSDEEP

    48:0WpzaQhMnrHKPiwM5xkQMOFThKBdIzQhbwvbaJtVvVi0wLF0YlALNM+5mhYUV17j:fUrHZD/FTKxbaOSbLFP4zNJ7CEm8T/C

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\$_24_\PersonalCenter\$_25_\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2392
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2392 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2236

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    90661cec76f50f86fa764e88b4c20fe4

    SHA1

    66a92b58437429f4f5be40315824872827b6431a

    SHA256

    36c9ea380696b4cbd3b088b8af6be57cce02babdd1666c03ce86b1fc4a6e8c56

    SHA512

    0b2649039d388d8ad398da925f4f8a3859e41309b74ade3f5f5a8b60950e34cd85ca1983da7ccdcdf53d5d8bbdb760ebbe92167a643392c90c27a011ce4ed1a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1fb3a285fbca1b23bcbcd44977aa2b2a

    SHA1

    03e7e960d909b4831546bbea00949346ca386bc9

    SHA256

    16146183bef9a2574de597a52fe8f9a87db40af446eba8284261e6f6d8e4ade0

    SHA512

    d04e112d6605fd936d9340dfdbe8becb636b92a654b3b0ffb6397dd09faa52399c02edb34af14627c7cfceb376afc2443c1778ad88356ede480d62e757be3c54

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    88ee7f714914b2b42a6cb947427c60bb

    SHA1

    8247a655e0d523c84d05aff557d296f4ba8d0ea8

    SHA256

    69534f1da050070a03cf0712c597beb46347417d2f884577e8c10c43723fe658

    SHA512

    be4ea1de70c2b9287d73748475b869fc0e0d4b22447f4262925f19303f70953882399e5a120fdb59adbcfe0a6ce7b5c5c78f79adde5d595dac9f4cecc8fb204f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    52f32c29f8e0f889a594c5ec3708d94c

    SHA1

    fa9338239946b1e34100d30cdad51a00649b51e3

    SHA256

    cbe9cd4a00bf5c0b4f8be157d04181dfcc25a50c4a4821bc11833561b0c12fbb

    SHA512

    68e25547f993fdad97a87fccf5dd87439193ab2aadde5453da34fed3cde936bca81232c322e633682a70a93c57214186a2d910001fe2cb5abe6c8c5d586c53c2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9d5150c42fe7afecd728d5ca6f5adb71

    SHA1

    41c598ec0e6fd3aa7d89c3b688929ba31a9f5846

    SHA256

    94f7518672a8b52a1a77b737176aedf49a875062316eceaaf6e3e76bca0c708e

    SHA512

    c0b70d80c2b1eb58502409ffee0feb72a82e1f7eb082001f6a702dee2afe664b54632152155984d3b6934bfe1fb750e5434e0a76dffe2cd1cf97675475890ec7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9eba2c275870434e9608c345382a527d

    SHA1

    e81367b0dd18b82ce3602fc59179cc7fb73e6cd2

    SHA256

    3b9d7ad389ea204bd3c45a2fce9ca814ed46f8ab4cbf0420db986c200087afac

    SHA512

    9e53ffeccfd4a0802f72349b7a2538fd47249dea103a725827660bbe379f82935c382e9695ae86a0d5b7cd32f0b4acacf16d6d936151ce5ea913aeb8d396f010

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7dbbfe6805b3850e2327128d92e4430c

    SHA1

    766184c5385e4d40ce7985ee270805b3cd0d0306

    SHA256

    cdfed41dfa1d1599ab117be1a330e6ebac2be1e175652c81b5d10f431bcd1652

    SHA512

    fb718bb68e54eb2f5885dde5ad2cbb5f97f43f5bad82acd2cb08b50fa48d113b5f500e52ad1ae00cdc8b169a774c3740191a8bd34125151a6c0e62e03c936d73

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    76f525fbc1069821a932ac4c48901334

    SHA1

    8a1b092a0ea3d5dcf70e76a343691e602af48d3e

    SHA256

    8d0ea76e3687b9cd5b58a0e3d41445dd452592df89f86bd3124050a8ceec901c

    SHA512

    8d459f407126c5ad54bca44640acb581f5b496f25e9bf9563588588ced4a1e1424b359f462eb3e376a5b755aa7ada24b28659fb7c16403b613a8ba52f1e8aa17

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6cd1b1362dbac1536a94d585dc1018d0

    SHA1

    c24d109458b3fa03df1f1ee3b6ae98bc6154de29

    SHA256

    2b31f79c187cbd82188251c18620a908dc3dd53f73af17567bcecf5d873b9b1f

    SHA512

    5e917b676273a0a7b439351ae3642a79e620c0571f005911cde763391900703d33fcc8f4424ed759f150475a8a355147b7b78d513404d0c63a5f224ac9b6ef23

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8e49a4d85ee777485e8e944de50eb48f

    SHA1

    26362b986a49e5ea0e1a1d6cca835cc5fd8441fc

    SHA256

    b1b0a2416f33bb5fd317668a2cc90b67487d8af3c7aa37026964b5c8e7eaed82

    SHA512

    a5e17adc8c9f4b962f842fc33771192213a0d423e8b62368e05316fbd1291e6fc1ff2b4290b4870958624a10f012fcbac955a9fa9e8e9be6ecaa7cdb6d1500e8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8f615439044ca85f2fc6f92637d61d25

    SHA1

    b462d21463da19d2af054bafbb64da4246e829d0

    SHA256

    71da18c343e6515518ac4a2ccd1866ac65d832e7d750c8d58cb615d0879de8a2

    SHA512

    8d2d9b89319fa8952e96a4513fe11b2f87a0b1e9e6eb6c77bb62ecaa3d290078f8b75e6986a8a037860d33f20617c44b26b5946780aede4817fcd09f8bebfb76

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f7e751941da559fd95871255e66aae18

    SHA1

    214b6ac6932f1a551cbbb0a73bba24e7cbd1ab29

    SHA256

    608e0bed85fac610bc7267cedb5b5e18f11984cf178d99e539b4f24e93b84027

    SHA512

    8705145f9b320b9703cd7a38bc1d16e6ceacce0236128cec555c49ca8ac9318d2cfd7c9eba39271d359b3b12c9180572fa68cfd774d56d0c00b1c17d88cbd502

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2202984400a7617729fcff550ca8f81c

    SHA1

    8c9b4dc6be8690c90fe5af68079c8ec18ac0f2c0

    SHA256

    1d6101f13cb3c66aa14a20b7ffa204950a6c6b9f828bcacaacfa4bce27a6629f

    SHA512

    ddb66fd0c52c4a7fa11dfd23d6d7a0e8d38a0395609d3b924d3b37ece40af6708499ba110925bcda2802afe858d21c24ebc040b0951658e11a9a0e346032f6eb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b2a8c50b2ddec463dd20b6b675f333f1

    SHA1

    fca512f638107682007b44f6300961cad4ab8695

    SHA256

    ae94859a764285889bd0bd4f980bb07db881721017cfbe4aeeeb373dd9339465

    SHA512

    960d8860d0d8bb8597711ed8672ad01816d5e1054d9000f5cfc336a3a4672a469f115738acf97666feb5d4d1d1284435d8b70463b54737740f3505301d96a8cf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    19df8a87674eb5bfe7bc1c0e39bbe559

    SHA1

    13045e60eef4fe13dfe0124a797c032ce44ef10f

    SHA256

    f866f9bd2949c6127f645afa38d573cfc431cdffb3478ef25fcc99d7461c685a

    SHA512

    9103d22591f7082e91ed553258ce6f653c7b67d263b57560460065443bc3698a8c6953d2d4e2e4f9cf30a6d57f5d92af1c4a3260965423997d9f838f2cca1e12

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a498c3b279b648aefced8380052a1a58

    SHA1

    e4b20d95f8900fdc309b839ac613af15e1388ff2

    SHA256

    1e454be640072aa1823c79059c50d0da8bfada30c933d8c1b35f4b4bd9404398

    SHA512

    f13b955d173fa888bb451cfdc55ebf296890e2d4c8cc05381695a0f494093f4d3f47ee9679fca712f81adb37b600bf874ad2e0631050d329b61d0e273b9b6483

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9c2f06b5c262973a5f2627c104bd7db1

    SHA1

    4300cf16a9edb9d41f2b733afe12138ace83b6ee

    SHA256

    0e8382af3942d78bc744d232970e3f138ae506c2004954d8f16982b7058d11d1

    SHA512

    3692c63d0964393c584ffff8cd6117b7615a3f1bc236652fc2cc402ba57255a0fca2dbfdfedb4951302a273aa8a2c7c7e6dc6e5c4e62e6196c9b68c5a5ed19a9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1d338df17a34b63427abb727efb63347

    SHA1

    94ae52e657a976fee703abccb83ead2acd61fe03

    SHA256

    4a4b2aadc72eb70bc7fc8a3de2fdbbc722f0ce133237a3f3b024940b63ba3c48

    SHA512

    a37e4d4378d2fb054185d43255ea0a4bc1d3e9b5e4a110de7f1b218e6cef423b5ecef8418da7cccbc703686cb8e7421051ae97c3544996ad5ae54059b5ad658e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF7F9.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF8A7.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit