Overview

overview

7

Static

static

7

CFToolbox.dll

windows7-x64

7

CFToolbox.dll

windows10-2004-x64

7

CFToolbox.exe

windows7-x64

7

CFToolbox.exe

windows10-2004-x64

7

SteamGuardKeygen.exe

windows7-x64

7

SteamGuardKeygen.exe

windows10-2004-x64

7

help/help/help1.html

windows7-x64

3

help/help/help1.html

windows10-2004-x64

3

help/help/help2.html

windows7-x64

3

help/help/help2.html

windows10-2004-x64

3

help/help/help3.html

windows7-x64

3

help/help/help3.html

windows10-2004-x64

3

help/help/help4.html

windows7-x64

3

help/help/help4.html

windows10-2004-x64

3

help/help/help5.html

windows7-x64

3

help/help/help5.html

windows10-2004-x64

3

help/help/help6.html

windows7-x64

3

help/help/help6.html

windows10-2004-x64

3

help/help/help7.html

windows7-x64

3

help/help/help7.html

windows10-2004-x64

3

help/help/help8.html

windows7-x64

3

help/help/help8.html

windows10-2004-x64

3

help/help/index.html

windows7-x64

3

help/help/index.html

windows10-2004-x64

3

help/index.html

windows7-x64

3

help/index.html

windows10-2004-x64

3

server/v1/...er.exe

windows7-x64

3

server/v1/...er.exe

windows10-2004-x64

3

server/v1/...er.exe

windows7-x64

7

server/v1/...er.exe

windows10-2004-x64

7

server/v2/...er.exe

windows7-x64

3

server/v2/...er.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19/09/2024, 11:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    help/help/help8.html

  • Size

    12KB

  • MD5

    d6a2c13235670e08152084ababce99c6

  • SHA1

    763402ba7ea70868b7b00488599c1d60178af757

  • SHA256

    b15d6949752adad3931a9a89f7d0b47e8495b6405b79363ca4728d32278f1bf0

  • SHA512

    d5b30ff9c84654e0304638a011bcb84e10bb799960d85d7fce4418ca8fb0d1a36bc4cd9c472db895e96cf6668308f5ce649860461587303ec650ed04982374a9

  • SSDEEP

    384:MyxiNpRV+MZ1KaljyS/HNgNrFAtBfZ//4BOJ4xIcJ2J:M/cy17lG+R

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\help\help\help8.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2128
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2128 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3028

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cd02271e1eb6de802d87151efd55a1d7

    SHA1

    cc87fc1a3f2d0c1f120b051cebbc1937091e2ac3

    SHA256

    21004d5ac5dbe857fb427d0642fea0c0b9546011586dfc78e7564008ed8a5e15

    SHA512

    43078990ba604c0c425c7b22e37c5e740f0ba55d40a33171e0a9a1818002ded2c39960abb6685863a859b2bc78968b13a79287ae158f0aaabd7e13ee6c60757d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ec0e215e36195c84f613022045d61644

    SHA1

    12bf54392605cef50e39946ef45f605ad4e6392a

    SHA256

    c13ebdc03df118ddb10c0be5cdde4584a160662a6fcde3203e6108110c6ff628

    SHA512

    1a208c05bb2c1dc6de6a6661ab4d83e7262bef23aad3445e1b965c91852fec94b247f373d83dc33aef13e71be7bf708c9262d5643b605deed4f6a20247dd0e97

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fd1905c76cace12c600ef5f3ef6c144b

    SHA1

    9954c58bc34f8e0819f88023f84402c82d02c666

    SHA256

    96f489a2e040c91f2a82b7058431b4f5c9c88d0c13d16f2fea30e3f639da42cf

    SHA512

    2f9373baaf834da04131b74a8bf985b570218a298c6a16392f826e97ebb3219d0f081fc9c5df08df5be4313757683527872460610049d6b53fcf3f6ab4e6a3ba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0e87fa6d67abb55e2acc72226a0e6c17

    SHA1

    cf6cc193c0d87460bee6e55aa0b93c89a603639d

    SHA256

    418e5617c487725c23cfcc8746189d138d5e605d78be6d2a8d867c460e9b8faa

    SHA512

    f9fffc09bec32b2b0f76b885b39e04b3dd3ed85772e8a3e30c743800e90e37d064afd454092e371739d8ddd5cf76859cf2f5a36ea5c8399e15a65c0490c1c502

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e7ff295ab49c54c41de8accf4dce2033

    SHA1

    e7bb943d700c636897b92fb8e738adc39e5c4d56

    SHA256

    f0277289e17b96e0b8cdfe869930ac50fcab8ad880ab7ed2b3dce2192adfc778

    SHA512

    e086abbf1752df9a7fc2b97afad69e4094427d689fdf1d1ce9dbb80ff2850c2bed55ece70d0629ef0337a187e6e7fea96c68107a9d566331cc42aae0fbc501cf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    63a70973c529cb247032ac69208668b4

    SHA1

    f766641d9ea20e92a6f66d2aed3592f52b202342

    SHA256

    4130c18536d9090732b20c9de615f8332080b329a82c41aa49a2f8a24adcfc59

    SHA512

    efd784ed2d7feb1f92eaf92fd2fb538e1ed88629b5d3c9f799b97197cfd8655c43ec4f8cacf99da6f5dcbc71cabf542904708e187119de4813d01b48b328649d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8bffcfa259ba4bd8b5a42e7828303924

    SHA1

    a1757d5e55527dadc709ec58c44fdcd8676bee66

    SHA256

    4169a74c726f98040d26d74c1080f5bb17eadab86706e86d7f0589193a56bb96

    SHA512

    9837f9fd4c37c2c2930526d447b81c8b30720790d3d2c52f19a4c0d897d2685a98fd920a1a6ca77fb97dac29cc892cc99ee07c84f1ffe52ae59fec8c54396cc2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6330a2d3624e71c7b21a965710b13f9b

    SHA1

    fa17b25728cc7cce262d04964b557381fafb88e6

    SHA256

    4844e61d60643b32b8d63258589fef42178d257b034570869f38945a54fc51dd

    SHA512

    7aac89c6ff58127b0a81893eb1417dd3387d2dcaee785a83194b633963f2ed1e21c4795048aed6a61994862acc7e74c354bb1ab5c810cdcf58ec210c5a2245f1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    404c7408fd6e1d3fc13a4333fbfd277d

    SHA1

    54b87970882a3d921226d79a0d3da5ddc57b0d55

    SHA256

    3f7da2d81511f6045aca742928c3cad794535ffc8b788b15414a7e8f6027050f

    SHA512

    dd0850d52405adfa5c2ef5751c77556d7adf802f94bcea34eac663cdbf51ffb3c23ce0e7a02c114a0ce66555094fadc9fe42ea48c645a275a46f9a9ddaa66512

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bb191fe605aa462a50824dbbf3449b5d

    SHA1

    146fbcca7e26a88090d2d031e429c4121adc2e0a

    SHA256

    853936a68ac63bff08964de44cd6935ea6b8cd4444a7166ac9faed48909bd4d8

    SHA512

    e1ffc16c1e52a040d1fe13041aebf4c615f54f288f75a67434fa87475c92c45bc7d54ef3ff76555a040b50329f793e0b8fc4c18581eccbe918b7ec0280802839

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c4b55c00f8ce39f2c48f7071516fd560

    SHA1

    ad9769b4d367c1f535313f727ab08c543e7b03a4

    SHA256

    46092b2094d8f9bcb2cc6c82352106efc4672064b00a31066672c5b82d94e4ba

    SHA512

    6a77dae7c30374c9ea53ea0fc578a3d0bbc7e14aeba3ee8a66e5ed75ba983e1ea6f98aac1cabd849e695f04b8ae66f58b412ded1d3d8ac6828dc37abd5f9953b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a888354d0d34c8bb8283800d726693d6

    SHA1

    967a7ad11928df0c9a70ed900bcedd77ce69df80

    SHA256

    c427bc8a18ac85394d0e297866a08294e0991ec86fee239e712f50decd4000fa

    SHA512

    fd035fcec98e05aff923204d2afccb83eafaca1c0c45b5379a9acff0aed50001b729dc2c7db39b74ba3320c2887d70395eb54c2d9f62686464a6e2afc3c50e19

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9aedbee49fb32329b0e7e668632488e5

    SHA1

    b8ca6c9130e0c11336f63d2263503633f077f9e7

    SHA256

    062e6daea9e0008ea079e67a3fd76bc2e8217104987257bfc68622cae8bed824

    SHA512

    ff468c729f7d24ca4bc34affe2c447cf9ed9e9ab81abd2c20dcb68f4515362ee1f59a8266fc212e1d7067097b22fdcab42d8cf5f22ceb04cc570b87f29cf52be

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a451e188487a4f201936e989e06ac0b2

    SHA1

    37bdbf0d94c1ca5f1ecb7c3caa6f817a84a04b5f

    SHA256

    559fedfc62031fef9a73edbf7ce578a967cad85ffa9ccea9581d1e5dd5d4a871

    SHA512

    ad84418a12d9ef9f06a0e03323df276a81a0ab3d2dfe4bdadc37729a2387f1d5c7c752781d2c50d50961a2b8c20766d2a172c9edd68b7a9018e83abec238e3d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    817aca931c97215a77270b85d0fe2405

    SHA1

    d3d039551b693b392dbf6537b3834889f6f2d26a

    SHA256

    3ad415f386d6fa08ff220d89b958d48170fcdd5ab13cca5b45421e4cbaa3f09d

    SHA512

    18ae77ce91ac04263f40f325d20f91daf7c668830f9af98147bc0a0b7df9989e9443d2ab7f84dc0400262a90a71a17e9b50f212e0df1af3a9849c1225d941313

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF827.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar46A.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit