Overview

overview

7

Static

static

7

mpcrmsetup.exe

windows7-x64

7

mpcrmsetup.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...sh.dll

windows7-x64

3

$PLUGINSDI...sh.dll

windows10-2004-x64

3

SWind.dll

windows7-x64

3

SWind.dll

windows10-2004-x64

3

client/index.html

windows7-x64

3

client/index.html

windows10-2004-x64

3

client/vie.../js.js

windows7-x64

3

client/vie.../js.js

windows10-2004-x64

3

client/vie...st.htm

windows7-x64

3

client/vie...st.htm

windows10-2004-x64

3

client/vie...in.htm

windows7-x64

3

client/vie...in.htm

windows10-2004-x64

3

client/vie...in.htm

windows7-x64

3

client/vie...in.htm

windows10-2004-x64

3

client/vie...enu.js

windows7-x64

3

client/vie...enu.js

windows10-2004-x64

3

client/view/list.exe

windows7-x64

3

client/view/list.exe

windows10-2004-x64

3

funnel.htm

windows7-x64

3

funnel.htm

windows10-2004-x64

3

mpcrm.dll

windows7-x64

1

mpcrm.dll

windows10-2004-x64

1

mpcrm.exe

windows7-x64

3

mpcrm.exe

windows10-2004-x64

3

mpsoftup.exe

windows7-x64

3

mpsoftup.exe

windows10-2004-x64

7

mpweb.exe

windows7-x64

3

mpweb.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    134s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19-09-2024 16:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    funnel.htm

  • Size

    760B

  • MD5

    fd30f19a171336906454e16f374e1227

  • SHA1

    915dba7ee2316a1df94510de1d1cd892ccff728e

  • SHA256

    f04ae787c1ba9639fc958a53862f47e425fd8d10906d36c4cbec45a0f9e4f657

  • SHA512

    1b12e15320fa0e5c8f6224c5cba51ddb43ba143c8d26dd6a37acbe1a2fbb792203666ff803b06059c8adf031d8d4d9e74ef29152316331af11334cc2f1f49a1a

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\funnel.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1716
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1716 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2604

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9a48f273f2474a4f95849f671b74d0a7

    SHA1

    8d51903f5efeda1b306377146327e0fd13ea2db4

    SHA256

    58f40dda1721b45891c814808a814f38e6768a58ce1516cf4d6cf59c3205859b

    SHA512

    12e3fb124730e8bfa4e961360a8dc0be2d537ea2fa7c0182b1c789fa1e70935ad4153c77c4fadc88ee8fed5bafe1704f0c46596cac9ff92fc906436e21ec8046

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    11bab10448d40c71f910dd115e258f72

    SHA1

    f0c0942d771554c922508c49d6e5596dcc419563

    SHA256

    6da4d15669de2ae6872665cab6a837bcfd366c58197f033b7c93491767f961a1

    SHA512

    2bd0d10dd58889939aba2f634363c7c1760ba9baa66160bc4eb91e0d3799bb4f2430d71d5825f71f9ed3ac8fc2278273868399325d4fe68d1ac395cf40a86a6f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c93e711a8dcc9e8c1c0fe036368721d7

    SHA1

    39c82c9ae4718f6b14d9f2fde21a1d65d4d50583

    SHA256

    0a31befa5e42025fc63fde152ac0da3a6b5fb1e5333e8fdfb9d0c1ca15c4d596

    SHA512

    3f9f09b634434700b32fd701d492c806ba1fce66532d6a8d79a6b7ce672d77a857f30322ee796069536d3b143b64b2bb3276b21ed03667610ca9e09e77daed38

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    75f7261ea8a6a358a3b9c4382c28ec83

    SHA1

    408ae5bc7636f37f18460e3e24a85679535b2e8c

    SHA256

    5037f020767844b0cce8cd40535d9d9efb4c834a060543cf054a8ae263233cd7

    SHA512

    fdb672a6dd89aa74b4bb8467882da605f0ccc09644731a92a1e9075217409feb60bc3df9e369c4522c006159335161365d93032615d1ebe084e34425450f564e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3082dd0320e4b9e436de3a08f9df5529

    SHA1

    f665167c79801e3a52a0dd13678cb62851617db9

    SHA256

    25194734d7f18fc3deb147597fbccc5758b9488e317bc7a6a5482d6209f6f6eb

    SHA512

    242a90295c76543f5b6fca80a04b524528f56d4f1d5effde6c4c20b709c29b47205b918fafd6cc9bd2ef3a4b9026693ee99fd77b6d0ed6eb6f3d3a5b397700eb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6a24825dad58610c0a0efe7dc4c6698f

    SHA1

    677de8f25660106f8434bd9063931f1a8ebcfc9a

    SHA256

    20e3aa899c08fd92666d1fc88b6b4259e98c98deaeb9cbcfb0f963212c7339c6

    SHA512

    98c334b672f674ea2a17be1fd03804f6fde77dd754b34a4c9662f71995c960a4122b93448b513743ac8d099450bdececb7d12d701532a2cf7dd5323cbcd297a8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8186f3e70d2564695a5ec0e021015f62

    SHA1

    97608292a98245297e5a44c55fdb670008b3396d

    SHA256

    e423c6d43f228db618b4979b353da1835f832ab6f6eedafeb30224ec0f17dd00

    SHA512

    243e87e9654d818ab0a6f97665ba9adbb91404514945f02b91141d9c689c584e25f18b528fa9eb6513cda36724da6e5e57633ed7e837ff95c50f699d2d09941c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8d2eca99a7522bd06249a9d62ab8a30e

    SHA1

    2115ad93cc5d08a981124102c88053c8ade078bb

    SHA256

    d242163a7d9d632af5b795ace353e357175d62d1f55d6f5140d4137d82cd0a15

    SHA512

    c4c676917a5594f63add89d4f959f32b89d8cc73e7043dd091bca9f2aff34004fb946d2d0ed2ded50057aeb0e5e7da7b46d5e3e5318934ade855c78aa30a5969

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5c38c140724410a9afbb0609e7cb4b30

    SHA1

    4aafe4226c7e756f823969ba532f1368d2912ddb

    SHA256

    05dc576dc97707756597f5fcd655647ef4e1fb782065dc1d1e04538269076591

    SHA512

    fc83d68e6cbaf7ac2610200aed2be4fb4a81646a78268526fb51994f16e47a0cee682230cd49699a9d90e28e61f78f303c4e7c35eb5117898a8f7848eb563ed8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d2d62b7cb57ba7341006a2a755fafb6e

    SHA1

    6f0b64b8a0531f44be0401c8e9553a56f5374109

    SHA256

    1379da8990bbed7bc3c8b7897192195686c1619a3f8467dc5475b434613ea96a

    SHA512

    6fe51fef10fdf7dcf2c7e13b34e3fe7218ac53a526259fb40f34e08f5f16abcccc981b5c9b5dd773497fc48eb57eb383f01f6549313333055682f0f390c30048

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2f548c4ff1e1aa455aca35e1ff1a74f2

    SHA1

    71d858b7e8f24046c3a811c8525a686fa9e057cf

    SHA256

    161db5f95623d10968709d0b633460b91413c2630a7f5c4fe06755b990237575

    SHA512

    c9c19173051b165c3956e0d52874d3fbd81f92fdc360e63bcd77ead8c42448bd41d2027c7cc02ba1527e9734946b62843318dedf48a99992016f0d88a2187bc6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aa84df04177eccac32ec4aae417beffb

    SHA1

    00fabc44d48c103b5f8918fa6a2c25348e1dc6d3

    SHA256

    58aeba0a854015f7cb2f6b87241d71f2b2c1167da42875dadb0cbf5d2146c1d7

    SHA512

    074b8747378b7add08fe4c3f010cb5f9ea4c8bf9ebee29b6c91fbfa0fd0c8e2b5b301d51ef68a5bd5298b1bf333bfa3fc613abe40a89fdb14fde227957460e27

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    81a995a08ce2443dc057342cd64ab3e1

    SHA1

    cbd09f4c90e3fd66ba7fbb8d331c8935120efa61

    SHA256

    7efc80df76cb37aff21e249f53ef61af57e2b533fd700bf07da057737f683e47

    SHA512

    fa93033614dbd7e4257ddc16756a89c45fd82a6cc504d130b5bce1488b5c70ed05d31bc6a5c69ac5bb704aaab4fe89f41e96ffecd071a82f6b12243e1a95fe6d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bd967225ab7fde6102a299d3c2fcb6d7

    SHA1

    5c3c4a7bb5f32c750a12fc2f78532339f5f3bf16

    SHA256

    de9167d386c103c4a2df5cdbaa90f4a9e0af500b13e917d956ba4288674f24c8

    SHA512

    5615fe292b9645df4957b295c0885c9cbfed868189509b92a2dfdd660567e68cb8e09f6cdb0f970adad76ad6acef020998754ffda47bc85c4a788b22e2a71dac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a58bb5e9d087ad3bd002b7ff262b0a34

    SHA1

    98651675316bba7a22c642c526fa8b55fc4f78ad

    SHA256

    67915fb83198b1ee1cc77f0982bc1e0fd504a7a8898f2716229827fcbf4e8e2f

    SHA512

    bda1732f7ece832a1c17f4c622ef305aa5f06b7986324c7fda3abf3deed1fcc38cc98818a5b924a86759396f0de373e8db1a09fd1dedeb8f72d5c46c98d39ae7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ecd01ad0cdd2449dc4fde38bf11edce5

    SHA1

    a7476da40fba4db5d5d01f2e4525bb2f02db3c0c

    SHA256

    74b869487a6de50107d9e68d27275f44f6f39ad705dc678f2025960a9aa63829

    SHA512

    b989932672672f0d87c708ef092f920ddd3c0616f2559fc86085adde86e804119d4a75d4172a21590ad829784efd88aaca62c53448f81c749ad28c769d2a3410

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a9acabb2c9c9d88b38cf270d92004227

    SHA1

    820a29ebed6c3e4a031114c527920bba07520a5e

    SHA256

    c7e706d2adae51421d343d13497ee1a7750ff55ee5634138e4eb155d91f70f7e

    SHA512

    ed919c0f2a4cd0863d65b2ef0e44ee81d9aaa49776d4f2b83e43f10c78bea0ab5a9b26da813ab05510b5295f28735bd2cd4d0f77d5bf9ab7cc3fb03a27b30e8f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    14089e187db9b9b01f3e168591eeda21

    SHA1

    6b3cd63893f7c4b2bc522e3b763bfc200dbf8c85

    SHA256

    344a3b926f1efe68d1ff4990c6f40bed629875898cb62feca72f9b34c28527c5

    SHA512

    e4fd74e987c0902a16333c649648fc0bf645e4fc2bebcc35c88c686e4ad5aabd2e7d1ffeab1f739492080e3171eb6701f2059b3c67c299e31edd61a99726c8fc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    19f459f9a007a207ba1e9790a59b4340

    SHA1

    cb44f1de3c8c9634c8cd052e455ea710f3bb3242

    SHA256

    716eab54992ef6641b2cfe92f1569e91e8ea300070e009c0243a290349cc1ea2

    SHA512

    3bf9c0c096733704f536036d398b8f6b6243bb50d607f11c3a84d68f4c53f974cde8c7bf244667a61e8c2cb2e0eb8bc6fb5056797dd88645cee0ffe29e809cbb

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab71D7.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar7297.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit