Overview

overview

8

Static

static

3

download.exe

windows7-x64

8

download.exe

windows10-2004-x64

8

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ll.dll

windows7-x64

3

$PLUGINSDI...ll.dll

windows10-2004-x64

3

Kryptex.exe

windows7-x64

6

Kryptex.exe

windows10-2004-x64

6

LICENSES.c...m.html

windows7-x64

3

LICENSES.c...m.html

windows10-2004-x64

3

d3dcompiler_47.dll

windows10-2004-x64

1

ffmpeg.dll

windows7-x64

1

ffmpeg.dll

windows10-2004-x64

1

libEGL.dll

windows7-x64

1

libEGL.dll

windows10-2004-x64

1

libGLESv2.dll

windows7-x64

1

libGLESv2.dll

windows10-2004-x64

1

resources/.../7x.sh

ubuntu-18.04-amd64

3

resources/.../7x.sh

debian-9-armhf

3

resources/.../7x.sh

debian-9-mips

3

resources/.../7x.sh

debian-9-mipsel

3

resources/...dex.js

windows7-x64

3

resources/...dex.js

windows10-2004-x64

3

resources/...za.exe

windows7-x64

resources/...za.exe

windows10-2004-x64

resources/...za.exe

windows7-x64

1

resources/...za.exe

windows10-2004-x64

1

resources/...fo.exe

windows7-x64

1

Resubmissions

25/09/2024, 10:15

240925-mah9eazdjk 8

19/09/2024, 16:05

240919-tjgkhaxdjh 8

Analysis

  • max time kernel
    120s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19/09/2024, 16:05

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    LICENSES.chromium.html

  • Size

    5.2MB

  • MD5

    02ca1f89c7e4815b82bc8974bffcd183

  • SHA1

    45bf8a20bad7953b7e16a74348fa034ff5844475

  • SHA256

    fcbf6d29363d798b931f4fb0dc95b09c1a44c3ccaf79a9651ab280a8562e82b6

  • SHA512

    024794b3303ff4ea5f3852c505e39e140113264d24e5dc14a365e8a1fb6f9a0683e72098f1923cca187c666b39a904fc18ac53645b8a25bd8a235cf01b661a60

  • SSDEEP

    12288:/7etnqnVnMnBnunQ9RBvjYJEi400/Q599b769B9UOE6MwMGucMEbHDuX0YnpWQZs:sFEc5FeWSPPza8yUAmfQRkHmBa7pO

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2408
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2408 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2116

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          79045c238d08b4073ca9d9547468427f

          SHA1

          ea93178b7705dd8eef7d89fab9c79d320217d04e

          SHA256

          a7ce65b4c24722c4c04363c07bf1bd184f0849accda41af4d070cc7c13454311

          SHA512

          65320e4e21ec33e19a97dbf7dea468ab0cf552532e058f4c9c7645e63556e5ad35b2aa8b92aeccc2b1e7593909e0915d93d3da6f82c87e3a8702e0e6fe7fc009

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          7fe00214df008e950a0fd26c73a6c4e3

          SHA1

          4246bc2d0c0274a72600be008afd2621448c8d4e

          SHA256

          85947d9c832eccd47d2060f560012779936b8b4d4a633324f953299e55fc4fce

          SHA512

          b80daec0983ef353dcf6c764013d7e7edaf5a37cfd09c9448d76dc6951f0111bea101b9c61eace1882db8484fbc668978ceb1450b4a7f34c2f28f5e3326efb46

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          54e737d162b07a3ba14308486e9aa4b5

          SHA1

          9cf354e9250af1a2e903c5d591560c5c491b9af2

          SHA256

          bd7fc9541606c23b9adfb23b9c1f8b96bf0bd52a80abe6214fef6beb10d25f93

          SHA512

          0cb64242ab74d4f940dcfee9d1815ba9327dc08de386ac14a181fa0dafa271835b00f99bf9af2e89e42d258f476eb2ee27a1747d8a1dcdffa5656dad4e6ca632

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          4609740e8a9a98fd455b190f60d8bfcc

          SHA1

          cd6b3365a3ff0b91bef3a603cf86cba5459fed76

          SHA256

          6f293388b0d7854286fd29c3c5229f09c48b8fcff81497c22a8b6082a015fb46

          SHA512

          fdbdd4f1093095564a1a2cd26469df23ffc7ce4dfa77d039194b542a6849d7d20fc99d6ba30ec02d1cb7d276947d80d314ef5c61779bf54237e3060aaa5f5e6b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          9b227dd7e87b3b327b6a57b7718542d3

          SHA1

          be89ba408f36cc6415be11d413fa8ab98aaa015e

          SHA256

          d62bec6dfe887716f593038a2f258f4ee0d5a1a18b85aabd2794d33df4ac9849

          SHA512

          2aa5401b261891e16b3a5a771d26b396c3e6aae5e225292f7bc445dba13e2c05bc2342472dab14a396d979e49d1489bd5ff492b2eec927a989e541f4d412a7d5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a5c31bba3a3a0203bfc74b78664de2b9

          SHA1

          60d9b7be611472f0ff0dffbf80b01dca282a5ead

          SHA256

          ab8a5ef7702a0ec8001f398de0fdbf939f8abe26ce170a8252f76548374f03ff

          SHA512

          3bd5874cdbe38233cac3dbe6ad9f5d613be52465a0458fbf33a9526be16155e5a0d860fee723893de0ef65b5d880789c62441881cc35fd001fbea9a4d7779d51

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          39ad57bb62b90aae0762836f51074156

          SHA1

          6f84f56db9a4c39255be00a4d4caf0615c1a03af

          SHA256

          f3579bcc7570590884fd2c332997494e85c672fb3f70b740a6d7cfe5287a73e0

          SHA512

          b7754d20469b521f9a96bdd4935451c435770b1a11af13f16bedab0ae6ada38251dcb6d560fac4dfee64e43a2ba216465e0885e40da03ca3be9a8c761e7aab77

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a0300d22feaf973fcd29c9c5038e1a78

          SHA1

          9047a4aa53262e4eb667f27a2bae37c61fb533e6

          SHA256

          22f76452a4b7bddf9ef1984616cfdb63fae236e0b79cfa466649c5ef55d9cf77

          SHA512

          98ff5ba91982092e237c397296c1e975277828b938d8bdc7d88767bdd4e7d1e8d541544b6d3424144cd7ea0de692fe2a5295b446586a70dc91e4e2c4564f9f7f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ddf8ad874d2d610b2a9f0f0c099a8d73

          SHA1

          449699c7cec8818ab2ed9c2970e2b7d99db73d5b

          SHA256

          1c084a189c7a9a6976b0428685c88dac39211ea2a02d5e927b58cd9506781b64

          SHA512

          e57a94d7c4b090a5d19ba14a4f13021cdc2a50fe000e6f61eea3ead3ad1fbfafc8fcdcc63a1c0d80915e806e02aff3f99fa46580adb9ee139c0032c77daa1e91

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          139983a4cadf6c92122f1f0241046e2c

          SHA1

          24e6f6e178614bf9b66ae4affad2ac52311a8a66

          SHA256

          52309c06e798580c7863437ef26b5f2c4d094ec57920c7a04c2bc020de973023

          SHA512

          e6bb10707473c39ac6820498f4f533583509379e811f6c00f380a1eaeae17c15bc597a1d3171496d983e501c2994715b9d00f1a1073b51dae570fa56ca1d96ee

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          973dcbe6fc09bab366e1fb1e069de52b

          SHA1

          df6065cac367c02469496301b0acd66fb8194a75

          SHA256

          590792b85be42868dcaca742634ff09f9ae35fd2049d772572389100f2ad9adb

          SHA512

          5173c95f4fd9888d3a6032d05dbacfaf2d1409a9d8c5c4d573cebfedfccb315f91b33c7e33a169133af41d50a5a64323606c1e64ed16ba599de338e1f390059f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          dc6f83318665ac0d47bd6425248469a0

          SHA1

          55a4beb0b20e8a6afaeae22463aff1a26884ec22

          SHA256

          94aab19a5ac60ed23451867e28d8d12121861fcf367565a5f451ab92eb7b6591

          SHA512

          37542da17e43da2bf5381388c4938c86e01d961b45d7e54d6dfbb8be4014aeea315a08ce552641780ea247b30f003db09a5108b2521e4957b6e7278fc45a9cd1

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1922c40639bfcb8c3598c33a3d22cb75

          SHA1

          b29c495f326d18934d7149a877d53483782fd9a8

          SHA256

          e97da17aaf4090f784832747f69dd203e1ffa12a38fbfa312f671af68144b69e

          SHA512

          8d6b904d004cd778263b8be37f63423384b51532ec9c7b4358b3c1d40ccc438eed3b842ffb2ffbe2b6258354d8c74e05ff004ebcf0ba2205ea9fa9309a751f1f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          0b5a8938334363f23ea52914e3df9556

          SHA1

          4f6fb6faed34d56e118f6cdcbb9ae0e8b86faa36

          SHA256

          a3b907f9b730e389129caf557dd90f9dd5030de84697cfc0fe8fdf5338c61f1b

          SHA512

          ae7c37b65ec1eb385158505b340f53aaf856fc154cd29aaf8e14a311b66b763f03bfb054982adab0038491196491fc234b364bf5f8e81e1022d3dfa2a8751dd2

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1e3e7a37360ff31d3af99a8b904d4e15

          SHA1

          480e2d0296024c1d1c6eeb29042974f95dbd327a

          SHA256

          999b81cc37e6e5fe1be239add2aa75a1630a43ae95187de70ec22487fc0ff0bc

          SHA512

          80e45f6bfd75b61c2a4c5006bd9e4d66399078a2834734266326e44cd4b789eeb9c2ce68ffba5eebea36596bce2db5ddbebba1c3764f9d15b160f01563736092

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          83e357ddde394385b5e8313fa58ee472

          SHA1

          7332fee30fb57abcdf69d923782bd981e230f435

          SHA256

          6713db079e6d6d7dfe539fbdec83988be601590497b23a87137f446212a4905d

          SHA512

          9bb4bec80e2d2a4edbe25b4cff3befcaf579140cd5d9e4890793c9c4a68885c2491837fcb327f5ca654836d03a831c613fba6c50d5d154ec5249fd50238f16ca

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          85556928ee61996ab1e7f37feaaf7430

          SHA1

          c7f160b13b13e04e764bd55186cc0a3bd5aa07a0

          SHA256

          443296ea5259a1a06aab5544cd935da1b0597a63deadcc1acda0408ff7cef586

          SHA512

          f74001a3764457b4d394bf6f40afa4e1c42e1d739bd0afccf8ed06404c1070d3cf92c78f787166f0c08c24f4c3566e8a8f8c459bbef40705066f051378fbc544

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          2da0b4f4906fe6199ac6091ed6f32169

          SHA1

          3deec9beaf821393a146f80b53226147c30dfae3

          SHA256

          b1698fcda6d5c0a5d32bf56805841c4623cb4e14d194c4781c95edd624f6ce38

          SHA512

          22afe5e5c0786bfee625ea12cbe3913ed7f18deb56fb09ccee298ff53bb8c2770aff18381c885bc0ea99df884a869fd0edb347bc5f404250db184eec98472681

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          8ce7f0dcbba84443953ea7107c02e814

          SHA1

          23ecc74f50130344975403fd98b44bf73deb86c3

          SHA256

          eb3ef97b1791ae776ab8b7e241fb6b54ca564a5e40bbe1eb072d8a76ec0e7f47

          SHA512

          be28e2ca5e91c66a4e678430194da175193333a40f1b3bc622397c38f8b4f3296263bd66fac9343164c53eb4d7276606332c25aa33a470b36c5ee6e60631de24

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabD9EC.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarDA6D.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit