Overview

overview

7

Static

static

7

77169.org/...��.htm

windows7-x64

3

77169.org/...��.htm

windows10-2004-x64

3

77169.org/...er.exe

windows7-x64

3

77169.org/...er.exe

windows10-2004-x64

3

77169.org/...��.url

windows7-x64

1

77169.org/...��.url

windows10-2004-x64

1

77169.org/...PE.exe

windows7-x64

3

77169.org/...PE.exe

windows10-2004-x64

3

77169.org/...er.exe

windows7-x64

3

77169.org/...er.exe

windows10-2004-x64

3

77169.org/...ct.exe

windows7-x64

7

77169.org/...ct.exe

windows10-2004-x64

7

77169.org/...��.exe

windows7-x64

5

77169.org/...��.exe

windows10-2004-x64

5

77169.org/...��.exe

windows7-x64

7

77169.org/...��.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    21/09/2024, 16:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    77169.org/ɱ͡AVG-Spyware/77169.org˵.htm

  • Size

    5KB

  • MD5

    d122408c88ea147d35137fa775d78d32

  • SHA1

    818dfc81160c9e783e195d914d4b2ad81417a2d2

  • SHA256

    1a246e720e02d8b2f9c59eebb673e48885d6d7a8fb194b5f4f0de57df28c4812

  • SHA512

    4c1963e822bd52ced208c5906de4901349717b5fed2367b028a4dc8923d8c04f0fa25b8b9c5cf32391acc750a594de4107af71118416cfbe04a53b326634b917

  • SSDEEP

    96:m1OQF/fRA2RWhwM6w6mheySgh/SnqjQhhwQ0660X8bJhnYOPMj1zNMXlGvak:mXF/JA0VdIYehN2hwQpZ+JhnYOPMjxNJ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\77169.org\ɱ͡AVG-Spyware\77169.org˵.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2332
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2332 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1956

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3bf460c93bfc79f9298f5503a26ab8df

    SHA1

    d3e390b4dc2d2951d0c1e23d437b8defe77e722e

    SHA256

    7b0856fc25c0c9c9ac4089c7b4e799f4fe84ead8c747fefe83b3705dfd4049d1

    SHA512

    7d9f24eb17ae9f1b3e17de64cb5ed2fa1296d777691248149c73a509dad14dff557dd5da8f69773f734040ccec28cd2a4f24df6a52a9b5bf907ef1d90af81bbc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c8567ae0dc7f252f730d6131df7af740

    SHA1

    61ac76c5893ca9a9bf54c3a681c3ae5a39d31234

    SHA256

    5288b9dc36e7b679f59deef776db0829022fdccf8dfa4a26773a310096ef3060

    SHA512

    0f0a4bae1398ac7eff1d01ed88a302c806e13563d24e37365e44f630ac45a008987d07155f9534a3aadbda93ce34e72583ee630a7f7fc567570efb45a2d08d17

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    05f07a6401833843570d13202efe920e

    SHA1

    73657a19727fb4bca6980f4b7b5143398f584468

    SHA256

    42821f313308871efd79e5b0486543bcbbe7838bdb41d6f4612a2c024af69203

    SHA512

    91489ebcb3c71588cb7de9da4d0472a127979a9110481e897b36b63c5fa484b77f8ddc07f096cafd0bc89600b7b6c0481eac054ebfd79bdb2040f0c79d67dd97

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    95138822e58f94a799c43cf180b9b29f

    SHA1

    015549818841580a08600ba895e82027031d1e55

    SHA256

    2bab8d4f69d56dcc70fe3e30df1912fc4f8ae5ee9e320f7b0c912266bd9dc663

    SHA512

    1999cb971aa5da3b10f5b9d862b640cbe04c4d0c57c40c04177bc5bb3e63e7a7ecbe0f99f6f37e7ea62641a720ef040abd5802d57d4945da17e1e5319484a3d9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    786788f6b3a4fdccc41c35a435f03fd9

    SHA1

    926c5bfd38625eda44eb8ad2bb8268e0ebb37570

    SHA256

    3c4855063e23e8395146accd18b5e69724cb60497a91e9201bce926eb113d3c3

    SHA512

    95dc0894d5ab091f38b575854fe0a6ed00894e9e27d83dee691ddc93d64910e1ac112b104b777c712972adf2e3c656e5c7cbfcd1768207ab6bb4f061b0aa5cfe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b67ff78c9aba2e7ab657a6e76e792023

    SHA1

    ccfb99748a3f8776b4c5957ebf08fe11824bfbde

    SHA256

    daab98507939acac4308f271bc10e94a08945853d48071def889670d165bff4c

    SHA512

    967e2622175e6ded1bda164f9f7470e3d2c3984fe2d500e325fa7b439088df75bcf9172fe03669bc77fb121d27be8731c593a2476fbe796cdacdd2d3622e0907

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d48ff7359e9127ce7cb7aa799d202bbf

    SHA1

    9b11c6a46d38fd7aa17933473de8346a1ca2911b

    SHA256

    21627e626ad87184c2fe47892fb3792920fc3c22e87f3a88f9b3bd5ad0a3cb7c

    SHA512

    14fb8fd0238ab92882f6202bb068f207eaa6db820c4ec290bb344325157cfcf5e315e3f83bdbb3ca0ebe4a88359675259ba3a5b773bdbba667680390753a6ad7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a36f7d8576e09a48ca4860c73b9fb504

    SHA1

    2abb7611dfc02c91fd26d38c9c3741f540b321b6

    SHA256

    ef81cc7dbd178ae4eb26a1ebe50f5a7a6b75f662e211aa72b4614ec8a23bc811

    SHA512

    732577f7a3f8a0b8e460f86257f765c71ef24563294bb7603bea6ed00aa7f55f5ca288a6a00d7aa84ef45084bd8c65f390c902c42176d2878489349f44f4017d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE1AB.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE23A.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit