Overview

overview

10

Static

static

10

3260c1e806...30.exe

windows7-x64

7

3260c1e806...30.exe

windows10-2004-x64

7

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ll.dll

windows7-x64

3

$PLUGINSDI...ll.dll

windows10-2004-x64

3

LICENSES.c...m.html

windows7-x64

3

LICENSES.c...m.html

windows10-2004-x64

3

OGFnPatcher.exe

windows10-2004-x64

6

d3dcompiler_47.dll

windows10-2004-x64

1

ffmpeg.dll

windows10-2004-x64

1

libEGL.dll

windows10-2004-x64

1

libGLESv2.dll

windows10-2004-x64

1

resources/...e3.dll

windows7-x64

1

resources/...e3.dll

windows10-2004-x64

1

resources/...act.js

windows7-x64

3

resources/...act.js

windows10-2004-x64

3

sqlite-aut...llback

ubuntu-18.04-amd64

1

sqlite-aut...llback

debian-9-armhf

1

sqlite-aut...llback

debian-9-mips

1

sqlite-aut...llback

debian-9-mipsel

1

sqlite-aut...ace.js

windows7-x64

3

sqlite-aut...ace.js

windows10-2004-x64

3

sqlite-aut...al.ps1

windows7-x64

3

sqlite-aut...al.ps1

windows10-2004-x64

3

sqlite-aut...re.vbs

windows7-x64

1

sqlite-aut...re.vbs

windows10-2004-x64

1

sqlite-aut...all-sh

ubuntu-18.04-amd64

1

Analysis

  • max time kernel
    117s
  • max time network
    156s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    22-09-2024 00:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    LICENSES.chromium.html

  • Size

    9.0MB

  • MD5

    f017c462d59fd22271a2c5e7f38327f9

  • SHA1

    7e1bbeea6ac2599bd0f08877aa5811d32f1aceb9

  • SHA256

    40f314c778851106918aae749d75b2d913984327602a1bfb7ef0cc6443ff2a37

  • SHA512

    72177281486f6ec26ccc743b43481c31470c7dd53f17b0a67ac087dded190c2e3dde5570260150c2e9650186a515740af7f81e31965c95bb762340f9ac100c07

  • SSDEEP

    24576:G8QQf6Ox6j1newR6Xe1Vmf86k6T6W6r656+eGj7dOp+:fG6eGd

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2916
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2916 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2700

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6eb570ccb08a67dac2e75dae7cef70b9

    SHA1

    f483691fc894b6f718ee60b334694f18c2b77414

    SHA256

    9e770291de25218e12203b4392f379b540e3c8eba15458c0cdf55aff7e6d2db0

    SHA512

    1df4b75eff69b929ab0a844c9a95fee1c617a90f7656b9f92891dc4d07d138800860ace2a723b39016a9fc442f82cbe837956ca42e8566a6369f3385c3bc95df

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8a6c020d2bdd73ca1097446988d65fc1

    SHA1

    59b9993469b00ca287ed1e6e3612f7d2dd07e982

    SHA256

    9810652b291ead2395d9e5bc4091ac3b81bcbccaf15c2e95cb49ecef87d9ac29

    SHA512

    6de62e0a04930480878c05799dc26a86da24e7b0dd6a8d8374237fffa68c6b371f33f96d760caf3fc3c18cc95b2dfd3f1ec8d08b468183d2108a3b9b0d6b6b12

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    090717090912a15aa04715955b320f82

    SHA1

    0af31a368c25b4533cd8b47a012535d393c4a005

    SHA256

    b2116e8b1906044d05e372b027d72d982074d3a980b163ef8e7ab3dd63fecd4c

    SHA512

    d62cb9174d6a17b769ab656458258142c576488c24188f0d9239431bec1aab83576985e8fa5540f229cb6d831f4bb0d954e4d856df049536216f02f022a3e0a3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    626e8d69bcd2ea5427977eb8d65a977f

    SHA1

    26a65d98e962d9f117e6a5403f0e82d3b52f5af8

    SHA256

    c061844d90e3da7aafdfddfea82c5cd356886ae393f8ac71dcc6ac4b780cc573

    SHA512

    77cb0445a2be968f4742ed9c5ea33b613fcce046a0b8374dd2375fd4b1f5ff9f7346737fc350d98b05bd7749bbacdafcafeda635b706c1920e3cb2b3921a8be3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9562fb99ee5d49db0a8701b6b96ef482

    SHA1

    e6ef5fd5d71d819a9fa98dc3b49e5891ca1a4aa4

    SHA256

    ed68a3caaa4f5027faa9b2db176b60852dcbcde123d73daaf9999c6b0aada85b

    SHA512

    c83f88f9a9aa501b73817542e5210c00ab7b3a89b5ebfecb6002604f81ebe07bf3a707c16df8225bc05424ea1126285a73acd325d13b29f73a05e05a7da7afdc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1499787dd45cfb7c5d4a36789155cb22

    SHA1

    f3ef2838fdbd655ccc2802531dcec35cef83e68a

    SHA256

    aa3e62ab25fc58574075f8cbc74990ffe3f158701cdc3a20688b289ac2d75322

    SHA512

    a4501217267b1d4d5fd6e60633d6dc6fe2f37414b659051e9c2603cb4b4538907f0879b6fe620bd14359c1ec5b88d98f984d0cec6bebfe8b5bcf5d2fcd42bdce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    914ca7abeaf9f9a0886c1a597724c011

    SHA1

    c115fb0e5bdeba9655cec275e151543bdbe5bd53

    SHA256

    5e79501d7094d33c386807d71105ca460c15ec88798ac99cda814ed5ce8b8687

    SHA512

    078e0540511919485c336e1ea1e04ff9349c37039033949810ad277422451efc2dcd642217a9afaaa1a06f8191ba7c77ef8117a4e290a4a1d9860ab5a534b470

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fb19448337f5acfacedb65fb4e0eb806

    SHA1

    e810fa34ebd5a20c6ca8f9229f20b6c935425a7b

    SHA256

    932665223de861422b5e734ae0b9091c9ad1e307ae773772ab6c41dfffa0e99b

    SHA512

    31fee340b538cecf04a61bf6a4fe813aa56d4c19745b0ee72bf3abc9b2b32826833442e675f2c96b291cc7f72f3a1779c6c931b581c57f458eee2c5497d01b50

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    78f7c47fca712e4965604b85dc8d9f2e

    SHA1

    9c25b8a15148fdd18873cf06ba8f5d9c7d8ac91f

    SHA256

    af5284128f9fce738f66ff7751d9f4a76af33a9586e311c8d0319b34123617b3

    SHA512

    4fde288bd2ca0adf2decf8c82a5a565e0ee6239f0ad01928fecb3df3aa885e5c079012080dc207c118160ca79aff28e0acaed2ef01039803426ba8a41fac0aa5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab32A6.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3356.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit