Analysis

  • max time kernel
    133s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    22-09-2024 06:26

General

  • Target

    LICENSES.chromium.html

  • Size

    9.0MB

  • MD5

    f017c462d59fd22271a2c5e7f38327f9

  • SHA1

    7e1bbeea6ac2599bd0f08877aa5811d32f1aceb9

  • SHA256

    40f314c778851106918aae749d75b2d913984327602a1bfb7ef0cc6443ff2a37

  • SHA512

    72177281486f6ec26ccc743b43481c31470c7dd53f17b0a67ac087dded190c2e3dde5570260150c2e9650186a515740af7f81e31965c95bb762340f9ac100c07

  • SSDEEP

    24576:G8QQf6Ox6j1newR6Xe1Vmf86k6T6W6r656+eGj7dOp+:fG6eGd

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2020
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2020 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2360

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dce5eaf768c1bee33dac611bdffe64d0

    SHA1

    089f1157b4d11d7d2d323a29102d07da27c4c11b

    SHA256

    213b97740ee1093f59837d9b21feeadc9211ee8cc50f79238ccd6cf659cdfb04

    SHA512

    7fe20e725738c89d059197c04fc9b719a5540984e59a701db1882388277ad3335eb37bc5711c5f03351714f538f0e43a76e91c2b601f48224ef200bec7196fb4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b88d1ad2c71eb1187dd4f4a8a9e662a0

    SHA1

    2520876bc4a583e0f0d2e4bb6091eb2539c04571

    SHA256

    aebc54f7cfa103e4672d8fe9ac2214f31983f040bfce3dc71f620e57a8c2f705

    SHA512

    ec37be7d547181cf355e04032be0a2d47f500ef9f5f3ab9cb782f490c3ca3aef269e4ecabeed69e2dd00af1e4a8874de755029c193e972ad4da165ae9bfa5e9d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    442736630b134f74f040596dfa34ba2e

    SHA1

    97d35a36234984ad2e239e9a766822c82f268e39

    SHA256

    af568769ceadb7c1f2456477ef15e4ff68752f3f98edcd411a64a933cd42ab9a

    SHA512

    4bb2460eb19e4079c9a3c26455c16837300e986a6b962c3bc24546844452bb52d46dbc3b1bbd061bfff86cd2acc691a4e1f042db13498dc836083dd1a9c24d4e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    78f8a1d68c0bb6d0327016c593198b25

    SHA1

    0edbd64fa30aa9fcb3744ce4163047b720d30590

    SHA256

    59ba420278185aeaa54d7842bba99661e7472f55801ed94daf8a28fa5d2e393c

    SHA512

    6d6172eaa34173e622cbd73633d674dcb51fc752cdbfa468f319736e9f3c30424f6ed6b08f27d50ad1fa941353b825107c7c66270f69e31bbaf26c4c4b3dc017

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b46477eb118ebf393f857b3f47b1e2f3

    SHA1

    a0654eeb7449aae8f09c2448fba66d9ae7471f04

    SHA256

    2f650620c1a474edfef0dc8ead8989f18008f21e6deee151cc105d426c02f249

    SHA512

    7deb1e4705a269a7894955542330294360241c3d9548f88327e13c9f3e8a37526624676408adcef185da52cc5f8c6dce6a4201ef8e1ff9d40fb1f3879826ae7b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c9b88d7e7c14e60889e5e74a9ed60c6f

    SHA1

    e96d635bea18b562ea07f889e7bb6631b894473e

    SHA256

    69e3c155beff3e31862799dbe1f2856b6b1fd5701ba4b63d5b8594f52507aa98

    SHA512

    d17a9eb42321f0ca24982952ed5dc4c5a6e72d085981a7406d1835f033e57071768be3823be3026bbaa746f49933a45c35af7d5737b7ae27858ef4d2fa1732fd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1cab9d3d3dcc36a073c577917c4a8346

    SHA1

    baaaadf42ddb69fa802e6f7e8504c25ba5110ef0

    SHA256

    b02774f85ca787e2ae9afee4bae8bad5f33414e50fc9e39ac3910d4d0961dee2

    SHA512

    5366b9ade9d2fb7b143e31ff2d11908ffaaf2b75d6886ddb35a59128b2dd11fc8fe14c0ef9101eebba62a572765c026a237af0c70927f8d0e6b0247f8dbeffaf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e8bb4b85fa29adafcbbc58eb92af8623

    SHA1

    f7c52f8c27a411a81efcaf5e72a8dcbe9aa02c54

    SHA256

    b17ae5e425c780f34c1afee30cdfe511acc102911bf78b40e0d2f8d5cdfeb1b2

    SHA512

    51cc1dc02a8ff2f9592fdeda009c7fd40d567db4faf189bc0b092ce1881e2618e22d0f90dd5e73646b6629033af3f56ab8098096664660f177e478fe29d263ef

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    586e0f5fff3f32ab0999efc3c7c9d97f

    SHA1

    d46616b9de420a431eddc8a782af6ddda97e4e75

    SHA256

    2befbddf015938644be393a7f8e4bbf3cc05b7fd0b41375f8c8bf4a6c12e302f

    SHA512

    57cb2a08e0657457ff9b5fd5acefdaf0a3a1c39f602ca7e14bc14c30950eb7aa1a7cf0a0515bc6fcabc8ba3042898e2b432e9f0621475ea05d1f6326f98f44b8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3d275509d34446e7b30402722b9d52f4

    SHA1

    2e151fced41aa6812aa4ecc6e1decdd962b99198

    SHA256

    1061961b7506739307f4938a869b8a923c45522557f92b9da35683721381be82

    SHA512

    16c330af0f3ebf0d242e3773e7f37bff62bb6fb54c89bfc860579c1e0f046a4047af527514890493f2a26ab0b98dc6fcd04ff7a34e25161c102a7692bd0adcfe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    94d2eb4b53f0326a9b85996ebc08caf9

    SHA1

    06756bdcfef513f587428f481fcecc532435d5d3

    SHA256

    4cd650939bb1501ed022e16962f1f77cc13b8dfbad7b2d926083f44406bc8d00

    SHA512

    e1a9b3864f0af2746d1c7c8594822cc9e290d8fcef863e05faa593fac5835ac22f83f64fc1bef7b48d9560f3f035e4048d4acc30361ced4bdcc68a5fe14a32da

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    781b6cb61ce522372c98724014a5d77d

    SHA1

    bca7745d6ab138e3f91333c8ac6b18a8aae7247e

    SHA256

    a7de2534ca920a78dd4e6ee0e05cf7e3133a1a7181b772901f0a65bcaa043c73

    SHA512

    018d385a20b811c16588859e3d77f1cd74c0540521094ced3d9895cc32cbf08c55cf85bfef66ac1b74cc61933f0a56b0349ba6ae293d824df78689fe2ccadb5d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a6f8af285d7f267300fef0ba72b66c43

    SHA1

    e64c7011cf01a69a63fcd9f6696b99d46a6888bc

    SHA256

    7e007ac7bcaedc61a08eb1cbec44ab6e14e5687be3147b4e4b6a46813e42af97

    SHA512

    62a5ea8353e2214f8cae68f321cf31d8e5f19b3c51a4abb353628a9527722a98d6777cf62ecd83db777daa4d19f3abd4fc7a8b6fba17e9411540dff5cf38613b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    060437f5d7d7a58c2ad79489c25528d2

    SHA1

    986c3975eb4911bcd16d96f88b6669aae186ec24

    SHA256

    e62743c1f2546292a86af2822d79072dbe04bdd0bee090fa489383c425e8ce6c

    SHA512

    d63947c3aed4af97e5ff4d7098b5abf1304708fe4346e086431aab289188b9e5fb835cb605c36d5732996c8f97b3f302cd8de10a6048ecb0c128760045bed9fb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    16be948f1478fb63705192d13950b888

    SHA1

    b91a6e1389bef255c7b5375658c2ae7b41e21005

    SHA256

    2c9c28290ac7424b6717c99cd8d60e68a92e3039e6b2c94a9f5beeac7dc0f5a3

    SHA512

    b655f1412bb09c32a81955fb89ff325751ef2fcdeed6646ffcd3d96d658b544bbb28cf6df3c341782dc74a38f083ae0f84dcfad67e8fdc648155c4dd731a9195

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4b0fca3f44b7d2473673815c062ee1b8

    SHA1

    5d558cd51d2e96f68371237492832d9e742e3df1

    SHA256

    c0b71a69771d15b0e008897630076f1d58d5fae6fd92ffbdc7fd59d8bc217e2b

    SHA512

    94ec7ebec8dd718befb804d5e0a798b582277d50e60ccd95848488aa07e10e34013989a599760026fca30b28aae39a002c3bba9b694733142cdc908982eb3c13

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b0786e587b496c8084e78a411036c48d

    SHA1

    301061c7c8495628e1b6ca9729c942eabd3ff616

    SHA256

    7557fa9e48d1ed9928c216444b6fae5b26e39fe4d63895a5e01ca0eb880a148e

    SHA512

    83d9c233e6f2206dcd2e7a355d6183eb49554fdf1004f39f09b7784622f08eb7c380b3be901bb6faf9767562f99853e9062fca4ddbe24bc6ed86cc5e68508204

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    812be55f9549c03e442ca06065c40ce2

    SHA1

    e6f8b812ac0464732dcb53966a0074fd083113ed

    SHA256

    6e9f5d2b5b745d890e790d2b587b021656af6d56bfa01798d39d0c807060a0ec

    SHA512

    7ef77163692d16c4a0a5635ba01715bd75c8a9ab489f70b078ea7aac551a4f7717cc9def08393ac26cc0d00a54f64b7ab318de6cd146c4f5ecfa803f30561d19

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    18b1dfd4e07e14b4190c57d54057c4b8

    SHA1

    7b683179e54720aff537540dc80254bc0a807bec

    SHA256

    5efba5c6cc702949843de884ffca878ec16ff2c10f9990688e4dc9d157df5421

    SHA512

    0f45dfe948aa012f24969434d11fa2706ee3257b5c95679522264b9d3aee5437899798a30aecd60fdb91bd86930aa978dfe995d2be32c0aceac437e4aae4f46c

  • C:\Users\Admin\AppData\Local\Temp\Cab30D3.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar3183.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b