Overview

overview

10

Static

static

10

sample.exe

windows7-x64

7

sample.exe

windows10-2004-x64

7

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$PLUGINSDI...ll.dll

windows7-x64

3

$PLUGINSDI...ll.dll

windows10-2004-x64

3

LICENSES.c...m.html

windows7-x64

3

LICENSES.c...m.html

windows10-2004-x64

3

d3dcompiler_47.dll

windows10-2004-x64

1

ffmpeg.dll

windows10-2004-x64

1

fideo.exe

windows10-2004-x64

7

libEGL.dll

windows10-2004-x64

1

libGLESv2.dll

windows10-2004-x64

1

resources/elevate.exe

windows7-x64

3

resources/elevate.exe

windows10-2004-x64

3

vk_swiftshader.dll

windows10-2004-x64

1

vulkan-1.dll

windows10-2004-x64

1

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

$PLUGINSDI...ss.dll

windows7-x64

3

$PLUGINSDI...ss.dll

windows10-2004-x64

3

$PLUGINSDI...7z.dll

windows7-x64

3

$PLUGINSDI...7z.dll

windows10-2004-x64

3

$R0/Uninst...eo.exe

windows7-x64

7

$R0/Uninst...eo.exe

windows10-2004-x64

7

$PLUGINSDI...ls.dll

windows7-x64

3

Analysis

  • max time kernel
    134s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    23-09-2024 12:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    LICENSES.chromium.html

  • Size

    9.0MB

  • MD5

    aaea51a605688fcb2f178fd60e4ca64c

  • SHA1

    69d4791bf3cfedb68bc4d8f766878103578171cb

  • SHA256

    96837a4a521a61bd3d34f2f660e29902d228aaec501eeb2a84403f1926c3df9d

  • SHA512

    d328bf2f9ff7372a716a09e5882b9e3c0051b0135412b3258453085db1de2c7699c8aae24edfaca7798f468802db975977c9976e19fca84fffe884bf8594c33e

  • SSDEEP

    24576:h+QQf6Ox6x5n1nZwReXe1GmfL6k6T6W6r656+eGj/dBIp+:oAZeGLp

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2440
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2440 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2016

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    51ad591ed762719892e188c9be2b0a6d

    SHA1

    88f5cc0a2177f8c2fee7c5f931995e54f801bc72

    SHA256

    37349747439d7e9a51a59b47e9802ab966bae5178ca5dcf922186c314c108268

    SHA512

    e4e0b863920a8da9eea5ccdf1f2bc31f83e8501319d091799af80243d69e98d8588b6073f14e400d2a59cc63e1b0ed36ec33b339fbb90ed360b2df72d8c41187

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a92f00b3bd6c1b141e3274ad701ae4f3

    SHA1

    2e4d02c87128a9cb22ffa74c705241460f683a15

    SHA256

    6ca956a4c1c758627804f6f256c5a3f6f98698e1124b493e9b5fc6a6782a4d25

    SHA512

    ce9428a521e5aa838fe94e4c9ed4976e0999c694586c094be6cf7515cc78731db09a797c05c274337a22462c8ef46e594ff122efb1a58cc6df921a205bed5e3e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6ecb0eeacf9ab5bcf259c6846810827f

    SHA1

    75f5b2caa55752cc3b6f5948ba1acee861917ccc

    SHA256

    845fc3ce4ba9b20f59dfb8eb221c1f2ea2c0126871dc4573f3b27006e4027146

    SHA512

    798395771fac1e41ca04a3d281ff8eea2d223aad8cfa9c49d25729a6f0d2847ace240df962ad203c5bf6b90c63cab565fc7c0734fca7dc4fcbfcbe300dfcf601

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bbc0e3217b70169619bb028b91198752

    SHA1

    301485760493fabf91217b305a4b8033f8330a7b

    SHA256

    13bce627a0e45a1857d0d90e6da81e5b27fc1f4a46787c3a4957c5e591f4fd3a

    SHA512

    9cbbb2bd2f8f7c0809a055f86ff83b862fb4e08b3cd15cf4535334efa256f5695df0fd2e1478998fe4d8fbf8b8851e49e5086e2493573b434d91a86dfab66546

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    130403acc48f4bfea1626fa9c1d9162d

    SHA1

    4aba601475a670011a327f6c2af7bb4cc0119561

    SHA256

    89fcff0336dd079c5ece5b9b82d977e88f21b3cd656d114396c0b1e58c1b5878

    SHA512

    f8e5578f4946f805accd75a268a2c97fab801f49887f0d02e33bb0b6a4f270104a930a780a3d8c22a3155439782c2083d0bb953b0a202f68add661871c24a91f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    523a9c48f4591e656cdec7359589cc81

    SHA1

    1feef07b6830a49d158c34bc0a3975bd769277c8

    SHA256

    8c1851c33d827a493cc571683237f9d4de28610c21dd3daa0893f183694c1fc2

    SHA512

    5957b975fa71281d91c214ecf0a9e0df1cba482a58c9f86d9362c39c0879122dc01f3f0d122481633c7408a58955986918a630d60f9dc69cf2bf9b37489f2bdd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a8937850b8e282e4567dae4f97673447

    SHA1

    38b7bcf4adf51b89024dfce4b14b4881a0eb6b5b

    SHA256

    fa423f812ae264f572c3df06a306f11d517ca547d9f7f1f4d0f79c37e51f3be7

    SHA512

    655906b96b572f0d65311adcae4c31be541a49845c69e83c283a3184e40c76a1cf8be5aa375e6a1fdee0f09c3872bebe871379bacc3993d4dfd9b3f1e12f2988

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4f1ceada9098e6c07225d1603d7cf7eb

    SHA1

    3a905061632f0ca457aa9e50b672b1f5500c3c72

    SHA256

    31c3ac5ff1171f5d93a68453dc70e9750044813fe85af552222df0c226f612ba

    SHA512

    d9352e6782d89f09cdfc65697f673246f64e522ed9afa72b927f27be8ccfd104c77b5b25020cd5ca12ac21d048293aa0b891730c2269d904fc5338209417927f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b10b5bb9bee12abb4ffb02d1e6b17dbd

    SHA1

    98f0c70cfca8c109688c1f1a45cc5769e0c6bddb

    SHA256

    aabcc1dabb9d16350ca6c109a80024958649c7a8f39cd9f2c2115e30f6360cbf

    SHA512

    8ebb670c94433cf314c45e1f5fea77fa15e2cca93ce779d08bee59ee016eb6e58c75b435bc26b81343d438bf9ed3510f9ab7571319548a56121259b7725d4d02

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    35631e0c335396e22b01996ae078deb9

    SHA1

    86bb53b0138bfbe40ebd36ffda4a470cc3adabbe

    SHA256

    94a84bf962a0325369740c6a21dd713cbd8377e4934fda399ba3a4331dfc7156

    SHA512

    9161af3ec67b38312f897f82beebbc8b3abf41b46e78f7ed252966323593c1a602054c8419cdbff57b25d2e8c9e74b38bdd6c0d15355a6f028b47f9cb0ec87e9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aa159082ac93b1e9762b581f71f46d84

    SHA1

    0c27eb0d1d994d13409c230d5f54d14b730e3455

    SHA256

    1dd71375265c4c83520633a905f036f7a35cc032f315999d96975eff3d7bc184

    SHA512

    f6f1e836422af1e706cbae995b1c5d72dfd7c7de1f014170f5a09166e48fa63fba6572820c2f23f455a817357bdbb8ffcd90279d82488a5ba05dc2c0271f66bd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2bfe5aaa2bd902d916668966d8c0490e

    SHA1

    588bcaa770d096ee98f88f5954da9491e2d0b9b1

    SHA256

    8d39829a8ec19839fe7759f9c32e9514c71d3b29d88a4511fa3e3341824f6bd4

    SHA512

    c9ead1afc0e91291be67165183a0b46891adaf61ea447834e60598b418488129a5befebe83854ab952fdb7d44fa13061dc2657d5012e2d6b243ac362aec6aa30

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dd63c5a97016ca15111ef6ae51b647e1

    SHA1

    862feef3229f9672bf4eba560b7aa22d0906232e

    SHA256

    9b09fca9936ea842cf72163d590cda6b17b5bdfedee2356ef2a9363bd0c25306

    SHA512

    6bd1eb2024b3fd9588a627770b27020446fa780507125a6bfe01d0b6b924de22ea32c50a6d2ad3427365b52cf3cfa1928ff17ce07d4b73e2ce4e893949d9f789

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5230f13d82a36305da6c051352faabc8

    SHA1

    098e6c546be46506c61073e9f862f54919b7b1b1

    SHA256

    91a17ec6355743da89073c67e5dd4f586002b6c7e5ae1781a255ba8ebcd1db2a

    SHA512

    c1b146fee68679583a3312d10e469a930c3eee92bada45173accf9f6431049eb5232c69d594369fb84e867eb372bcb23e5f01d06251f3bbfe391276bfd3b908e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4e207d049700e7b57736d7ab6611ad4f

    SHA1

    05eec9e71f62b9ae413b0bfe1fca061933230407

    SHA256

    98503af508446e6512c4a8d7408fc7601c75d9a25fbad8c34f3d95b482f2bc16

    SHA512

    42d338b0c72e93b65dfb948d9b68c3df30808ccd652372fe6d9ff6dabac395470a2e2d08ccb3987979863d7f3efa1af002e3685155b12f2a667acdae2eb40043

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC237.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC2E8.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit