Overview

overview

7

Static

static

3

cruzesp.exe

windows7-x64

3

cruzesp.exe

windows10-2004-x64

3

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ll.dll

windows7-x64

3

$PLUGINSDI...ll.dll

windows10-2004-x64

3

LICENSES.c...m.html

windows7-x64

3

LICENSES.c...m.html

windows10-2004-x64

1

Molly.exe

windows10-2004-x64

7

d3dcompiler_47.dll

windows10-2004-x64

1

ffmpeg.dll

windows10-2004-x64

1

libEGL.dll

windows10-2004-x64

1

libGLESv2.dll

windows10-2004-x64

1

resources/...e3.dll

windows7-x64

1

resources/...e3.dll

windows10-2004-x64

1

resources/...act.js

windows7-x64

3

resources/...act.js

windows10-2004-x64

3

sqlite-aut...llback

ubuntu-18.04-amd64

1

sqlite-aut...llback

debian-9-armhf

1

sqlite-aut...llback

debian-9-mips

1

sqlite-aut...llback

debian-9-mipsel

1

sqlite-aut...ace.js

windows7-x64

3

sqlite-aut...ace.js

windows10-2004-x64

3

sqlite-aut...al.ps1

windows7-x64

3

sqlite-aut...al.ps1

windows10-2004-x64

3

sqlite-aut...re.vbs

windows7-x64

1

sqlite-aut...re.vbs

windows10-2004-x64

1

sqlite-aut...all-sh

ubuntu-18.04-amd64

1

Analysis

  • max time kernel
    137s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    27/09/2024, 16:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    LICENSES.chromium.html

  • Size

    9.0MB

  • MD5

    f017c462d59fd22271a2c5e7f38327f9

  • SHA1

    7e1bbeea6ac2599bd0f08877aa5811d32f1aceb9

  • SHA256

    40f314c778851106918aae749d75b2d913984327602a1bfb7ef0cc6443ff2a37

  • SHA512

    72177281486f6ec26ccc743b43481c31470c7dd53f17b0a67ac087dded190c2e3dde5570260150c2e9650186a515740af7f81e31965c95bb762340f9ac100c07

  • SSDEEP

    24576:G8QQf6Ox6j1newR6Xe1Vmf86k6T6W6r656+eGj7dOp+:fG6eGd

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2316
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2316 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2336

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    388e0088f8eec41139304ccc71a4f521

    SHA1

    1e62a3979f99b8f195bed9a41844aa82b4234f50

    SHA256

    6eed8e5af0fc40fa3f3268b6cfcccb8e7e45d074395aa1a70578a5f241cb608e

    SHA512

    2ee588a92c1142548d5eba1ddea484cbf6b77041c57e0be40007187b099d380ae32ef75bb38189f2c3ac19452f2bcc5c03b57c3fcf378b72561cd0c63007b94a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3b559b8bc628b68c1e7277e7cf854a63

    SHA1

    15d2ad281064fbadccda74b1b5c5c5a27fddd245

    SHA256

    1a603790fa4b9c7f1b7f29f81c0926d0908421d762687e4bff90dd26171333b6

    SHA512

    731d838d61dec684debee86132e223f38d40895d3bebd2252c38e61ecd84675249a5830e06600d6c469e9c79abada02e5140f1a772ff779a5ff704510d369baf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e9f29ea5d9934bf9bfc4362f016067bd

    SHA1

    8545cd0e77249db65c30ef84ff4cad579156c94a

    SHA256

    260475f9a2c06fb9295c3abe83ff2d67dd8f050d1736ab8dcbbac27eedf2def4

    SHA512

    304197d745fd8d7d5fbd1e3b20837d6a6c6bf1b5600500249676828b19d1de654237ed41605894d5611f4a99b2b42e17c8d9921bac8377a8d4a1f1e7eb1d0762

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ee2c1135c7a1b85df6a123168948f31b

    SHA1

    aa4567b1bebbd23c5a5af250f8bf83f8fcf7bda4

    SHA256

    6c41120077756916a4e1a0636b97e38b2e6c0c768a863b2bbd857eba7a0514ec

    SHA512

    d5a8c12fee98a70c6983e7c54d288033a0adc58b8cec508ae03176032aeab44dda3bbd27a9ca0b18e771da1acf8090e43da7999f9d772dbd67f400398999bd27

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ba12c376f4d775c11ac5182316e5dd12

    SHA1

    718f1424e789cfca2051071ee926729abb1cbcd6

    SHA256

    b74320aea001dd57dd208898341a23405f67855a4d4bb1581d72c596038b16e3

    SHA512

    86e5272f979f09bb7035f6651a150e15812c6a014fc4264e8bf410755b7402d04353c228348916cedbf7731864378ea88b9f770f989637e2728b0669372d5d30

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    76d1a866b6dd773b7d16e3955786055e

    SHA1

    5faf0b862459dca679c2a790436db22457c80af7

    SHA256

    61f0387b5ec18b0ccf3f1d8a6d0700b5572bd163ded4e73b8fd25e41463341c1

    SHA512

    fbb7fc7a5ab603be1dbf42159531672cb3d572ef8fd150b5991493948b8303dcab703cad9c5c8ff7e44e454746e54d3aa56760900e69a1f2b9820c2642ac1eaa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ced68e1080ed8a74d0ba02b9d946d046

    SHA1

    511229e569361e5ffc73c58a0a09c7c00f07e2e8

    SHA256

    43088f622631365bc1c8dab6291d3816e0ca62ceb75dfa54bb5e93a7f877c33b

    SHA512

    8db15ed49a4f73d55c8d8b6b5cd5450ccef3794f352ca845e9e0c2713719a37403abbba5ca456657142a41aacc3c5f76e7da557cac91068d3a61903f8efa41e1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    590e2d4867df466169b499ea77ff3634

    SHA1

    01c20281099f43c96357dd116863ab3eb2787ae8

    SHA256

    57f609d6c4ca2a1a3beccd466c8e3ebe701e59a8227772bc7db94fdaeff54c93

    SHA512

    3c007d42a5e007f0ba49c73e19748572a3b6efeaadbf09fe36b7a3b52d47d62140d5351e03f7ade9e70608d1db71e5ee0929d277a392588215f5f54c588103a5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f28183974920f6c6ebac90065a05a398

    SHA1

    1581e2268cd295ff048791fe3e4556ca8339af00

    SHA256

    e8f6ec69367aac7d260f60a67ef6f896b95efc7982e41c0e0b157152cb6a536c

    SHA512

    febf45adefcbdced9738bb850bf56aea1a0c0215d02b4350898efd0d467b18b970aa929ae6be961953e7a0d2d78304630ebc14aaef74928df25f10a037e2405c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    05d52ef72a81e9bba69209f16533e8a7

    SHA1

    346289a2ed629a861c9f92b771d4a6b7da3d3c87

    SHA256

    1c8d12bf0a5bafff3328dd628357ecf6cdb2f96a283cffccda541abdc8979971

    SHA512

    d6861ec99ef4df6e7e8998c0c14995eebc2e59d89bbff6f28ae59c5acaa5f219e77df2a227e7a5af503bdd2270226a029aac3e8d0959ba78227f2f67700f66af

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f84fd2143df0b83859babb37ed994758

    SHA1

    e0125a3a88d0a96f1ff703122c19a94e176d7a64

    SHA256

    f9be305830fd3e734fd6744f190ea18a34c8880d6aa44365900040408f0fe360

    SHA512

    d24fda7c32141d925d2fd9e07bef1390e2bb7e20686e4ab2b6b56cc94ffe59f9522e5c6918cc5e2185e041f8338650c60c0beb437956fa0592165eacc517bdea

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC05.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC66.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit