Overview

overview

3

Static

static

3

Crackme3.exe

windows7-x64

3

Crackme3.exe

windows10-2004-x64

3

R4ndom_tutorial_8.pdf

windows7-x64

3

R4ndom_tutorial_8.pdf

windows10-2004-x64

3

tut8.htm

windows7-x64

3

tut8.htm

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    28/09/2024, 19:10

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    tut8.htm

  • Size

    631B

  • MD5

    3cd662c0941f401450772203bca9789b

  • SHA1

    949c37b1655f41de8dc7da94ffc8ec878517fcda

  • SHA256

    8b331c5976c4ef804a5241e87e8ca0ba957ce7e058a946546a04ae6110a61153

  • SHA512

    8ca85e96cb5395449103e7f9405fd989e901657341f52098d32edfd206ddacd09baf9679571f7a3c6c518cc5e98f9947626770ec4b8e696550035fa43ecadfc1

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\tut8.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:800
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:800 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2232

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d083bb1acd11ffc640b94f9ad65f7d5c

    SHA1

    a6301e10d09c52e2eeff12dc4901bee156dd5906

    SHA256

    8f82129f625863b167c414f1b1be76d78df18ef843a8ed0af6c0575aa603c783

    SHA512

    6f51caa4a400c3bbcbcb59919dcd6205b0c4831a00996a8e9c0643999668bfe753ed494b74bb2cf9981d7e4d77b11fa5da8ccd1882239cdb87acb51ea36d4c57

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    95ebe16d992a3c0206e3ba96d71c3a8b

    SHA1

    ea18baf3d43b05a9555c83a022f4c6dab3894a55

    SHA256

    65a0409722e5ed4e48aadac6bf194262b7e6dca0aaaf9f30a9ceeb7999c3df9c

    SHA512

    1525bf54b53ea40efbe16e5f7aaa5a9143271a816540f3db232795ecaf165c3d2c36bb006e1085f810beb2c956126d1cc1c6bb2e65a1108197a21f107c06f4d6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9085780baa008480eb3292850e7cb455

    SHA1

    eb6728667cbfcb40cd0cd57b65ed6561150115be

    SHA256

    305776e9ba1943e47f64c1a0619dcefc91208d91d1ff4908b5905862f6b83f81

    SHA512

    e862b06044f8630fd3a87b0ad075da29c1dfbc999d828ae9f67085fb27c40398185dba2e6ecbdfc0fef3f920f5234693dc316082ab7f7eaa5f5b3bbbdd7c4a4c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bd836bda08fdbe59103b80ed819cf6a2

    SHA1

    30a7a5e8927dfeca0a741179732b207e1b40d47e

    SHA256

    083ba618ee54f489bd6c6c866534db994d2c570a965e21db174e1d49a12f9a4e

    SHA512

    a6d3daba8651d73f1852a2cbfbe34f1145c55975b3d0470398c23f72ea991a3c4a2e95f17e69b2e832f6b1b95c98fb7e537df432c55c68d7f7393723e92e16cf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b57dc421d802b142a2b04adf21fb2278

    SHA1

    3b6687fcca7d6032a265d940eb054f5727b0b8bb

    SHA256

    5fb41cd7d9f92bf207f207d3ec1f2fc8101a824ad1acaa63532227e13b7b48d2

    SHA512

    69311d6a8ba44b50385429a0aa8be9e315cfc1865e7e160fa21119c589f64306b332f910d11b1049362e16968741ae4e066c1b43e993bc5fa9f6303b612865df

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2983b8bd6836aa621ee8cb600e7e0c73

    SHA1

    2281c7a936f7ae399af7b7c884a5dbe7545ae048

    SHA256

    712526f3dc1ffbe0789858d5cc00b0e564436a321b2095843aecf71b76b2dacc

    SHA512

    cab3042c8627f108182823610826469e992b2996304d2e046a7b2db2c0c30acfcaf6383057f3a563dd6028ef7e1bef61420e82a78a679ebec5e94f930989a7da

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cfb3559ce74c7e6c25e29956fee923c3

    SHA1

    be53c5b454219bc9aaf5581c754ea8e5c98f0c34

    SHA256

    080508c5e4335367fb39777ae79b94944578cd1f4744b8b84075799370c10f5a

    SHA512

    4f2fce5792153238405ae76221bdb6a82f571f2af85a3d385e550168c6fc368b9bd3d8b24396a74cf2514860932f97e4491a3fe191cd1c0852a294618940af11

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0d5995fc742f4fd3f649045eba69bb4a

    SHA1

    53fb102f9a265a2a59a3549649d3533c184709ef

    SHA256

    786fa39548b2929029ef98245ad3c15a2833badda3354ba8e8715d01b92bd627

    SHA512

    c467cd9b61465f6608a1306770cc4344a459dc1a85f77aac5044ccd725154036a0ce217ea0a79351b8249bd240b420f68c8b82f0398766e2197dcc99697d60bc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6786ea483a825db29941f3cb935c002b

    SHA1

    9a3ee64aaf5db39b808222a554eaa09f66208e93

    SHA256

    9c8173789313ae47da3730da5aec406fd0cf2779a1a74587df35fcce28d7f6c2

    SHA512

    251bf7ab3a6045316d0459f3d4740063b430981b747a27d08293af430ffd89fa6f889cfc91409206921cc5a919c38ae60024f41549d3619d45e1b5d5c9034aa6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e99cd0bdc0c5bb9019b000752cac8edb

    SHA1

    271a9292815a7e6d9394ba213cc0c89cda703732

    SHA256

    b2bb64619209a98a421a62edd87986f8ceee8b3903173884c5c58918ebffe2bb

    SHA512

    1ba71bb1701b15c527044fe318f0bdd2556e326b0643257e7598ea00d781228a6675df92f56204c23a185fca66e8454d9dcc3c26de69b7de92df2f471b41d246

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3a35a8ae547f0625497a71fa3cc6a441

    SHA1

    bf068fe0d30cb9467a757fe1889e7df8ca618ecb

    SHA256

    2d39be8c36c73e2b1addc22c320b58edf542b906637a9a2bcd896677f85ce35a

    SHA512

    6a5f4395361333061da22c356cf40bb04926dc6f21e932288982656b38d4123857745ef4d0891425ba0df45cfaa784e97bb64fa6c34344a64cfa153083caf461

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabDB81.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE038.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit