Overview

overview

10

Static

static

3

caa1e28ce7...3N.exe

windows7-x64

10

caa1e28ce7...3N.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

features13...5.html

windows7-x64

3

features13...5.html

windows10-2004-x64

3

help1852830420.html

windows7-x64

3

help1852830420.html

windows10-2004-x64

3

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

us4-api.html

windows7-x64

3

us4-api.html

windows10-2004-x64

1

Analysis

  • max time kernel
    84s
  • max time network
    67s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    30-09-2024 09:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    features1395955115.html

  • Size

    4KB

  • MD5

    6bab5fd1b042b8acbe208494282645d9

  • SHA1

    80a768b7ec6777c189a0d3dd67d120836e1c0aab

  • SHA256

    56d1d8d34e6b0d628e5af62578d4949543035d4abd884b7d15b701443cf83b1c

  • SHA512

    45932ec27e5a1b73236782f767bd65af05d46f34e4804af35f555643d9771e2fd9041d81d1aa3cf0d1d1aa8e2a209f92f9e9217097f3a6b2177499d9e62f9549

  • SSDEEP

    96:v7mMg9WzsKep6qImvzqmCwF85/NEQaJr5CKWMkKkdpyuSWzNlAKb:DfgswKWvFqEDJ7QXzNlLb

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\features1395955115.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2116
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2116 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2596

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    471c959718d48cce35113f2e387fdbf5

    SHA1

    dd8095dc3638241b852aede60ddb86ee9e4585ef

    SHA256

    41a974d200503f458ce05efffe4e0aabcfa6945613c64e64d64a224d93cbc2a5

    SHA512

    7e079b1a35654d7f7f751ac1c31aa3cb455439bd835c0d3b80b31e8effd71c07a8623894f317061c36a4d41bc5c213698e8b6e4f241bc7ed4cad1a042d7eb401

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dcc6fae7990e59d935026b61bedd2fe8

    SHA1

    1f8765656567a99d58cd99c257f28979ba7074f5

    SHA256

    2cbd7f31dc512e2637a0c94961518b0fd4c8238fd0e57c9e052dc790fac92070

    SHA512

    297e19ee7806dda5f7f014bd095408f87704b4606564cde12a1a1b9e6b14ac39e45a7275dc55b10a30eed049890e28fa3d5cfd1079742cafc4490264c7d54177

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4510b751f08f9d0576d86091d566c9ff

    SHA1

    0465acd4e9eabf37bc47d7e7af5d5d05fdec7453

    SHA256

    0ef0031ae2db67bbf9a471343707e238abb77507d44a72a66a8e516fb6696e94

    SHA512

    6190d65d77fffe98e1437909cc704f41864795f67e30ca0b3a2518b6c3c91da821c0a3e135c6ba0c4efb347f901c2ce384d80d2b8e26038b974447ce43cf53be

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    66036b211578f795a6e9a15ef70fb68b

    SHA1

    351b7499ee4bdc0f9f501f29715bdc08345b2a6b

    SHA256

    da82e1897a349c31700b3c15ad1bea167b53e6d6f3d8a931007ea576874d4007

    SHA512

    5078b5262e831b6eb3f41491479c6beba6f1b0ca83f360cd92d8a871956e3879f0bbad8e3c88cbec8a6b331e5ad406c4f4d1ace441001961dd6b45d05f8edc0e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c6e85de20d8ac3c573cbf3c821259691

    SHA1

    821ad8f0a679dae6bb08335d3e498b3bc0e84a5c

    SHA256

    032350c9051336f16297d9afd5c3acc18a82f004e44365fbc2014f35bb3c63c6

    SHA512

    3611ebf3ee87ebc02853e1ec61084cb58851bec44d0a94d240c717eea46d39a921afcb83d6486edd37dbd5e3fd7a9331ef653b68f07b45ab95c778856c251bd2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    177017e2b2bd2982e9147bf5cc6d215a

    SHA1

    24e998bc2eb3e130a0edef02b645cae147219f50

    SHA256

    da7a9a72999c1417f6646e0c5e2ca670b59d5c55a9f8463c93564252fc51dca3

    SHA512

    3eb8732fdf4ed372730c2fc744431129f6a45d838c308f92b32162a83a10f659d3b56f00871c3142239ebfec8c59cc62ccc0d8fec4e25084f26adce0a720f5cd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    086be166b06c27fb0a95dfc902f77cee

    SHA1

    661850a24a1e7d4e2f7deef45997cc8424e92313

    SHA256

    f398563cffd4e87d4c2aee51548abb4f5f4631e16f5b49f1177904cca6c9eb3c

    SHA512

    07e0461a2757f95dfae4458e2f8e3474992f9cfc306da71502d052f2c93584e61af0e95b9f58f023799ac34b2dd3806f7c26aed6a3dd66a93a9cfd870f8a3c25

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3a36f8650df1b9231d7afd7c62335e91

    SHA1

    09b0364a34ae6208ac2d85106fe22d30c53cfaac

    SHA256

    a15fa1419aecef6478566e9e0475629b5bbce60e41e3738758d7daef0ebe1c8d

    SHA512

    d9f673d5404e2edf44dac0297c9ff331c217555987f0fb9466dc3c4d45bb435f3a3ec58016db4b94ea0002faf19d4b33bf71c5f31acb34b88f56af2243bcf7d9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aa1b47947e193200bed6aeccadfa36d0

    SHA1

    6de43b81791f721cfd0017e418287bfc00235aa1

    SHA256

    d8f30dd47b7dfc1377e21ab40558bcfb01d98db72a0d45ec1fc9e5d71fa0e6dd

    SHA512

    0ebcbc363b239390585dfeecb3ab9b15b32083ca6518019b21f248efbf3c5ce55ad4166afca0ca6e3dcd6fad700e404196044d39bc8e13634dc520a077d48888

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eab17004208ae892ba8b72e9c179e687

    SHA1

    3101bf40e4e203d7efe329e9e2fd12bd6ef26ecf

    SHA256

    e4f6d1bd88ed6c18807a189cd7b05f19228f84f4b40d08f06093c720475f457c

    SHA512

    002255e96e0ce7511a6856cedc9bf9db35c79b946567bdd2504a697bfc11850cfb826f0522adf3bcfa346d09a9d6ede869f8c8af48ed44ba5f5de771658e1962

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    52e9ef540cfad4d76fbe1b9f44bc82ed

    SHA1

    175ab636b0ee28d8fc0d9e351e9d287bbf86d26f

    SHA256

    7aa09614c9d8c445c66dfec54ba394f7f5e3d104b4b61cd8d380d713ffb813e3

    SHA512

    ba34e445fc083ab5f67568f79e6b4c67cee9fcb95b0d30bc3ff2c2b9b54f7763ed55613663a3a22db8e125a8a0758993375bf32b5561b7744167da39219d70b1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d1700905867cef308041557ef70ac676

    SHA1

    ee3bd0bcea4a2285e54dd3fd216de95ab39dc705

    SHA256

    895189f222291460d4d9a1287a115dd96ba4ec369fa646e664dfae68d5dd16a3

    SHA512

    20cde09d09a84c7d20e1d9a6c1c2ad772af2480078d1da7716f435df16b81671c885ab72459f8127c6d6ffc91a9c0b28258963bfdc159b5fff8cddbd4ac53ff9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a38a164e3861531fce31eef30e1b2b59

    SHA1

    969d21a724cdc2f02742668017539c76f0bfb7c1

    SHA256

    e798f8ff87c23965d0b0ea15b54ae5dc8efab5a998a84f59bf41a15d178955af

    SHA512

    3bc9c958779bedac12e37e6684eb9b505fd70314c8c05d3bb6e245f81b891c131caefb9566aeb6dbf39f3af21c530e7813895e496a83650314457fde9d0cf155

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7251b1aaa22b01ac94636d6bd05bed5e

    SHA1

    0bb9e0bfb5378f82fa286c785a7d88608af64dbf

    SHA256

    7a6adda9bdca3f980b61e4929e31c5c188ebe5a75ffdb28e463ed9dcb506862f

    SHA512

    bf3497db3bdc40d6bbbf7fb55badc4a060721b7607836838a608a7ce5c5ce0ed5b2eeb80886495718e21091c0118c6436d325bd7dc27c3a42f7089e86d8bd94e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d20793abe7401a479af21d8a07717980

    SHA1

    568ae19a053b726730f53e147d33ba2dd81ffd6b

    SHA256

    edf04115cb142478140a87befe69be60fc6e0ebdd9fcc84664408221b6a34d99

    SHA512

    a10ad6134df2e618d0a0bfbbc4a5103abf27878dd6b022e25326af09ecd5a27ca3d73e99f3169977c0cbb3f43370d897db865b8269a8c0850e338498ec52de66

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab1A19.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar1A79.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit