Overview

overview

7

Static

static

7

057bf3961d...18.exe

windows7-x64

7

057bf3961d...18.exe

windows10-2004-x64

7

$PLUGINSDI...er.exe

windows7-x64

7

$PLUGINSDI...er.exe

windows10-2004-x64

7

$PLUGINSDI...BI.exe

windows7-x64

7

$PLUGINSDI...BI.exe

windows10-2004-x64

7

$PLUGINSDI...cc.exe

windows7-x64

7

$PLUGINSDI...cc.exe

windows10-2004-x64

7

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...ed.htm

windows7-x64

3

$PLUGINSDI...ed.htm

windows10-2004-x64

1

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...lp.dll

windows7-x64

3

$PLUGINSDI...lp.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...os.dll

windows7-x64

3

$PLUGINSDI...os.dll

windows10-2004-x64

3

$PLUGINSDIR/inetc.dll

windows7-x64

3

$PLUGINSDIR/inetc.dll

windows10-2004-x64

3

$PLUGINSDI...ay.dll

windows7-x64

5

$PLUGINSDI...ay.dll

windows10-2004-x64

5

$PLUGINSDI...st.dll

windows7-x64

3

$PLUGINSDI...st.dll

windows10-2004-x64

3

$PLUGINSDIR/xml.dll

windows7-x64

3

$PLUGINSDIR/xml.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    119s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    01-10-2024 10:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $PLUGINSDIR/Failed.htm

  • Size

    6KB

  • MD5

    4bca38bc78f5e8283655b1dda3d81b2c

  • SHA1

    b1e61db910ebc37bcbf4650d773d727b15fc8554

  • SHA256

    16b03f64adc522298a636a117869d821379e341314704a4eb7e2263689e76d91

  • SHA512

    6b4559f2f658835ca3a5a8772f424415838990fd7b22ce9452577c6f1e92c8776fe8f25e2747e91dcf59b390084d82bc48f3bfaafb242c3374b0e98e81db3509

  • SSDEEP

    192:0BA1WBLKOIIMwFTsVEuuzXLtnMB7QfOLCqaNhp:0yW9KOpsVEuuzXLtnMB7QfyDad

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\Failed.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2092
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2092 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2952

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    47934ab214d2a950c75a024d97b0b2fc

    SHA1

    2663e72a17fd5129dfe7c77cd23b18be2d619823

    SHA256

    7d4ba28f9538e906819a74f277d4cb0155ab82aa5d798e00ff7a60a86da832a7

    SHA512

    27d102a4b7cb792ddcaa9dd58bbf0f4378f89e47a85cc454f58cb10d6106a9634bed695e89ecf3c38c80bfecab7b228e7ba40954bd9330128aaaf7c0d45b268e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    986797e4f5fdcea9f494297851d7fdda

    SHA1

    95aceb1d2c9cb1e6c83b7c8e43e83bdf19094d61

    SHA256

    b4534d128ae02365d8faeb45f27fbed7d640a5d9a05158b09d0e5d9d470986d5

    SHA512

    a553ce25ebf4783febad99576f8c5a9c70e841dde9974905fd6477ce86fdf49b1f3ad96c47a5e807fd75596fad717140d1d14ccad0c31e0656dbda0504fdff86

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5b2855ab41a3091491b1f7379c62bd73

    SHA1

    4eb5a0e751c2bf7a39bc3ead59a56940e3bd501a

    SHA256

    31217ad961aea4b398f5f0175f33b259f0eab7968e584c648ed8ac9606df8940

    SHA512

    9c0205fa7deb09f5851aa785be53cf601d522be3a5ee6032549e5afc8c70a11f3d51281f979e380a1f557c5d4f98b07f5a8e738f44eca74c3eb688abe7c3c2ba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7fd80fd3f6f5f4edc44b34a9a72d0375

    SHA1

    48d68e97ea80ff1907f46c4bdae481be569a5c0e

    SHA256

    91f4ce0a48da8dcd44cabbe36707d5a0a85f8622e6d8553759e6a193758c8676

    SHA512

    f885770f531fa9918c5c3ac3102bf3407b0838aa6a2c1023d0c83336a545c07b720fb6cba3214a1de36f277631a110fc084497fd8ea7d8e8aeaf81dbd7b04dd8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8a6acc1af7aee292d45e403abba4dfd7

    SHA1

    c80167edd235169e2ba5c8d252b63d9c2450fcac

    SHA256

    4c62ffef52fa581c1556bf9ac640aca49a9f8c5f1b83d5d65678ed22d367cce9

    SHA512

    ad96346d335d5ea283960e6ef4d4e8cb5a8307238df8d80ed837d00a5604b1ddf08c1665df5e36af0a8902cd4f523376ab34921f2e0f449d5be120aa330bbb50

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0f320a3570fac279995b46157701648a

    SHA1

    5a4609c093e2688f8d14b40e715977ab5862081b

    SHA256

    85ef7f006b89c6ed49e67ee998df640428ed58283b83fa498507ca4c869ca71d

    SHA512

    0ef48e93a99e568940ad83341db49daf5ff7a6677ce8c560e700d3d1f25f8a38d2f07476adf01548afcaf23e171f0905cf153cfdb33b8763fece6faf44bb29e1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    786fd2f65552d7a35159b41d3c9cd891

    SHA1

    6a1d3c45046d64d1c949bb578175019328b6152f

    SHA256

    37a79a7709b2e81c7938bf64a94059326c922c6dd074423c6e913a213b679461

    SHA512

    3b2b57371e7ec26bf7761c3fbb565c7b96520b14a4a5954826705cd44d3f4c2047b4e3082e9013de02dfd284dc12093b66eba9d2f9a7f0d6d25776c904fbe8da

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b2bba0df4f231ea0d55019b951dad6dc

    SHA1

    c7289b67bc8ff79ce91bc4b51122dcef8936c14b

    SHA256

    14b0f6d3920f93f9a0f3a65dac70db127a999c3c148247366fbacb3d688a4cda

    SHA512

    d66bbc36b8000a9c19bbfa1ccce92aecf1fe939fd2cca7c5db0b422151ac1550f1b33827b72209739228b8000bea76ee9988cba863f37b2709596471395e1702

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    85d81235e843e2fd65f5109f529afd9c

    SHA1

    577c9ff9387069c58bc10a5e056e7c65389329c8

    SHA256

    9d9b2889aaa73f2a93572945c6f50faf54ce30729130f9777f29b9e1434b666d

    SHA512

    d6fa01a0744b78e05b9dd7be6a2d5704b8b1851b378c1011f31055fcc71535a5f777fa8b3b124c37529ad76d907b60b5c54b4784f76947f7e1eee2feb03951f3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aadd33556604b7005ad22a9aab1185e7

    SHA1

    892e5c08be980a4684f38537eccb16697ce0dafc

    SHA256

    5944b8c01867c8b91853d2923e13490669db74c63ab7e6b93ac6007fb6051447

    SHA512

    76d3991a36eaa018ce1881bffcc0d496bd5b5a10aba0a5937cb9b0f6023cff62ad74a7981ea1f909ecd07de366a76446cc252da1746edf61dee4e4e1944a52af

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f5bda0e0c40940a8464deb9f359ee5fb

    SHA1

    e4a34ebf3e5e272e95f66f593ac09b7bb21b5fab

    SHA256

    4f7b9aa4bc67ea6fa5adcc2f51b6f9aa934bb765f73eb7355ed56d2c5875891a

    SHA512

    d3680a52e57943034ce0569423bd4931a5369ea5fbfdf83690e04902620ae98bdb59f64236b86044a6e21375ca8349acd6c85611b2dc51688b43fa20802f09f1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    74cda9bedfc94880a74fc147ce4735ed

    SHA1

    2f538202a72c883b7828a8ed6c7c20bc804cb71b

    SHA256

    0257f8390ed691dcb400e424ffb3c74fd95a317399115845a3cb15d579402eff

    SHA512

    556df4e463893cd9924c97829e2c9148dec90ae238e12d9983170554bd78941a284415b6837c26719a1a080818907b68af2ada3ff938c3f41c56dad5c96ee68d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3e64459ff491df73844c606b47b0974a

    SHA1

    ddbb389ce30343f5f1a87a1d045d5506a2f01ce9

    SHA256

    0b9cccd9061fefe2d5b73a790fc5573968191c9763e632fb122169ca6f509b21

    SHA512

    d7aa6b5086d51a03bb6dfa0ecb8aa2a5972506c8da0736e9f004df5befcaff8eaff20688a732c37ebe787c9d7f40199ae73cd66d20efdebe88b6d7bfeeba9a4f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d14c7701771557a65cada9c4929306f5

    SHA1

    1b04ddc680d7ffa93b33485f3b55b22277a2ace6

    SHA256

    e48870c0872d0d91adfdd7204d73cfc0e315750b2f6ca525c2cc64a1e5d39dfd

    SHA512

    70a7eab85afc2a7fef6ef8647169d61e36352e73a548ee4f42d0f6080c68c9613c7195b5f49c6f074a63bb9a3df78bd2e8df2b9b8a7eaa0a4a5a168248e06a27

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ebae1f717c1c1118d7c6fb4c25e41c4d

    SHA1

    3f95a75bcc260864d81a6209a722667a596448de

    SHA256

    334c8c5991807abcb3ebb57faf19a178ea47e8402d68dd7739197943954ffc66

    SHA512

    91af9a2793e1e662b662ea3ad1f8b36d6124963432a3c3a561929d606e0170f0b49afeaed1fe9bfd9aec6129f102f8f4ec940fa7e05301ac6cb9445ba8320d46

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6eb7560a71105fc865a2abd41bdd10fa

    SHA1

    217384e8f146d8565fb85fa55b22af7bcf1f1b4c

    SHA256

    54a67af5ddd92bb74f3b9c30414d938c57cfd896e9317ceac780a90cc788d002

    SHA512

    42b7be4c3334c2eb4244b077b25210870c8ba6b6b1454db26b011f4e373821e0d2e9b18b1eb5c88cb8006eeae1d59cab0a373cd97867ddc0e53244d144ed81e5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5280f4e82f510e817bf51c6744168c6b

    SHA1

    061e096a050019d941f758fd59ac687d92cf7096

    SHA256

    a54838fdd480d9ca1cf309efae14debf49c7b54f7bb923b83f96ed6bfc2c746e

    SHA512

    d0c4e29e2fc38d2181ac5346724c240ef15f731ecabb5b62e0b84128772dd51630a507c7eaa7510453acb6381212c85ca8dd19a43c6ff4864d0f2d5f3ce4148d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5c7b56500d0bbfe0550ea0f259922634

    SHA1

    de872a6a4b959b783fb0a8fb09e36cff65c314aa

    SHA256

    512a51561fab5bcce7006553c8dc7296a2713ee89e14792d4a4c5ffac8a0afd2

    SHA512

    ba2b2bfb0961701170376c62c3ed330232308fd7700fe3601b6d084b2848e21a87efe74b059be01881d4277bf27072c8e34878654336634e0f12cbc748b9935f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    380254957426e3683bf7e85fd36b6f94

    SHA1

    3edcca459e7d4a3ec64740fa7508f9946b47636d

    SHA256

    495a18c56cca56d8e64b93ae522422b5931a7326bf289eac83ba9438c5252a04

    SHA512

    c6f7906f9e71316fa6fe51d5845e8e5c1ee33ea5ef882cfde96cfe09a2019ac801e37f0b155680f7459bca2890efe7b9dd27b6f264163b5aed54f863bcbda237

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabAEF7.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarAF97.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit