Overview

overview

10

Static

static

3

WinPatrol-...CZ.exe

windows7-x64

3

WinPatrol-...CZ.exe

windows10-2004-x64

3

$FAVORITES...��.url

windows7-x64

1

$FAVORITES...��.url

windows10-2004-x64

1

$PLUGINSDI...SH.dll

windows7-x64

3

$PLUGINSDI...SH.dll

windows10-2004-x64

3

$PLUGINSDI...NS.dll

windows7-x64

3

$PLUGINSDI...NS.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...NU.dll

windows7-x64

3

$PLUGINSDI...NU.dll

windows10-2004-x64

3

$PROGRAM_F...ar.dll

windows7-x64

3

$PROGRAM_F...ar.dll

windows10-2004-x64

3

$PROGRAM_F...ce.exe

windows7-x64

7

$PROGRAM_F...ce.exe

windows10-2004-x64

7

$PROGRAM_F...iz.exe

windows7-x64

10

$PROGRAM_F...iz.exe

windows10-2004-x64

10

$PROGRAM_F...52.exe

windows7-x64

8

$PROGRAM_F...52.exe

windows10-2004-x64

8

$SYSDIR/PATROLPRO.dll

windows7-x64

3

$SYSDIR/PATROLPRO.dll

windows10-2004-x64

3

BHO.html

windows7-x64

3

BHO.html

windows10-2004-x64

3

BLACKLIST.html

windows7-x64

3

BLACKLIST.html

windows10-2004-x64

3

COOKIES.html

windows7-x64

3

COOKIES.html

windows10-2004-x64

3

FEATURES.html

windows7-x64

3

FEATURES.html

windows10-2004-x64

3

FILETYPE.html

windows7-x64

3

FILETYPE.html

windows10-2004-x64

3

Analysis

  • max time kernel
    66s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    02/10/2024, 11:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    FILETYPE.html

  • Size

    7KB

  • MD5

    b209f5b595260005d3e41486b20844a1

  • SHA1

    07650ab05edc05ab8ce4a3e9e797347319329b71

  • SHA256

    4c15e2c677f13ed80eea51e8f35b0499688e63453e2598600e189f4b2225e589

  • SHA512

    5a9457d4ee44b5ea1cc6e90b17d0e090d88352241410f60e6a0cbb2181a215d90d25cf7e36ecd2927b5819151deb0ab0284f3ea9f266d3901d756d0f0f848ff4

  • SSDEEP

    96:noN+Jf/lKBxO4Xzx/cBpH/qDxHMf0SVFcNw2ZavFd5jCi1QMN7Ohid3K:nRfdKDx/opHua/Vai4avFjn1chid3K

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\FILETYPE.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2780
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2780 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1964

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8b668c1bb29aed480f6881c5bd67e563

    SHA1

    747ea8cf90a933eb79aa7031f9a80f012525ad23

    SHA256

    1bcd249342ac051bf33362a963f8aab0d77575185a83caeba6ed5d059f8f65fd

    SHA512

    8fffdae5135f1ca3283f84e067ba0f36de27135036703494e48994d9c7779520d04f096b6e7ffa7db57e6c0b62c43aa7fd72507ce993e2ad5494adbd57a2f929

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9b7bf6738d61d7e8ab2e1a4b04fd8efb

    SHA1

    9688edcf698f597d8f4ee67cf640089d0d10f68a

    SHA256

    0b3ca7ec7a4a63399e83df1a33a38f306459203f6030f2c8d7c1769d4dbf1743

    SHA512

    4070310e4a9fe6a04941b43a3ab06e0dc347e1e8826287cfb4a0787879a28cdd96027700aa1edabf400a946b47db80b458a73f958baff4f7d4f87a462b1f64a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    80e4481988f004de28f268fe3dee212f

    SHA1

    f046543d6f9812612fecea515a466d4f75a11da6

    SHA256

    c668cb6fd61eb12ec379d6b0466b95998cb9f70c7a49e0f118c88e4bf1988d6d

    SHA512

    b96edc945c77273e14a44a553bf27f5c94ac965ac2f4c56075d9113d3bd86aa5207614bdb1fb212fcfd13d21ebf416e7dcfc48c9c8cb4072e84fa8f17822b07d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    541590bff68eab423edc9185636d173a

    SHA1

    7efe392fd27dc2101beeeb7041c0bd51a3ced9c8

    SHA256

    0379c1f512bf8a6294573b01ec02c64f7007bad5561550256760b445f3cc8c4d

    SHA512

    ee0a3ba8552b4fe1242331bfed8d4ecb333125e194a560cf7be7e01ffcf5edf830c91f81f903b07214971abebdacc9a62e87bedb90d2cc5633ccb5c7d5a42606

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bcc4c641038e0c9a68db09d24124068a

    SHA1

    d58a6f5f55dd698b4478f322a9551f5b564a4836

    SHA256

    1b64188940c3e99cbc323be76389ab5b1cab326e30d1dbb665b2faaddae6767b

    SHA512

    0f82347889d82a3dab23028700912d7725102457532e6b8841c4d3efdf5a843e11e17c527cef71cbe4d1f75b3069ae84ca6b369ee88bc9aa9491f34687f7257d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    989a206fe78d5ca8dae0b57b96d0660b

    SHA1

    1eb61cb290af8b86d13cb56d1e1a7d834da10f5b

    SHA256

    2ff692f35b7f0b306a582fef388caada4fa1dc762f723fbe56866a13622a5b49

    SHA512

    61349214226323a8218cd0e0c579206c12305511f59c5f8f1ca5b1e88603a1c954ae696465412aa07c96cf32bc008a2a673d8b47ef47c131b1dbb34f406bdada

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d56e36a5ead304b57dde2062a62b0860

    SHA1

    aea0e74f45f905c93ac2d5193a77a810701b9532

    SHA256

    1d2ee2a97659910038db6e0aaeba679a7218aa8869f0ff4da94df456806080d6

    SHA512

    bcfdfe28b83f2fa7d2f1fe588137beab071d658c39bd66164e3d53475a30b89c064111d5ed8f0f89301ac9de39128395e55db6e2ed17a137a74af15f79d41a42

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    382f6f4adeab017e55bbd3e52548184e

    SHA1

    ae8244fa2cc4c4753da0a04af618b41a1d9d3cfb

    SHA256

    6f34e3586cf7e4cd7be7615d08a90f054df4869cb1d484247a50cbd67919973c

    SHA512

    f87d550f4f7b2be99d9d79c4fb3aa7bda21e59994704171f452489e1ba1f60d3b33d53ce472656a596a6ea11e3330b9b477a697e162de974943fdd0a93d2d2b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    167d72ce50f797fcafb0633de3e512dd

    SHA1

    a0161e383e77fa8bb1013185bb739566a2c9cbcd

    SHA256

    7979f71a3f1867c0fb9c2e8dda4a7d56eb7a98f1fc2244c8fe73f885f88831db

    SHA512

    34ec0ebd8922720fe8607791e3d7c3ebf76c7f16eca57edbce2d097128056b646a2beeea28dd6467c43b0223c503b2bb2859fe3b49398fa0299a8d328032b1b8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    47882f5008d9c120b2c75a7a6726b25a

    SHA1

    15c04fc731ff97d7c2200365d0c11dcb44756267

    SHA256

    5e54ab54643b2642b3574fdf26938d9649a4ef87a424752be02682c5a0c55109

    SHA512

    42edcc49e76e9f5a9036af06377adac921fbdd774e4f74c17c85d8f87668ef7b319a9fe812187fdd2b2e51154551d1667dda8da04ff8130553aee94d71f03f46

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    98ed10cfef8fc84ba1d67c7d41d9bd82

    SHA1

    357c0d11e0c27f4683ce85a296e297e1cdd9a02c

    SHA256

    f05f320b11b299402b498cfb5fecb21570992e1211d3347de0a8b56d55edc831

    SHA512

    1ff70898c3e74b5b4b047fac4b102002a696aa1ae566cf7fc1882758534012b1d9674bd0460ff147e3f9473a8a245a7e78ae6059930bc8239f43549bd160c300

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    454664915a475ae3e2f70acc51e24116

    SHA1

    c62eede7e7d1c6e6ada0130a0a1f944e82f1ae55

    SHA256

    ba537d3a1dd64b8d9866f7bda8b0eee13a58959cb8d1f1bf872aac660cafba63

    SHA512

    34953fcc2f23c2c4f711b1b5190157b86f5afbe6d49e1e372c137c077315e3ccd419518247cc0a9845edc1d00d570891a99638d3600391df11da6600bbcea320

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3ff04cf2c41570f41de6dd4f836ff137

    SHA1

    d88f507eba9b68ad61880b7b2cf247700e3d2cc6

    SHA256

    62c0324a4a90ede2cae5ad8cb82e0f2b4b5869fed115128d2b7bf44ce9516905

    SHA512

    9d7e8b945085f4527718dc4989600ab810edb5fe1b02a2cdf9dd0ba20da8fd802211588d3912ade0a180638673a8af8c7aad80d25d61aa412c7fe4bb1b2d892c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c57bef7cc0b1c098859b78d673402e1b

    SHA1

    6c07f3d20e96201d3b30128b0d208730b1dbc88d

    SHA256

    c36aec1927df3e1edaf0347d6e01e2985d5b681aba3deb1bcb44fd18a2ad9e2f

    SHA512

    8a9c91330b5f9b3fbc84143528d070b6153a6fc8fe5ee8e78ad3000ffb034966515cec4ddc3610d76e3a8443170342031dd1627b97aebbfc42540bc1d63fbd82

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    269375e6fc7c2e9e18264ffc564b4b6d

    SHA1

    e4205e5e25d7679f43c9f6a659aa686de462b5cd

    SHA256

    5f370220edcf2d7aac5b6066f0ce2b474635ed1d0e33e0fe677cb01f54e5e0b4

    SHA512

    ca71d7d3d4b6ffe29541d230747232f5f31b06c4b8e4b6681a5f4ea70ad3beb55ae418d511bc7a03272882bc0abdc9f29c89dc24a5b94a3f5a28bb59ff4e2a4d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    751294ff36f549fbb4b9f31fe3e93053

    SHA1

    9ab57d71a8dbc784b29b08faa958ccfb6e0824a4

    SHA256

    2657bfd16df3b7f41dd88b6ec8ddc8bd3448f25ab4e22dcb486d1304eb3afa3c

    SHA512

    33617acac3ab0e2f838645c51bc65bd6a6571e2d693869d3d2821a5700dd3bb1f3cce72566b04b55bfe976041aaee57fd916a8804001baf0382789a02b1286eb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3c9dc8dfa1a5ae1cde1084451ee9a484

    SHA1

    dff2ee79482522a2342470558a0d84b3360f7492

    SHA256

    1b524e2cebec8fe36ae2952f2652002881fdffbe77d87a8ad32c65d91a46218d

    SHA512

    cb1eb4e2f73d883113acbb35ce5099d563c43e86f35987a8b82ec74510626ab8f65995e2427003ca1cf8aa0c785df7cfe7af2549c490d43baf66391593ba5801

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    84582690bdd72c854fe0b28db6df020b

    SHA1

    8209c89c8e5cfde35c5e1637937514db370afc64

    SHA256

    d79d9107a31b448b18d10bb11b08a175a7498eee153676c37c5772fba169990b

    SHA512

    b95b36735c2d30490eb8467dc2d2763d21b2a892b096feb99a19e25e4343bbc79f94cd5e8d967891f7dc5d9f5d6db0a34652398fa730e1cd0d04ea002b9cdce4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d3bdb5c04331e3dec299f64e3b0d7d79

    SHA1

    58d89f2a2b85a8757ef7cb26bf0050d2d13e153a

    SHA256

    faa602ab4632256548b5a4b6f90186bc49d3db242568008922e0c47cfd99a014

    SHA512

    823cb8cd42c87f8a66da9ca04adcb2fea49ae153b5ad9324a65d478f8b060776f9bf87e2bec958131b3b4a62e3a52893b24e44de26168f04715b3236a03acce1

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabCAD1.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarCB31.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit