Overview

overview

10

Static

static

3

Rzlauncher Setup.exe

windows7-x64

8

Rzlauncher Setup.exe

windows10-2004-x64

10

jre/Welcome.html

windows7-x64

3

jre/Welcome.html

windows10-2004-x64

3

jre/bin/JA...32.dll

windows7-x64

3

jre/bin/JA...32.dll

windows10-2004-x64

3

jre/bin/JA...ge.dll

windows7-x64

3

jre/bin/JA...ge.dll

windows10-2004-x64

3

jre/bin/Ja...32.dll

windows7-x64

3

jre/bin/Ja...32.dll

windows10-2004-x64

3

jre/bin/Ja...ge.dll

windows7-x64

3

jre/bin/Ja...ge.dll

windows10-2004-x64

3

jre/bin/Wi...32.dll

windows7-x64

3

jre/bin/Wi...32.dll

windows10-2004-x64

3

jre/bin/Wi...ge.dll

windows7-x64

3

jre/bin/Wi...ge.dll

windows10-2004-x64

3

jre/bin/awt.dll

windows7-x64

3

jre/bin/awt.dll

windows10-2004-x64

3

jre/bin/bci.dll

windows7-x64

3

jre/bin/bci.dll

windows10-2004-x64

3

jre/bin/cl...vm.dll

windows7-x64

3

jre/bin/cl...vm.dll

windows10-2004-x64

3

jre/bin/dcpr.dll

windows7-x64

3

jre/bin/dcpr.dll

windows10-2004-x64

3

jre/bin/de...se.dll

windows7-x64

3

jre/bin/de...se.dll

windows10-2004-x64

3

jre/bin/deploy.dll

windows7-x64

3

jre/bin/deploy.dll

windows10-2004-x64

3

jre/bin/dt_shmem.dll

windows7-x64

3

jre/bin/dt_shmem.dll

windows10-2004-x64

3

jre/bin/dt_socket.dll

windows7-x64

3

jre/bin/dt_socket.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    141s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    04-10-2024 12:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    jre/Welcome.html

  • Size

    983B

  • MD5

    3cb773cb396842a7a43ad4868a23abe5

  • SHA1

    ace737f039535c817d867281190ca12f8b4d4b75

  • SHA256

    f450aee7e8fe14512d5a4b445aa5973e202f9ed1e122a8843e4dc2d4421015f0

  • SHA512

    6058103b7446b61613071c639581f51718c12a9e7b6abd3cf3047a3093c2e54b2d9674faf9443570a3bb141f839e03067301ff35422eb9097bd08020e0dd08a4

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\jre\Welcome.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2304
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2304 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2736

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7ff5243b956647d2c0320049f09aadb8

    SHA1

    9d47fe65b0fda2939cb4b582cf5f4ddd5d639119

    SHA256

    c9fd2028f0753a117eb82e7959628b2bad96d67a7ee6b8e6a8d81d45da45bcc3

    SHA512

    1fd570ec0a35f0051e4a5c8753eebe7d3b2103603c2ddb12e754da6fc5e32985a321c220acbc729a558b877d1b08c422717c61f734c04530152ff005da8df4b8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ddcbf0c539717e21b458c10d39bdd59a

    SHA1

    acdcf6b01a4a2fb9da96e44b2ac560ee3e18033c

    SHA256

    53395fd909175a07ab78c9befae60a716cd2a73766313ebfb013e31662c7ce58

    SHA512

    6716699233bcce8fd9b28a612a21c4f59e10b6df39620f83c12a5542a6ce0f662cb528a7da0e2d04c0c6756b19b8224305cb0254f745c92d78eeba60d26c31f3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4a0f772eddb9a820cdd816aa4107049b

    SHA1

    27bfac9b58550cb21556e9cc1d48ac96abf9d611

    SHA256

    b4b10b36f8c239f561ba50f2a725ba1d5c2a17113cac5df6ce05b519e5ec6b98

    SHA512

    f9d97f6635d470fe144c5d9b0c522aca331ad8540edd5bab9ea9986d0e82d77669b548d0534d30820baff4186d078a7575d1c1ca86da26191eb4aa85e6d65942

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9525b1d37e597b3fd78a9463f1a2c1e6

    SHA1

    8700744d479f4ee5a55903453dcc6e5006cc164f

    SHA256

    b1b96d59b728018c7b2975da2146dffc5c7445737c46ec57ec91fa285482a6fc

    SHA512

    9072dc502cd3ec723bb8c0b5fa72ba02eb8eb3b7cc3291e9026b9ac4ba849adb1d61c0c5e9bd255680d8d04c6824916f37afb5bee42923c64ea82cc19a71ada2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b90310436264ec11a1c8e2b57268fd09

    SHA1

    7dacf8662e73c6d6af673e033a989aa9a4bed41a

    SHA256

    872528fb444da3df8ca2dadbd3c3ecb7bfc9829d358b57921abc9d3519b04934

    SHA512

    51c6eaaf7a7de6d1e4e16e161faef3edbc6a8cdb7199024202d79910df1e4adff22b6159bc4902cfceb916ea44681443ba54e5ecdd6a0e18b496aa2d4f7149c6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    125e8f4296d341e8ccd31cf357a542aa

    SHA1

    6b281ab3387352885616b2ad95ae16e3f3baa48c

    SHA256

    e03a277e28b1fb0d1a6961d83551c704c6a0d73bd866d4be82bc4347c2d49378

    SHA512

    be6d34d6d117ecaf9335e4afb9ff427d9bddd1135bd17cdef905192e59c1585dc62b3b7bbb8adca176ac27b5a69d48e78feaaac3d8bdae0cd5b667b3974a59f6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9f3f762f94fed639a03c6008a5cccd83

    SHA1

    13e0e68521eb09cbcbdecd37b5fb4d3263851d85

    SHA256

    9f33445871e6a7226301cd2809a10faa17e3dff89ea8e11bb05e23f80b9ed2c2

    SHA512

    cc4a2deed04506d60f176a35536f874b62946cf933290ff3684da157eb832209d791940f2d60689d38672c3f2a4084a3d4c948dd5c081ed3330616d01fe0e9ae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9a4c97b776db54a117070b0027b1aab4

    SHA1

    87466c1f9f2dc327e542f744065ad5226495e466

    SHA256

    fb7a03f1a1796ff95d6a13d318a5284797d32c26cf1e17fead2b6bdab6e0f67f

    SHA512

    42fce13d7a45c94f2de63f070da4285561cc27c2b3b66621229c90c5d3264da45e3a8872b5f5e47992d457635a34361c66ea7fbf83586f05cffcce5ce3a9aebf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ac0fc5c288c24d4dcfa64efb436ae592

    SHA1

    990a6716f3d53f3841b80457e71d0b40da55954c

    SHA256

    2cbb0de6217623a188d9d555411477312282c7ea0a05b5971945222637a1e085

    SHA512

    50593a64c67a99996b54c834d3610f4549bc3e345c8c847c80ccd85aa6a7f9908aae3176b2a36c6a56d4d8f4a6e08f6ed01ee9f73dbd906833a2d94a3f6bcc2d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c64ed52f0125149cbb64060a1ffcee4c

    SHA1

    c5a9de18637c095914922d5d9a81ef1f224e8e32

    SHA256

    d133aa5b3ccb7dbec47ec453921b94f08bd99e2e4d07e8002449e78b3bd7b427

    SHA512

    932af67a071eef70df72ff3801551e7bd425ada8e2eb225d0e8be5ae1d1cc8c7e3948a97190d9b54e40d2a9c66741b861a55916866ba47fb27f5187a256f2f5b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9029afa903812ba56ea86fa46b0f2887

    SHA1

    978bf5e5ae61306033758a163a90fe072574e603

    SHA256

    4f8707b5dde2cb7b07220f563ca48c3d8f9dc41e9d064adb36fb189cc4cfa829

    SHA512

    80926825e396fb157b0813fc71cf19c66c6a676ad607b503e0277412e8401a3679cd6f025dd5d8f8005ab141eb303930463fb017b0b281f73839d1c5b1569e79

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a0be8c4a2e5a950e338d8bc87e576863

    SHA1

    9c0ce335ff329b2efb056e5c8789e83386f29152

    SHA256

    722175312da797c155b959664ef2a2da495bca34bc6570432c23113a6f7e83a0

    SHA512

    4a9d22d7eae232f62d340d30537a3929e5fce9be4778fe7031043b64ed41c15f16a013fa5682f5687a2297b99e066af0f42bf3a17337b85b8df2ccdcddb39dc3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d105942fa7db09bad63391cd6d4c757d

    SHA1

    4d3a71f937c0ae2fac5a044e6e3a08af6c8fa796

    SHA256

    0163565b8254e67e6bd50f9051c4735c64191cca1b876d1ec8d14fa5888c976a

    SHA512

    93fa9aeffa686a7fcc7739e15ce7520abc48b3e0d42df2ed266e429e76d081693f1b85207e304a125689db8fbb93a126279929b050ff9402f7895c8b35616806

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    66281ba82e0ba9998fde9a6b4a3fd822

    SHA1

    7835427c8775e957b2ca5116a0154e0b922a0ec7

    SHA256

    92abf6ff4cd2c7b5923f4cd798b2232f4b8c943a30ad59202f4cfa29c4ec7e42

    SHA512

    f421579fdd93172a1c251243b8fce2332d947856f7116c04d7fe1e2253d49fadce22f99fc83fa1523d4ed124c0f97610f8a9e4c55f3c430e9ad7ffc3dbfdf412

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2dc85978354c495c21999bded6d6c1f7

    SHA1

    c82425fb5509629d4ac17ff107fa941e38707de4

    SHA256

    a8bb018d4e68e0c67e554aff7a78f025d295484e70b03fd404d0798047903480

    SHA512

    dd739956f7b0d56e7e2785e5d2de8d732a68f81e7424e16be31c014da269c218a6d9bb4bc7fff6b27f81a01d85d16dcf2c34218d2028191e2f0a422300a2c897

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7db5a573072f86f7e373e5948ffc6bc0

    SHA1

    22601af6e8a55bd8808afa3e5baa6660c73b2a2b

    SHA256

    5415c9aebabe299c4be85d622d5d18fad5460474844cca82f12bb7895324a47f

    SHA512

    e7c0d2347167e1e80183172570d03d8b9472e99f1c87564dd8d3ddfffb82db1b8cfcf21a9b8fa022fad8a678b3f33254e61a70c0891b1ca2799f120718653d96

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ee748611cca60efc2b66bac6f32ccceb

    SHA1

    f05cbb5a746b3555c005477ef00feb2d7e578b43

    SHA256

    207eedfc015929e669b3ef646a9ccbb57488b03497324ce171c85c914889e139

    SHA512

    065101c8d3c7c754121ece2efc7696d76a59cac56ac1ef9ec291ed717662ba6eade0eadd3cc517f9317c71afda223cc7808c22d99abae13beec5175e96aca09e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA43D.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarAD75.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit