Overview

overview

7

Static

static

3

itarmykit-win-x64.exe

windows7-x64

7

itarmykit-win-x64.exe

windows10-2004-x64

7

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ll.dll

windows7-x64

3

$PLUGINSDI...ll.dll

windows10-2004-x64

3

$PLUGINSDIR/app-64.7z

windows7-x64

3

$PLUGINSDIR/app-64.7z

windows10-2004-x64

3

IT Army Kit.exe

windows10-2004-x64

7

LICENSE.electron.txt

windows7-x64

1

LICENSE.electron.txt

windows10-2004-x64

1

LICENSES.c...m.html

windows7-x64

3

LICENSES.c...m.html

windows10-2004-x64

3

chrome_100...nt.pak

windows7-x64

3

chrome_100...nt.pak

windows10-2004-x64

3

chrome_200...nt.pak

windows7-x64

3

chrome_200...nt.pak

windows10-2004-x64

3

d3dcompiler_47.dll

windows10-2004-x64

1

ffmpeg.dll

windows10-2004-x64

1

icudtl.dat

windows7-x64

3

icudtl.dat

windows10-2004-x64

3

libEGL.dll

windows10-2004-x64

1

libGLESv2.dll

windows10-2004-x64

1

locales/af.pak

windows7-x64

3

locales/af.pak

windows10-2004-x64

3

locales/am.pak

windows7-x64

3

locales/am.pak

windows10-2004-x64

3

locales/ar.pak

windows7-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    04/10/2024, 20:53

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    LICENSES.chromium.html

  • Size

    9.0MB

  • MD5

    f017c462d59fd22271a2c5e7f38327f9

  • SHA1

    7e1bbeea6ac2599bd0f08877aa5811d32f1aceb9

  • SHA256

    40f314c778851106918aae749d75b2d913984327602a1bfb7ef0cc6443ff2a37

  • SHA512

    72177281486f6ec26ccc743b43481c31470c7dd53f17b0a67ac087dded190c2e3dde5570260150c2e9650186a515740af7f81e31965c95bb762340f9ac100c07

  • SSDEEP

    24576:G8QQf6Ox6j1newR6Xe1Vmf86k6T6W6r656+eGj7dOp+:fG6eGd

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2108
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2108 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2376

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          2ac9237fccce9ff9f7196e951311c63d

          SHA1

          c44c43c48300bf17bdd2be0e41898d893e682988

          SHA256

          d2827d8523e41f9669f5c70d638e553f5e083726a7296c68e6889ddb6a34d78c

          SHA512

          d12024841791cc9b611593e2b24b1c018d0b31de3a83e23ab2641c54e9b461a07774b078e7da563d35dc62db2e56af12fc536a90f4608085be4554938af82d6a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          541e28c63991d70632857a88c3e6a96e

          SHA1

          5b1e9fc16d6cda34c5d84aa4d062f01cee11785b

          SHA256

          f6ace18c35c0f4672145299340b1ac82100d051242038b48034750352bc78637

          SHA512

          4ad0116773117771d3c67ca4c2d550b077b74dfa5cfdf6f8b438147a8a0bab473631ddad9c094e5cf2d8534b8cc33ed7d6ff1b64947031827778f47a627fe1a0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          6baf5382ce0fa69bb028921432794949

          SHA1

          96a3833c38e4b81d15d187e052969af6a128525f

          SHA256

          cba461de57d7614f68bec78d498d3f5ad0317d33b04af679480bb23632f841bb

          SHA512

          ebd2ecd02be5d3f9cc6c2ba2b226bf014afabc69458e8261529cf7689aed59fb7230ad3c5ae2c8775f38aceccf10e66a7dfb9056f05a7ee13eb2b9ca7a113890

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          85c9d193dac74ff1d40f8fc92d38cb6f

          SHA1

          43c768fe880edeced20e4176467c256ccc7608ca

          SHA256

          c0474a599602c92c609e8da7c6579d0b6905d445ba1d76605a593aae8509cf73

          SHA512

          744b1d6a4e524d0de4e70d434557c8ec075509178ef424761dcbd4ce670a9aa3b8de1d01275ce9628f341aa3431dad47eade8a113d03d92e45f50410fce18c35

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          061c7a1dc860c2696403a019c7a20eb1

          SHA1

          89ff17bbb29959e58db2e0c974198359bb8cab08

          SHA256

          46f44f26556f9176f24fe64befdcb499fb9d21a89c874a53452f1073e36bb03d

          SHA512

          b4fc83772d5598029f323b0134a9dc989d3d72e8a283c2ae920400f30581199dc88a0b6d47e0c2bc26584905494d7fbc7b09fb0ebdb1db0e641b7ca49e0a447f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          70413da8510819888fb139575337e03e

          SHA1

          1ad51cc8b94d03dae482a19269d99c9e7dbb6825

          SHA256

          d69d03aeb091afd07c030371f3319cacc007e2d745c90b65ed5cdaa3a7859616

          SHA512

          fff1ebb36317d3cc01869869137f57daa8644dc64fdf5e3f1f82ae12171015e2c1edef7959cc1b998520b0cdb27b4599be1a7a01b9ed1a6f27af7adb74650c5b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1dd7a752d49cf9f9e7e208dc255aa332

          SHA1

          ef2b7d2210e0965a87d75a58ad305a326329825b

          SHA256

          b612191a8acfcb41f103d325a1f78462e3a5b9ec7a29c2fc5cbbc533aa0ce742

          SHA512

          da5f7a379876808885795d8da6214867227d1c38459c892007412b5aadca2070a431c43b46f2a5a7bcb8c21f33bef202becf64d9ea1ba50273ebad3628696b70

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          505494f35ee2e6874424aff9e3363886

          SHA1

          a59b8f6a79afc202c5ff9d24cb82524cb5c7caed

          SHA256

          686e00c2a843548bd269015375c300dd21c79581ed485bccb782f806317305ec

          SHA512

          0f17f1b31918737426e2ba479ea34794acd8823f3c8ce28a83a62742933cf5543a7228947462bce439ec6750f15ef72723eb9014f81277a0b3ec2e3b131304db

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          63980f3d3515794b200e91c1f218d6d0

          SHA1

          c59377f6a8c5888b15ab7de06a268b993cd8451a

          SHA256

          643d7e679085a4e42a7fadb3ad9323f019955a017f5349837c7aef7f4877adac

          SHA512

          e4292cba0ef3f38a217d5f9ccd05575508e1931a8e6adb66864083b127136137d1bac83af4651e876c6c288723b3a1da5ff6bdb5f933307247155f1d5a5d31a5

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabF45E.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarF4F0.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit