Overview

overview

7

Static

static

7

171f66ba3c...18.exe

windows7-x64

7

171f66ba3c...18.exe

windows10-2004-x64

7

$PLUGINSDI...ll.dll

windows7-x64

3

$PLUGINSDI...ll.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...te.dll

windows7-x64

3

$PLUGINSDI...te.dll

windows10-2004-x64

3

$PLUGINSDI...om.dll

windows7-x64

5

$PLUGINSDI...om.dll

windows10-2004-x64

5

$PLUGINSDIR/xml.dll

windows7-x64

3

$PLUGINSDIR/xml.dll

windows10-2004-x64

3

EDSDK.dll

windows7-x64

3

EDSDK.dll

windows10-2004-x64

3

EdsImage.dll

windows7-x64

3

EdsImage.dll

windows10-2004-x64

3

Help/en/ca...l.html

windows7-x64

3

Help/en/ca...l.html

windows10-2004-x64

3

Help/en/devices.html

windows7-x64

3

Help/en/devices.html

windows10-2004-x64

1

Help/en/fi...s.html

windows7-x64

3

Help/en/fi...s.html

windows10-2004-x64

3

Help/en/ge...g.html

windows7-x64

3

Help/en/ge...g.html

windows10-2004-x64

3

Help/en/import.html

windows7-x64

3

Help/en/import.html

windows10-2004-x64

3

Help/en/im...s.html

windows7-x64

3

Help/en/im...s.html

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    05-10-2024 09:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Help/en/camcontrol.html

  • Size

    714B

  • MD5

    3a8a6e7c27497b9229eac75ff0fa7c9f

  • SHA1

    c4107e99e559dd77cef78868f9745592c52f747f

  • SHA256

    7393265a71121cc6895da25cee14fb9e13c360ac7ab57c8620c257a5f36e5a42

  • SHA512

    5ff4bf19029f64117373e850e3aa23da01ea3484bfe67d1b9a36d3abbe2a0e6b227d8b74e352af3bfcf606e378b2460da4977a85f05a36aa4c120db551ced861

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Help\en\camcontrol.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3048
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3048 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2348

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8b8df5b62d68c4f2bcdf262462a4e88a

    SHA1

    8ab73cfc57674c657ad8d7a5291c38b4aa2bcb84

    SHA256

    947b9d15aca66d90921714485ec45803e10dd62e7ed50e353c024f1e196d29f0

    SHA512

    a743f26462791bb4017e78a21084c77e61666b8534deeea5940f5badf79c1e4e70dc659c92dcd962884acf0981f1fb989d380c48311a0aa94789f1db3bf4050d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8215ab5537637aec0551f06dd00c6fb8

    SHA1

    b864ff17826cb0140dd9841214df71f21e1ca3ff

    SHA256

    9d3fb6df7d885a5f163aa88a64e41c5757ea84331adabcbec5e7697922105f0d

    SHA512

    2727655c3b28c257d4679ce73bc3f824d4272bd242df21c7c0f20fa4f78e60adba4858beb20533e0558d26441246baa2d77633799b2377858f6402d33ac701ab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e989a6c9ca5ff65ffecd21cd7b0e4805

    SHA1

    9c2c4bdae0c33c8256023d44126ab843b89a71d5

    SHA256

    bf5b9e0509fda0a1fcc2ba79a3832ce052d493bcda26a19d4076bba86e3ffb5f

    SHA512

    d698384af193eb3a388694de287a6bc6084a8fe4ac833696c3d6645a05507f42bd78493e78aaa4b97a0f7abee4aaef97e1652a86efb36f58ea72f01017b37a2c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aecb38925470012dc1285e4634af81e1

    SHA1

    0283f4f80b202dcb0d96c5261a2a98247dc028bc

    SHA256

    c4fbbff57578ed52a640e8b33f302f04f06575c6cec0a897f31e3fecf4b8260a

    SHA512

    5a13e340808fb13e1993b9318a6386ab4554bcfb64c03eeaa30dd6a013be50f45b1bafbb901b0fa84c7a879a96d623426356b4437cc9f654c9174abccfb27674

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fcdbd32ec4845dacfb33601da6164124

    SHA1

    410118fc2fdf05758a9f6aa0a10f387edeb6abfb

    SHA256

    4fbe7ddbd482d1cecc5158ce88604ac6950fa10bdd23bf1d0d397c85bef4423d

    SHA512

    85de3999403cea48db2124f67bade7a81710dace88aad656946342168324f5e89f22f6fdde5370b27952ae81c8e99704838b3fb1a761032f244d129efbdfb716

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f4e83ccf8b395e8cdcbd42ea68d583d9

    SHA1

    4144691432ac937228711ef074cf3dca8871f5eb

    SHA256

    92f287d7f01cf64b0cc9d34df252f2b7771d543d9a676869a641ad165a28cde5

    SHA512

    2e1b4d68369d4be8bbbfefe6552ab9062d69c183c8a01db7beef1c530e648424a56f2ec83c682b56f933155409e9c2d7a5aae296586761256cef95e1c782faba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e336b78e2b2027d0ce1fb084df394a0c

    SHA1

    d7a106ec9b4ffaa4e4b1db5acb8050994a7b935a

    SHA256

    29dcc19c3118870f6e3efca7d28de9d082abee57333e52cd8c52ac58d4b6a26c

    SHA512

    b7a84835d27079c5efeed78a0eff4a57066e862c4556c66139550e32c762f0064b2e6ac93e20d6d2a64b09bb1a233f1191f20d4bb2da5a0cd880d4b42458fd45

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    89931585efc8114621da81bf734a17d7

    SHA1

    8a7c70da91b6182bbf1518f7c0144c9c8fce535a

    SHA256

    fe431f27fda7585840feafa5adde42816c4f31e0c3b63b37a9608c82f0278b7b

    SHA512

    eadf6d5cdd1e3ed67a554e0eb7b017187bce230d8bdbfa420daad5bad6a0eaf6f7ba8e1030a0c37825ff178d296aa262adf26abc2764b364f3b57527a0bcb38f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    807405da3895efafc556cf9a9f87aaca

    SHA1

    c667ea7d107fc50aa91a40bebb6dd26963b0e261

    SHA256

    dc0e7b25e9a242f54a55addfa1deadd8f2f211179ddaa191fd8ebef7c167c5e1

    SHA512

    71fde5b678cb5aff28d775983e8ffadd75ad1f06b86e5da7d180dbdf52de73380ddefa09d2b6e21c6982ecb62a059025e52dbcc4d05d44b08cf45b25b60535cc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9eb3ea049fb1716168cde4688d22368a

    SHA1

    02cb04f39403ca01d339b15b0a1809f6d302b00b

    SHA256

    4862619de7bea3cdd5d829979d81bebc28a0ec0c78ac156dad936ef98913b4b7

    SHA512

    b526cc594f853b8685b51b950a3eda441f887a6cbf150b5e49c033d4290e22b1c144720e04dcba3c5fc0d538a3af80980ce5430d136579d41065ef4dc6cd309e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f96fcf668649611266fe81a31b5e380d

    SHA1

    6b715b8e97dc9dbfab766e6b9c751d0732dde3ba

    SHA256

    38cb220ae9dfc91ecdd3b71ee068166d0fb59af5838e29cb737acf6c3aebc054

    SHA512

    716e9e22b97f7302e7bf1b6c34bfb2af8fef0c2d2a2bba979b97be7528b31fb781851749f21b8e988a330bc974fe7fbda592870c64dd1f3969d6c0c8b2b194ca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0c14fa0ffed8a99f0021f7020477129c

    SHA1

    1485a6f02dda0793d9173e4672318d28275024c1

    SHA256

    ac6e67bef5f37d942bd05932c82c0ee5b3541648e2e8d2b89ec0d3ddf5e71b72

    SHA512

    889a047dbe560355ca4bd7f505e4f3f95d61db0cfac16f1bcafbbee80079138e05a9dbdb7a55f8173e15317882ca566600f7beef9d77ef71c1b43e7191f32757

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    debb9f40604228ef6124b860a2bbd3f6

    SHA1

    0510539b8a3834cc5e7cf9edf8710d3e97229b04

    SHA256

    73e74bf9cf993c9d8525283b9f68eef055f49a6a23d3af484471db2aeb9e4ace

    SHA512

    90e617e243a7b9c3fee9f3a12fb00383c1e5ac072d176269244b66cc930c4abcf4fc66ddb4bbfe1706039ef11e6639fea6349ebf339aff1a0010ae06061bcff7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ffb24407f0b38b343f1898f9cf5acad2

    SHA1

    91f77668053cebc223950556304d8f83d6b717fa

    SHA256

    b79a793a6af42e0c0d5997c639ec11ff059c288bc17763f34fe603dc301becee

    SHA512

    5f36e61b425dc7c5eca5a5545b94e3fb3d9e737a4badf7bfd38a25d4e97fd721be50c4e5dbd0ae543bc689bbf326bcebaa48e11f9d1e09a3ec0dd0bbd630a0ed

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c396ced34d26261fef69f77297dc442e

    SHA1

    4a8171234aa90029ab0122b18c74fd1698084d3e

    SHA256

    568a530c5fa2b8f68e94a601a84c73e9bbb634c98750b3ad329c3dda409d0fe1

    SHA512

    ff4427395d47cec33bb3ef5b5e946c38fe1b18259823d9432d838f1bd4aba3783f8bee4b478888cdf0a416f046dcede5eadcc0dccd4ca885281e02b12cba6687

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabBBF0.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarBD9B.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit