Overview

overview

7

Static

static

7

171f66ba3c...18.exe

windows7-x64

7

171f66ba3c...18.exe

windows10-2004-x64

7

$PLUGINSDI...ll.dll

windows7-x64

3

$PLUGINSDI...ll.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...te.dll

windows7-x64

3

$PLUGINSDI...te.dll

windows10-2004-x64

3

$PLUGINSDI...om.dll

windows7-x64

5

$PLUGINSDI...om.dll

windows10-2004-x64

5

$PLUGINSDIR/xml.dll

windows7-x64

3

$PLUGINSDIR/xml.dll

windows10-2004-x64

3

EDSDK.dll

windows7-x64

3

EDSDK.dll

windows10-2004-x64

3

EdsImage.dll

windows7-x64

3

EdsImage.dll

windows10-2004-x64

3

Help/en/ca...l.html

windows7-x64

3

Help/en/ca...l.html

windows10-2004-x64

3

Help/en/devices.html

windows7-x64

3

Help/en/devices.html

windows10-2004-x64

1

Help/en/fi...s.html

windows7-x64

3

Help/en/fi...s.html

windows10-2004-x64

3

Help/en/ge...g.html

windows7-x64

3

Help/en/ge...g.html

windows10-2004-x64

3

Help/en/import.html

windows7-x64

3

Help/en/import.html

windows10-2004-x64

3

Help/en/im...s.html

windows7-x64

3

Help/en/im...s.html

windows10-2004-x64

3

Analysis

  • max time kernel
    66s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    05/10/2024, 09:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Help/en/geocoding.html

  • Size

    1KB

  • MD5

    ad9b06894ec1b7b75650de47d2ba2970

  • SHA1

    0b8bdc635f2cf7e2d9039d4ac30c33aae40114ee

  • SHA256

    3111723ea6ba3cad37917c9b0d7d207fd736de1f7b86e412dc4219bc1d51f3ec

  • SHA512

    f8e7797032edffe6c75cf18a3864781fa8bcfeb637403dd678589f8a21d5a4dbca0ee8da1fcfbc5af185e5b958961ab4d4381f1b7d9779ed20599020a90b9025

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Help\en\geocoding.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1096
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1096 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2180

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ff7c4e0e806ec1ef5de99797fd729932

    SHA1

    69cd501e9b813e24377126326c723497355f1757

    SHA256

    d6afce4bc0590c6116d33589d5b1d02e3fdc5c2499af20f853bfcd835e4a6017

    SHA512

    3b76f80adf663d24e9c4246a1aa9becf646f7e3b36ed7fea5a774535599da95ef15e7f138491d4cc8501a9a68c8825c1f12e8ceda0a694df108c17e36f5918ba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c75cb5e73dde5e748057ab4f2da2eadf

    SHA1

    8b076e6d45212542c1e6ab6273dad7f7ecb6cb58

    SHA256

    23b193d3691cc896de18ee955a04dfdda24546e13d3a2fa2ee3629d3514268ae

    SHA512

    dc9067c6a4173fadc9e4381289dec51b011e1aee4d323068a239b26a469d49192439630dda1ad73e9e5455add0196e38561a312fea69def46080ef51e56d52bd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d85105a9740dd014f64057b747aa81e8

    SHA1

    5b80724a36a6a81587b111b3dc3fcbb1d10d7382

    SHA256

    5e490f9cc50c23f6ada32b35d816982bed9e4609176a1cf86130d321d6653c9d

    SHA512

    b26431dc4d1f75b5593e025649cd63b12d0203d7fe8eb30ba053c1db3b5f47f456b9373bc7952f415294012a7f0364194a46e6ed275210c502d07b8725000738

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    afd76971a27f8872e2bd59ca6b79caa5

    SHA1

    4bdc854704edc3c935560170d44a080d3403d3c6

    SHA256

    be4f76f4c105e4f846a249369865ea5b16161188a42d3796a4617126fd70c8be

    SHA512

    1134f2db237be621ddd193518446d8de52c6601454b44dd0c93a0583ae2040e46a17080958c8fff309345a45d1c29f8dad627e0f1e3132476ea855fd2b764bf6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c871de6572472c2ce151e8d759410501

    SHA1

    4b1d34e9342244f340f35162e9ac5765bae676dc

    SHA256

    bff1e88caac1282518de61292e1d89de66aeccc35de4b136d6f5fed3b82dee67

    SHA512

    40c3967989e2c068eb0dd97ec11eb24f97791c6b334d9f59aedf6c2829613005851f3982f06fe3412159bf4e4aa84b796a530611cfc96619650662247e1d3afc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d3733e36bf16e17a1dc68c4d4b736f60

    SHA1

    4b77a248a6327eb75ac66bbb20022b724d21bf8d

    SHA256

    375526ff027b95de2a70acfdcd321890b5722dc6e486eaea91f4a8c8f7089e5e

    SHA512

    b40936721a437519ebda76d696e05871f11252c9fe6b7b9bc99ae8331607259112d5ad4959311b0cbde335a48a1ece5bcbc9b74f3502da2c673f32e315a58fd2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ff4ec8978fb35efb19b266a5e3fc95d9

    SHA1

    4a0ce400ce3b9b34057912c727ca6650b608e5c2

    SHA256

    e54dee1f36963eac1d487e5f0c9d8b47c3ae097a51d9092736d8693c767a9152

    SHA512

    68decfeedc0a3486b18e26f2d851733987f8a18c42e1a0fae3c8f44080ca843490033ab61762558d5a40fa308a30f2cdb3644097fe2232e87e06e93177ca40d3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0896a7f72156602a515ade651c4e57af

    SHA1

    2cc7ff1a3c66b2e37f7875dc4aaeb976387ec339

    SHA256

    6602b8e361705902f861b91d7790af6c37d7046e509e0fcc2234f0099199c3a0

    SHA512

    e4736e2c5467dc55dbf5459ec21d4ae3bac22b9fae45f5d2362efcecca792f47127a016f8d98022cf43f350335d6f0925bba830ac32be1faca7aacef596e1b24

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    194a0e9a77783ae315aa64d97a0e6f32

    SHA1

    d4857c7a000cb394fad574a6263d3accfe8e008b

    SHA256

    7883d49530b2acd29a65f16723d31dee8b255800763ddc18121729ba87896b66

    SHA512

    1f393a05ea819a301956c42e2df50cc279d1c35a736fa3599b21af3fefbeda97a1cb4c0a27987840f3224778498c0a3c87e469c32d305a8c63871f6752ea86c2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    19e40a62fea0e764ed52b885eb5a6db0

    SHA1

    f230567436dd7d24711e3d6c0743c16352298268

    SHA256

    275a653db59fca73d133a71493eb5dfadfebeb5c4a40c13d2d140acaedacb33f

    SHA512

    453f380d2b0cd13de19cb1b016077928f96c18f35981b476601cd64f46fd9abc4be7fca88945747f3ff57964778c00556d874e641a9eaa17f5880705aa784a6a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dcff7ad6e30b6ddd7b1345d77fa95a46

    SHA1

    2cb43949a5e125217b5b42b06eb528c19190347d

    SHA256

    937168f053daa7bf7bc6feeb5f4999bee60e867e02bd5adf112765d31c29f967

    SHA512

    0f98c2c9f8d84120ef8655acfc0e7a08245cb6ef13e11999d5f1c16091aa0b038258a16f05b10e2a755ad8ab9aaf7e0351758ebc8020e3a0493d2828618f8544

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6742f7cdc1d6cfb94281c1b3b59558ce

    SHA1

    0361c4f08e4ed98474a65f866080ef90c56a2079

    SHA256

    5dd6a36319993f651cadfff06875719d759a1087d70359d9fc4a29ed21c112fc

    SHA512

    b9ef78126c8e9ff99c9de659837e8da06ad52009d2565d19c45da5db230ca25ccde08e68998730ca7e1f022c4c8876f378cd3b5b35b9e34894a20684308c9be1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    de5ff1a9a3a0bb890451312ec5c64ff5

    SHA1

    5d9370ac5466633c9b173b29cce10fd3accc4ecf

    SHA256

    dbc26e90d356d465075b989335c0ae6a48302221d0029764c2b5ad89d92d02a7

    SHA512

    f4463759e2063fe254d54ca1304d58a021108147d09534fdd3ade5b43ca266ceed0ec0b6de8768c37592810dfe7143dfc189801aba8a6b2ab18af11925ab9e85

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    67f97ef876e3a8761963b503f8eea1d5

    SHA1

    cb222763340bc6908b01943c2b591982fefe5a36

    SHA256

    9994bccd0cfe60775b6d1aac058ca0c3e94b8805c46846b322cb560a3a9a31ba

    SHA512

    42ba7171a3e0ae822d32d96996a87e547f9b8010702e5f27e7d43dc4308f55d1839e411fd8045cf07a3f00be94d9eef9ccf9597c476cae1d500c152e37f270ea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    526f6ac99fa54d8756f5bf64dd798baf

    SHA1

    ec61dd04c6f98fcf96481675ea5fbb9c631d46ba

    SHA256

    5458a2c3c1086ed94e449b8bd2c2d072b8bc6a48d389127a77816871aaa9c953

    SHA512

    864dc0881f07c9f7ca36e059707a9c53c296c4b8dad9b6dc677070b462b78a13c31769431da8b2a3a47497ce5bf75524f6646b8f1bdab3f9a962e040caa51ae4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b431552353ff0d02444fb20b94642a0a

    SHA1

    49512bb21dec30dccc5dd3b49aafc123b8cd4bf7

    SHA256

    809d9a8a66917446b805cb38e0c030eee5b4af316b466bb9e2e19e228aead624

    SHA512

    09586cefac68ee3c5124fedb14c346802f06c4c0934a45e8b57be38db7d8125715a3a0347cc3efedb992e03b0bd8c4b6a05cffb55cbfd3de136888067416bf8a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dbc2c8e2f434b0574105e407c06fdb0e

    SHA1

    9581ed7f1e28f2c85c7cd7f1f9e018ea87ce8fd0

    SHA256

    6deec0a18ce9163ea911c7c81bbd004d5dc264eea09773581831d51200643357

    SHA512

    48ddd9fd1294e4d9bf25e68aa733589701f3767bd54759fd771ba0bac2c2ab04435caae14e32dd3e1a2a562bb8536f3d087d82935d6b0b4a14c1de0efcf7de6f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a2142a65f7da309c8ec59b2d3afccd83

    SHA1

    36fa0dbdfe053c196828ad8d86f4fc82cf9085da

    SHA256

    2cef55943b568333f3624e47c55b4db74ab4041d03a03b122bb822b58feadd4b

    SHA512

    7b820bdc1fd130512a203ebc2993b9d95007473893ab0dc8d23dc9bfc344cbeb6207913d91fccf567f6c721d7d0ad4ae65cfa96169895e139174971ac91301d6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2dead48400571e9006a6b8cf89c0b408

    SHA1

    948449471ff41957ba871e65381ff6db074da538

    SHA256

    14f86425deafd08d36fc00ca550c44010a54e42b1d2e1ab7122eec8830a78fa1

    SHA512

    e56857555506916c06a03e012a1bc645274dd9aba7d62f5404fc81eb381635eb3667b0a3e7b55941fedd4ad8cb696314dbb17148770ea718770718b69bb5ff6a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bd402c12e2e916569adf3eec692b47bf

    SHA1

    55cc0d5a5c68197d897f51b441c14b61201cd11d

    SHA256

    c468ca8400b58ccef582c50082228c879847c01caa1980216674d650f0a20f98

    SHA512

    8b0f93102cb31e284ac2148bf218379d5942610530b8c158768903d5e063f111b55e07101ce47a0c2b3823fc1f894e6a14552136f5f8a33ac73750dbd8cc3beb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0a80dc3cca008f6c2daa3e9b31b47dfd

    SHA1

    21e6cfc512d45ecd2ae850e58bbe291d371f47b5

    SHA256

    20efc953b8a33fb7f88b7c6d58370ddea39a5d1b9b74d82d5b8f2a290e26b881

    SHA512

    12bec21087f5f2a363929b6ea95660e6e41313cb6c28cec4f9757cd9456c2de8006e7ec9f83d82db82adb3492f624126bbf23b037db6ebb0ca57acfded7501cc

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab95DC.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar964D.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit