Overview

overview

7

Static

static

5

25e1a2dfc5...18.exe

windows7-x64

7

25e1a2dfc5...18.exe

windows10-2004-x64

7

$PLUGINSDI...nt.dll

windows7-x64

3

$PLUGINSDI...nt.dll

windows10-2004-x64

3

$PLUGINSDI...RL.dll

windows7-x64

3

$PLUGINSDI...RL.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...eb.dll

windows7-x64

3

$PLUGINSDI...eb.dll

windows10-2004-x64

3

$PLUGINSDI...ss.dll

windows7-x64

3

$PLUGINSDI...ss.dll

windows10-2004-x64

3

$PLUGINSDI...e.html

windows7-x64

3

$PLUGINSDI...e.html

windows10-2004-x64

3

$PLUGINSDI...ge.dll

windows7-x64

3

$PLUGINSDI...ge.dll

windows10-2004-x64

3

$PLUGINSDI...n12.js

windows7-x64

3

$PLUGINSDI...n12.js

windows10-2004-x64

3

$PLUGINSDI...ime.js

windows7-x64

3

$PLUGINSDI...ime.js

windows10-2004-x64

3

$PLUGINSDI...ket.js

windows7-x64

3

$PLUGINSDI...ket.js

windows10-2004-x64

3

$PLUGINSDI...ftp.js

windows7-x64

3

$PLUGINSDI...ftp.js

windows10-2004-x64

3

$PLUGINSDI...ttp.js

windows7-x64

3

$PLUGINSDI...ttp.js

windows10-2004-x64

3

$PLUGINSDI.../tp.js

windows7-x64

3

$PLUGINSDI.../tp.js

windows10-2004-x64

3

$PLUGINSDI...re.dll

windows7-x64

3

$PLUGINSDI...re.dll

windows10-2004-x64

3

$PLUGINSDI...re.dll

windows7-x64

3

$PLUGINSDI...re.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    08/10/2024, 21:43

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    $PLUGINSDIR/IntegratedOffer-Truste.html

  • Size

    9KB

  • MD5

    5951e0e6dce014feb870dbd45ffd301b

  • SHA1

    f34ef36abf7004a8646e5e7e468ff21cab5730bc

  • SHA256

    38cc5d151c99170fea208df9e9184c67e31486788e44194e01234f98948247e8

  • SHA512

    0a37624751e09cc25f924e622f53f1e32624669045ad20d43f592a660e878f5b8cf42c400371f99ef2dda069152873439db7dbf3ef20881afa08ec241b0a39fd

  • SSDEEP

    96:dsEkV5dynO/34r5kGk1wqJqQ149JOnQlVewEe399xkEEl93s5SzZCBskp:v65InW34kGka874OqnHrxbEl93fMBN

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\IntegratedOffer-Truste.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2860
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2860 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2744

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          4c973f8adcf6d9db985b485f2cb3db94

          SHA1

          e89d2002886265088aba7a57196db8fb1cdd85e5

          SHA256

          7967f1021aab5325c01a172ba19272f1fa530ce6d6af5ce4cb1eb4ac4af769b5

          SHA512

          08083b34ca5cfda2a655f98d42cba57f7f7de3219a4dc2ec2834a73cbacc9ae25d2339e6de589a3adc72a3d06313bc6749f36ddca60e351294948c0732adf629

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          98105f7d9e168357ac097c407cc97045

          SHA1

          dd72f40ff891349ff2e7b96774ce948df2c04e20

          SHA256

          762d941351f37b19d345992046536b869bb0d00019a1ebe2e0d4a21d3546978a

          SHA512

          456748a9bdf5524f3ef44eb82127cdebc405c3b40472cbe6ab4c4ecae19548a5b9a189da680a47f2f97402f5516651482eba2b1e817b006505903466d572a390

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1609b6c228baa3850c9ddaeca49140f3

          SHA1

          7775085931e0e90b21df55d22fb105547395c5b6

          SHA256

          6eca236eede744be5125f07fe70b7822912735a0a3c5d26cfcba78eb32e2f5a2

          SHA512

          0bad0ca525354ea6c48134f8c277eb08e7fd970888e740b381103b24cd64792157e209e77904b68bc21b8ccf23cf189cfbfa148486b60853db6fdd89011fb507

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f1be705778f007b3a337aac5a50e825e

          SHA1

          0050c9acf2deb29684d7c0f8179eabbed09f4d25

          SHA256

          6f891b18033462cb146af27676505953fb4fa240a43761a28f3f6310b0856daa

          SHA512

          9b5a126d7e1e24803f8a81d745d8e781006de72ac378776928c484da64b415c964ea0f95cd48f0a11fbf387d5d7e950c72be595c9718b7c7fd70ce182f81c5e9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          df30e6d15c261b0735808f1a81463310

          SHA1

          0202d1ad46cd5f7453154ce0c828f569dca4c2d2

          SHA256

          4b4b0eb09fa12d3bdd88004adcdf560732587435902a7f3cce48873ddb1826fd

          SHA512

          8cb74f70b12b47974f1e3f6cb0ccd992b653e4446ab872afbeb0fa9f43c5b18b5f734aeddb8f03ff11396b8bd6dd586fc74ec0d0cf18228ed2e9c98a19a58e4c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ad01a8f9fb22fb544b155e5a48556644

          SHA1

          4eaef8958fb1b52a063e687a63dae99d3052f9d6

          SHA256

          08135cbe51b6d5e2437cf155036b01c4d86928f5a49a959f3738526183193c8f

          SHA512

          d92dfc0d9862b5858c6d503c46b8ba71456a1a14aa84459ad2e2ec9add26c530a9e5137fc1768489c34beac42ad8dbb9439b2d94ec9ac15cfd778ee83c1ddc45

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f8b47c64254e3b2ef2e9c496bb2c4964

          SHA1

          cbe3c149ef7aee2448fe11ee5930ee194b41574f

          SHA256

          6e776d9b4b50a499e00cd50b1841fa393de3a11b828efc244048dea3b874762b

          SHA512

          0e2dc37727b6fb138e5c9a21d5f66f610c5036882dc65711bd6e791c0c84a1f617d618945492227b7274f607b0230e6c11e7fb2766d4473e64dbed57240b6573

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          c17dae254926ce072c3a8b12fdee66a1

          SHA1

          710ec6e0f0c68f4820e3c62642706d2003c38eb6

          SHA256

          8464fd1e175629a06c673fa708ef7076270e11b177420d9110165dfcfbc71313

          SHA512

          6f18d9cf7b50b0b6fef964aad5f39946dbc6e7fbe4ae2268dacea565e8cfe75f2925d1ed18a34bb954a0f1fe9916a9ddb95851b7ddca9e6f3e0f25e473fa49ae

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          12ff56723a6fdad8a87fe50507384140

          SHA1

          46adc491d7945e43222f6dd26225e76712c06611

          SHA256

          bd3a6c3381e84f99b74d10d3fc3c10a04af8bb60c2871aab975ef18c85b34589

          SHA512

          c9fe836b64786e3b25a33d47d8edbec0ab6401182f3571d3e02ea048bcb8e2f149d418e1634c8b3a69f28e058091b6f507ef05bd1353e5c0d66f0027add9d136

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f5e6b2cae6afa9ed4b15c36cd1201057

          SHA1

          26a724dd13f6f4a431c7b01d460ecfaec9adbeb0

          SHA256

          9c7c66833eed2b288d5d2eaa1ba3b349b635b0fd48f7b598cdfe524b4ef6b024

          SHA512

          ed9e90ade60d66f903e5f566d024bf04123b055c1592fc09ee8f3bd8fa2eb3848a9451b5d4c45bb318e743a08706a7f581f85f925264c40b0ecceb4b70133e32

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          6bc3453bdf91dc757985e39becfd07c4

          SHA1

          4b2322a4274a31341e66dfb98c836d607d4e762b

          SHA256

          e1117c1898c837c6d55ff9092efb3b2bea944a9a6333798f55ca2fd0051f2a79

          SHA512

          be538aab25f413f335f31cf2210a1fc5c3bb1be069d7d1845553c1643d4292bc8eea2bc4f4ffef4ada2c961a1c4fde0c2ceef4815699feae09c888fdead3f27e

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab85C6.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar8636.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit