Overview

overview

7

Static

static

3

3cf46d0f5b...18.exe

windows7-x64

7

3cf46d0f5b...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

doc/de/mkv...t.html

windows7-x64

3

doc/de/mkv...t.html

windows10-2004-x64

3

doc/de/mkvinfo.html

windows7-x64

3

doc/de/mkvinfo.html

windows10-2004-x64

3

doc/de/mkvmerge.html

windows7-x64

3

doc/de/mkvmerge.html

windows10-2004-x64

3

doc/de/mkv...t.html

windows7-x64

3

doc/de/mkv...t.html

windows10-2004-x64

3

doc/de/mmg.html

windows7-x64

3

doc/de/mmg.html

windows10-2004-x64

3

doc/en/mkv...t.html

windows7-x64

3

doc/en/mkv...t.html

windows10-2004-x64

3

doc/en/mkvinfo.html

windows7-x64

3

doc/en/mkvinfo.html

windows10-2004-x64

3

doc/en/mkvmerge.html

windows7-x64

3

doc/en/mkvmerge.html

windows10-2004-x64

3

doc/en/mkv...t.html

windows7-x64

3

doc/en/mkv...t.html

windows10-2004-x64

3

doc/en/mmg.html

windows7-x64

3

doc/en/mmg.html

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    13/10/2024, 01:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    doc/en/mkvmerge.html

  • Size

    182KB

  • MD5

    b4dc1870da852ca26867cdf3d4a7f61d

  • SHA1

    c7e5de4f5f46cd6800a693e78db492d0c8608c46

  • SHA256

    128588cbffabd984fe916922258d92ffcafdd8409ab90a4c6bf03a2ac550a1ac

  • SHA512

    3e9f2ebabfc35917fc9bd2726e3aa26f729b676a0cbe76548e5d2a5d735ab22933283577c91ae7074362998d585e5e4191e43919c00d500f1a259256e98d3063

  • SSDEEP

    1536:1Xv9kimXpYJwRRW9GOD3ej34xr2T7Sgdpx+BJ2su/t7dAGOp8DRj/SxtKZNduWC9:1Xv+imhHW9GCej34Jq7bdICV5AKDN/E

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\doc\en\mkvmerge.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1836
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1836 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1620

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cec43fc60e3d4c52347ec749ac4d54dc

    SHA1

    9fb8ded30fef986d3ee4748c01a13c67167eac98

    SHA256

    e85ec5672306e367f5d4246713eacc2fef7743f35d357a70a62f6200dc4c8c58

    SHA512

    a9fb1a16848070be7d822b8691d0aa2638515c16d2810433d6d11c2617f6ba2444a6e308347771ee4cf88ea99a8d1d50846788ff2ec76be713c07879910750bb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    717cdea687a489d4f68a009a83f34a1f

    SHA1

    67d4c426e3bd78cc77670cbeb3e7ae177aff23fe

    SHA256

    382afb14d737df4c226ea4a147c966199f20ee6ea2fb5b890e44a68f3afffa78

    SHA512

    fae2f7caac8637e69aede245aaa4f676862625dec404fb87ad8706429f4d73fadd71f184bec304751746a266e5fb4033dd73d5bd52e0c6cdce44d2ec580112cb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    42caf0d312e592e687cc09d86b7bb0cb

    SHA1

    bd3841c35db9e6812ad14ccfb629001c209fa74d

    SHA256

    972e4eec4ec8af6636a8e771bc25d056036a9f5daa663cc0432221217b27faf6

    SHA512

    45ec3ff47b553bfcab30f4a7ddd28aef754d990296ff973b5563b5dcf40b0adc3ff6ba95b61637396a86441d33ca8ebeb181e0cab8a22e6438528e2e6b045ad0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    49583fae85d2e95e4f6aefc162408fe7

    SHA1

    59d2bb7ff524150130de2e2dcb1ff23cb88aaf70

    SHA256

    b97ef8f518ad67ff45763a6b31a595b40d9123bb1a1c8c188dff20e67ee4f7d8

    SHA512

    87734da8fd7ea299da59f324c27bde712358f9551fa7b35abbb22e081ed1b58b785cad286e72ab810c30453f0ecdfa255a0a22a5b9117da7e3ada2884c5b2c1f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eb285464c5120aae11819419dcebe274

    SHA1

    755d99d0cecdd364d1b55468e68698884d7f6fe4

    SHA256

    dc9ebb983b5b9ea09957229bdde5ecebcce9c5d9e0f062cb82628999e4593da0

    SHA512

    0321185f8501bd5e45edfcdae5fba066badab746480c120b7a62aa8e4a568912291a5df9bf083545083806586c16f89e52b4c8f53f0738293a2b24cceae28a9b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9a960e55f365a6b716d8a0f935d06a38

    SHA1

    52d95fa0b94d960ca8e0d8a1e3271ba0cf19a575

    SHA256

    37fd3c4c45c42a4bec74d3e46e1894a011ccf77f2f598a9fa6267bf96852c795

    SHA512

    5c503adcb4cc7436061a486743fa430e8cd6728ee2630615ea695008b0e0f46cbeeffd8a67d82e9268a7494be3125a0e852497852fcab5af57d544bdfcb43869

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ef4035aae23592091a240f8300609788

    SHA1

    5535d8d0ac74a1d0604033bc0643ded46759b268

    SHA256

    cd1cba44d35b496d62e4b9092c6e1f35334ca277c9e412fbac2eb3c46d658b91

    SHA512

    d08bf1794aae60c9c415ea6c10e6c8267806e41c8dad33ea6282fdb822836dfa0818ac2dd761eb68c79a1a131c68ee6a56b54bb23dbf8ceff28e57c84da17dc4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    60d9b04aaf6802fc89f826a22ff05e47

    SHA1

    970294d679ab56ccc8e51f5591c4c681ad933416

    SHA256

    ffd074cfabb48616fd623b40d2b6754c241200807d7d8a7f690c6ce88fdaee13

    SHA512

    2812206b68eb8a2cdc0b81c3dff79ed759e4c647661321b6246c257af695c127514d27fdca0ffbc5409b955d9aeaa005311c5bc17c51300e9f295595e3d4ae87

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b452cc78fff8212fb547faa8aece83a8

    SHA1

    8eb5a0f251e00ce2888996cbc289275ce3af9661

    SHA256

    488520013af1791a5dee08e32af46b8ce8d78b96104fab741331326bcb7771c8

    SHA512

    5a64c41895c33d8be4fd438d4deee9b513de1e956c37d1b20d9c27055d0761924aa5eda8cb899ff473b44a895c13455d9f791c71e3f3ba50c93e9dbf446781a8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cb6599da59d6744c3a3cc51a111009fa

    SHA1

    df50861190c3c29a43038f0ccd2dd98dafc470cb

    SHA256

    386fc56d19623a9417e1347de7b3045f9330e46306c24209e3d55406821a6db3

    SHA512

    9326526edaa06fa2254c74c4b976222254f5ea528b2cf2d4f7c1ae06a343c78f8a9b6aa2b92cf55a7f4e570f3ca95064c05c08aec17e1a92678b2e8fe68829d9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    947306e21588c9fed7a16dafd68bf762

    SHA1

    55972994bff48f97d16054a0f941c2386121db36

    SHA256

    e4d272289e649374b0d6b4504b7166b0f63481d0160a15c6c14a027ed2e50f96

    SHA512

    e5866f10fe2a2f1d40f1572c237b28a00cb3d064efb96d5344f835d43a6fb1f159374a0aa85f56d0fe51e237b8d6b1f852018b37ffde6c7261f0d6cad86f4ba0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2ef484660e29612930ae327fd9a926bf

    SHA1

    831ae62049c3d61713f6e6e3cf83b508359ccadd

    SHA256

    f85e16d00929b9fdb4af8f8f897728323767ee7c69ce13ffc436b3e57e29c4a2

    SHA512

    220dce36ea22217303ec52a88a9a18a9a804072b2da2239d1bf15ac9c1a455cf9a008d38e23e5eff34b904b67012b66a09fe02e0570747374630f78d98a1b6ad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c61796337b4dce9b1c7b04354d70ffba

    SHA1

    4aa2c246b4221ccec6a6be0bf2c5049f1623baff

    SHA256

    da15a5edc8abec11a031182847460d1c9667de49526b5b4d53f30f280c3bfde4

    SHA512

    f3a12f9d1894b66f28bf7522c858e25022fee89fe0707228b45f63fff40764457386ff8cc92232da388a07711be85076420689c017f5c5efac3038cb3e08de26

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7478373680adb5cb5fe3d495ae0b5b81

    SHA1

    1afd4a5591178d5164a5de115769a1126ee41c97

    SHA256

    7b2d66ac04df557a52f40eb0ab2e829c8628a117320314f95497648fffd7a66a

    SHA512

    21ff5b1101f87591480f33505f8787ecbc70e41da4522c8e941e1ae73ff6291a0ecd70af1c9ac702681275a1733ede5d79637268bf01cb2c08a69f0e1aedce1c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE36E.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE3FF.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit