Overview

overview

7

Static

static

3

3cf46d0f5b...18.exe

windows7-x64

7

3cf46d0f5b...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

doc/de/mkv...t.html

windows7-x64

3

doc/de/mkv...t.html

windows10-2004-x64

3

doc/de/mkvinfo.html

windows7-x64

3

doc/de/mkvinfo.html

windows10-2004-x64

3

doc/de/mkvmerge.html

windows7-x64

3

doc/de/mkvmerge.html

windows10-2004-x64

3

doc/de/mkv...t.html

windows7-x64

3

doc/de/mkv...t.html

windows10-2004-x64

3

doc/de/mmg.html

windows7-x64

3

doc/de/mmg.html

windows10-2004-x64

3

doc/en/mkv...t.html

windows7-x64

3

doc/en/mkv...t.html

windows10-2004-x64

3

doc/en/mkvinfo.html

windows7-x64

3

doc/en/mkvinfo.html

windows10-2004-x64

3

doc/en/mkvmerge.html

windows7-x64

3

doc/en/mkvmerge.html

windows10-2004-x64

3

doc/en/mkv...t.html

windows7-x64

3

doc/en/mkv...t.html

windows10-2004-x64

3

doc/en/mmg.html

windows7-x64

3

doc/en/mmg.html

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    13/10/2024, 01:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    doc/en/mkvpropedit.html

  • Size

    44KB

  • MD5

    697ceb91e069f1553281395012d66efe

  • SHA1

    c571d03f1ce3a98e90839fb19685fbe67fcbccbd

  • SHA256

    a55805374676733ead4f044531159d803493b1f75a0ea52782b5a5f82e1d66d2

  • SHA512

    01fd210fcbd21e46d07509c67db2f44649b4f779545f9ede198c899e827387138c4d3831c4f71a62e4ed37cb444ef834d1ab644a6f102d1f92e0082b5f0ba5d9

  • SSDEEP

    768:DyWH9sE10hF947uYWf44NfodSJpCoTPTcU/H:uWdsE1g4qRodiCoUUf

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\doc\en\mkvpropedit.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1684
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1684 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2244

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    01c266ecf2631f0514163ad1e8c0b6de

    SHA1

    77f3ed0824fb492885f56cf60b3ea9c68e9efc0a

    SHA256

    92ed90ea08d0dd54f5785e4f22e8fd12375c3896db6c6e2a244dfe86e8c3ab04

    SHA512

    2c8d56dd3d0fab8c4db7b32373b998eb98d8ace1649e9c3ca3f769bc6679cc2e1e9b4dd932211ae441c63786fa5dc3d660067cf46309d8c300b73e809fd8443a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    377176690d963159f238c5bbcfc3320e

    SHA1

    3cb6af3105a920828285460375c4146afad8873c

    SHA256

    63d9b31cf6e90adcad5217fdaec7925fb05cbb3412718aee6af4a791e55a0aa6

    SHA512

    07fe57ff319a6bd5d84d5d9e1d63aacaa5e3fdff95cf299ef72e064e10cdee9e22be8952bc452c4246ad570d87f3b98a856640ebace9b4efd85068662c3797e1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ee975065958b22d0f3a5f752ca94e353

    SHA1

    8ce8013886cdb3bf214bb01d37fe25f2c4f43f49

    SHA256

    a030eb69a042792f2a9b6fa9db80bf34041cf65f965937c231890638775370f1

    SHA512

    948ccc57b1db5c70815250426551823fbdc1cd0b58910dc587d640a79d6981e96a90cbba06b7c3c63745490c5f94178423c632549876da51696eda552731a974

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b2d518ce5d59d38893d982ac05f42174

    SHA1

    c6226d09b34320e160bbd12d7659e79f7ccdb17f

    SHA256

    31460280c30d6c7813048ac02af80942c03e6763e721d8f3c767615d96f2d1c3

    SHA512

    1f0a543eea7158003be86c859657aa6010389960203bc301fd4d35d8ac2586bdcb4fae88a2432553f9165bbdf9210cefe6bba4724abd07929fa12a8b1f9f069e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    64cce453b3539c905988462979ad972e

    SHA1

    b0747783345f54fe0478466b9bf6025c5956075c

    SHA256

    803f6157af4c3eb5af8a711e5df6d583e8516a3589e39bb4b91a9668656fd159

    SHA512

    65d6eb91880cf9e82945474ede8b98bd500cb8c1f75ac9f3ba230a186f4b5751d2f4382f7dd4cc62a4c4afdb31a21edfe994db45660fb56739e2f701848e5923

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    043bd3e0d8b9f4749d5b16b7595c4798

    SHA1

    37cedb34ab2d5ef4119888bf9bacbddf8f36725b

    SHA256

    e04c616787e1066ca4e0ed85e42e32e00bd6261da2a4684e8d85f3dfb8d4c9f3

    SHA512

    0c216dc10e8cc026a400ec3310fa7533603e7c509618feca778784c5d04934902708e0f793da20834ca0fb8a137e7e645314fd9c762e83d7466f813f44e8bbb2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    35657abc35017ca13aa95048d1d40f55

    SHA1

    4a927c1f98be989207609c09a1a1f0640b58840d

    SHA256

    66e7776861523bc7aa02252bcbbfed9e5eaf01f8bc375b5fe5ecc8e23433783a

    SHA512

    5b637c40026a2aea8f9be13ebce0151eee8e9fb117c13ae035d46107676a7a614112c4a268d88fd62d031f2416c0c462ade925989df88d8c70e9766c82ae2010

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a4a1708595729f69a1e37c4598b008dd

    SHA1

    ec20aa54d6b233412ee93baf34b8914b4d1bbfd2

    SHA256

    e806f37d7eda113955ad9e4c813c67e588c6b1d3d48c721e2450efa024179e38

    SHA512

    ed85e2d38513ec9babfb52f6554011ab9c2048e431b9e71f25ce68269007ce49a5bf8dab7bdb60150edf946d543c5b880cd6b4651b3754bd8c27e010dca1694e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0e0514694d4c62999a07ad29f6a7ef89

    SHA1

    aa6fe11eed455959a684e0facd756658566ebdd2

    SHA256

    49970086efad8a8c02ca68a588c78c158806dd824491f24ca1dbcf4f174901c3

    SHA512

    fab740849be1e41973df06e7563f687bf2c08c367faced7d4009b65ce703c8eae4b8e4ca5a7c81b5c83bb216fce0fe318ae03beb05d6c6392f6b465709d3381a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7ed83112f38f61c622b06f70e5515650

    SHA1

    0d15b73325664b7f857e01e2a3976b0b6d27bfdf

    SHA256

    9b84d215933a26dc55b337743bcb1a92345791c4f52b131bfbd0a6241efbf08b

    SHA512

    0676d6505734c49f1079a754b160b9dfa1a65ab07d90497dbd52d9414892afc95384ae970e8e352fcdf98f6711c32da39fbb37aa949afe3ed076e8f80fa13b2b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e18aebfc8de6c8aa4381d973277d22b1

    SHA1

    18fb2d41d362373b094eff0c81a62e2157b306e0

    SHA256

    aa4e16ec1036fe6b7f1a994950707467a7e96ec5a34ea8b043e96398bda87c61

    SHA512

    bd57a6550ccc6723f549a18252f7252ad4d4bdaaeb0004c6332197c7c698b33d00caa795a03fd61a5545c5ce2a6da8f4ebc0501de6c2f48280b22f2cbcda07ca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4f06c598227c53cd390f806a2ea07267

    SHA1

    744e9aa2cdbad6829236f9dfb4adb4cc609cfce4

    SHA256

    fc7929a67136253d620c6d1c0226057574b6bfc7db7fda0622d9461d3141bc01

    SHA512

    11bbfdfdcf7650f492095c8afa1eb0e4e02feafb289e8c8a9b43697e677a16a8125418e18a0a00398a7529224b0c1627eb6c413a3bec1c23720a6180c9f29263

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0064ec5ffef1c78a32b4c4b3214b7506

    SHA1

    ac2dbc4a715e26f1988e7ef571c3ad0d86a551f9

    SHA256

    d999920a19285767b75ba3772f4112b750e3050844fd39845328dcb59bcf6577

    SHA512

    6d3b81aad8fb67d83b5ff8104a99520e8cb6593fc6e1f5229e8d77d0e75385f17680f8df5e16baa64a32d3c0ab1dcacfb1086f6d9fbdb4ff786fbbf944c6aaf0

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabCBC8.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarCC79.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit