Overview

overview

7

Static

static

3

3cf46d0f5b...18.exe

windows7-x64

7

3cf46d0f5b...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

doc/de/mkv...t.html

windows7-x64

3

doc/de/mkv...t.html

windows10-2004-x64

3

doc/de/mkvinfo.html

windows7-x64

3

doc/de/mkvinfo.html

windows10-2004-x64

3

doc/de/mkvmerge.html

windows7-x64

3

doc/de/mkvmerge.html

windows10-2004-x64

3

doc/de/mkv...t.html

windows7-x64

3

doc/de/mkv...t.html

windows10-2004-x64

3

doc/de/mmg.html

windows7-x64

3

doc/de/mmg.html

windows10-2004-x64

3

doc/en/mkv...t.html

windows7-x64

3

doc/en/mkv...t.html

windows10-2004-x64

3

doc/en/mkvinfo.html

windows7-x64

3

doc/en/mkvinfo.html

windows10-2004-x64

3

doc/en/mkvmerge.html

windows7-x64

3

doc/en/mkvmerge.html

windows10-2004-x64

3

doc/en/mkv...t.html

windows7-x64

3

doc/en/mkv...t.html

windows10-2004-x64

3

doc/en/mmg.html

windows7-x64

3

doc/en/mmg.html

windows10-2004-x64

3

Analysis

  • max time kernel
    119s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    13-10-2024 01:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    doc/en/mmg.html

  • Size

    3KB

  • MD5

    0da1586f95ea7cf2161293187a16b085

  • SHA1

    d22e268450e6a8c514d6d6e08e74c673235766e6

  • SHA256

    6981f49d3abb7e73f93b8a9695666e24bb1502870bc86ae23686833df8a912b2

  • SHA512

    6142a0701a6b10ab9b821b7520bebe7871f0d2ea60aad4ff18ae0c260321b54722a2eb4a8ff218c98841893e7531b8f988736a101c31a934522c48982bdbf27b

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\doc\en\mmg.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2368
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2368 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2504

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f01b4a0e36815ee1ea9ed88fda956752

    SHA1

    cd24897713027c9a8420c6b6de4e6733902fe7ad

    SHA256

    73a5347e6f5dc4b28763e4646b8a47037496c565256ce9b64b7fd44cfa50c1ae

    SHA512

    b11c3ad86a2b9018876dae0ba8da484c6cf1204c3b37ebc6467ac9730dda4e7d3317d037e86d68bf6e0b37004233b9ebab7af91fd445f36873cdfcb4cc55d616

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    20d53168dc4f4e3d70a07cfbe38a9adb

    SHA1

    952d1eba42405b99fe9521b86d18f56e50513f93

    SHA256

    f3435c1db819e6a84e5d1a164b0269426c37336dbd22ccdd5b695ca732f5b6a6

    SHA512

    d17273f30aba412f2eba7a2dcb900a624e0b966c43c181a645cb12e14fe3c66bc3a5918bd812e8d2171bf77a6f058282657b4897e1499ec34cafab988d9208c9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    824c04225ecc70f6ba87e22560d0cc8e

    SHA1

    b6c47849bd8c7149ad7fcada88176fa5b070e46b

    SHA256

    06dcb8384d258f5a8efaafc1bb6f86ce528901a8e10be36fe18f8273ac508e81

    SHA512

    1d4912e8364ae3b171f9ac670835b434c2a96ba90dbd752c8c1eee64b0899ed795cea21fbb1d20e60a01321259f1529edb017d3fb0ef6c49d6256043f5c6f94b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cad53c034136349985a31b1f5ff95d1d

    SHA1

    6eb39f5408a0e0e3c59cf7fc34a36d6eeb05e072

    SHA256

    6b03bb8bb3c6f13a11138bcc0bf6eee38e59bf6376f9df4b1a9feddffdd92fda

    SHA512

    37c25b21a432d37d83977c70480969665c0186aae2d4753ac53ce04072aeb6d4283fde4d3fd8b215e96a8f7e0bf5890c99171267d18d06d1cab27c389e9ce3c6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7f9eedda9390728cd858fa63104fbfa0

    SHA1

    4d8a3a8d8d56872d94a1ca6b5457153a8840508c

    SHA256

    b171232d42316eb7c9a517cf7d243c1ea487b69dfea9ff0ff06ef12ce70eec6c

    SHA512

    b927d3f4f20fd8112616c12ddc3c0e2338e3021430e3976f1e366eb4a70ac1a3172599a292c3c9a2d32bebba7212ef64c76bca705d34a9d92ab6938edc328431

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    597860b7d49257742469b7eca9e01b89

    SHA1

    ef8a93a7df7040d7876430e92c37819cda995f72

    SHA256

    d5bb849609ce87cce0eb4343774b41a35fd06e0bac0d8d88666859b78847b0f2

    SHA512

    2301ed6208c18972de016b08c0a2ce7dd7440b1b83e0924911a9e696848bc89af6b3ff210cb2c6fc7c08c618c778c8009eb66a6cd4c6e55c7f7022ffde44854e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    34bfb61bde71b91ff4b45d3142b3d433

    SHA1

    53f82fd4a254a7b18c963c0c45f2a86d6bd6df80

    SHA256

    f2b7649502011e019d145476bd3c212fdd387fe78b09ef8434b023ec3ba46f7d

    SHA512

    686c2d5ebb23e74df4ce657b1d4b1f5311577ebfb4212e8ada7fc1b77b2b1c8a28cb7c8d3082ce3e1671aff5a1b9685e22031fb50f9e0220e1334a21bbc46f5f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ce0cf9e5833b319dee3e323460011fd2

    SHA1

    8d07c243d4a3b2ea36d00427aad1d0188fa50fc1

    SHA256

    3148c92be8f5386e90aa937cf5eb6bbb22b657236d56c28d34858b8d01d0a685

    SHA512

    1da4aa28d1bc19aa15f46ef0399b0b2c7e673c6fd1974d5294b224ac7dac6c327796d98ea60ba676d78f1d648dacf3fad248df2ea6257c1b3849011952a8ea6a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f4260233628dd797a0719170ec2943d4

    SHA1

    ae27b2c7c5634b14900693c2d22276ee928c53a5

    SHA256

    ae9bf9d1d12eb8ad34d6086118d6665aacadac0ea2d43061cb963e3934bfc25c

    SHA512

    b782541dc2f4b18c1af985fa0c1baaeea583462cf3ec94ea5a81436004cfdaed52f73898eff94078354b9b5f9d65912e2b3446ec22c147b6b46d409bcb30059a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    91e54fb2de009a269f2f19f12f33abed

    SHA1

    869d6e4508270fcc957583f41af5efd27edff463

    SHA256

    6a41901694c1d0fe484aea1615d4be6e98874b92b4277048b2fabf4142856098

    SHA512

    710ccf13a3619ffd5fe60b7efbbb7858ebdb3680ad7dd55ac62caa778c054ba0642284c6e03beb52f69c3a6a382c456f612a216efe84d2f66be905654a917904

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    070a9eb7121ef7a2c9f3e234a44d865f

    SHA1

    15c03ef2556a3ff9256bc9ef5789563760f77bce

    SHA256

    32c8bd2d12aba7fa1b5530d56974268ee2c71262be18f8d1463229c74e781015

    SHA512

    1a057d98c25068879fbb7b79bf2fe1d8f62aea451c21242cb76dc6673b0cdec4acc27ad0ca4d3342f9c23ae603dbfae438aa874e2d654851be405edd2425c2d2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dcc60fc97bc77a8e7a4a6421c38bc11d

    SHA1

    3160a09992f05c2954281db2608989da8b58fab7

    SHA256

    80e36380c5ec7afc76c54ef60498bacce339ebbd03a69a613134d0d70f480423

    SHA512

    9e4da1a79d88425ad3f3d266164b184cf97078b73dd1c39d356b52e6f896531218af498158d45686a47e6a8c1fa6f212b09165d8eee8aaec1d3b765c2d7eec0e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    349b575a99b37abf41452a0d625d369d

    SHA1

    81e92ebc19487d7740d540040a4164ad729720c9

    SHA256

    178a52bd80edb00c207d8f5681e4f279664c6eabf0980ab835a9a1d80cfdf7cd

    SHA512

    e05c82e08fae206f31e668a88b82e22c189e6e4f2c0599b06e7bdf7486775bbb4b38c166c248717b322ca33f3fe5fd8cca26aa43711400263c915e4310d26967

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a01c987209b21730b95c94c1eae4fd42

    SHA1

    6d7ae6f09fb77599f6dcd06335f23fae5f164c7f

    SHA256

    2e2ce55e1abeaa265a134bc3cae53afed6d817a237b05f078940f77d6bfe9ef7

    SHA512

    8b1b80452e5db22f447661350e996abdfd58dd768e1794c333d6edf8166ba5116971326b5b9f07364a713cc3f378f47b3787e8ebab79a7736ad6fdd0b2fadd0a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF24E.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF2AE.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit