Overview

overview

6

Static

static

3

SignSiS.exe

windows7-x64

3

SignSiS.exe

windows10-2004-x64

3

sign.exe

windows7-x64

3

sign.exe

windows10-2004-x64

3

WWW.meNOKIA.com.url

windows7-x64

6

WWW.meNOKIA.com.url

windows10-2004-x64

3

Analysis

  • max time kernel
    142s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    13/10/2024, 04:19

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    WWW.meNOKIA.com.url

  • Size

    148B

  • MD5

    403b8ed9703c0b2b8a87cbdafe9619ea

  • SHA1

    19a3faf0670d67c10ea08318b77baeb527b15f22

  • SHA256

    567e3e76678147bdfa4f7bfa36c28d3591cb5158a4e7007afa9400b15db320e0

  • SHA512

    4cef1eced54e98a06303b1399280943eb1e2af89c5252f580fe608302b5ce50eb10cb2e3f5c307d66fd1c1d2532fb7b3a2edaf46287d681c4123f22bb1544009

Score
6/10
discoveryevasiontrojan

Malware Config

Signatures

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 33 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL C:\Users\Admin\AppData\Local\Temp\WWW.meNOKIA.com.url
    1⤵
    • Checks whether UAC is enabled
    PID:2552
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2152
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2152 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2912

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          17fda474e19bff3e5a42ac05b65e9887

          SHA1

          883baae0048a11fc92557858a56a7c695ed479ae

          SHA256

          8b99ad8665005bb19f680c1dae91e58c52a8fb13211b067e159c644fb1f4cefd

          SHA512

          bf3599e6a38d30e595d2177056790cf46f4bb4754d07cfcb1f6aa37b3fa5fbb9b36149c7f7e7f50135b28acfd0e26a098b270cfb8c16d9b07ba21a6f6b0e3899

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          0621f3a683678452e48eec66b78ea009

          SHA1

          4796f611d31958ed2006a0ad1f8fb07dc3e61885

          SHA256

          42e835a1da566de5750fe9c4926eb5bb6a8696fec9365157ee9fe25d33ec4a18

          SHA512

          c03e1f1eab3f2d623fe974d09a0cbc2f30432019848abf31e98816736de2bf975c63c8539a73f4c43b11fdfb39421ec24689a1792e153d18181fb99160319ea9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          7a9cd513eb6b7c93176b045bbf51898e

          SHA1

          0bc2449c0c082f3ccf1fe692cb5f7ed0c6b4a8d5

          SHA256

          a5880e2159301e6a2a57138eb2d61d46a1712d38ea7b969c6b2a8344abf155b4

          SHA512

          9511646be15b8754c2aea93549c7c953efcf52e2df00ac4f8212e5c00cd3570a0f3add6c4126580774eb3a0b4883fd7ac920eda2023083a11a82bdbafcbb0b2e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          0815b7670f9a1dce5108fc71f0f761ad

          SHA1

          d2092447c516fa9dfed285d3febb624beba11576

          SHA256

          6cb452f32adbd0e0473e1964093157273ef45b353072232d967d9b0818e522f0

          SHA512

          1f1a83d507bc1c7c5d6e94c95d023a587c4debb6f7977fba003a23607bccfb646b9240eec18dcf981465ae0adc567d21bb2c6a04387f6c6178675bcbaa22ee39

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          835d74186e0f93200e3531b5700eaaf8

          SHA1

          7eca61b51f2e4455fc80d98d02a2c1b0db49ffde

          SHA256

          9a4fb27dd7e477a047eb51c3e1d72338ce0abf37b92a25fd981eb0708cd3aa16

          SHA512

          6cdfb795b1051d7bd22091dc22595fb5ff35c164c53670eb47a872ac64a671987411cb9bf4758d8b85273926f2135d4a57e2bde129880e9e329c870ae007bf6b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          3162a728b4b3af1059f74c7b6e5c97a7

          SHA1

          edcf5b2aea6f0ec40d1a8b4ff54cc3835a18d042

          SHA256

          3409978c9b43ffb4ed6f0d413597433e424810af994b77b641b231110d4b8111

          SHA512

          a91847eb36029b77d4ffb709bf796365daab0971d53b5bd78677192c6a07563349281f6aa6e92f4edab23d742ba502cf08ad590de85ac760a98408617faaf54b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f28de70155e096c79f809c2ec5a82b2f

          SHA1

          3911d051517083ef29166b459cec249d21085d9a

          SHA256

          2103fd561ac4b9f78656cc11a41e90ca72fa4b3ba393fbc98206ead9f7695af7

          SHA512

          0c71036fb3022bcada899f85c5dd140c530ed0710966a3b001be075bacabbc1be99d1415f20ec8fd7e85b8c693fd883c3e339435a663655004cda7ebea9c3995

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          cd43a4d57988098adb5eab7c51649073

          SHA1

          bef0d3300f690385ef6cbbd10c104882b931c58f

          SHA256

          3305dce5569d442eca22d638ac5faeb9011cbdb70ffb09cc894f964209627cad

          SHA512

          be9034f44e61ed386e4495d0da297e19f35c2f0238efcf29a932ba740c6b6436a3f20990a544784347e432d11b8837bf08da0ef551151316a5dd96c2b3cf5b50

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          247492a4887ea8c667df9ffecc21ff66

          SHA1

          20d0244a0701cdf6de1d2bfa86b8b0371d8588a0

          SHA256

          391a7edcccc93e3a8eeb3a9a94dc763e8487ea76d855809d679a81699a2c516f

          SHA512

          229c823f24ea7a97ff121b0c163085bc0937d0feb96afeef3dff8b43aa4cd29274c1b9e453caf120b23a6af0b4211ad8dd3b064766702ef0ac66be05c182d6c2

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          e6864836f4cbe1f94931534d40058946

          SHA1

          d8cabb5ea38bf99a906afee18398fa761f9c9c8b

          SHA256

          12556b4cba401758ff97ff2261df5fe6f2c84b389a7cbb9653c692dc71b52cc2

          SHA512

          be86d2438d4dbbb5bde656a806ce0900a51f8d2cd302b5b1a00a56a8428dcafa04dd561a5fe1632bc805d26de98457de8156f52d19f86f4126ef91f9eaaf398b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab99B2.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar9A62.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit

        • memory/2552-0-0x00000000002E0000-0x00000000002F0000-memory.dmp

          Filesize

          64KB

          Download