Overview

overview

8

Static

static

3

Wave-Setup.exe

windows7-x64

7

Wave-Setup.exe

windows10-2004-x64

8

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ll.dll

windows7-x64

3

$PLUGINSDI...ll.dll

windows10-2004-x64

3

LICENSES.c...m.html

windows7-x64

3

LICENSES.c...m.html

windows10-2004-x64

3

resources/...ll.exe

windows7-x64

1

resources/...ll.exe

windows10-2004-x64

1

resources/...dex.js

windows7-x64

3

resources/...dex.js

windows10-2004-x64

3

resources/...rse.js

windows7-x64

3

resources/...rse.js

windows10-2004-x64

3

resources/...and.js

windows7-x64

3

resources/...and.js

windows10-2004-x64

3

resources/...lts.js

windows7-x64

3

resources/...lts.js

windows10-2004-x64

3

resources/...xec.js

windows7-x64

3

resources/...xec.js

windows10-2004-x64

3

resources/...dex.js

windows7-x64

3

resources/...dex.js

windows10-2004-x64

3

resources/...oad.js

windows7-x64

3

resources/...oad.js

windows10-2004-x64

3

resources/...dex.js

windows7-x64

3

resources/...dex.js

windows10-2004-x64

3

resources/...dex.js

windows7-x64

3

resources/...dex.js

windows10-2004-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20240903-es
  • resource tags

    arch:x64arch:x86image:win7-20240903-eslocale:es-esos:windows7-x64systemwindows
  • submitted
    14/10/2024, 22:57

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    LICENSES.chromium.html

  • Size

    9.0MB

  • MD5

    ae174699b663bd90d8d06c68c6952477

  • SHA1

    8c76eda61d320779909adc541593b8e26b24815a

  • SHA256

    c6737ef4ed9de369077718824f76c5e7026d0e39163e26af8606783e41c93e18

  • SHA512

    3fb72dcd790464dde34978c9d0895376827f4d839b4a199c6e9fe77ab810d62b960babc4b21f6e189dc70147b5fb4334815730f4d1cdec05489c19e0725c2158

  • SSDEEP

    24576:h+QQf6Ox6x5n1nZwReXe1Gmfh6k6T6W6r656+eGj/dBIp+:oAPeGLp

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2716
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2716 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2684

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6c271701573506e4e5a1604434caae27

    SHA1

    ec5c89908d950c14091d13a16e64e814cad84b52

    SHA256

    8447fd9add2a780da52c0278210831b7960394ea13f8de500df745603aed6723

    SHA512

    ca14f1bac9ca7c4d289ef1b0eeef93e497cd2ebe93fbd51eafc133cc7c0e5008122351b9784feea3c04600be527d7a7a0177a75de40f7319a8b7af3d583ddc44

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0f98c16e6c31f27f153baa86a6bc69c2

    SHA1

    3e98dd807d3476cf0e8d9c91d6b085c6790fe12d

    SHA256

    f0fe3f053ed4a309a728202c97331399f6aac55bf336cddd0fc1d42f12c16d71

    SHA512

    b9ec9016d2cc790f6f420b646620d592f181f2b766f2b870d63e41c3392c63ccda0aadcbe061da3d4b7564baf84dc29305048fb11b2fdde89c488a1221e2a7c0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    791c0847010b387b6f937a6a65d8eb36

    SHA1

    378588b1ae4f7cf81ac091e7210ae265d846b874

    SHA256

    6c61a494d655ba96ca483b188a33223136fe3d9d599d7b575af68126b351d696

    SHA512

    27a7502ba74a2aeb38b87e6330d9828bbe7173a967db60eb09f18037d7da02042c98dcde1f7deb54d89f657a88c5cb82e42b909e7906818eded6c4f962110adb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    118d59e4f49694459a11832a6b006922

    SHA1

    872068c944d8e4578a9760712dd9ac3ca6e64f6c

    SHA256

    c442557d62a8a04e8d42ca5710e7120e0c345bf3cd860706cac9b2049b761c36

    SHA512

    5736821498996548cc826a38a645874a27d62623142325f76c62b067c627055e564a40a13e83872181a10f8be6729dfdb9d52a2eb443fd47cd2cb6521f3967c7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a21669fafb5ab1174124498793bba992

    SHA1

    4eed7c7d1ee4799f29172a6fe2319e78b9b93be7

    SHA256

    40b75dfec5064adfed663328b4a0bc4cf6dd325e93cf66eff27c9def1e72895e

    SHA512

    b0c50f9b19a5270747c26655ba5f08e86f9c25e0b8d455127eabbc158a3c025bfd6e966cb06975cd3fee071031f13c64e8788618d57a61a2af395c65e2b6d14f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1a81419ab558c08555bbc6001d2af67a

    SHA1

    dcaa149603f18573d15788fe83c1c463efce5f02

    SHA256

    330e40591cfea7e94b684630d4ef308b9d9b509ebea8414859cc33527729202a

    SHA512

    e1a106d45f7508260dfaf16e38c81f6f46ded8b2123094c6d4914936a7a2815817dafe1416a7444ac21fe404db8be9a4f585c7d050ee49821aec833b5c6361bc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a1f9fb2bc9d984368bfc07fd75df9d00

    SHA1

    966f6c350cd5dfa2bf2431507c0fc31c1c638344

    SHA256

    35130a41cb7b99bbf52edf8167f2dc9d5b7ba0e77ec7e114aaaa085c0e5b9583

    SHA512

    72c84fdae26b36cbb6c2411ad250aee4f535b3b621378b55a425cdbae2b1bf2ad1d6e700580fa0d9fa9e92e18a0be206215cf9468e42186880388a903619ea48

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b3f785bbfea6b4182560632a56c9a8d6

    SHA1

    fb3a17de75e4d5ca41eea9eeb22e0d318beca6f5

    SHA256

    66052b1d020447a92c31d58c4d8621f26916bebcdb9e2f408013f5cd9a8c491e

    SHA512

    bf01993ae74d50c53214ff4df5fc2c2a8a978db87ad3df814d0c63f85440d5c186745d1b81573cf95aa45983bf4dac9d155b2b5df2ba7f27f8c6002a83bb3f4d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dada570b09c0bc2950c498313dc45402

    SHA1

    3a50f6421e7f77a9a97847318b7fa968840947e1

    SHA256

    6d7a95c58fb2f74bdda535ce1d68490b7068e548bbf902322bb55d6235ead4b7

    SHA512

    c55727d18f9e942f514ea72ef3e4f724ddd24385e9e5cf7d0c11f093d446d0ef150ac408cb1ce4409a1378f7834badca3575a0eab695631c53e97b61a7e3546f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b3d8db8d846e64fdef702a82e5f560cd

    SHA1

    29c0a1b3d756334535f630c56b75bb1891676c04

    SHA256

    908cf02a57c8b084ff710bb2c73b6621fb397db3e37dda6a476a74bb27a0eb5c

    SHA512

    17526f517f75796bf4119bce667a5e9b2fcc926991db06f68673a0486090837876a422fa8d68f3df9654d10b0c3454a0eefcc04e31442d1d50aec65114e158e1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a6d2c3f22ea332f54a70760673fc4317

    SHA1

    31384453bbfea1ac9ac063019283086397032743

    SHA256

    c8efba7e7fcd80cfaf3fc3044414e5db0643d7b9382f994fb23fe5bda1c0e028

    SHA512

    e6c70891aba40b7a322e4a67393a2cfa16a5808713e0086d2b76986e8208997c7be0a92d9f2cddb8a0801fc33f5be0ce636604dffd55bd069e204abf281d7a02

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fe8c66543d2a12720fe450851f363bbb

    SHA1

    284dc3948a08184694c128e7bd6b746afaf055fc

    SHA256

    ee4923d721c0cbdf326ca7139bc3ce79b998acdf11b2df45d77d196c55c84227

    SHA512

    238bc923157ed4de09e794fbb0a6549f966ef923d8931289e332f50e3976e7fe0aa2e168d0aabaf478929dbe5383b461c402127619d2188fac2331a1ff0ca2bb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fa89461ae74bfd1cf45328d6ea347cc7

    SHA1

    ab21cf03a4ee7a42781758c1ef480864efbd9cd4

    SHA256

    0ae06e4c1b48835061dc0d17dd97f870c1ea7e18b2630f198644e466309d67f7

    SHA512

    6ea123fbd2824fc5c20beb33952caf9818868d5d4eb43351b836a17854a982124b59b4a147413322f1c70955835daea5339ff25929c3a408ff45b11397a58678

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f231183321243a82976637046d3f386e

    SHA1

    b312d1ce9218cb8554f5ce3fee1d92cb572589d1

    SHA256

    4fb75a3df8e15f99abd20ef9d107c78af1efe6d4a06ae43e5d2129ddb2246569

    SHA512

    ddb372756fdaba4c124cfda729b49f0682c79c4e19f7658408051fc68f9827145e8eb54c492ab0466ba6505ecd6ebe0da6069539bbc19aa7981d5e24637ecd03

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    22c4c17c3e68645dc7005a5eea768dc4

    SHA1

    f417bb206c2324fb256283c0bdb59ac05a4d6691

    SHA256

    c0715e217ee7c016148fc464121073a9ac58cbd04918b4eb89b6ca345e4f4ea4

    SHA512

    4b1ba1d325937c2247f74b83da4e3a7311116b0c000440dbeabff244a07822b169d8a80954f83f04a384d8059164325e4296b51b545db2907e50620ac0c4be88

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b7999beb27d70b9e0726ae2b42f6d7bf

    SHA1

    ee4ff159c62383b2557ea66a40806d7ba73e93b3

    SHA256

    c2810d160bd5b3a7b3381e581c1815a9151fb40bbf07533ff24166ca39dec2a5

    SHA512

    a9c579e1fb63879e153bc4622ffca257049aafe22377a1f4abfe359299a3c31b15ee1623cf3e5c866e73b9a1ae49d99fc57020caf2ea819dacd6352c4ae5e08b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    46d625d2c1519d1eb30993a12352891f

    SHA1

    55fb4c8c0465db611da19e19ef54e73a432f0daf

    SHA256

    43b29fba68d48ccab56074ac173cf88a8a113e0028efb65e1c06e1a1e5c7e978

    SHA512

    7f064aa8ff81c75c6dd9729eb28869e44c1c0671a3bd6a1efa22335c080a57aa143f6d591d8af6c43bafb859199a23f28e3d6274d8befbd8a1f68deb0702b991

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    63079303f213a749ea2db848cef056d7

    SHA1

    dc9d9d44f6441aeeb7467f168233c80dcb2aa711

    SHA256

    f11a00616fff0be971b33be980672c9ef496d72a249fb143cc4a5e667a2e6f8a

    SHA512

    9b975c92c4e351025564f1f288077711139a60913690fac1210b4df4b2d620918c623c33279cfe90552bb2762b4acfe196805da78e13e4680e6229215cff58bc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9e28f195909769dbb43f15bead14b518

    SHA1

    1a26937cf548e171f05e9d0a44d5d60115902803

    SHA256

    faf7eedc663d17b7af5d1693a371efc3db00e4904a598c5e5d9861c104a06407

    SHA512

    108edeb6e7d85057d22a4b3c6c44f6b79ab1a68065c69301c08c3ebddc17cab2fa71690653aeb23de138d4492028d6f17fca44d2ce143e4fe92e7a26c9fb0ab2

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA767.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA808.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit