Overview

overview

4

Static

static

3

4599f5d504...c1.exe

windows7-x64

4

4599f5d504...c1.exe

windows10-2004-x64

4

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

$PLUGINSDI...ss.dll

windows7-x64

3

$PLUGINSDI...ss.dll

windows10-2004-x64

3

axvlc.dll

windows7-x64

3

axvlc.dll

windows10-2004-x64

3

libvlc.dll

windows7-x64

3

libvlc.dll

windows10-2004-x64

3

libvlccore.dll

windows7-x64

3

libvlccore.dll

windows10-2004-x64

3

lua/http/custom.js

windows7-x64

3

lua/http/custom.js

windows10-2004-x64

3

lua/http/d...w.html

windows7-x64

3

lua/http/d...w.html

windows10-2004-x64

3

lua/http/d...w.html

windows7-x64

3

lua/http/d...w.html

windows10-2004-x64

3

lua/http/d...m.html

windows7-x64

3

lua/http/d...m.html

windows10-2004-x64

3

lua/http/d...w.html

windows7-x64

3

lua/http/d...w.html

windows10-2004-x64

3

lua/http/d...w.html

windows7-x64

3

lua/http/d...w.html

windows10-2004-x64

3

lua/http/d...w.html

windows7-x64

3

lua/http/d...w.html

windows10-2004-x64

3

Analysis

  • max time kernel
    67s
  • max time network
    78s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    24-10-2024 20:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    lua/http/dialogs/browse_window.html

  • Size

    1KB

  • MD5

    78f476640b27adfdcfe6e26edf4cc7e6

  • SHA1

    414d54995cc46fcf5a12b826df9b8f6f2be21100

  • SHA256

    d93c774a7aeb4594f56b37e81838ba03b6855c2bbd91eb8cb803dbd413c5e571

  • SHA512

    daeddd3974908fa314d072b37accaf3dc0f3ab694fcd8acde02a77176d54710fc9115c2ab915b3b063fe3ea89308cee9e3fd67da1641735027af74fc6bb8080f

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\lua\http\dialogs\browse_window.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2384
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2384 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:1156

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    428a4741cf6987345a766d76d6966bea

    SHA1

    38aebcab2911a3213c0b967250f806c15aa059e4

    SHA256

    bb2b1623cd3970a8d3f919d64b1a38e9762dd0d30c07603fc48babac46b510c8

    SHA512

    4d1d15e1d155b43562db98c44010d11dfbc3a9011e6118b98595a83c142e4a04befebe8b15301564a5fa3ffe0668e9a1f0e75a296e7b0c7be95958ffae50cc3d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f3d1edf701a46ac9680213b946b07dcd

    SHA1

    db9b86458787177f4861c70dc4cf056f998f3939

    SHA256

    c6a7a935bc115da83f72ca8d14da2eb5a0cd86e03b2ab29ca0ea47f2e62f0fb2

    SHA512

    48595330007cc18c065d5f307ad9fe5f26c2fb00d2febc2a8270e744641f3e4b8502d3f166cb1caf957650926adde1f7a83058b55e0f425fcb81dd15c3c31d17

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d11bee11be771f51fbf396d28cbe6c3c

    SHA1

    959ac2fdd399beb81170ce8f0b9b23e67dd93cbc

    SHA256

    7b7452eff22fd8a762c1350910b74b28e8ac497a15c69d67f7749dcc2f4df147

    SHA512

    c1a804a775af348d8291fdc28bb5954aa5e76d0e0118cf78a3c4ce426edf4453e2a3a503743255ac1f0f331d88a3779c4ece928852753ce8fd32e0d2611edb68

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    558b5a1c9c67d219bf099815f850eafc

    SHA1

    1869d11c5169a43d83fe390e47cbe97c8650407b

    SHA256

    88dcbbd73165f7a0c8d02bdd365eb7a04a3e77d98ce76cff1de20fbaba35309a

    SHA512

    66b31f9a5feb78f1715d63c47f7bbb976a5dc12df4d6db48aa968864e6ba707fdcd8952b9e35c60688e54e88523b914a4bf1a29df5d7a55d4340980dad38c563

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    73a0f724e4fd25c2fb272e6f8e462da5

    SHA1

    e4a2b7c5345f96ea436099aa299db01bfd4a06b1

    SHA256

    7899faa8710619d7d54ddc460c3eccd14b9d4a50fafb3a9fcf8f2dca2e10752f

    SHA512

    bce128c28bc7aa4c15cfdec1bf79a81333fde88ff5badcacd7d286b60982e3a72379a0e2c2f6155e90373ae9e2aec30b13536c0721c7f102701f1f4b397903e9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1727eb3c0312aa8d16a00642207a2384

    SHA1

    4a8acc734f35684bb1d05223c409b7aafe7226f3

    SHA256

    fce69c4c6a8c9621c5abdfa05e8f67340de8d1aa83261aa96d06a38e005c38cd

    SHA512

    9649aa12a192c86c60f083871a7dcec1a453d950ac0339b9fe7637fbbc71b03556c4679b68218bd6889430ca1a67471409fef02119bfb0de4b3e9b6f74561b48

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a49a12f6842c8e216540608299ed1084

    SHA1

    90dd114e385bb48c667a6ab1c744c2e4e85016d2

    SHA256

    1e626e319df008b87232c193b3d8410bad89d556ef39758e11034db8b4255cc7

    SHA512

    3fd783ac7a49b097888608ebda68c902f10c8fd0df64aa4895166e0591e4be72ee8d15f560212e9da605a5a52c520aa3b45842f91333ea3de41cc8287cb59c6d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    16e33bf90986da85c557f943365eeaaa

    SHA1

    15f2202d8cf0fe65ddfcb4f73259e55c58015d14

    SHA256

    26cc3b5e4e36d63acaab2be23670e6c692bf7ad92c01d3660824c414384abea1

    SHA512

    d9bb8bc24b6d1557a4e7f07aeaf3d55fa1c0bd9b34c8cbeaeb040b2749875b2adaefd8a3aaded7d254af2d83fca72ba1abdbf8e539d8abb8a22ecbbc64cda985

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1812d7909035f85e5d4cc88527da1c54

    SHA1

    d075cae2b4b8e182baad4e214e82dff2e70f7609

    SHA256

    586492c4fe45998ae8572b346fc41fd7704640091447b3338453dc53b62507fe

    SHA512

    b5ae3b3a327f3be444be2c1dd383407c0402f229bc7f0ba8e7a72c08cec814a713df30d79de909e2d644449e1eeaed89ff6a941e4224450d747b3a91ec56496a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2547d9f6d123f3d05db1e514e54248c0

    SHA1

    77aabca166540ab489735684acacb3cf8610bc29

    SHA256

    c3590f64235e452ead97c229e81b846d5aaf76824c4119ee3b6485e777316d95

    SHA512

    27273ef3ea3903a76dce3e2c2d8f50ef4568191c6285fcbcb4a590cde4d691a391e428241e76e13f0b349d579db9784af57361911fc4bef61d0927dfd71d1039

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6c2505b546bee740ed16980522239fd4

    SHA1

    cbb9f0d5186240c97e1f9605a9246ac8b4f5d85a

    SHA256

    c5dab48e98bb93a6c3f948eb2c548fdcb5920ca3a64749c3aecc03df47bfe4d2

    SHA512

    8bd79f7aae2217e7d7264153c64ebc63d8d9e5f737facdc0d476d169839475e47fbd4dbfb1d2e66105d2f123508ff639cf9c2e1fbf940b495c9060fd00d7d309

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD58A.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD5EB.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit