Overview

overview

3

Static

static

1

open.gif

windows7-x64

3

open.gif

windows10-2004-x64

3

Analysis

  • max time kernel
    122s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    25-10-2024 13:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    open.gif

  • Size

    43B

  • MD5

    325472601571f31e1bf00674c368d335

  • SHA1

    2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a

  • SHA256

    b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

  • SHA512

    717ea0ff7f3f624c268eccb244e24ec1305ab21557abb3d6f1a7e183ff68a2d28f13d1d2af926c9ef6d1fb16dd8cbe34cd98cacf79091dddc7874dcee21ecfdc

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\open.gif
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1508
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1508 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2692

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    436e5b1d8e604a69a624677a3fb86174

    SHA1

    5970b7c798d4951ebb5b56ffb581183f5d1587a8

    SHA256

    f9ad3c4b0c35d746a0beead0725ea3f1d2a8386dca0b3ad9430aca2fe44a2f94

    SHA512

    ac81ce18a3986d598fed28d92105c6c652518adc16216bba9f6a35d6d83820c1e7b19976925a81f4b02a5b3db12193c50c8de7b172ad6e3d2d75c28afd8780f9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b1b028006b1455882e3ca98f489ac991

    SHA1

    9528b86a15a39b9151ead69825bec51f33b5cdb5

    SHA256

    78092cc22fb652abcd8683be4675f639699aa2de25058294ddd7177a74656f12

    SHA512

    733f6181496da21213e165be1c8bc5d55e647c2409675218c4b59b0d9f4bc30358816ddb11ce1b87f41c6d6ecb0a2fdcf6665d15a57ddfcb0f5be4fc44847cf5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cf84c49ee8186760bd69f18c332edc58

    SHA1

    c184afb8aab37ffb9563a7ee9bb8ea232a945ff9

    SHA256

    08b152b4a426d4207d88fe8317675cb6810f4643791156306b2a5be18cffac39

    SHA512

    16bbf94748f0082f524dfc52b6e0a104940da1fbe2664c4b6ccc1307ee8bc6b18cf4a9a29c466876e66dc9debe90081b780cbd1b6f5d9107c368cc606126b40a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9a3f7af11a561a7c7089501034f3c6a6

    SHA1

    053a404e9e686e484a1355c96fd0c90d55026785

    SHA256

    263b0ea8f54331dc3dfbe86084a6511cbe0c1f77cc5497354eb7db613e70ca7c

    SHA512

    d2cf9c62bfca5c7c0274fe033ecb0ba6002aae88b28060764d4998b9a9cf6170549e399ca7fbb46e2eea5646a139bbffdd865012da82ea9897e3d4df46af19aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f79b36acd58935067d89ab0b9d55c497

    SHA1

    a213ab4d9a73463c146eeb861ba0e2fae3fb9901

    SHA256

    2834ee11b7fa17997904c57114a5a7a0ac39f414146496c0fd9616e3d2e03b19

    SHA512

    d30290010ee6629eed95d6a7f16f95e4939e1ad4579d256253b6772ab19451b7fe0dc122b51a56e1f0785569a2761e8721dc3f8c4f92b2d624a418880f479e55

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e5b9f7720fba75b8671625c1fc416389

    SHA1

    71035aabf0bee883b5bc30b91c0e91c2830e2edf

    SHA256

    ee8b0be81b8a63d84e7c64c998d2ca17561bb664f71f5f249fdfb87d5763c146

    SHA512

    e3e2fb24b97860f4a643ee5986aa04a9c273fd54df745c777ebdc4428c752002cbf1ba9be48ebd99008d8fb63b3f2d143e18d4c31678f93dedf7849621ea2159

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    db466cdfe0fa6538f1a462aad71e6f9d

    SHA1

    215492f4ee2fed15f95660301ec8b45794f57f0e

    SHA256

    891709dfe904ad190ea3caacae623fc9834b6353315c04066da1a88609399b93

    SHA512

    90a4528120a1c7aaedf21e9d4f48feb722dedb4399a9aa67016402ce7809426d5431ad0023c4559cb2e7bd33157b96b006236e4ac10e441e112dfa7be8f07936

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ce16d8686a6648be375b032704e34e80

    SHA1

    88944a51d307baa693b55522bdc9352603da3a85

    SHA256

    3a032da0f87bdf57875b78f1e482cdc3a22ce64e2f80f75cb62e34bea9d39fd7

    SHA512

    d0defcee97c1ee6fc5fa1e92148c0bacaefc52e24fd402fcacc55e9fb683e30a70864323126f8387253cb4a015a40fa2a1ca0b2cc99766ad2db40464f99ded74

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    39776ab2ab1408689d530db688d3b716

    SHA1

    6dda47e445c0e4bd08c78b9539158f8a28b874ff

    SHA256

    05ee20867ae9c8ac3910b218692e5a9b7aa40f8f913839ef6549cc1737584d78

    SHA512

    dd59e536cfc2438dceaeed8f6efbc94e9f0bc3c11e18dee5b58cae00c92d1fa5d9870f1a8b0466f50d5dfa5da8b76e18c7fff951c321e3ebd5422b3cdaa47922

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabFEAD.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4E7.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit