Resubmissions

27/10/2024, 23:24

241027-3d31zsvele 7

27/10/2024, 22:52

241027-2txcpsvfkk 8

27/10/2024, 22:45

241027-2pv9vavamh 8

Analysis

  • max time kernel
    117s
  • max time network
    138s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    27/10/2024, 22:45

General

  • Target

    LICENSES.chromium.html

  • Size

    9.0MB

  • MD5

    ae174699b663bd90d8d06c68c6952477

  • SHA1

    8c76eda61d320779909adc541593b8e26b24815a

  • SHA256

    c6737ef4ed9de369077718824f76c5e7026d0e39163e26af8606783e41c93e18

  • SHA512

    3fb72dcd790464dde34978c9d0895376827f4d839b4a199c6e9fe77ab810d62b960babc4b21f6e189dc70147b5fb4334815730f4d1cdec05489c19e0725c2158

  • SSDEEP

    24576:h+QQf6Ox6x5n1nZwReXe1Gmfh6k6T6W6r656+eGj/dBIp+:oAPeGLp

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2100
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2100 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2840

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c7a70b1a75347b6ec79c4f466f81bfb6

    SHA1

    8e067121f962ba79bd9ff8a0262c3e34246564e7

    SHA256

    16d3cb30afd0b55a2680540d9c681e17ef5bc4298d1982ab591434b2acd56281

    SHA512

    04e998d4f14260b0c0b37f5e61bdac3d4a27001103401e2c1f181acdb4073a4e4fe7fdb77a6ade6c4d6283c72e08e45655f8ce4d393c33e52b7feea1d58baa34

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d0df5f5f1ae18b05dff26d6147d0fe6c

    SHA1

    5e1167d405285424553ba02470c430e9d6cdcaf4

    SHA256

    339cefa27b17aa1a09633888ab8e0007d23ac7eb4202341064f51e70a6501167

    SHA512

    cb9e61559d1ec13975bda5057800db48ff11ec04f9c47344172fcf449b73606abfa4ecda6ec4bec934aaf7ce1c80c2c33616cda008cbdbecb4ae14a0d01f61fb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4ec99e1749f4ca94a8e68541164ce48f

    SHA1

    08c448b61ff7998e21aeb7f46555e9177fbaaf2c

    SHA256

    f8cfa3c69db38b4ba7ff6b62d0abc2a0db813e3d29b9be46a20849f7328ef373

    SHA512

    69690e118486feb57f28582f3d1659fc464a156b3ef5ee5bc77be17f4ee33280269911071206ce579abccf1a8bbb1ceaf2d5b1210bfda1de72ebcb4923eae079

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9d86c83ceadfc1e905ca77bcca401ee1

    SHA1

    f090544944f3d11dae8bc3dadd63891a6d7e69d6

    SHA256

    60560ff5bec9ad3901a1b463c515138863035eed98be8c9a1b0cb661cc058415

    SHA512

    17ab35da3affbaccabca76e4a2d9e9a7a554ee3f2aa3c5bf3418efac786c0ce494dbcf366a34d74ce732edcf4c89d72563f3bc1d1520a10f5ae5a64634c581d4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    40711da7886e11d2d47e1cd125cb22af

    SHA1

    0c9643119a0e7bea1723ea84a47a701eecc80e07

    SHA256

    046d85534f85e7a9ed7b765a388ba314f29e45a32200a56e0a35133444e413f5

    SHA512

    2268901076465fc81b8c5a3c91d9957dbd2225bd0e64bfa6d731ad6ac38086d3ffd27d1bc74a9ae461293c81baf9c5083ce4947097f7eeaf6b54d0cf4336b923

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4a37105a37e1cb109a4dd5ff41a7089f

    SHA1

    38f6a2759bfeb4b8ce6f301219b1f36660abbf1b

    SHA256

    0e5fda0406fe56d9b4de0904ca8acdf3de006a59d20f5d41e6523ab165460338

    SHA512

    e8caee02e74714c4bb41a242dbbbd96cd6e502bc6fa58be1074a83d0f9df0dcee45dddeda182b3825e59fc72165e8461136b4347862a6a9a30748b8f8e3e0b0a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7abe65aac718bae09557475a727bdb3a

    SHA1

    c3e351c94a06059fc3425c6cba861c58b705841a

    SHA256

    d4caf7c1bb49e311bd096fee229dc052da522ea974de2742dd8cb2b284da7dd4

    SHA512

    cd545ba61e3d48671210edfb34a323553b2c112bf09d5d1643be0cb4b43bcfda77d0d71200f7f87a7633f9efcc1adf5e608c0802e94ca1b295d4359d2127d76b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    33e3ba53e58933d5015b350342c80832

    SHA1

    d6a1220177df6f6cbdd3119601531bb0920bb1a1

    SHA256

    7b5d7e53322f39092505f2c7d59288c61ab797c22bc40de0f0eeb2d6b477ecfb

    SHA512

    e2c1e7748252c9bd46aff426e2062dc583c11376195b81c62a2eb152cbb4baa7dde5ca2cfee31d0334c35413d36d264e44979e6585305d8982bc3b35ce084a14

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fb27bb92036b946a3d6eb0271dc6501e

    SHA1

    d90719f763bbd26d5b5996028e6dae3a7ed5f7da

    SHA256

    bcb4f13a16d3359740843b3b5759b62ba64a10e33b298a801258a45092094aff

    SHA512

    b646dc749f3f46074ad75588f928708bd365b72ebeb4a236cdf24762c50c77b9bf4f2d736b8f9c78e3e45b71fdacdea9e3e3287b96841f776d0f1046fa2c71c1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0a60127519dc057df432639cfad0ca16

    SHA1

    b337fb0d76154bd7b05fce02faedbd8c7bf6446c

    SHA256

    9b8b109ea21a50518612e8f41f01eccabb549bb92d2a8fb553cebcce7f5501d1

    SHA512

    4ae24c1eb50c64d00738bc279cdefc2282615ec7f1cf2c915191a969e36c11d1ac46c7dfde5c50f520ea60ebf25c477629c3a3f499c0c3ef8fdee3e8711eb9a1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    eced8fc56d40c6f4f196d0225dc033cb

    SHA1

    a71cf4ce8431de651371463e6798c44fa34615df

    SHA256

    3cb551ab531445ecc6ce9dbcaac1774f0900861c2492626f7b3451cc935306f8

    SHA512

    2b1c4b524acc41004ebacbfca1821f186440b4f6cefbe6ef830e1c21154960e7020baec4aecd695c491deb93db89b897bd21b4df6bf41eb4c6c635e3729bf4c7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    555f086e2d0bccd5cf18908432f67d2e

    SHA1

    f5d1ec0a66f267023e4d3de8744a8a61c10647ba

    SHA256

    b5c06005f63105ea852e957ac4e55fa707f203cf43a122dad9fc1e182431a421

    SHA512

    a61d2645083e0c5d87073bd5261831dedf37a2d0f6aff59f1b75f63ea1b8bc830fa400077794b0ee1dd5bffb7d47dfd2650ad29f69818bfdaafc30b101c94d2c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    70fc324eb12ee988e6f96ab15bb4e6a8

    SHA1

    73a4b72c924162248f7d1c225ac71540e7f5b403

    SHA256

    4db5e3b5f930e7ae5b3458807aa68ace01e174947bb36ee68a629db6781f2a01

    SHA512

    24ca08d258eb28d3dd9f5ebc141263503d410ea9f09d7e345249c3d991c54c712b9acd97a39ccaddb875f1dde8770e7ccad1450a3b06f92aa08fc61191b92a4d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5a3b0daffc4418b2ef9f1604363fd87f

    SHA1

    71b1fc0183c089125662ea1d2b99ef4360090311

    SHA256

    6d605c9b6153a1ff33ef9a2dcecffcb8cc20aeb0fedcbabdc0360c7f49f3a8ee

    SHA512

    3126a8e5228c0409907a4aecb632c08bade719ffa14e1fa36d03a7faa8ae6097fcf616e60e646f0d36faf2b7c41dc73d083bc1b8f151b9e3c039ec275b444961

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    da5cb8e2b91928ba4b9422b64bb8ee2a

    SHA1

    fdbfe452d8b347a96e7479c93df3bd33372df268

    SHA256

    4e075f7debf75eeb2b58dc0054886fd00e84541b440b83987c985291f3bd578e

    SHA512

    b192d3c16830b13be80003d0d3d49b57660caf44a0caa698545119872e9ee2b97e7d22f9d62a2ce810ccaf01c41754e93e76aa1dd858a18727e1040e85e7911c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    76e0d61adbc6aaf388998773a71baaf5

    SHA1

    93b6da98ba2c7723869450c858a121bf97491454

    SHA256

    0301df14b13ae5dd4bf6477d3a36afb8ea8c8e15cd0c877af8abd7d201347307

    SHA512

    069a5c9cbb5598d13c143b9fb5d82de63c250f4c395f57690e60fa7dc73a69e6516ba864df77f4c44537c259900c09c9cdaf02476f32ed7464270e73731af66f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1ff68636d8c4c65c92fa1d3845fffe86

    SHA1

    8e175e4a637b7bebd403cfec98262ab2c3c05cce

    SHA256

    91180497fe3a8a6aacf253d48e8d4c360ffa7a285d59ea2587d8ceb11b42f7e1

    SHA512

    670459a8d91774f6762e68a0e0a947ceb86c04b2e273821fa635295bff10d85d81155850d58a6b7bdcde3842ff75b10558ca874f655924bae587abc4b9e5e1bd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4083ca1f02a2b35be273eaa4429524ae

    SHA1

    eb3c971bdd2535f51b22fb1f6b10419e1558d4fe

    SHA256

    659a02d8d5303b9daf5ea21d80b89eadb9e4c273d65e36734491604edc1efc7f

    SHA512

    a0bcd9a9363a70e273887016ed3228f7bedb0f3dbcfa9ee4d3d2432b0d3cfa8dc589cdbaa2c34ddedb85941081fd6445261f6075cde7002463f25e0e27d635a7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    94a3ee9dc02824021874e6cd4b9e6046

    SHA1

    353cabe35a2d2774fddc343287a6862f377e7062

    SHA256

    4910b01e129eeabba11e0698ae98794a5f86921ae85f46ad7d2b0b637e38b7b3

    SHA512

    d59cb551906bc919ff057fb7d77c06eb843504d9d40c27e45994030be5d41c03d4d0534551ead015134a1b2176b43238c3f3d59eaacb4c132bfba7fd542cc25e

  • C:\Users\Admin\AppData\Local\Temp\CabFEEB.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarFF8A.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b