Analysis

  • max time kernel
    68s
  • max time network
    172s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    27/10/2024, 16:20

General

  • Target

    LICENSES.chromium.html

  • Size

    9.0MB

  • MD5

    ae174699b663bd90d8d06c68c6952477

  • SHA1

    8c76eda61d320779909adc541593b8e26b24815a

  • SHA256

    c6737ef4ed9de369077718824f76c5e7026d0e39163e26af8606783e41c93e18

  • SHA512

    3fb72dcd790464dde34978c9d0895376827f4d839b4a199c6e9fe77ab810d62b960babc4b21f6e189dc70147b5fb4334815730f4d1cdec05489c19e0725c2158

  • SSDEEP

    24576:h+QQf6Ox6x5n1nZwReXe1Gmfh6k6T6W6r656+eGj/dBIp+:oAPeGLp

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2880
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2880 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1972

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b8859eeb8a0fb82ad40201c554627e23

    SHA1

    a703e537eea594046706b0ab998bcc9cc5693d95

    SHA256

    a096bab627d99582df04b186e51c6c03931961322f3ab6ce5e8f4085fefffd81

    SHA512

    667ac45246c0c351b2ba3624a42a8daa6b390e1c68df01524f600a4711702f391123061fc5d3923e558558440829ebb7c488772fff841f41c731b2b0c87b510c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d8339816d76e167505c9d09f08a871d2

    SHA1

    09aa567e79de819e2a7bef70d5045e98627b70a4

    SHA256

    c4da22ac7b809d20cb45b0de6a8589acfb9cbb0c1c925d661222e4d9d286c69e

    SHA512

    58b6ef5442d0470d3c2505503048641dfbd90b184f752bd892ae4506ec9d631c273b75f0687f07397aad90e53554cc587ebf1f057db78e6141124f60ac6205ff

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e8f76ce92c4a1575586b52801975125e

    SHA1

    d72b06155f4b389c33f24a5d5d5563d1a641c5df

    SHA256

    7c174c6d5e7debda19a7668bc0193f720d66b0143892459c35745f128b9dc90d

    SHA512

    fae2fea2afb12b44d8ede326493dacfa88985e15fcedd11ccf9608393e2fdf0f6ebde8c51d5ab589e56ba52a33c82f3f72d191f449cc121ab9c4fd46dd72d596

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0bdde917de31d4fd70051c57c8ef562a

    SHA1

    55a6f3926bb2d6cf38d11fdbd65f0900a51eecb2

    SHA256

    9043622abad0b8aa0b35824ec4955800e4918354cdc7ab857032eb295dd7ea97

    SHA512

    9fbac6a5f0d96028affef3d33e3b2f169e47fee1f6359e04f5006050d743e4668066ba6b9d620728f794bfbc5daca364b74096e7bcba3149cb4d0390ccb26168

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f8209bd76c7ecb44eacd0e4d0fc8df1e

    SHA1

    d2cc47d95540141829fb90635572485d905ed1f5

    SHA256

    23bf82cf28812b91258d2f7a3282e2a3ff790f95d0c1402de92d621a8b3dd9a5

    SHA512

    7d7a8603cce5c8922adaf16c07a298ff589460de3b9832a278489f09473ff21a93702470d828fd946407dee5b4c91f5294c453e37c14c5b66261cfeeb5a1310f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1813825762da0a0d2b1b675d8250e898

    SHA1

    3ca040f0e8e92ad9e5c56e9e0a34db83724a2531

    SHA256

    fb851f05c1795e68c37e28e809f1b8d37cd459504d9fdd806f91d4d8a7ae50a5

    SHA512

    c62da238cf91c1fa9275f4450ecbdd9e4880713ac0a2932a5a4eccf11ab64345dc01789d002ed3368ac658a72a317ab302553f2c757ebe8131fd2fd26f612c19

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f9f93dbb5016e6090ed6b5781199447f

    SHA1

    c9082cb878781520d6513adb6c199d6aa1e398b5

    SHA256

    1b1474b8b3224e0250273e5af53d57c803700cef81f47a253a01d3f5f6ff506d

    SHA512

    74f09043410d1dc6798074b0e997728e6394ff8b7ca5a3accb6050586043c4e9410dc3264754688fb8137dee7ffe4cea5415598175969b4fe574a01b863494d2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d699c817ff5ee897c416a55b134128e3

    SHA1

    b82d05a6ced15b74b4269a7df3cfa1db81060493

    SHA256

    97b56a9de9d568e6ea36acc687298bee7df2ef9dbb501485ff55fb5bb5c74031

    SHA512

    393b2025d40b7fff5e980e02179c9f25fe6b09f8e0ad523c6c8be4ac5f8d52eea070ba80efb774e70008983276a1ebfd59d2aeb16c5cdeecd8f655dbd10db9fb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dfb25ef9f1d199a33ae84f227880019c

    SHA1

    90f8f7584d476320fb1142cdff9f7d8e039f9cfa

    SHA256

    173b25680eb92569c1f06e31d4c77ac5ee3e7200597417e3308d0feded1aa107

    SHA512

    89f8a45c059e740da359b6e983b1c890986f332f1b16a21b2607762adf0be2c1e58f51aa40bfe408e304ad20112d3e79c85ac8db9d35861676bdad4d0c9cbae1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c3731c5ae63de1a724f56001bf8d271a

    SHA1

    c89d10618f24dd4a5c683747f905b7b2bbc97c5f

    SHA256

    04b9078470fc13844256720125897b06a2e6312ae39b67ef336953917b81dea9

    SHA512

    20224caea167d117245291fa94bb51c0f22c64afbb93a7ac16c92b79ec34e0ffac416aa098fe8b51d03015e1fbc32a495d0ecf418911ac6845a170038aac0686

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8671a4ce43ea5bd2932742644db44cc0

    SHA1

    7661e442b6da7aedd10a02d16c85f43661cfa15d

    SHA256

    716776eb00b1544884140de2c0faa58f92d12f079387bc47b3f72ff7918b3402

    SHA512

    76fe1f534c1844ede3d40533021ea0e553fb986159420185724a4f1b0a8cacb1180ad65212c22f79f531ff0e0be28d69dfef6e6ca7ff3893cf0f9a40c6a4bc2e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ab9a89e19b678d053cffa7b9f965d8ac

    SHA1

    5c93b74972d60792c8adb235b0c002bcf4a13aa0

    SHA256

    67588109ad75a3548e57de26dec0ec9e5151b5122356ed691ed479d24d4cb45c

    SHA512

    8f39ad1d2c24c00a8856e6c5c0da9c06f503650e657ccbefadcb0f27ef89cfeb25a016020859d0a7ceff9ee3277d213205d58cee60282c61408eaf4663be9d2f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    45dcf3fa2edad322014c514df08ee054

    SHA1

    79afb2f28d68792050731dab1c8db8be27708978

    SHA256

    1f1466dcff7c6211f6c9fbf8f994b615b8498eb70e83ca659b722ed132d30e2b

    SHA512

    0b25588e359c430baca25bd10ed5cf0c194c7902a105caa346d0926f53300760a6aedccb1d651d13545c7e9f67a8bb47be42c2f8a1d311d5ce723f40509721da

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    364224f72d8f93d2d3abdd71c02679c2

    SHA1

    b14a859e605e33ddeade009f51cf73878557a5fa

    SHA256

    a5b91a659cf3ef63d0b8a3589553d595dcbcbf1b29fe9d5a343ed5d4632f81bf

    SHA512

    d44a58e86cb5b6dfd9470df4f2b4af6c417f5ef05ac3d40e7aec087854474802268796e5f60415a3e8acf8c5ed9b6dc43d727b3049f1926abd1e2a1122fa014f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7d8db233f50ebc307426d42cfef12afd

    SHA1

    ec3fd5bbc2fd6575c2d88855ef15c7258a9e23e6

    SHA256

    1bb3f9e457afdb338f5b53f51b5cd55c856b4b7b5b1012b6020e96131a80f0b9

    SHA512

    978c181b1c8c77ed386977c9c6a30c9c23e2dc634ac33b6fc8ff465a9b2ca1398fec061df413c8327b54728bebdd20f9e7e8df3902b7806e72fb67404268d671

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    edc4a665f6185f4f132e655074a4f801

    SHA1

    1be8cb2a0e62cb14407d8c6f1d53f238aebbe2e5

    SHA256

    19852fc5aea38f834509c8bf012348066cd6bba21cc2b5fe2d433d546c504dc3

    SHA512

    798bef43301e6ee8278a5e4e48f16f62fd2e2e90b3be3ce62cd71dab6cbebb67d4732ff08bb9fb4994b894798ff818ae49cf4fc47d3ab7c5b13f974b8d7c057f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c330828e785eef22c09c0ecd5c3b2a0f

    SHA1

    dbd2e6bfc3a2210e33d40d7ffc202848b7b19646

    SHA256

    017fe7d6d7e4444da6456ebd806770bc7c0a1e6b02963cacd1ac2ab5fffe94b2

    SHA512

    4ae65af638e371edfbbeac6dd17f4cccf10c4d009fb449a6a799e10acdb5048db6423f1fd60734cc35b6e31ca2211f3005f969a47ad391c404780b1ea026b34c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    21b914f9c1e73c0839a349d87966c3ae

    SHA1

    3ac05348fc11a91f2370744b67e10342726fc92c

    SHA256

    2dedafa07b9249e794df7599bced36120f5e16462fdcf061b26b2d7d1869a112

    SHA512

    70a9cc8529701f581549d097d05fe859bee62a7ada03d943b982e8aeecae698e195b796ee1778f6c1d7ffe22bbe873b18548734646613c38f11b4807f94149fe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e41b8874678f1870a3273b403afe6625

    SHA1

    7eb2f580d2e08bcbda1f796e361da39e78f81f58

    SHA256

    3fb5ff0088b6b4639ba3e603f485db77279043d6345333dc19ccfd0fe03abc02

    SHA512

    e5388eceb285abc55bff65cfd926e9a73cb4edcfa6eb18353efbd96a32f96d84b1df089e863dd64cf22b5b3dbd61e25119a5f29f7a61bbf552ab47a6ac409246

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    37aef7524d2dec549c5447d992d128d4

    SHA1

    4dafc05bc0f6ec89b3ff0121a1172fa659dd0802

    SHA256

    c319b961441d162eb3891aac40723b1e4472270b5d8af472eac27d9545511a3d

    SHA512

    fe422b02ef1c7e6a2ca96236a18670bbb76384313d6262dc607600b3350662873e7aab2f06b69940ffe49b9424f18dbd4a70bc746448b291495a6d41d9d5c0c7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    47ef239049561df4db089a8b02f0b13d

    SHA1

    c065efd2f2031322c820d1a461279239edca4054

    SHA256

    13b84a04ee5ce50475cd2d3b6a6c429b05c16d608810430128339c170cfd2f36

    SHA512

    571e0334031a398e5f10907e3ea145bb066c6d4645e282e53097aa4f5270a8abcce79b1bd47ad80e6bcb42ce2d551055ff12f2b8ee1eb5799176cd1c28e7a322

  • C:\Users\Admin\AppData\Local\Temp\Cab651A.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar65DB.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b