Analysis

  • max time kernel
    117s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    28/10/2024, 02:23

General

  • Target

    LICENSES.chromium.html

  • Size

    9.0MB

  • MD5

    ae174699b663bd90d8d06c68c6952477

  • SHA1

    8c76eda61d320779909adc541593b8e26b24815a

  • SHA256

    c6737ef4ed9de369077718824f76c5e7026d0e39163e26af8606783e41c93e18

  • SHA512

    3fb72dcd790464dde34978c9d0895376827f4d839b4a199c6e9fe77ab810d62b960babc4b21f6e189dc70147b5fb4334815730f4d1cdec05489c19e0725c2158

  • SSDEEP

    24576:h+QQf6Ox6x5n1nZwReXe1Gmfh6k6T6W6r656+eGj/dBIp+:oAPeGLp

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2668
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2668 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2796

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ab37b6424062affd8294249fec3a1f5f

    SHA1

    ff9efe7c0bbe0d281814f7f5c92032ffd789e81d

    SHA256

    8153a74f23387c20a8531ee053df5fe9a226db514843a2ed2dee4256f2ece6e8

    SHA512

    3db966d5a72acc9b0cc9d3fc0b648628a2784133dc35219ee477d09133b41617fff34a38b89332292ab2e782838ae243ecea563ebcc48e9f03afb833be336739

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6d5bf6aa115f8e6cb550aca8fb385b95

    SHA1

    40e56fd924da7a2367161aa18dab72d4cc8166de

    SHA256

    e873cade3378c4344094013973528a3fa7934bf6cc9e25332c7af8feeb76b87c

    SHA512

    c7b4a8d359536ec62e8dd9d302a2821f878ef02424f99f34e6baefc8b76e4f6c4747eec204fd3ba974ba9d98492da074b338928d060698b8fe70bc9706da3d89

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a981a84a67d47ef1d8f5f310aab33789

    SHA1

    4c46ad4e2716899558a9514597033c54d6b41657

    SHA256

    e5c3a7299c3e004b9220b7e760afb3ca4a315ce9e03d8ac5ccd89af1ce9f1061

    SHA512

    06bc1a6d8f9b4e97c99670b50c78f2e831617b7fe1123a918bd57c957d7cca46779194ff39d328623bdf943e216b085189df90f42b52379b0651d4eb1d0b4e64

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cb8af69f2fac04bef3b2a44a48a19ef8

    SHA1

    3a30431d2a8aa836c0c04d64dc70c01088674ff2

    SHA256

    9f7947ab0944545cb95f5cd96fb0af62a1cc879167464a4ac38f28c46b01deb4

    SHA512

    f003ce2020af872ff463a65bbf512e41e29da9dc35adb446169ecd06a775134ae4ebda597d3fe7531836aeab04cab417d8bd2cca3657633f83e26f03d47a9616

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e61927d9d2e034de2471639ed25a2ddf

    SHA1

    65d507ba3a961c73a259f148c40a540ac9d9aa05

    SHA256

    4c460470b8e1c4725fe049f47e743f71bd06e64bcd20587fe40938013e41b262

    SHA512

    9c0a9caf4c5e887ca1583671bf11206f63d8fef044958df9af030bcf2f4b42f84e1c6c99d718b2ca3fcd8b801de056ee1ac48bddd05a90475b6de4a3803db405

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2a0bf9316c18f64a2096a817717df50a

    SHA1

    91a562a2c2a53253733e810d9774ea1c681096b5

    SHA256

    9035a72bfcfea9507a47c3146a892061df57b491e557ca04289f5b471d8c8be4

    SHA512

    a20f4b863b9296ffefac3f29e66219bd62fa075a99c8fa3427af5c27d85ccce0b7ddc8327a240a6edca62ca8e798bfe70f25700a141bf50d997c2f2d6bbfe7f8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7c700f87d52ce7be3d530b16692322b3

    SHA1

    3ea10753eb54863d924edad8b60807888fa688cd

    SHA256

    f4c8b39d3f3cf7acc2c03d4fab3926d9d3414bb4feefd862007ced69cc339e36

    SHA512

    069fa88002d804bfd5caa61617110a44e4b38b7841b07db83ddbf899823e15430ebdcb8056ba0c705f273037a3580d80a1b6563bc5f50688dfa7dc7f2319fc38

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    86b39b097c511157cd1a8a059ee9fb0e

    SHA1

    0992ec5b77e788fef78bcaa727b387b892f84d76

    SHA256

    15853df6a442bb9956c7a226336e3fd409baa9a7f1b576b5142c69a992597f35

    SHA512

    3bcb95d7f64df48de8890e814b6ce4c18867c8626d62df439385cdbd14e82a5351036574963ce726772db1b46855fe96dd2d20569d0800843db9def3775e55c8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    36be579d1f65a8466a9f7acb3835cd1f

    SHA1

    ec7398c302535ea0ff8bb1913e7e466afa954888

    SHA256

    7ccea9fa8971a7adf9605b37f7c9cffb054e861fa5771e0db7712372b6058d09

    SHA512

    61957feaf18cf51a9b10783ea792013e104fb81ae6d2470bd7a2144de5879fe6e912d5a45a98a372874bb59440c762df003b4db008b7063dc7798f818a64ca06

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5386d5a0acc7f88ebae269cba25c81a7

    SHA1

    451581a03b142ca7618e9b668e8d8e7a14c9444e

    SHA256

    b9956abf6005c8b37cd3c8bd05a98552bb7d2b36b018eb980da136c264baef33

    SHA512

    cdc9f13d3cb12c7da06fcace62fa9a3671e20275d52cfbe2ed45132efeb2ccc23b49a84854964f938b6d00dc53d8fe9a28cd950ac9bab42d14988006162b8609

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d77c2880d7dc0b547661190a7f4aa4b7

    SHA1

    b54258f31f90f7ca7c7d01b72a45348bc66518d6

    SHA256

    12587a161c6b5c41fa9719a977db7cf0808f0902e8ad1ef644f18f72d33fa1ac

    SHA512

    1662430e27ee4bec3bcd8ac2321dde1b460d6a2ab6000cd1439de5afef007ae4ebbd0b0d63b21724b39c007fea7bc78c64684298796132974d5cc54c16b6f7d2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    85e9fa5aa6adc0401732a1dbbd18b6b7

    SHA1

    400cedd5cd819f881a723c8fceaa6799127c99f5

    SHA256

    a3bca95a5314335bfcd560cffc83141fa7198fdc7e26b7878503c3792165ffb4

    SHA512

    412148a395cc0bd0ec9ef769ca1179a41239e479183969f7b17698a1d3c97dd62458060a01e65f09ce0d5fec5fc5d6c9d14212da0dc4db6401ce504c85cfcfd0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    94d99e824c771921579cfe16f8efa7f2

    SHA1

    05a06778f78a066ab18083f9d0f07ccfb7904c9d

    SHA256

    b61fcf4823b5163b0fa697b123c83f2d95fefbc6450658e43a7ac56832fb9880

    SHA512

    666c718ae93e341aa8e2c0d077b1954bb7a26c50ca281f50e5d94e3567a798400c34af505239f69cfba1ed4b71eff964e543cae924148dfaed0d4ad4aff5ce63

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9a93709cb80d067c801ff83a499e1cff

    SHA1

    46b0538885e63b6da8abfd91e3825848a7a28c5b

    SHA256

    55b6ec11eb2938902bc09cb7d88bce5062b6139360cea9b4f282c021dcbbbb65

    SHA512

    f570fbf3155f2e4cbdbcffa04e2ff9ae0376ab844557b7565890292a740fc8ac12de20ab1e948b19cfda28fb38a6caa1c7c8ea1c8442a39a3dd52894a19b9343

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    73e8e4b1058772a21646040702d265eb

    SHA1

    62526b77ab175f18530b98cac0c82a74fb0a359c

    SHA256

    11b2abeef1a7a8b6ec6c180b6ac187a5be456f58e34c0c173e368a6c9e3b523e

    SHA512

    b16a865f0f7ec5fec9a2a9095f4c0e137c098e363783360f691c3d542ed8669c7e634d56c14b8adad30f40bc51ca1035340926f1465a1d68335edc5a2bb82eba

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cc8f029e2ddb212fa2f183e001fb0f10

    SHA1

    aeb4df2ba7d05582ef5dbdee5aa224faa0e5dbb4

    SHA256

    549863ba0122b833416899773659334ba9c4a210374fb3c59b5ae5cabd6c4997

    SHA512

    f129b749354fca936700e6b76d76d4765d66eb6bef727cb1de73abf9d299bf43ea2db719b318d210aeac2d4813a0464ac269772b581551c1363c8fdec4d57b39

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4df39e9d2343e83ba2a0330f1cfae292

    SHA1

    6ea3b26a2d3b139041f6add378e1dad079fc6adb

    SHA256

    60a37f411685e520afba1b4fa280b163ed1a112b0164ee227dc4f924239d5416

    SHA512

    f20c229ddd1fafc1c509aed332155e0d761f6dc5bf0dc34573dca993c5403ff42bb06305c3af576b365f2adf30f6f15dad4f78975e652d9c72f5050351587f04

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    586345cb1049c24694bddb709e67c621

    SHA1

    7130de1a2642e74526abbe12200737b4d4b319e3

    SHA256

    bc82c7104db85779289f19bb3aabe5edb21b09c78bd48ad6eeae51a2049040b1

    SHA512

    5cd58bb4b1689f4aa64ef7be139a915f113b6ca85cd279302125c0ae073ac1233bf87dc1783738c75d35b0776784b7badcb64dce3c51b758e3a2c8b79e5b0c34

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ead80ea03777f12c8a9276a2e60e3026

    SHA1

    d5a2e910131d8da081b7087b1484ea65d66fb7fa

    SHA256

    f6ffae486685a9f81aa0f76f2fbdfaa308fa09b7e33552bce42ffc3d7d255046

    SHA512

    331ef5bfa2948724447bfc511a48523556fca3dd133e6168cd442dcf452fa92ec23d0ad15979aa731d2556379937c8e31dbdd9434e475e16d2aeced3bf583e4a

  • C:\Users\Admin\AppData\Local\Temp\Cab2D89.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar2DF9.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b