Overview

overview

7

Static

static

3

Wave-Setup.exe

windows7-x64

7

Wave-Setup.exe

windows10-2004-x64

7

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ll.dll

windows7-x64

3

$PLUGINSDI...ll.dll

windows10-2004-x64

3

LICENSES.c...m.html

windows7-x64

3

LICENSES.c...m.html

windows10-2004-x64

3

resources/...mon.js

ubuntu-18.04-amd64

3

resources/...mon.js

debian-9-armhf

4

resources/...mon.js

debian-9-mips

3

resources/...mon.js

debian-9-mipsel

3

resources/...ll.exe

windows7-x64

1

resources/...ll.exe

windows10-2004-x64

1

resources/...dex.js

windows7-x64

3

resources/...dex.js

windows10-2004-x64

3

resources/...rse.js

windows7-x64

3

resources/...rse.js

windows10-2004-x64

3

resources/...and.js

windows7-x64

3

resources/...and.js

windows10-2004-x64

3

resources/...lts.js

windows7-x64

3

resources/...lts.js

windows10-2004-x64

3

resources/...xec.js

windows7-x64

3

resources/...xec.js

windows10-2004-x64

3

resources/...dex.js

windows7-x64

3

resources/...dex.js

windows10-2004-x64

3

resources/...oad.js

windows7-x64

3

resources/...oad.js

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    163s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    31-10-2024 11:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    LICENSES.chromium.html

  • Size

    9.0MB

  • MD5

    ae174699b663bd90d8d06c68c6952477

  • SHA1

    8c76eda61d320779909adc541593b8e26b24815a

  • SHA256

    c6737ef4ed9de369077718824f76c5e7026d0e39163e26af8606783e41c93e18

  • SHA512

    3fb72dcd790464dde34978c9d0895376827f4d839b4a199c6e9fe77ab810d62b960babc4b21f6e189dc70147b5fb4334815730f4d1cdec05489c19e0725c2158

  • SSDEEP

    24576:h+QQf6Ox6x5n1nZwReXe1Gmfh6k6T6W6r656+eGj/dBIp+:oAPeGLp

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2320
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2320 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1976

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1c6a0cd1c15cdbe804b773091d4eda93

    SHA1

    31435acab96058f90d6cd16af79a9d97706f03cc

    SHA256

    ce09a79a34c7d3cfb3ca831bdc827e18698f232ca0c30d219c3825bfc099c726

    SHA512

    86946bb6a5c047a228f63acc3f42412e4a7aaf57e1f2ed8728c7a67c5cb86d8ee10229527c5f89dcbed4b70908ef4e80ebb976d6de8f1d34d29034212ce6d3b2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    80f7b285d4a0c2b3458b515507c36969

    SHA1

    9ae5227eadea608cbf4eae6b9b3784ca4c534476

    SHA256

    6fb04ad0109632ed9b7e9e25c50be7d8369de17b43f332e1e3d7169c6292ab5e

    SHA512

    1b7c891e0028ef8b7485f62186e12f945916c672c3b467b808558af64f3f4ed23b27828de57643f638f672c500342572d555227312348285c2dde7fc8ab0206b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d4a8e9018791b23936cfb4c6df3e455c

    SHA1

    fcd3a3ef1dd508eba3b807cf3373e8ec0c777903

    SHA256

    b2258da7253683538a7836ef2ff80b7bdf729a03ce87646e6ff8fdb8138c78ae

    SHA512

    789691694bd5f29331b4c440885e05d4716228f3220ad68e2ba1fec663e6db299d421a3ce6bd43d28359ecd1e1eb414726b063302e9fd093aa3532216ba86fc8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    58f46f3a40138e221006c5b10fd52b87

    SHA1

    c2bf88ad8974c228cd22e754faba547d3716af0b

    SHA256

    e3bca00958489f2f14a8bb1e7b53b2dca6364a3bcc116f484bf59cf61c1348eb

    SHA512

    09bf6a38b39a89d72e66fad0660e2b61e3bd673ffbb87519b53880426a7b32ef2f79afc00a0e0ec8fc9c2d447f5498569fcce5d00fbcbe00fb9f791f0c19b46e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c9935764b8ad850efc05d2e379ab197f

    SHA1

    d98554672affd756f85ce7dcddd4992371ad1992

    SHA256

    16a33463683b92e4b73d452c1a54f26ad3cb921f70407401d609344928d96c63

    SHA512

    b8eb226c506b12e99dfd59958df02bd53f8839722751dfa6333d704353bf05c2f0d511a4ecf6cf525f3208cd2aed77610ce7a65895595358501393eb58e30599

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ef82be31d34a27eca87b9320250b4baa

    SHA1

    05bf4c56ca4ee772b56fd6e3d9ecbcdbe18caf98

    SHA256

    f2134f2f699008781cd08ab0af9dc1dcd42b0f8fd0b26fe4a36eb160d482ddfe

    SHA512

    84a0af2aa3731f1586c03d51601a34167fda10163c848baf308d0e68597a103fe6f075c5e91d90f3b7fa2b316a03296f6144c649a62d533aa0b630978306f694

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2C02.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar34CC.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit