Overview

overview

10

Static

static

10

88b23e5848...18.exe

windows7-x64

3

88b23e5848...18.exe

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

Demos/Images/06.ps1

windows7-x64

3

Demos/Images/06.ps1

windows10-2004-x64

3

Filters/Av...er.dll

windows7-x64

3

Filters/Av...er.dll

windows10-2004-x64

3

Filters/Ogg/OggDS.dll

windows7-x64

3

Filters/Ogg/OggDS.dll

windows10-2004-x64

3

Filters/Ogg/ogg.dll

windows7-x64

3

Filters/Ogg/ogg.dll

windows10-2004-x64

3

Filters/Og...is.dll

windows7-x64

3

Filters/Og...is.dll

windows10-2004-x64

3

Filters/Og...nc.dll

windows7-x64

3

Filters/Og...nc.dll

windows10-2004-x64

3

Filters/ac3filter.dll

windows7-x64

3

Filters/ac3filter.dll

windows10-2004-x64

3

Filters/l3codecx.dll

windows7-x64

3

Filters/l3codecx.dll

windows10-2004-x64

3

Filters/og...er.dll

windows7-x64

3

Filters/og...er.dll

windows10-2004-x64

3

Foto2avi.exe

windows7-x64

10

Foto2avi.exe

windows10-2004-x64

10

Plugins/Ef...n.html

windows7-x64

3

Plugins/Ef...n.html

windows10-2004-x64

3

Plugins/Ef...s.html

windows7-x64

3

Plugins/Ef...s.html

windows10-2004-x64

3

Plugins/Ef...s.html

windows7-x64

3

Plugins/Ef...s.html

windows10-2004-x64

3

Plugins/Ef...z.html

windows7-x64

3

Plugins/Ef...z.html

windows10-2004-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    03-11-2024 00:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Plugins/EffectsMany/EffectBinoculars.html

  • Size

    3KB

  • MD5

    2008c9fa3dc1a82d8e1f5a724f295fbc

  • SHA1

    e2148ae30adbd59bef0b29a141c8f5d22f19a53f

  • SHA256

    78de625968fa686d6930dce1d6d774d2dfb22646b3d6ff996f605ea43162d731

  • SHA512

    2a92558a7bae94a27891b005e1ddbac7f0b7d10aa7fa356c831e002650e08147ccf72bf8f71e916013fbf58e86a1ecd24620a3f4edcc898fde9b47fbee4b9016

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Plugins\EffectsMany\EffectBinoculars.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2116
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2116 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2596

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3f91dae7606643a3643c4dc6f3607e74

    SHA1

    754a3d8a94b3239e6a180445573b31d065c40ba9

    SHA256

    fe86eefe49f03e666210c4d287b2930ea548c5d9cb66c8ddfe67b359b6f1f518

    SHA512

    bc1ee4634a921ebec8e626a5fe12111d63bf20135c552426e1b3236fbc1fb74b02d640099dddda6a6d6b41a392cdb66e5f79e22d2674528e41aac6e5e7e8d553

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    144d67fa3105a4fab23a806612e13160

    SHA1

    8a87e9b284d2fe8ab3a0df8ebb4af6cbf07a6de0

    SHA256

    0707878d3d261758081ab971b7826a5e25a03f2ada9eb7701e6c1b07562b11db

    SHA512

    094fa3af2834eb19a6033e6d86918e79d23516cc99f58d52516f580dbeef4521252ee169984f30014827dca52ed9bfca54eb104f46571a906390f36657f27ec0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    de804168346eec17c4b0c3832d5965e3

    SHA1

    16bc8b210ccb6e05381acf161b1cd49ae6ab0384

    SHA256

    c79d6af51c3d133000d13545352ad5094620531a2475d0680391531c0639af02

    SHA512

    7e9840a91de0214137f5e839fa899d4eea90b5fda78b7ea7737ef49088eb94c96e53eae6700d93fbe34a5a71a1dbf7393f7a0f3f2f202b7efd5af93a3c6d2d64

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bd3f22feac6f4a078322fb183f51afb3

    SHA1

    9315c9fa851337721b9eb3135c189e31dbf17413

    SHA256

    179fe784b31c2e28021632b7671c8c10711956f08270fb9ae05bc2eae4a55d96

    SHA512

    4a3f9ea177a21f03485ec9c11f7f259cc88057f242f4098f88d6cd6c91b88cbf62f05e14615c41031ca08ce53f6d6796ba95c2bc413e66485f0a03157b26afdb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    778004f299c4cf92119b63fa7cb88fc3

    SHA1

    4c56811776208515efa83a197d3ebb0bf4685af0

    SHA256

    d9ab154cb266650dc78c25a1215e6ab0ae4eb9bba09edcfef1f721cc1a010abb

    SHA512

    1f9fb69a6eaa298b1ff4fa6a5df2991d9b666d6bff1f5de370c33ae277f2b906682f3dc13a6bdc5aea7ee2df88f8511e542b1230a8f5869990a1db4ceb4d8f0f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6fab1593bbd0630c492f26b0d9734101

    SHA1

    b27f538641561a8127e20348761399d80a1ae719

    SHA256

    e83570c31cb9d61edfc6ca842024d53701c2b8c0cd251d44651649cb75f65a48

    SHA512

    73f9f02d92cb687043e42d40648c7fbddedab498e92a2f51b2a8e5915d121f46009e28544dcf6528e1141c920b423383fd3c4b37126774e90f1c36ed47ebc660

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    55d8dcdbbffb0956de14abcf52b70a6f

    SHA1

    b1cafad62aa61cbc9bcd4ed82e8243f6d26b9779

    SHA256

    36266a44e091c7f05a9b64dabe68d3cad6e7a2464e6576ebc4ba7817eb195d09

    SHA512

    834b1bacd19eebd9033b7ce21e6bac310fcf59c61239dd2a9b1da219d7ce785251321befac116214060c314465bcf8c7647b6874d552704a8fd10f8232e5cc38

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7c93fd88f65ba7c3b59e0c9ba35577ff

    SHA1

    02244a8eaa253208b202eb85374125d9efb88e48

    SHA256

    7ccb2a8952dbc6fb0b1d7f776368258c02a44a4ecc0c5979747c770bc2ddcab1

    SHA512

    8249d7a043bd72c2b63b650884a968d3ddff04e122cd703f596fb859853179d4f150692eeef39a2ac1059434295fe81f91a641bae16e2cd966b2dadc6f2ab92f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    159a04f8706578ba54f1abede25ac9aa

    SHA1

    12416c9aea034f98082a55e9e984a1df02c4ecd2

    SHA256

    31f1943e262c7d630df0c6e26e9ab81cd045b5e38b32c50952eae0b67d60dd8e

    SHA512

    a7107d05a247c5f086f65239c922f871d1f34dd22070d6c9c32e1dd0ff3261d430583f094695c9748ba916b92b01f03929138d91ddfd19146606a16c4cb7222d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e8d0413ced084a08406c8c30bc584b80

    SHA1

    35292dda8e7c6a495e9f8c2ec8ea8deb3f23bb74

    SHA256

    f05a9ac9a3aec4f129f17417b4c7fd63bbc1ee38d39f364aceb1b8235a5cfdb2

    SHA512

    8a9d25d37e417d028063fc95725711d71349bb3c3bfb59648c9e3c1ec3ecfb5ffd371f8ffb11621f182da30c0538b01632f1b729df2e40607da141dbeb9d0b04

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    297e5e8840672eb266518764c2a078ef

    SHA1

    e4a3f6e22433349246fbcb847e110f62241b8370

    SHA256

    6c38f4fa8446acd59ded14bff189822599c6ea76449c7b079a233060bfe2715f

    SHA512

    e7eb5616d198d14ca77396af03ea949e1c418c993ee828e0f558dbe74b1c44ceb5bc93ac13daf05e4360012733e252834ad4dace19fcf1334c5e577ac78256ca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1c8fbc3f104fcf86614ca61d6b3c65c1

    SHA1

    05d3506056d9c039b038f6fbda0a8edbc7903f46

    SHA256

    21dbba3c32b890de9f2872891ef8ac91025c6c00f7456a41834d3441705c1515

    SHA512

    3967d62e5a530c46728577b27976212ce38c73ae2b97ad20963fd0f7f19abd2b6cc075f88646e6d578826b461ea360623a6efe0ada3c3380e9300e3ab584de88

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fc08588f667ca16a8337dc1aa6d372e4

    SHA1

    a3fdf2b9ecf4ee9f019c5057270c10baf5c9b3e5

    SHA256

    8483cc25968cfcb91aafc5447e408f7f493fa39b7d18e297e7dab8e7fa241e2f

    SHA512

    16d721e9b752abb6b9411f392fedfb82d60e65aca0b5518aff1ba85f523abb242191d69d1df4753e96ea4cda3ca118b8e36df6024545b998b85068b34eaa5f8f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0e3d844d56c943e6bf46bb20baf2ed1e

    SHA1

    e7182447a6cab083c825b1fc84435b7e36aaebb7

    SHA256

    92115d5edf76683a082a499b14b968fb0bdb6a90f5f1fa15a620e9fcff02bacc

    SHA512

    7cf7ff3bbc41c56057168400035b0c11c6edfe6c0cfecbcff417b4c6b893bfb66e0af3543077f17347194d37864602ac30ae07058e9b7886c0b0e55dc11ff968

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    82bef2ad5190d08ba9eb1af49a652375

    SHA1

    49b3eb7b0aa2c4370219252896668f9002ee4fdf

    SHA256

    6a921969e2d632c6bb57c2c56ff344b89d077f82e2e9a54f38170758b0a957de

    SHA512

    c115437e26497c8c1bfe2f08dbc5773acb32dd5d2112ac801d975f90264ddfabd70cea3718e9870fb518caed6bc2b56a486943808a9083fb26ac8d40112ad11d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9f490cffef8bfd43f4edf593e4e54431

    SHA1

    86f991d746917266bb0b24c1e2ed68a6a6dcb8cb

    SHA256

    9eb5a69b64bc151ae82619256c12a65932dabf93672b9a8a1dad07b92d93a1f9

    SHA512

    00e9d81f2638ba95be1e31b300ae174d148add7109fb8f815dd1b1978e7f0c24cf136187597739834519be89761100f5ca6cd211f26c4075a5a8be8909de3687

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    102f3af183e9f1863f39af35de7bbf4a

    SHA1

    3264e488d1fc1ee872480f2e8473714757bb98fb

    SHA256

    d117ef3a423647424496b75e212ddc50d2a96d34330ac6192ebc96d72a3b357d

    SHA512

    2bbfa576ab046df1811f47682303a9f76edd931e42dad6a803afd7fb02c516d16303b146c742438060bf719819d31f9feda126fb4ac3be1ef8e0c382b9f27d9f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ad97808f0d104a39225fa5d6899579d5

    SHA1

    2ae6e1a8f49ec1b67fdaa328662d48d142558748

    SHA256

    57bb07fc2f5b4e4bc2b4521cf435153eac72c304f4423cf34998e04ec12082a6

    SHA512

    e836aae076448b868906b68f1786b225302eb45870e77d9b20b710911abadec1d622d194a99df84ba5e60fd6b7cbd9aa5ca82b5bb73441a499cc2b2e09054cfc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    76d331eb610603b23af40c004a41efd8

    SHA1

    5561abcc06ca7991857130303518d3ec3ac0e1ad

    SHA256

    25972e8ccbcc50b3a262bf747d040f30303f2b5c8ca20ee77c5ffcafdbc9dd54

    SHA512

    c37cdf016bcdf33a704bbb794eb3e5fbd84becc9ad8c1d9519053228ae0cf5cea8c3106b65eddf99fd7084b4409a81d94c37c51ee661435076b27540276dd6b2

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab22B0.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2311.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit