Analysis

  • max time kernel
    119s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    09-11-2024 18:01

General

  • Target

    LICENSES.chromium.html

  • Size

    9.0MB

  • MD5

    ae174699b663bd90d8d06c68c6952477

  • SHA1

    8c76eda61d320779909adc541593b8e26b24815a

  • SHA256

    c6737ef4ed9de369077718824f76c5e7026d0e39163e26af8606783e41c93e18

  • SHA512

    3fb72dcd790464dde34978c9d0895376827f4d839b4a199c6e9fe77ab810d62b960babc4b21f6e189dc70147b5fb4334815730f4d1cdec05489c19e0725c2158

  • SSDEEP

    24576:h+QQf6Ox6x5n1nZwReXe1Gmfh6k6T6W6r656+eGj/dBIp+:oAPeGLp

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1312
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1312 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2016

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    20c7121789282636c6ed97947c7b80b8

    SHA1

    d79e754b1d4784d683b0a31a281fd2c66c93de80

    SHA256

    8d83d8e574edad424247fd35a572664e298889461790e647fd25a6ad71f15002

    SHA512

    af53721fd7fbe50cb6a15bb5934da87baa7716aade373e4dc0ac7208fa4d15002e8ff0d500062c698651688cc28afc375f81802af2b9915e055bd5296afe9b8e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a424b0cb8c8961ccae907978d640a92d

    SHA1

    d478fada77d5dd8a6bf2b80b728ab0c08bc6b49e

    SHA256

    a18b689acdf1968f89329993acaad44f9fb753d7a83d74a05145e0aa1c1d0067

    SHA512

    5d9fe702e427f7fceb51fe4d040fa27f3dda2ab6fe47829c56615fcf9eb876697ae215b195eb5a2ffc67e5140de48b3be8574ac2d9ea75dd7b132a280e44ff6f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4b071aa9643fe21bcf06bffb58c64050

    SHA1

    53e6bd4586d85183fd7bcc196047663ce97ca7ad

    SHA256

    cf608e61a7e888197fb0855ddff04d8f99eb02c4a98193f1485e68d2978af210

    SHA512

    8503ffc5dc24abecd778ca08d1b0fc97610f8c6c2ce4df3daa762929fe8501e4b746cdfd614769f44bc8fe12287098d9c967f646e5d24f2923e288627f840143

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    962795f3654cb6b5d91c6c9cdbfeeb8e

    SHA1

    bf8a9b7dfb9bf52df87e3a6ef70258c7dd839f06

    SHA256

    bba002ff0a7fa9a29c0cdbe13e6cf868c2d8939af13ded9a2de507e54cb1f6d5

    SHA512

    ad694fdced911cb088874c93bb7492d31786ef2517d0eed7cf6740f3e3b681a69310b99610020e810b53fdc784d0b1901f48f65d189245e690c7b9a122b57141

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1f7f0f5a258df0573f92c4130d459062

    SHA1

    9ca50777a654b48c6b2c7c1af953d61f6e1fb844

    SHA256

    3d656da364a1784aa4ab05f6ed07122ee848eca0b73ce071f1b65e9033099555

    SHA512

    b32e5a1950a22f4e9ffd5647f3aa15755c702cf10f866ef417a991bb1b1bae04e34723822de2b82ee63355903bcb091215918d34fb5cd9774f11cdfa7a13a655

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fb8d6ad1f3fe85fa66846ac0b68b64af

    SHA1

    32410a3265eca84b670d222454669db4d1879171

    SHA256

    8d2d1a62574a3e433b3be1720ba87e1cb431440667350e0dc7e6c38e1cc40bcd

    SHA512

    f6ca8759f385876f1c666a8d5c9d5df65dd4b3d68da48775a11c55b7762c7a6770b808c7181fa98abc106d2be73d357672cbb59af4c18d43b0ffb31f2098c61d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c56daaf9de44a02291f31de9f7a4b4ee

    SHA1

    3eeb7e3c3bb595011bed40a8533d1e46f10d599b

    SHA256

    f8805393e122a35835ab61c127668d1d6e03491c58e5127da98b0954ea9b1553

    SHA512

    4e57f57e94e61ca77f1415a1816e0a377b516d5797aa9000da7615e8c148378ebfdce7b96af4e3109e758f664375f4b92a5df759dde0458212fcd7ff84febfcf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d2dbd6a1e9230b3df60f515a859add1d

    SHA1

    0ef863aa43add3dee1ddcd099dba1462ebbe387c

    SHA256

    7a101e4aa7531bbaeba8898aa1efcadb1867ea25b945bfc58f21b80b03300ced

    SHA512

    53b2a54e436c097ca90cf8a597f98c2942be283b1fa9d69f6a93a03900fc51e1b63851a381df2c744edc30dd330e6b6dbf79a473813c1a0a2964fe490604fe61

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fd17650e53e019a7cc2d27ff6dc8c065

    SHA1

    40e13b4952e6e881618b6faf7b93c7368d1a9965

    SHA256

    c5c5d6852db9ac0b90e8aaa735c8e8ffe0c935ec1b6a8a3571e04cdfc27e2df4

    SHA512

    236530b643dae0b0dd1191e8b6314061100c2e9810171199b079bef3b9f15e07458b674af5bf2e5a9d72a431f16fde13786d15e185527f6b78c9eba85dcc951f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2bccc04f3e30e70036f359f561eaefa8

    SHA1

    28b127d4f381b373a6dc90bcca80ff657699260d

    SHA256

    110e602166460ec81de41b972fb2a4bf0df64c3135541e986af60790a624291b

    SHA512

    8824992b74255aefd22dc963425181aa83f34f32e31544e47c041733bde03d96b6b60aed851e4739a7fd3c2886148a2480bf0f5b9400210c2c4e7a7e76048082

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fa0c828188fb1f92deec7f66841b0288

    SHA1

    c809dd907ef2e9cd8782ffc4a9baea84764f13dd

    SHA256

    8fb3237469f49b9ef671f054637bf131c59e697def7866912d27e5dc4d609663

    SHA512

    1adcb0053f977569af02e90b09ed8043718d9297e9acc6ba5b42b9e7261fb50e70f204bfadf29a3a2a8b560ff474bed1150b237310845e713ba7bc2ad5214b2f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e35ff119bf9649b17cc3b5c9f65509d1

    SHA1

    b61846882801bc9ef0e8519cb58012f8c48c0b95

    SHA256

    539f9722463de6708a8b9ac82c94796b98ca8531acc79b3651b8713ed4d42e3e

    SHA512

    dc6070402085f57acc76d340845649c3f91e0844bb0b4c973097fdabd6d2a6fafe475d2a29718f7ee79ae8df49de3552005c9494a5c0708ee632091af868f77b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6fffc9bdb7ede1d1bc9afa9ea0366531

    SHA1

    1786030c61d620277d76560a9d0809c7d43d5a8a

    SHA256

    148f8fec915668b1f3f99e69b53c36f2b29bbf844a245959606d29fccf019372

    SHA512

    ecff145a9988f1ebab98aecfa2671d185925ba82267a2a902c283f382c594f16495164a9a1db2c21c72b9f5b50bf76f8c30e273ef0f0688e4a70f771b00da002

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c4ab6d60e04343ff287f8970a5c41015

    SHA1

    fb4b820c26db9313ffd594110cc5c46cca682761

    SHA256

    e6f433bd472eac8da2c304a0b73e53905fa4793493f66ff8ec22214e24c0d205

    SHA512

    f208abde1ca6f7a108f264389394462c35bfc2177d555272daeca25d76ba7a9eb2689859d22f28ee354bb06f32885779cb65363c5a8213ab1bec60793004dcc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7f366aaef468afc51c532266019c69f7

    SHA1

    3574ad121e78e4e3bd9d64f1ffcc3e15a3290eed

    SHA256

    b6636d3b20dc656cf26c691c4f599125567cdfe0925ddd5a5030ae66f03d17c9

    SHA512

    069eaeb80ba70e732466174a1c54dbf7c650c4cb1fcb8cd8fa45c3cf1e62a75597a4a57d36f307d8d7cdbc6fed5fac2141bced6a2e140cd91b8de20053d00370

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    afa5a7951f19697adaba45f67ad343df

    SHA1

    2936d0efb3f86da6c817b722f6082b76b5cb70cf

    SHA256

    763f704a79593bc9b39f76e1243ce53d03d658462637a87b9386c256ca7c56b0

    SHA512

    79a1c460acca0a798f22a5b6ab9eef16d5d7fcfbc86833ffbe8b4deeece2d781b178cca680c78d8ee6c62c016efb93b845dc5897587a08b2784bd560e1ef0fa7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9516f6a2e4cc8448b1f1dec6696799b7

    SHA1

    b082828c5256b2712d991e571169ae99055937e2

    SHA256

    0018711d3708173391c4d4c2830724ecb5c71d497a2e6a30e55a2ffc3efee364

    SHA512

    51a750dc4cf1df7e65ebfa0f72e998b3e82b2d2aa9a54a2747e80009d6ee53dcf48195236135c26fd06e312fbb36567f3e9832f93938d218dce9a9d24b644836

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e5259a8217ec1af406d41bc06d667722

    SHA1

    634c3c20c928fa23b777394045696dc388218786

    SHA256

    5227fa7c9fa8a4b5575da2700ee993003ae7189ebfabee4a6ff41e7ac23f99a2

    SHA512

    5769e95d324b266c62ae6ac688c85dcee635d45170042372934fa5aa6338102cf9bc5a9038161d7f8a26e6ba84e6a57f33d889ea98b2be4d583b50a2742d9485

  • C:\Users\Admin\AppData\Local\Temp\CabDDB4.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarDE25.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b