Analysis

  • max time kernel
    134s
  • max time network
    138s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    09-11-2024 20:05

General

  • Target

    LICENSES.chromium.html

  • Size

    9.0MB

  • MD5

    ae174699b663bd90d8d06c68c6952477

  • SHA1

    8c76eda61d320779909adc541593b8e26b24815a

  • SHA256

    c6737ef4ed9de369077718824f76c5e7026d0e39163e26af8606783e41c93e18

  • SHA512

    3fb72dcd790464dde34978c9d0895376827f4d839b4a199c6e9fe77ab810d62b960babc4b21f6e189dc70147b5fb4334815730f4d1cdec05489c19e0725c2158

  • SSDEEP

    24576:h+QQf6Ox6x5n1nZwReXe1Gmfh6k6T6W6r656+eGj/dBIp+:oAPeGLp

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3064
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3064 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2636

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fd985afa2ba78c64282e00339181d6fc

    SHA1

    6f4c299524ec0d7de3eaa04a29de11c1cf11dddd

    SHA256

    2720a2f7f96fabc0027b30c0ed36ee0eea0ca94fda5470ba31030d9e2a389d80

    SHA512

    6eacea9ffdcf958d2404715560946d323ddb1151eb715a90dae6d38f5c4349b9a9042b6bc2f90a0a6db5bf1c88813894bdb59de40bd48d6391c6cbfad130e8ed

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0f9603314dd291e0f6ca8f813f3eeba8

    SHA1

    f48598333a83b57610f1ddcb65d4783d87c5339f

    SHA256

    2b85d46e873e99d5d2d4422d4805097eb9738725ccdec6ebc9b2d145f95e2700

    SHA512

    8a67695b683ede843b873d689fae8209b14df4b582115a0480a924a318724a0794da276b9ddb002bc852abe82e4c1c751f849f42fcc040e595482c82f9c98bc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f6a4d30b1b3d6f6a4cc8b74ec019d39c

    SHA1

    0330e1e0fae55fefed5bfee4eed94b78e5c4015f

    SHA256

    5fb62b54fe8fa41bbcba057aa5d9f6ea9880e8d7621cba4b42fad57c10d1cbbe

    SHA512

    d2c6a2e888a33e1bc95627e0e01b052b13884e33b48e791df2e310b6171239ceb12bcb04428d8485c0bd1aab5e6ccb1b5821af9f3c9d7199bfccd613dd9d166f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    80728f7b1d05f00350bb0849eda2fda1

    SHA1

    b8491eeddf55d984119ee709f6eab58bce41a0ba

    SHA256

    05ae633563511ff0a31d53b0399b292a6a9b6c6c9bd3196f82d749d61521b0d3

    SHA512

    4fa38960f00ba5e08298331379937f5e6e489f3150ea824fd0b1c229a80b8f03d8c1ff3facf072b9b4c6078b8a2c47269d1995d18044ec8759ade9a733020278

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8971442f88215bff1a4c5f78028eb6cb

    SHA1

    3be04bb73a92803e28ec01aa2d6eb18b344835e4

    SHA256

    ad27cfe2f6f6dd73ecbfd9f478eaaa1f8a4babd00f8ab317c917c0810413667f

    SHA512

    b5a96ba4c840ad168438f45d7d469477278953c7666a7b80ded7f0031aee88eac49e68725263063781da9aaa4dcfba99cfbd89f21b840d5c8867896420c8d7b1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8d1f3f25b5a35c973056b1077940fa24

    SHA1

    0dcdd1532521e76accca08ef8bd2def37f1a283b

    SHA256

    6d4a325cd0d4905ce3eafeea18b94c276812e02509ad9b171dd1519c3b65bdd5

    SHA512

    65d00fcf9462046e3ccc090d07cfb5bffd5a4534c112b2ecaa398cbd528ef34f8393c010efa7d50e0a60e5c7b446c876cf52bd66e613582d241e9aad052883dc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d9fa9f74cf6b55f8d131cb6b51378ea6

    SHA1

    620b10071d4e99532dc283324d62858d100fb829

    SHA256

    4df322c0dadb92d1d4dd732cc1e7a31682ce64a88a999fbc7f8c7543bc0963b3

    SHA512

    aa7c4d0c464dc551a36b1716365a6897431c8f9ca0211a534d89693dbdeea0eb4c6c708d95c03f7596a8bf67128c776e25f0b32c669bea374bc3084bc6789e88

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ab8baeddea415eff2c8f3465a918423e

    SHA1

    632277665f56a53edd94bdd5a55767b7ee8576c0

    SHA256

    7864000c2004e517cdc55d26447c33b4e5ea1e6b6182e29e632f1c5ebbe5a898

    SHA512

    7e7dbfc20511b5e7bc9dadae22f011714b333752ee422e27a5a1dca89e8fea3e0a8f01b22e3126b41f29cb063474193d361a771b3bda44d6444a09376f6b8141

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c376e951ca12e5112410e45d83e9f03b

    SHA1

    e240ab9ff72db22c60938b7ac9cffa02cfac2a22

    SHA256

    c3a2874716a1676adf5e1520cba9a7e0bb8312211a71cd2e0d1e7ad81246c3d5

    SHA512

    4c8984f95060e2b998916cd327a15b5bac36951073c53fa9c91951fd67a7458f9101eb6286795ce8cf76ed959f6ca5dcdfdabd01856bbe755df1e4cdcafd19b5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b5e412aef05a375c495ed47a18268e5b

    SHA1

    72f5b4d4a11d6a822263bbd24a07d16c31f9eb2a

    SHA256

    c5c302e8b57298c6f0cc1ca62865360a37740a2ad86dfd24c7a722bda4e5ad4a

    SHA512

    80e41f4d06463bd9efc46efc61bdaef6ec5525a192f0d49cbcc94b66d6164cd329ae1a9e4f463c24383313bcbab047fc51fb4a98c2b16064a0a6d44f7b41a9db

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8313c9a16cf3b2eeb3766ed8dcd03293

    SHA1

    4e8ddb99bd174c0d40ad54dbba95335c1ae0d39b

    SHA256

    5c5fa73ff3eb5434ccf31d268ab4ea98f841420c0811d4e3176a2f26caa8fc21

    SHA512

    ebbec486cc97572152c76aaf9fb6b9734f4d7a0f2e79943c6cfeb5582c877160db23b2c3da95a7d06fc9dd9a0601a22ea4c0b571911edd1b0ab1f2ddffbdc279

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9ecd1ce003fdcf4d77d0fa1a66064a90

    SHA1

    cfb625bf1a7e8787ed9e2ca94a0deab486484d70

    SHA256

    5b2005c70ab23627dfcab55d6b4ea89732d3bb7c263a2c9e6053396c69ae167e

    SHA512

    0d037996a16d8ae52adf6e8f9902fd2a9cc3111ed8187d4334e701f680278cc4b1d3bc1b6367192e20349ed03a8ac1ef77ffcf0ae9cbb5d0583e57cdf6e4bfa8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    09163f7993fd73f08a05abadd1d7eaf5

    SHA1

    8c64dc5df5377828d3e67f5e9c606e81b2badf76

    SHA256

    af4d88cfd32ef75fca2771218bec72ea4d70bf9baf254d347a565c2edb177aa8

    SHA512

    9cc0bb2c13ab347bf7e106b5d683b7e179c6492850662149c1930553b4c094394d650961cf368117a1cceb65a3fc28f4e1dfee7cb2f76caf28ae9da4cd5054be

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    137a995b68bcd8e199e7c5e64c62df2b

    SHA1

    d579b97edd756f7316e1a75a0934689c6fcc3b3c

    SHA256

    640ef806b3a7cc090eaf9ed4eb9b354c39fc52bc479e571684da0e79f2d98fda

    SHA512

    de0407224fe7867f6c9b890e162d95715c30107312fad943f0e604fe43cc7b57d52e0c12aaaf87a64e2c713647f66fe45fb0cb7dbb232dd46931238033c4df64

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1e59cb10e94b88273a666fb75af5e59c

    SHA1

    977ebd078c4f36aeaded449becf8e2fe5552d04c

    SHA256

    25af0975a53e2b88aa2fc526733766074b19ee955e44b0d03959b110a5ad6be0

    SHA512

    be8a0fb9dfd1aa9fd109dd7593edbf25e0f2b8dbc0d706bff6e030c97248051ab8786a772820a6f1312f596233778d0425f9ff72238993ecf56b641dc1bb0f46

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e16fba666d8ae82723cc2844b7131ae1

    SHA1

    4661bd59a457ebf9c149a90bccf66181e2ca3dcf

    SHA256

    ab7877c53bb57d915f572c8b2f3c1258ed9b8fc47bbf106e800a6a19a4de57d7

    SHA512

    e431415796139f96851c6773d802c5a9062cdc6b65c66cee4074479988809094e1832009a98378b2dce62165d88ccace28cceb969092df7ec531c94d76a18d2c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bcdf0fb0bd1a21bba7bd4a40b74de43b

    SHA1

    f586fcf06f609fc7302969d9d16a206c3c165ae8

    SHA256

    f97f3bb7fa550e746c956ef9dd9d65f6001caa04c2d36571a9acc408ab837cbc

    SHA512

    e458484c8484a0f783cc836c5fc7d19e8c0c0745f38c4c89d4d8174dd687a9c1fb3d4b8676aa01b4100ca28a8e670f128f213849f2ba24c5a0558844b5ec37a9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d9887bfcff4024eafa538ad8b03deb90

    SHA1

    6bc2274bab6bde5eccc387a7d8fe4cd1a0e72ea3

    SHA256

    641a2fa5c1abd43140f10c4288859b0054aa3cbca55e49cc4d81fcdeaaa2a420

    SHA512

    baffa466afcf4e24b408132286067f7851a54aebcbbcb2a950a9f22cb43e10ef4ba61abe3ee60fc98c5fef9a02d1296d20262cd2b0ae4902d8e67030ec1b68e4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ba31cfcfa184b8e1a2d389cd7d386984

    SHA1

    e5f18c73b2f11efd97f62a72444cf4005b46bcef

    SHA256

    e0dc86dba06a132761c4391ec71c53832f500728fbaaf50f817f8a7b795e46c8

    SHA512

    7bba010a2ee43eb9ef7e4b1eb3065e983f5c312f8441093157c29ca0ef0ae54c11c4be321fdbafcedb2b283028b31665c4f67a55ca8629779752413b51bf201b

  • C:\Users\Admin\AppData\Local\Temp\Cab3FFE.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar409F.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b