Analysis

  • max time kernel
    118s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    13-11-2024 10:22

General

  • Target

    Release/locales/resources/LICENSES.chromium.html

  • Size

    6.3MB

  • MD5

    34999967f735b07e9cbcf6c397cea4db

  • SHA1

    8001fcdd6ce0c6e5a3d91fd45e4c9726fa67f3e4

  • SHA256

    c5a05048505c00af46c75fb5ca22057f09dce001eada3a756c3839d59011758f

  • SHA512

    b6c2f722b6551231801e453bba8f9593d9f1a82edb305869ee07ef77f286968eb6ad5db1abbe750e88c8af973c362ee161aa5c591ea04ff39e4f4b34e6fa4baf

  • SSDEEP

    24576:/PV05W5WS9YzHIlGMmfu626s6W6a6q5AHWeQFpD:F9n

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Release\locales\resources\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1404
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1404 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:284

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bd4e3c6b002c6aa5dcc2f7990ed93c73

    SHA1

    075861e9e8ac847126faf967c15a921b7629fdd9

    SHA256

    53045ab4a4d7e38991e02e94c2e4a5634082b37d5182bc3bf4e779fe60c0ff05

    SHA512

    3e5e721f51526a0beaf38567f93392e3ac6317ed289bf69456d92bbbfd963b493d2430c4426a741d82c337e6cb5f4eeaa76dddc2c565019e0fef1ff1a1b331ba

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    447e3fef4bf6846acd1e6e7fe53020b4

    SHA1

    b5f1ef74a819fd18b3f41b47022ca3ebc45fc011

    SHA256

    a90de7fcd3d3f274d029eb4f8507891861a4c5e0d832186b1b38db79d8718130

    SHA512

    c9c58745a729e75f190bee46b8706ef8b8dad614d1b74e5aecd4965f019832413e9ee91a977637400fdd37918e7439974b8671b1d01a21ec800fb6c014ca9942

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    046bc65926227d26df602533e55ed648

    SHA1

    2a8456b60f7afcfb1fc309c8d0307c6c71551f31

    SHA256

    71b73995271b61239a8c762f13bfdb5ab2e5df2015e543163b871781aeb8ea2c

    SHA512

    f5488ea4dcbdbec4bf49d539d7af76f2d8dd11ee7298ea5887d390c15f37e8d1e305ce0f0f7c8570580ae8fa18ed3993a28bd798aa85ac1096b1eacb1668449c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a915142b835d4d9195b63d3e47542d5a

    SHA1

    29a0c50626f15f804a82363ee5d40bd521fa6926

    SHA256

    dd74f1f453fd4c85e119c39e0342282cbaead38053a75e0d24ccf54ef918024c

    SHA512

    2d4c435480afca316b00c1de33791f69cdf19a9862a9c1791d1da934be92a33a547ca344beb724ffe7065f4208b2009664969e53362e1f2cdc92a710d979ddb9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    065cef46cd7ea5de6cd0d24168b4a937

    SHA1

    b6530820e414353360e0b24acce09e29dd03a4ae

    SHA256

    8ff51e58951dcb6baac3bae8df08e645be23a64f10e8f2343babc43bf1f2030c

    SHA512

    bf3b7bf122be09a8a4d5068ea3c2c3b8cd96cf6279b1fe14401b2cdffde7fb12b7f6bbdde04e2d7d44bf5072d20c093d09ee1a3c049e65700e4b8eee276b51fd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    886070d037e161c7ed13ec81f0f6409d

    SHA1

    3b18e83e563d345918649bf2112d18ab31c96940

    SHA256

    01c1c366ab12fd367f0b277a1b93420a8242002d9d52aedd29ff77a910882b3c

    SHA512

    ef2f23c8cef7f7f7caa4d16c3d7f61f3095ffe7947dcef9e4ef6178acd1aae429e944d3d099a25424bc494cbd57372e472b96a6ceade4fd3500826443131b885

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    86cdf795d0890cf9710b8c88a1e70f0a

    SHA1

    d2742d8b45081db1e3a5dfb037d86785e2592ca2

    SHA256

    c752d7120384e5ba26724a52aabc6dc3df0858661e0c47064b2f52101271ac72

    SHA512

    25271621940f0865d66a3b437aeda26784f6cd4101d62a3d23dac8c0349a524dcbc405d0ec254d4ebf0eff6044e0e1bf98a1560fe318a2bbe088cb2dd09bded0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ff6bbca8833098769190a9603cfbd74d

    SHA1

    744eca4bda7a14bf159601bc3e2bf055078874d0

    SHA256

    32f1d7c655543a4c753374f5d8d4ea6691324fa43e3457598a7252949c1b1382

    SHA512

    ed481855bf47ddfe0f234ddf109b76e30f0b2a157b787cbea77bf40ef7ce3fd4250c359e2483d709185488bb895024c57280541465db0c692773ca7432723cab

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    03e4640f3753fbf3a589d0ded16aedd1

    SHA1

    681189015b6bb4a859f9b6cc2bb414b2baa09b43

    SHA256

    b3135e7a6bf1a6ab5ac398a4e49656c89ce50d96ce330e05ec2f7f5fbde100be

    SHA512

    93a85c47dddfb7a3c559736166fa17f431c9d50f12f29fae03f3feff867697a2c98634383e9893ee82d496432384774f93d24150bf9cd1c695948c237a04d052

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    52d063533d085339383a8ef00bd46494

    SHA1

    b5e0335f05eb03a74da224dd087b93a01a1b8b5b

    SHA256

    35146c33d9440c40edb24c78c6ee600356c62963dcf136cb6dbad0fb892f921e

    SHA512

    4ec9b0531e13ae14a7e174fa1860dee498f7fa388e45689ba58ff90d404f006d63c4328b61c4299a5fa702f2df7fba6e26545ed3cddde92028e3978944570f94

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d0f9669f61e67178e5618ca942691b12

    SHA1

    125fb76d2e1f3c7003b43015286dcbbf9170983f

    SHA256

    5a9a3dad1ac219eb30681c44439fd84fe50b3c19c5f1094b3d08e6d76735922d

    SHA512

    6115d4f09fe0a7c7c1fce213f3c183fb92ee7d9ddf8ae8d28be855f23d04363d00b6f2ed3e603f5ad10e50e9b6ba25b2178086a156f46e44a9b1e692d0eac484

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    019510fa84b7e6bad722fdadd09e179e

    SHA1

    0093618721ed0a07b323f8ef8e426093a983e2e2

    SHA256

    fb44da2fa114134f818172035dd60736d7946dfdc3907117fe54e110a87413ca

    SHA512

    c32b0d174be7efbee04087f2fb8bfa0083f1ce3484e89e655492a491de9c5a9051e6bee3faafd3c0597d442477a1d53c8c713e6e8722312ad5faa46d58afe26d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    09f3a37a40d6c7718f9d7ecba96372e6

    SHA1

    7b6c2ccf48a686935635f588bc92237fa9f0c4a9

    SHA256

    ffef3e4345b74d18fb80227043c500bf31307a72c50037762692e32125ed0f89

    SHA512

    1b7ae352e2779c02347adafb8468234272da51888bf95e4884a682aee4d4b9cb7cf06ee4b782a6d73d6d8d67757e89fc1ab9933c412281f720925cf9608a3c23

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5f92633ac6b05d3f9ff6ddbd6359f3a9

    SHA1

    137366fb1226f56ce2b380f27aa8dd42ac6e9367

    SHA256

    2547fc27471d170439ad73a2f29a8ef0ab5d527a79c431a88578bf9bc941429c

    SHA512

    2259b0c1eafee8c7bb998b463fe0d527f13013b03d68e4d5e1e1fe0159c7d31ef05a6a28bc5848434991856558ef9c83d3b9a85510160154204dcd9eebbad4f4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3d1835035109518c9307a296a7cfa75f

    SHA1

    1b3717cfe2ee4cc1f422e4c68e0c63ff8aef6061

    SHA256

    813b07461ecf4cce87721c21e0e17cc7d857505787428851e7f39724c037b85b

    SHA512

    43d3cfa55b697f94e1b2539564855ce0f4b205cda1c1dc296206e191146084dd375417eccf9720c7350200058325f9fd92d6ada2f821f1522e7cdb9d6239dc22

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    87db36cd7709d9313afb0ebfa81b2bef

    SHA1

    3ad0a5f7acd0997c213c6ee25e26a3a5f78ad7f7

    SHA256

    5b5827e2a603355c4928b7e369b5f6275d7f0733b814b270733c081dbb26d41d

    SHA512

    d7cd399db87ae8fbcb110bdf3c735e288318825fccd83120f22b78a59217f9b9218386a1828f2b9352f3b40a09cdc5d5e4dce7e85e7c07d960d1ddb071881bf0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    05bbe0cf0aeef0b76c621e6fa3dd7be1

    SHA1

    cb76fec9ea2886df6262d348c406e6e71ec192ad

    SHA256

    90a9c49de014730878f76e95efcbb5f8f1850cf4ad1e549cf6f4f83bc3c736cb

    SHA512

    61df4727c5773a7ce5bffaf30bb09bd55877908c7aca3d645efd6c6d8ae2fc279b1cc1a139a0dbcceb09b9e8c96950b7d04e61c77bb54466ea51aa20099b101f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4095fce3d67cadbcb9756a255d9e4db4

    SHA1

    0f85d24dbedad898c8798c1e5d4547ed102f2725

    SHA256

    4fc8ac39099e80ee7b40b8885c62fd2f14a16d3348943a070fda63f53ccae5f2

    SHA512

    21631fbbdcf7cd7b6aca9e8530827ac3847dd291be31ac0515e3b8fcfc7a443c471dd6cec8f86697fd51983cc34b42f78ff91ce61503d5a0cf1f860087c4f74d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fdc4a27d3d7316ac675b5f49047ca6da

    SHA1

    06145654e77f78c7d6f18d46b8b1dfe0d3a98b6f

    SHA256

    640cd3fb6a4261e20b0e7b96aa600a8b334a0278154ce5d11def7c2f65509459

    SHA512

    c7f34c48ee5e4fd09ebaf2b69291d4d75b7bd02e15dfe45fdc3e419db96403380088124af41fc978c70c0f3677985c4ffa18a4740885d1874dd925de99332238

  • C:\Users\Admin\AppData\Local\Temp\CabABC.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarB1E.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b