Analysis

  • max time kernel
    117s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    14-11-2024 13:17

General

  • Target

    LICENSES.chromium.html

  • Size

    6.5MB

  • MD5

    d18c09a075cb6531d7ffd7c3da77bd4e

  • SHA1

    571f29b6004007111782bf5727c4bc9510cca286

  • SHA256

    86f5222580a4ab03dad8ea62e6cea22b23454dccf1c77e74ae0e0410a13b16fc

  • SHA512

    091cd68e12633919fc6100b606f3002b16f4b9c7c6d7c820ff20e31a3b9ea690c8a1fc90529ff3e5c21e8d778e254743a8708049830c3bb046eda8f2653000b7

  • SSDEEP

    24576:8P5K5WfWSJiJjQlaCmf2P6e666A6o69/kHPZQHpuQ:UrYR

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1540
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1540 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2636

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3fdf820dec317f0106e6e1139f58a3e6

    SHA1

    b90406f4ec71a5c89bfc5e6c5ab7da8e952d3c2f

    SHA256

    99fc85e9f7ce887c19bd7aad917f9a491be734253d3551e2f63ceeb4b8f91a59

    SHA512

    11dc7ba345e174b80abb4988f9d670e580d984b630399402f02ea34914bd48b50efb4ee7a0a606cfec35fa58070df5698a2570cc998ee25e22d456e9e6957ca9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    06423d4eca1bcfe7c0799ff1eee5b5da

    SHA1

    373378131dfb4ca8b207bb3cb49479c5299d815a

    SHA256

    72b5cf2406e39eb4953513ead7ba49926bbe5b9ab527d8df038a61a2b818621f

    SHA512

    c379643921f033239e0d4c9c4bff39ba9d93587b81b422d8b2c6a8f2604a4199b8e7995d73968aa1909a0ec5cfe52ddc3ab225ac777743f7bfb42ea470576159

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    001f260e8e0aff008ec3f2c66bbf33dc

    SHA1

    27a059268e27c01fe15d3eb9b29d31e9c6a23aa1

    SHA256

    d6f6f47007fbefd86f62a28a699997e1f30f52bbc41a61e842555e3a936cb558

    SHA512

    06a781f6307f1d65fa0e0a5a56d564908e6f9af3e44efaed0f7fb25a907a040edc70aad49195c10d6ea9f9ffe15e6a2531f9008fa72f044e46dd7ceb14942da2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e9be6fae42e530f7bddd0ab33f060fb2

    SHA1

    e4c980b4debd4411a8da9fe7c1dc1d9805145913

    SHA256

    7ac63696f5a8c590cb312ba12dabe1276f2056e97c14d100e5925c9e1a45aebc

    SHA512

    3b542df4b18bdcbf7768c9ba2b149deb65f4b38966f0440b43bbf6a0852d79b6f0c8b399b6c72f0937cc422da2da2dd52f9c99e1ea49eb4240536248c2f570de

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e18dad117d9367febe4d418fc3272aad

    SHA1

    2042f4acf585d1a3cfed26f402f9a611cf286b5c

    SHA256

    a977fc1c5d1a63dab1c6f463499a8b6d70a7a44dad3194d5f04d837ccaad8114

    SHA512

    9d3e730af6ef0342447a58a62d02f8a3f7661804e18ae143820680217016c049666e2f0dee75a0021ef5ed75b2b4d61fcc0cc156b9d59124f3ee905d7662331a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    76e08feb194cf68cfa2e996facfa822f

    SHA1

    9195d31fd0e972ba41005282f43a352b4b4e0926

    SHA256

    c063ddfa95989ceb8b37e2c1b83e45aef2fa94e93cca58b78232b875c6aa72cc

    SHA512

    298359a41caec945c90e7ce3ed3f52fc3c4320a7fbedc98f7d45732d1126f1fbef56837dba2bc89af447dab82a6474da4a73e17577dac3f7a0b0803bd4c25ff9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d2f2386a09308ef8c285afdd40b7ac97

    SHA1

    d74c44014c00ff3a20a64f58d6e04d7c95c16613

    SHA256

    e2d42ec25043042c8eb47d1a9b1248a12da4c41ca51fad9278d95ab3fba4b27f

    SHA512

    86a0bc37904dfb9db4f637f585399d37330d6dcf56824cc8cd00f9a3266de2e7ce371b11dc45f200794924221df7f755e568d50a35de7ecf7ab3612db203a025

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b31598d78369cb5462f1ef22742273d6

    SHA1

    c6c5226f0c669c8fd7cfe4e4fe2df044b1f0fe4a

    SHA256

    6c543cbb556b237e2c7211cd288ac7e50e6d78cc3ef791d635c0522acf741975

    SHA512

    db1d69b7f2355efd1a5786e7e1e5a91e698e82f3f7465d0f9dd0bbd9d43a7b1c0573bbcda30fa930b0354d727f45733f2998e9d7a81539b404acce66e28d7d73

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a5bd4b45ed64376060cba6805eb319fa

    SHA1

    9ffb1cae14faa20a83bf2ed90980999598f12864

    SHA256

    5b9267d649e808b2c65a47d62096feddb1b54f6de9203f280512ff79938e8395

    SHA512

    ec3f6fa498fa76ce385e228d242dfd3794225563de9cd24c15be89b9e87fb0d7000ea4752f216564f39995d64cd6cb305c231d2a183118741168278454d0cb2e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4c90e5f44596457d761062f4026ed640

    SHA1

    d2728ff5519b61ab1de6139316652f2ccecbe837

    SHA256

    b75e39061e84c2c689ff467f3bfa49e899260f8385c8b344a892d652b384cd93

    SHA512

    ee71ea4630eedb1d0d4119305cc084412448abea8389acf45377a4f1f2c1c29c7b940f686c605ef30c975d46e4105c016cd305d2caac0fefa6b33bf26473b547

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    acf0e06d82a66cd09fa037de5e7cbc59

    SHA1

    f03b237ade9436d09c5c659f50348ed607bec745

    SHA256

    dc8df32d6b91a2d74c9c82ae7d8779a2cb8e264030799a2ab7d90a40c93ad534

    SHA512

    99451e0b33e33c501c243589ac50dfb42a58a793c2f1cd84e176ed7c31647fe9e0ee40463e4f6f78803ac36f2bbb33dba8a5ffd15c2a1013c774bf1b5da7f9a4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    89a64ce9b2b0c7cc5d22ef44b1124978

    SHA1

    7ff4d343a96819240cd3351f06aa990c3380f267

    SHA256

    af80796844f449b1ab31979ea09800b5f11f52d036bd60ff2e890e102bdc0600

    SHA512

    4d38a0a5f92dc86dc9e45ee9f0e6f0013158fc7bf567cdc1c72657dbc1daaa1e7c7ebb7ab6c24654c2cd99a22dd9cda7d4df1c781f831ce20283d01c9c93c7c1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dac30290efb7737ef5fc51bf4b274eb5

    SHA1

    2115b313e10a0869163a9befb1bcd88a9da7ca45

    SHA256

    c4486f3409c5de0c7c137b3338fbff31abbf3c0d2443a03ad14ec6d9ae0a7653

    SHA512

    16df4c1ad3a64a3c798fdb47b0f6df0c9cb4e3cfd1d07b0a7e07df9badc19030b21d826dec246bcd0bf09fbfb6d63c2f86a6947960c66b19e6ef45a3b9e340dd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    99c527799d8274c20fe4d5386a1d4889

    SHA1

    ede583492aee1d0c5ff83dd651effba79d59bafb

    SHA256

    de3bcbd7a89383b4008f38a448c3a9a829fecb8d8b127a4c3cb934c80da4204b

    SHA512

    21260953fc19d3de3070134e85f8b92bbc7f5ba8c8d9067fa84ce327d468cb3fce0e80cea5c8e933b8b57946030ac49afc308c3a8d81fb145d1102e3dfd809c8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8ae2ba848e61b3b7130abb10f6ede23e

    SHA1

    5e515a27cd21a0b3563a5f5e55a274638e47b8aa

    SHA256

    97ee021eaea3f62e43d332f70d4c27ebdb24997c897ae4ef7dd23ae1ac25ae70

    SHA512

    1c558c41c464b324c7ff76578c55df59d6d8407fbb7a82a663589579714beeb51edb6fec201d867f38ff84c07f144ab45e535196c3e5fdc49bb8b6e5a050b7c6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    395843af255dd5a10ef20cf1de2d0afa

    SHA1

    3c3cc1a5545b726232877033f2394f5185293e86

    SHA256

    ec8fd53f246d7a2073df371b87b7420891f5de0546177b9109251c0dc29e9152

    SHA512

    0344c41a0b2dca52f53e652a6e9ecbd8a3a4014ef023f110ef1850434beb4cdd9e5cbaea9143e76bcd0229a72c27118f0a83cffc9c85778d5b7396481d6777ad

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    33a6d7163fc64045d094a24d81e0cfd4

    SHA1

    fdb366ce22637170597770b6c85d881e9f577c69

    SHA256

    e34725c7583b4bae31c97704a001f6631f0c88b2472c5397da910291b41ecb52

    SHA512

    b18f5a85a6ba03e999fd81a0b5463dd2d4a783fb1794ed0cfe3c9d889b08bd4cb5e6cd56d736a53113c554090770f7d3032c9d4ea98465cd0a0b38e9fb129852

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d94158eab07227910ec7ad5361dfb5e4

    SHA1

    8b8104018a5883f83befc6bc58efe5863ce71b0f

    SHA256

    85fabddd2bc2c19b7e2013d5f3fad7612118d70750de2e4a471803d89cedead7

    SHA512

    c817a6990b0941feb6266ec3403e7cc4180fbadd2a714f328a0d7bb26f68fbae70956f11bb6919e8cccf2cd4632b555c0ffd06f74add77fc6fd961f3651ec29b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7f2912e99750d807ee75a521249ef47d

    SHA1

    570b2d1dba0d19780ac525d5e9a8cc8766d0f4b7

    SHA256

    7ede90e76e4019186526f8ba3fc33e727a05683c518033cb098cb680dcf93ad6

    SHA512

    067b1e86cf6b5196caad899d9dfdfd5e2b76e0fbc83d0c531c57cd925c100c3465f758b01d0eae2962838b092eff143fad0f951ef4e0357734924b092cd3e44f

  • C:\Users\Admin\AppData\Local\Temp\CabE783.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarE833.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b