Overview

overview

10

Static

static

10

Bin1799/Ca...ll.exe

windows7-x64

10

Bin1799/Ca...ll.exe

windows10-2004-x64

10

Bin1799/Client.exe

windows7-x64

5

Bin1799/Client.exe

windows10-2004-x64

5

Bin1799/Pl...u.html

windows7-x64

3

Bin1799/Pl...u.html

windows10-2004-x64

3

Bin1799/Pl...E.html

windows7-x64

3

Bin1799/Pl...E.html

windows10-2004-x64

3

Bin1799/Pl...e.html

windows7-x64

3

Bin1799/Pl...e.html

windows10-2004-x64

3

Bin1799/Pl...E.html

windows7-x64

3

Bin1799/Pl...E.html

windows10-2004-x64

3

Bin1799/Pl...32.exe

windows7-x64

3

Bin1799/Pl...32.exe

windows10-2004-x64

3

Bin1799/Pl...64.exe

windows7-x64

1

Bin1799/Pl...64.exe

windows10-2004-x64

1

Bin1799/Pl...te.exe

windows7-x64

3

Bin1799/Pl...te.exe

windows10-2004-x64

3

Bin1799/Pl...ck.exe

windows7-x64

5

Bin1799/Pl...ck.exe

windows10-2004-x64

5

Bin1799/Pl...de.bat

windows7-x64

10

Bin1799/Pl...de.bat

windows10-2004-x64

10

Bin1799/Pl...de.exe

windows7-x64

1

Bin1799/Pl...de.exe

windows10-2004-x64

3

Bin1799/Pl...eo.dll

windows7-x64

1

Bin1799/Pl...eo.dll

windows10-2004-x64

1

Bin1799/Pl...ax.dll

windows7-x64

3

Bin1799/Pl...ax.dll

windows10-2004-x64

3

Bin1799/Pl..._t.dll

windows7-x64

3

Bin1799/Pl..._t.dll

windows10-2004-x64

3

Bin1799/SkinH.dll

windows7-x64

5

Bin1799/SkinH.dll

windows10-2004-x64

5

Analysis

  • max time kernel
    118s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    18-11-2024 09:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bin1799/Plugins/Baidu.html

  • Size

    2KB

  • MD5

    56c6f441c524664e50b5584a3784787b

  • SHA1

    4b0437a2c17c543cb3783e6f213d32af32b1a87b

  • SHA256

    75b58a5c8872304cac818e870ab06a967f4fd5ed682320c16622949c3c15857e

  • SHA512

    42a06b4880899432dfe7002719206e3e2c2364d83bc5772fb8505296be8d82a6bf0f31ed08785e4b7afe8910bbf06d8d6453c16ee6f4d0836acc6c80f44e588a

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bin1799\Plugins\Baidu.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2084
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2084 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2332

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    89dfc11063863f04074122215ba121bb

    SHA1

    7a2195b192c6fe083a45c48ee4ad7e2e858cfcec

    SHA256

    9b5499a2ed460320949905787f8e9b5aa940c449aa1b05b552245c1a834bcd47

    SHA512

    9603c1fdf99dc366eb3708bc54d70697912d641f3772befdcab615780e7956555c2cf0d4fc69dfb8477665a55f007c56eb51a4cbef3fc5fb3777529579125928

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    97e82beafd7477b002c8fcbf054ce44d

    SHA1

    42ea4b86d8293da6729c463be183816b0f277374

    SHA256

    1d0b801c66b59411b508a0f72817836d6650724947c585d0cf3a417fe1c4b569

    SHA512

    e0daf8654140b902fcc7928bfd91223c3cfde5b6cf7b22dccf4ab727594c256652e6910550f8318cfbb324a1632d9bde087ea1421cc3663660311c280719d0ba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8fe9b796d518da44d522134c6c33707f

    SHA1

    4b939e3c236733f21cc15975cf13cf01ae45afa8

    SHA256

    93daec9162f3cd3a70dec5335d238b62bb677f96f15bc17d9ec92f1c13a3c2a4

    SHA512

    77ac09da43e53d3b221af991cbedfab9b54bf929fc75bba9c8a141fbad389a664d0bba2316ec03788f9293e635c260fd46ec1ae01479ed745d30cbf1f95773ec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    89f5e9868eacc3ff454507a71eae1109

    SHA1

    c703f77bda6d6741764e8fa152ab3231ccfbbe25

    SHA256

    821cffd1a76a1461abfc67041ab92d1d2d8c9e93eccc571c77f0a24c41944410

    SHA512

    fcab2cc6abc3b6fbe41ddf9636e6283cdc502b6cae4e03c141552ce6ec61bf8ce8ad996558401fa1b8d722e5a63cbff000b84ac677c8231df0d0766b3b452ca6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d2a1d3e4074ddcb58b54559b2d67d375

    SHA1

    c20c34cfa8cfa731374a4ad138ec35ca74373192

    SHA256

    0c20dc356c0018effc0791f25f2158238135cd1ac62a17c14836cf2732023261

    SHA512

    08c49905b27566f6c0d462e9b1ef0241f916f695d10dc28bdc768b2365f4f071ac7fb81dcd2dfe7e979ffde9578efa716264a5ddb29f1e9a2c5aa7c0fb698c36

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3172ebb9ea682323058eef906ff5de71

    SHA1

    9aff6c874ca016100ddfa6b5459bbcaba88a21b7

    SHA256

    d7ceca23b037c74b293c5b32a1e34ed59bee7dbcb64c686fc81ebf5c69d287bc

    SHA512

    5f8d69c85084d4a83534de7f3447285dc1b605d8f46776bc92ca9d24a417f238c40a2cdecbdd4f7e70744c6ce16b4ac207cea1b776432d3b29e7a7140a17e6c7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8e966bad19b19150c54ae8d44ffafb83

    SHA1

    74c991d6ecf990525256424a85b334a4ef621456

    SHA256

    d656f1e3e873614047a5596f6efb3d80d937a5bc95ea75306fd4f618a476dc3e

    SHA512

    b60cc5e30bbfa3d37790a54e7b72a9a1aed42c6d4a62a36cf7dec487551d034eee038b6b8e3a68be909e54ffe1f4dc9d87cfdf843d00b2422d99b534fd16de18

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fabb37057b6cb40551f934770ba840d1

    SHA1

    62cad1be0944d01c28d64131568513358bb77dd9

    SHA256

    f9ce0bd1dbea8579065d92ebc164ed2920c69535efd113529b340eaca888b178

    SHA512

    69f56209a4448fcc0edec238a6d0748cf0767a5516674913d609812f5e1c971295400b3c06776903ab1f5da566a8be291be44646f9501a5efaf2ccd1e6621874

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    901cba0658397149e65838ba6615f75d

    SHA1

    ba8942332c8435ab16f7cf3525e8fca18bf6b424

    SHA256

    7440e928a1c02eb069fc719575bfada60b23dae30640c239d5b99dc87d23757b

    SHA512

    6efa4aaa157ae29492535bc67f03115cc32f4edcdeb91a08531971ca05105c2fe22e5c77fc975ba539e31779b5d727811d8a069b2b13de9a2719a83f510ba7d1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f09beff5938fe5d14ed7095e29ad6424

    SHA1

    03004d1bb2f27d037a17c6d1d6ed7b3d103005f7

    SHA256

    5fcd2b1f6e8a645ddd670d63d7d6feb22ca9ba89f6d58fe1498050c97206679d

    SHA512

    e465b4c38299c3b85ccc4ecb85f90d34c68b46c7590c36c42ee89125e4e049ea9753cca6c1fb416f5c59fc22b4d3a3fa0260b213ed766fbdb24bebaf2b4cecba

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\40WV1DY9\tile[1].png
    Filesize

    197B

    MD5

    4df629601703b61ed9510547e3517454

    SHA1

    79c11b7b3c405f3cfa7ee8159f51c9af939337f8

    SHA256

    4a1bc9d97aa28ef30664cd7908d55dfa09bfca693a48a4638b48114deaf02fb1

    SHA512

    06483c932209772a9ac1cdac7ff501d3a4ec53571b4545f5a32d1f6b85a3a1fe040811feb5e832b15771169ac6a3628910534007aa2880afc27eab9f1bfb96b7

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE17C.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD40.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit