Overview

overview

10

Static

static

10

Bin1799/Ca...ll.exe

windows7-x64

10

Bin1799/Ca...ll.exe

windows10-2004-x64

10

Bin1799/Client.exe

windows7-x64

5

Bin1799/Client.exe

windows10-2004-x64

5

Bin1799/Pl...u.html

windows7-x64

3

Bin1799/Pl...u.html

windows10-2004-x64

3

Bin1799/Pl...E.html

windows7-x64

3

Bin1799/Pl...E.html

windows10-2004-x64

3

Bin1799/Pl...e.html

windows7-x64

3

Bin1799/Pl...e.html

windows10-2004-x64

3

Bin1799/Pl...E.html

windows7-x64

3

Bin1799/Pl...E.html

windows10-2004-x64

3

Bin1799/Pl...32.exe

windows7-x64

3

Bin1799/Pl...32.exe

windows10-2004-x64

3

Bin1799/Pl...64.exe

windows7-x64

1

Bin1799/Pl...64.exe

windows10-2004-x64

1

Bin1799/Pl...te.exe

windows7-x64

3

Bin1799/Pl...te.exe

windows10-2004-x64

3

Bin1799/Pl...ck.exe

windows7-x64

5

Bin1799/Pl...ck.exe

windows10-2004-x64

5

Bin1799/Pl...de.bat

windows7-x64

10

Bin1799/Pl...de.bat

windows10-2004-x64

10

Bin1799/Pl...de.exe

windows7-x64

1

Bin1799/Pl...de.exe

windows10-2004-x64

3

Bin1799/Pl...eo.dll

windows7-x64

1

Bin1799/Pl...eo.dll

windows10-2004-x64

1

Bin1799/Pl...ax.dll

windows7-x64

3

Bin1799/Pl...ax.dll

windows10-2004-x64

3

Bin1799/Pl..._t.dll

windows7-x64

3

Bin1799/Pl..._t.dll

windows10-2004-x64

3

Bin1799/SkinH.dll

windows7-x64

5

Bin1799/SkinH.dll

windows10-2004-x64

5

Analysis

  • max time kernel
    140s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20241023-en
  • resource tags

    arch:x64arch:x86image:win7-20241023-enlocale:en-usos:windows7-x64system
  • submitted
    18-11-2024 09:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bin1799/Plugins/BaiduE.html

  • Size

    280B

  • MD5

    77559f9c53cbf5bb2e736cfe579282eb

  • SHA1

    8129beb248002ef82f2fa57f697acca89b68d0a4

  • SHA256

    20912c61f079aef14db0e95c0b758263b6db0de0e395bf82a5782c61f7a23fc6

  • SHA512

    fbd24387227e1fc7489c54fd4a6f20d692450aaea4417b26a8169df7cf82133bfc3d26b18356b4e23c82c5fd4af17f019b103fcb8b7ebd95204a281f7579f56a

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bin1799\Plugins\BaiduE.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2844
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2844 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2884

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0cc2ec4e3405dbbfc15ac1670cf1b150

    SHA1

    66d58d829296a35b62b6811be348b053aa1f963c

    SHA256

    2ee69f4d867f24b4b9c1315feaa5d0a8b0709a2e791b45475d075cc3909fcb08

    SHA512

    9015a230ba4231b4340056f4793f7e2e3d39fdf077d8a514734df43eb72353ebbfe2e1b903329954cde1eae4320f7d6ce28a9011a5a0a4674d699eadc7d08ebd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    26ce87347d53fd48be67a2d2d4c328c5

    SHA1

    6fb754ad3efaaaf2d1035a5571e9298cd927f3cc

    SHA256

    112cc6df8216b85571553985cb91f3c989620e5413ac3d0b04f2d471e8ffe4d9

    SHA512

    d161371c84784d92a2118ada424edf9de813c22bf5af7ca5164a9a33dd7c20e81e905a8a12ffb3addaf8af5a44df32c4824e3f65effe8d557c00874488c7b4f3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3c2884674567eacda9ed5c6fa101ae44

    SHA1

    acc21a3038f3154e34c04573649a304389aa58c3

    SHA256

    7d5bc69ccd8a105ff72b00515de3ba58c34da89fcbfd9bf3ae7b2672e8aaef72

    SHA512

    1819762851036c8fc7debfec7fa09656ddf00598f6a46055ccc9b4e5f2f0661b6ffbbc6c40925c3fa5175fca6c4882e39f77c2fe7771aec86b6a7092e83ccecc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9b666153517ba38c53bb14338e55bfc7

    SHA1

    2f2c6133514ea4930736828a7939f2771c52537b

    SHA256

    6a46460f8f37d4b49e8649e9c4fe4cb7f70622422fcf0baf723de5480cebb87d

    SHA512

    3886d1315ae0cd9cc288e07132d39410ce4d2f851a33f96a3a4463c6913e099927799c2c8434942b12e07e66b94cfabf9c341d1da7d59dc0c4c187621e77ba34

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    251bd9cdba93d11b4922e863885ae328

    SHA1

    83e1a4e4130ccf41d082f1bfb5681440faa1591c

    SHA256

    613383a868ce15e0eefd1b40bd51ddb4e712b8be935d7244f324ea63dc5b4b60

    SHA512

    645d0dd36e93cc5afd6ea3a31974db9f85471d6de9804e2ab15b7978954b44b3126aa006ae1dfc222be6264fde9d97ccc3656a4f0d13472783b65f552e712099

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    824e9d1c69a8613c1d5abb845da250c8

    SHA1

    3e69f1857978cc9e754870c5e5484298d82aa179

    SHA256

    23ab542887b02b221fd69ee94d89ba02516a5875adb9df45d48302801060c840

    SHA512

    70ebcb1666473a62e78dbff73e06adff03c42988a905c830f76d49924bb021aa6cbce5b31baf70890df2acfa35d605049c763f21e9ebd4a3499ac2f169932e05

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b98147c4bfea5423db75b1692c65d434

    SHA1

    94007627dd1f7469f27b94c2f580d49049d9d478

    SHA256

    dfaf97420df6bb2beb42872fbb7f41f6f014e63262530efcaa71047ec0eedc57

    SHA512

    2aa2c165bcfaba0c8c9b9d3ee883cd4cc808288043fad6cf00114e82d0f72fe3c9b67e996d3683ac894b82896faf964652a8dd315a11d19df093615d996c543c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    274781a49686f2795b673f9057b2bac8

    SHA1

    7a64110ea337f08eda711469df4fcaaee5b6dcfe

    SHA256

    9e8dee15e30d195ce1f39d1192a841cde7986d4d0013e8ba41971759857e0b59

    SHA512

    e535b8a0ecb0cd47aadf378409a01348cbc66d88bb1582c5064d6b9bbae43f42335b43666386f6afdb6e792b41d4a12e0328ae4ed2ddfbe455d0864fabf24ac3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e3f3779bc6fadb0ebf1964d507449b56

    SHA1

    3039aa7457b80c19b50b09616d5b325bfefdcd38

    SHA256

    e7dca3cfadbe0cafdd7e9d839f577cc44ac4f7ed2ec7e4543f095a16f8f74e01

    SHA512

    e679d93817ec1642b09a47d641266f0aed4d74506efe2540dd681ba4e30093acdd4f102cb3722b3004cddad4d35d89821db5402495b81f52d97a74b1f619371a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f6f91fc28ed3c4f4de6998ff25bb0375

    SHA1

    4fab7abbeadf4fdfe71e55210b6adfeb98aaa4ce

    SHA256

    5927c5e4f221bc63a867cde76bde5917542fa92e229c2c1a0be92e5105c8e5ad

    SHA512

    6c952409229a5ca03800c23964ca0c29013b654cfd54862eaf977d75daa41b1fcaae88ec5d3c10698f48746e03ec8dd6c227ca26a0be2231441cc0cf611aabb2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2e956ecbe320b7262867343bb77aa44d

    SHA1

    744d95fcda892052ce5981fb59db647061efcbb6

    SHA256

    5f045b00ae6eb551218fd3f465e2cd7cbdb109029dd6649f997b2a2450942904

    SHA512

    dd9858b50b43524d3f0a4f0da56c3c2da654d187ba770d8fa503926f2d14bf737b1d34ff4fe7c7003abc35bfb34550c7e576ce94402da932cfdf2c5b8793982e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3e5845b8551bf0a25e4a4054251eb2a6

    SHA1

    90e4d58407e467bafd41579dfeaa2ad1f1b73359

    SHA256

    c5c0696356a1031e3bc1527c427be66dbb0e3010e8a9d8b1ba9bdae9d40436a8

    SHA512

    9aee87f178bf1c8fd9103d9fe409966bec1a02d0702c636648f3aaaf3c16f55d6b27acb29c79a3e3602c27e5a6675f840c8ac6d25de8913cf54162e3c91cff1f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8124.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8240.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit