Analysis

  • max time kernel
    134s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    18-11-2024 21:05

General

  • Target

    LICENSES.chromium.html

  • Size

    7.9MB

  • MD5

    8303b3a19888f41062a614cd95b2e2d2

  • SHA1

    a112ee5559c27b01e3114cf10050531cab3d98a6

  • SHA256

    9c088caac76cf5be69e0397d76fe9397017585cffdba327692ff1b3a6c00d68f

  • SHA512

    281b2ecc99502a050ee69e31256dec135e8cb877d1a6ba9f1c975fcfb11c062980ee6061d2368b62f91e392953ae6235dd726a9d98e6efc1302f7ed713099179

  • SSDEEP

    24576:dbTq6T06T5kJWSIRWnBIl70mfT76y6E65606F/HXpErpem:t4scj

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:848
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:848 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1280

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ce2bd7ccf79dcf70a7cabe2625ce1a53

    SHA1

    554497c816b2abc2e412bd835a8039e3e63a4702

    SHA256

    7acec0d200027dc84ef113323a2cb85ac46907f85fc967f953e983c17b5d54ca

    SHA512

    f09582a6411d5947c521a81fd66bbdc65e06a7b7acfa61890e380810d295d8af55897d643599f97cb704f8cc6aff6a5db5ebb42abbdf6c92ccdd8b8860545896

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    570730bbd4d6e3590f2ffc4957a42f40

    SHA1

    d6787fd0edd75ec8367806468248c159ffd194ef

    SHA256

    ff7692d7a03b80904ba571dacf0cf9a154c2375955ec22dfe7ecdd2ab7a6126f

    SHA512

    e682baa4c8c06fb475651669cdfd21527b7493505f5fe7aa52135f1d27ffddeee50193429e65131a893c5cb86c50901a3d648dc09a5fa433577691b5154c0ac4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    45a754948be551d1034c6301192d2271

    SHA1

    a1ba0224c20cbeee8edb430593cdd5b2dbcfb80d

    SHA256

    fec119007273f71b8240af30bdc25d6abd9babd30731c0d9cb80c4598b8998e5

    SHA512

    b13677fd25ae34f054575c817b24e9db601e860e16599e541f63cc9f3f421cfd70ccc9286742898da79f6a0a78d29516998e2e7c840ee1921775d3488218dd6e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a829f9f34bef715a3b92f8ab3aaf8013

    SHA1

    c077423c00a45071b6a488bd8c4e8ec9883e7606

    SHA256

    e1fbb4dac0321cf3cc7cc325287804272884dc4488ad71180f5965fc2abd791e

    SHA512

    2d717abe5e049684ab37b5c2c1d779f72dd89ce720b3beb3499f3bffd42c0185d7b825527e5af8ed7b4e1c1c0e92dda6f0a4862df32e87e10e5b4f1a73a3a39d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    47f0a15286766c0ec2b2356c74fef4bd

    SHA1

    b8a060d5671bf17bacf0e28e80ec47a69f2477ae

    SHA256

    7c7d8706424e3f29d932bdc629f03f8d8bee18abb5c619e58da35be5e8a555f1

    SHA512

    e2f1e80fc5840754dd4538e41a9655be1dfb5d332253487462e96ca088dedae27614b3de963e56a83236570877d89334c37005eb1d8f5199f90d20334cc36f34

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fb495e7ad566051711787659ea85aa11

    SHA1

    4e270e64754483bc2df3450f4d033e2b7aeb04e7

    SHA256

    ec849db83ee647ce921bd8ebc800dca841d2f6400629c37d99f919671c05f789

    SHA512

    b0ae4fce093c9461946a3be350f1479a740890fcb5988469790547bc2d6f400b5f321cb5ec79be0089dc7f6c09fd2e268ed5a55c6ec71173f96980b6cea1c159

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ddf71e46fd7e1152a40c02a0c8046742

    SHA1

    d8ecda7c40745a73fd6cb334c59169716b272919

    SHA256

    faf9d99e162369864ea1cef3400ead95e14a2b323e1e872f054953d5ef3c8fae

    SHA512

    cf5b87f7f14273c5bc04983cf2ccce63ace2052c7b1928a8a5cf52c0ee12b583024f7a4c8f99a28d5ad740f83afcdab13adec8f5fde285bd5d65986eeba9d085

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    932d37686cb753b483872cd1520e9935

    SHA1

    1a576b2eb88ce74968cef4b48380800e8988536d

    SHA256

    040125d9503c1a5aac907891574dd02832e76d0a6391d236abbf88470f23f5b3

    SHA512

    c4f5cfd937567f3be1370ce3f0f4c4131d095bced0341aac2b8df7e81fdd02b51b81aa725982bba1c3f92a6bd492bc63ffc58c1943c76c47e32375a48855348a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    af86ee3ebb7ed6425ca36234da792cf1

    SHA1

    43d2130dc1452e91c6a95b0367856595684625b9

    SHA256

    d08c84e4f3401c44d2b323b3f0e1fb542a6ed01b7ccb53ba4f0fbbf390a66acc

    SHA512

    6e35e151045d493af27a22d36fd3d717e1b33ad6fb8d64cbf1eb400fcba8dab8cc11863c126040eb38574feadf4d7665bd4ccf442cd374a68f03466ad691b126

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5777ebf183f40aac248ae80d959135c4

    SHA1

    0e4fb6e4448e4389f798aadaaa4fb85e4d4c1de5

    SHA256

    697f9862f7353330121ad3be62cbcfb6ffc26a7b206317f4e3e325a1bdd1cbb1

    SHA512

    82f650741835cffbe8e65a2a6db3ab161378a4dbdfacc603bf4609be967d6c3c25f6c4c990d3ee0c97a8d7ad15a436bb45cd12394a46998883bd29ad87f1da1b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c82eaf17215263aa434b372c9a8c03c3

    SHA1

    880d4cdecbf4c40debaf99adb73a766e978b05de

    SHA256

    2b2563d8d901d39cb8f8443ad9f3c9c8213b24c80e861b1c403cf1d21676668e

    SHA512

    92d8cdb8d7101569004b064a648b8604bb6407a06a3566a3d1e7aab4b804bae4a34874d2c6c3e8e72039a8e77b2fa354338a7427b9152f7a5960a97b84627564

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2d1b5d91489226ceeaab4db9c4045eb7

    SHA1

    95b9e8cdee3cb967f8c4b0394ed33e8998a03000

    SHA256

    4eb114c4eb7c743b7bcfe831c98cc56a6a449c1031e09a1aeebcc74463fb090e

    SHA512

    ea1f9ef56591b945dc636db7788d23b3eb35b1e868861cbed7425a10fadd52d360d7735ed65e04dbb5dd5addaeb100d8ece6033851d3ee52f8dc40eaf075aa23

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2617eeb5b8b52546713b59559b25860b

    SHA1

    e5aa1f8a130dd2c20ed4130dc905b1270a888c19

    SHA256

    76fbb83f76d8ac0e36a427a99a01080a5ccbeefa694e02d54477ca6a3a9d5807

    SHA512

    a55eef24413c08cef913b446e9265703cd034e5f58ee8726f944081278a146c14e09615c41da53c9daed16867cd2c63eb66179af6351abf09570c6dc5d7227ed

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2b2407bd30ee5a4b221dff339c2e01e8

    SHA1

    25dd4b8a8846fe5c4ffedba7c87ac37e867e5972

    SHA256

    660fecd7730fa8b2723ee08855057dda41f3881784f378d2a51ed1507fc18187

    SHA512

    d05dbc53bb1e298a58112203c0bbba08b46646907b934157b99fe321f5b91e20ee60939bab9df423ff35a59c237b536ebf65246a7466e25958901fa292e6ada7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fa1ddfd6d7db0d89bc15b4cdf1e549dc

    SHA1

    5936ff32e506c5c2c0ca77c7a9cef3fa697a3be1

    SHA256

    8e156d6fe2b4b58cf24b0ed827f476adb44a579ca74d52f492ca9fb9a1aa5a79

    SHA512

    855d10247c0401ea17c41572af3d093165311e4ff8019ebea6ed12addf1735d2c11a14294a00a6179f027f30d6c8e8daec2cb2b2ce3750f7f3889e4383746d18

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e75da57a697ea8e2d22f71c744f7d18a

    SHA1

    60a2fc349283d23dfeadac861c8bb453a18254e7

    SHA256

    6fc336fb7177397acb5742717978125980659e6922047d6ffc5fe8c362642fd7

    SHA512

    66b5031da92f9e39babc4a7bf12a2c7eba27f83ddeaff096916db38450b11c5fa76ae8686ce7e790a9950f00ff658c4ba11f581bfc703263108e6cc25d007819

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    93461828ab9a7bf1e05866147613d527

    SHA1

    c2e944423bc7fda9751a93a7bb1da71be24d5039

    SHA256

    88a5e4ed90c9e9b31f01617165abf8a882b4433f7f3e70c1d356b5a5e39beb6f

    SHA512

    8b4ff38d3acbec78bcfd9f8406d86e81a8a324bd144bd08d27fe7c91a14874463e7d3144f88bafb042cb755a3783aed5b79d504c575322f81972194290340410

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dc470d9404467c726f4c98d8200057bb

    SHA1

    2bbae6475f4da6d2cb3108960709eef60aa0f253

    SHA256

    c597a168e538399049a0ca30d02aaaccd25822f8b2a28a4d2198513850ad8bce

    SHA512

    e7c6c9a8c7bb772b4b3e3038642faf5d3aab956d4fd3d807068a48d3ab2ef58fe68f6ceccdaae0a03d9df90837acb098e1edc0b251db9607e397da7a2f6fc7db

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d6257042376498efcdef0642ab676177

    SHA1

    6a0d9b805d41753c1391c0a08a2aa040e83feabf

    SHA256

    f52f0e43a697f0bc2b71a13d656609b30d937e1b789169e149a5c3fb9a727107

    SHA512

    b9f832c07cdab699ff5d4a68af1d8e0d7f306aee7764af9b25cecf791fee2b70db51456aa848aa82d463150ff7424dc6daa89c9d7042684046e0afa7152cff3d

  • C:\Users\Admin\AppData\Local\Temp\Cab1E3B.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar1EBD.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b