Overview

overview

7

Static

static

3

CRIMSON.rar

windows7-x64

7

CRIMSON.rar

windows10-2004-x64

7

CRIMSON/Bin/Xeno.dll

windows7-x64

1

CRIMSON/Bin/Xeno.dll

windows10-2004-x64

1

CRIMSON/Bi...64.dll

windows7-x64

1

CRIMSON/Bi...64.dll

windows10-2004-x64

1

CRIMSON/Bi...64.dll

windows7-x64

1

CRIMSON/Bi...64.dll

windows10-2004-x64

1

CRIMSON/Bi...sh.dll

windows7-x64

1

CRIMSON/Bi...sh.dll

windows10-2004-x64

1

CRIMSON/Bin/zstd.dll

windows7-x64

1

CRIMSON/Bin/zstd.dll

windows10-2004-x64

1

CRIMSON/Cr...st.exe

windows7-x64

6

CRIMSON/Cr...st.exe

windows10-2004-x64

6

CRIMSON/Fa...ox.dll

windows7-x64

1

CRIMSON/Fa...ox.dll

windows10-2004-x64

1

CRIMSON/Guna.UI2.dll

windows7-x64

1

CRIMSON/Guna.UI2.dll

windows10-2004-x64

1

CRIMSON/Mo...x.html

windows7-x64

3

CRIMSON/Mo...x.html

windows10-2004-x64

3

CRIMSON/Mo...ain.js

windows7-x64

3

CRIMSON/Mo...ain.js

windows10-2004-x64

3

CRIMSON/Mo...bat.js

windows7-x64

3

CRIMSON/Mo...bat.js

windows10-2004-x64

3

CRIMSON/Mo...fee.js

windows7-x64

3

CRIMSON/Mo...fee.js

windows10-2004-x64

3

CRIMSON/Mo...cpp.js

windows7-x64

3

CRIMSON/Mo...cpp.js

windows10-2004-x64

3

CRIMSON/Mo...arp.js

windows7-x64

3

CRIMSON/Mo...arp.js

windows10-2004-x64

3

CRIMSON/Mo...csp.js

windows7-x64

3

CRIMSON/Mo...csp.js

windows10-2004-x64

3

Resubmissions

19/11/2024, 13:13

241119-qgh4rswmbw 7

19/11/2024, 13:11

241119-qe7pca1mgp 6

Analysis

  • max time kernel
    121s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19/11/2024, 13:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    CRIMSON/Monaco/index.html

  • Size

    1KB

  • MD5

    efd81d18eef80e7a5cc70db71d658067

  • SHA1

    98b0b7b9c738705263d92b41ef9f810a2f2cd849

  • SHA256

    38df7c585f0775d175435305f709b7418d60a98e17d542299e2ccb35c4cd2726

  • SHA512

    9a46cd4abc069ad2c7247863c6e9a29bf546f47150ac41feac448bf8d092672e42033e386dcb55a80d9e61c79458cd8589b5587b018e0fe852fb13dd8053b4d4

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\CRIMSON\Monaco\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2112
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2112 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2348

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a2e93af5ac3b4c0a1508d5bb79419ee0

    SHA1

    89de023479511d211fe3ce0023b62c16cf4c9bb1

    SHA256

    49fe808faabc9a103db23d4f4bf665bd7b63916d3b787b8cd159c7af3b43c7e9

    SHA512

    3c1cc8b41f682c4abe71f65f280f6348ceb294aff1a20b770cfb4523607f61f729ee2bd918369e790ce72a6dbb350afde8a68cd8486c7f63826df9c3fb5c6788

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3d4bd381489e2cfd1dd450c856da4e78

    SHA1

    44604b32d812c2c6d7b680649ff1a0e12b9b0564

    SHA256

    c7ed777557fde11805179aec71bd70e78475ac6d2cc3ab1d6ce6fb59ac4680f1

    SHA512

    24b1b1be9efcd0e0480d020554bbe0c8e2610ea597305ac547a0dbbe05233a8e5b0df8597c1a56f77817a06779cb25e8b4374a0ecf1842ceaa463675364b4aad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6d7969c5b03bd55e60907566f2be7c32

    SHA1

    b26ce0c21565da95a1848134df4a0e23232dd983

    SHA256

    99efa86e0acc575ffecd6357dda786ef1c441b072fec5be8d03037c4fefe76ff

    SHA512

    fe3396ab4f33356f2e3d7be5abaf2a2e2023b8a022a732ac3543167d8144c15e5c0521fdfb8e9e091e40129c793b4524eb02b02650bc5fefc21306c992f74f8b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d30702a0c7b7d1ac13c55915873f3935

    SHA1

    a975d3a56adf2c3a4103d6c95f3f5d5b1b3d881e

    SHA256

    baeb9f1e1adcc617d627a2de1b381c3170befa32435e4338ed41671e9cf5c239

    SHA512

    00b7c7bf59a70e532d9926c32ffb840c794257221af4cecf79351ca693c9aa5d61dd3a768877888d10fa072c1486e502e49dcbf62feb2c86e532ffd03526cc82

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5ffc0a8b2c665f73c56f7222b3ebb315

    SHA1

    857e282ce97a09e5e0913567aa2f39ebd5a1865b

    SHA256

    be5bcd7d4bad8b26df87fa921c30b303d524da40803d0b1251758673ba6b1f93

    SHA512

    c5df401cd6e6b811692c65f03fb7ce0b028ffb6ed5cab9ed0346597f388388d5e02ef5cf4ca23d1decc4a7544f6bc9052c1df35af5a484bd8e9c26a40e65efa7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    07175448a420f6b167508f9eab547c4f

    SHA1

    0ba878f535bd3904acce43a112db1352b8c2f44d

    SHA256

    4798be17122d84718884fcf4fae13f77c4aa5473ddb0b269d7ec423c869d7065

    SHA512

    401bf3b9bbc9ceb13e48f040a516568373c1698101bd7f7b615d2b5ee27b5a944072619fd41daecaff50c9749ad1737a71762c60c0cd740e1c8dd4efe5ee7fe3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    90c28ee7cba250d95341f7c9c503c873

    SHA1

    6602d17179b419de57407bf19b6eabc7ed07fdce

    SHA256

    36bd4f855503e61de9238c499a78746af5ac7905ef678183d62ff6fe2149051d

    SHA512

    08dad6e88c5cd5dde51a3af8dd14a94adb9f87ab93553dedc7b67d63a3cf594b4513fb20e6f1e01b2b607ed5141b2f84798c6efa516c84849e336c42f94eb5c1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f1ff2e95b1d53144b091edbdc2a3acf9

    SHA1

    6b6dd3dc7364e53ed2b7b8d4b7fd85d4c9d66ddb

    SHA256

    32b062ea1d515ac50f4451e38d22c2531a4c37c20fe0c237cb51aa495ad48b29

    SHA512

    a2e7e28661b9a630268b92651fc413bfc483d82dfc58c0cfc84c79c690156e67311d9a4c7b670b78317c824076f182f217a548b8bd6cd3d8e8fdff986939e2f2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f0bdf07a4215592aadada91386df4896

    SHA1

    e7931b80f51f6a0dcc3616b930e90ce74942bf44

    SHA256

    12ad66b5246e1da8f031c37533ee063b11e1516f8c047784b18dda53d8a58efe

    SHA512

    2e6b5b2826c0d58b145701ef8d194eb6324bb91f10b2af1e8d5395f94490841bf17f4a63e5b0d52d72b7024f8dbb084717775e0b1b9c10a3e69a4fc208ddce5b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2b0b95ed55e29b191b35d637798d8598

    SHA1

    c5ab3db183a32411a08cd2a548f1050c4159bf22

    SHA256

    c7f78137849d8d9a7d6ecb54a4e53e38d07269f168fde88d91726560bf29961e

    SHA512

    c66a102ae23788b4d865365db2687ad4eacf2906621a6287c4ef43a48e7ebbbb57ccf4aab130c29f858bcb51857687fe6f7221d9220db9ebc99713872f03deae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a7b2f7d62c2e99f1b5b568ce5992d062

    SHA1

    d69cf45126faf8d972a0cf9d3a9cd182749d2c81

    SHA256

    896b3a571f84018ccd86fe537a7b5b3c4a1005a171daf62d869ee35b35dc44b4

    SHA512

    ae6eb8810077f385b789fe979f71776cbd3ef76382a215a24b0a23b4edd9974f3b64694316264991edf373b895962929b554f2a409815c382a3058e5c43da286

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7eee6ca60b88487efc11589da31492e5

    SHA1

    fcb68a62f7c8ecfce78bb70382d5ad6fdf9f0227

    SHA256

    59bbe068a6ad9b0a3e947f652e3be388b13e0b9f2c09440c09cdcaa52f1b6482

    SHA512

    17bec34ced38403636d6b3220e8db091e5d68396f8058310396bb5ca5aeb7ba2c6ea3965ecf2c643d26a8c74f55a79db59b4aac92722680691bbf85ab4a0d1e0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a5f590f2117dbcf08e3a8cd2b910fe59

    SHA1

    fc52003207110dabe3fedc99b1bcdf0ef35e1ee9

    SHA256

    3a5f268b25e7ad3619c3ef96db0f2f6d02f446225095390729ac2e642317ddb8

    SHA512

    badf811e02b582ad5b014123a1ac3c3c696e3c6740ea974e0fa9d9a5592644c25cb39cf42dbfd1582d6f2b7d534960a0f73ca723cacd471b37c734dd60dae2f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    24febccabc36d691b82031e10819202d

    SHA1

    e3a647e706f663fe252bcb3823f65a7a87f83fe3

    SHA256

    17322c5ed64d2274bd1660171feced5f36ac78105341bc41ff0392173ae92379

    SHA512

    39b9ec746b0ef303b4c885c3926ecc9cc0d2d1f5e4cea30fbeee2b99bc95446f9fc9cf7491bdc64e6ce9a6dea909b0ecc5154a6654377d51495ed3d729ed027a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4ab47c1d840b3af20c1e15c74a68757f

    SHA1

    8a760d94d4bd3ad235d36e217cbc22a229ef45f4

    SHA256

    a3619f3728676f7d6cb6f066552383a2b9f76d6295af4e956fddd43f7b950440

    SHA512

    dc7bad079a70cd8f3f3336f786785830b301f32c0987270817a247509e49fbbfb2758219fe73fa6af124b8d8e08edcdc686d1d517ca68fc6224b55493520390e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ed09a2673b5cc5ec51de6d551729c68a

    SHA1

    0174ad3d9d1770928ee1b602d66c6df96e2e8de0

    SHA256

    1aeaa587705d08e37533c46f1bb8b8fa27bff4bdd35becc3dcda13d9fb2b144a

    SHA512

    bcced6aef32fab73e275679b798390bd18e50adf0535932f46709e78d313308777cb980243a1c5b8ae322961aaac026affc4a8d941c903d1572f7ed4e5d42a37

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bac5e7883c4b7c5963ca1387ed7abd0e

    SHA1

    7f72268785ee103dfb66427a93784f9d4017709f

    SHA256

    9ebddddacc346ec729b237eba008f9b929356ff66bea8b68e2209eb93676dd1f

    SHA512

    eb14225b224cbadf1df1141dd04312b5cd182a87ff619278e0363e6e6a1454768e58bf02eb75b6b08d8953221786d0871ee9f4d5b3829995e9d2c57d19e81409

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE708.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE788.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit