Overview

overview

3

Static

static

1

cye/lfhjga...dle.js

windows7-x64

3

cye/lfhjga...dle.js

windows10-2004-x64

3

cye/lfhjga...dle.js

windows7-x64

3

cye/lfhjga...dle.js

windows10-2004-x64

3

cye/lfhjga...dle.js

windows7-x64

3

cye/lfhjga...dle.js

windows10-2004-x64

3

cye/lfhjga...s.html

windows7-x64

3

cye/lfhjga...s.html

windows10-2004-x64

3

cye/lfhjga...dle.js

windows7-x64

3

cye/lfhjga...dle.js

windows10-2004-x64

3

cye/lfhjga...p.html

windows7-x64

3

cye/lfhjga...p.html

windows10-2004-x64

3

cye/lfhjga...dle.js

windows7-x64

3

cye/lfhjga...dle.js

windows10-2004-x64

3

cye/lfhjga...dle.js

windows7-x64

3

cye/lfhjga...dle.js

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    20/11/2024, 04:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cye/lfhjgacmbdmkenmlnndlgaanoekcdphl/1.0.0_0/options.html

  • Size

    195B

  • MD5

    9fafd86bf7a6c9569d4745cf3598b0d5

  • SHA1

    8b8be4f6ca14e56edf2ef6856291cc471a4507d8

  • SHA256

    e4f614d0995d0488caa70f736e82038c97955d5c1cf868e046b648a9ba4b51ad

  • SHA512

    46d6e578bfe449761f8ea3edea24a2c18e4e290545177472d2c7c29456421fad4253cbfa037f258d8978769dffd77a3a59d28d228cf417c61345170f898230b8

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\cye\lfhjgacmbdmkenmlnndlgaanoekcdphl\1.0.0_0\options.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2284
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2284 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2592

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b5e2c1c0cd4c428f5a3758a2c9edf7c3

    SHA1

    18fc1a20c75b1691a2f4ee5ffdf98af82c2ffd2d

    SHA256

    fffde6827af4fd18fed0235cb3e365681e2bf1743364b707de7bc7a8c5458dcf

    SHA512

    35522b27cad2f97c1e297b3fd5661acfd8e9d612328234cb0c9b864e4997cfc57d07ab1f155e5d814f0e194d569529dfddd8de581e7be9cb82cebf00b2ecc081

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b97841ee96003b67cee883c7d2a76159

    SHA1

    d476578b3b095011c9c6ed71c7df3cc3b84caffb

    SHA256

    44db6e0196e9412f9e2532ba6c493d94a1f259dae4db887598e2f7e296e007ce

    SHA512

    babc116207903a7eb934c75f1a71d708d7b40c4ff3698287b148e301fc2cb776ff1986d49916bf78e1184aaae7da245bc3ec3db29da9d4d1541fd93d8cac433f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4daf0e4fd46fd6c70cea815739f69244

    SHA1

    4d501a88b04747d7ea53d879822b17a2d9e42fd8

    SHA256

    9fab818c57aa9c46dc3be2c0bb8213afea69711be51775088007388d2440dd8c

    SHA512

    269c3d1d24bf22d9e3748748693d7475c71be233c2c36372e2e5cbcee830b4f3835ee31a19bc32e5f93778b4f86f3352d7a3652234deabe3cff95ee061de8e3b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8c3abcd45b3ca3bc4ec36b89f5806d34

    SHA1

    58009b7991eeb80d6fac90583a4c5b7a956b3c97

    SHA256

    3da002667bd181c4b80a24e6bfb80823536e375d992c924c83d5389308cfdd4f

    SHA512

    c70c23d15c75ea6e6a59df85227833209d3f8fa8b0f64119d9027602759061fbcd9b10584acdb0a38152c752506aa55eea59b60a0272db80acbe8763090d9408

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cb1ddf0c30336a62252eeaef807991fa

    SHA1

    572052ac56bc13ad4b19c279da1e84a9e743857b

    SHA256

    01a0c604689d8a504f1cd468fa2f48edfd62fa9dbe49cdbc15792308eeb482f4

    SHA512

    f7cf5cdfb2df06e0b6eefc5b47cdaf442254c87f440060e058be6b4efec37384ca18372b076fb172abd17b4ee3e1d9d1b6c8580a4522d3fb667d65714b65e72c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    198fac729eebeab4b90f13308d02aefa

    SHA1

    98876f9b7c0a9e4c4dd02fd24119131d8fe4e727

    SHA256

    464576bf00fce1c19954650306843311bbb148a2a75ffa63c21ac5d30ee575f0

    SHA512

    cb61281e44b74f2e2ba397fe1f2b580e304bb26fdeb36aca6279a3ec44fb01f5699f56ff72916767b6c211377b6703ff8f9b6a9e6ba3f5198f1b57dc3399e453

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    068c9a57c7ac7ce8dbd90ddc21a40a32

    SHA1

    c29ac57fa45a3636ecbeb58966de5e5083949893

    SHA256

    04dd4b8bf146578b49a8b5d75511f7baa7a0d8ce16f43ee92230fb5e2c6f53e1

    SHA512

    19a1a4963bebb4980a9332b853ac0d3c3842a72d2932740ae69e7a97538b6118fa8c02c0020036f40d5dfd29f85188d95551a4c3d38355ab36d83ac9095bb8ef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e8891c27e3b1ac661747cb07c20f9120

    SHA1

    de97df976363688b141d34d5d80858d853bf3cf8

    SHA256

    af36017d810295d1fd6fee84e8855b3a494a9bae5ccb9114a87b734ce440ee43

    SHA512

    bb5a9547fbac88e70646f9bd062cfe72e81dd486eb3743efc9624c7fc0bc95b6bd992dc989821feba1d56f13ef9bbb754cd9d7c8add47109f232abed03d49a26

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    821a2f66f2c8855bf38bbb6468346fc6

    SHA1

    c93a913d9c2befd5ffcf88b731fc622d7a5e375d

    SHA256

    7773c1f8d0ae28f40de2aac60be54b9026ce27e07acafa963d87ddadd8968b7f

    SHA512

    f5ecb5abd2f32d9d496b6870a38b6cdb9c0b61abb8f4a6d05b7f7b97b3342c523ff09b977ec085e68a8c776be4954572e6b82799b74895cd6f14db8589f747a5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d860a35592fe633247fe8d8e3646bb5c

    SHA1

    e360fc20f8207ffc5b2767f5b8acdbea1d29084e

    SHA256

    d1c86821fc096f3db326ba6febd380580f5344b4944d749039082426e782e7a0

    SHA512

    af9e649966e521afdc365ae01d7e2443a16dd078312d7a600768f902d0c7123d73d1097c5a2acfc9ece8564a5021ae3d611f7c271a31cd7ae390d8564b281d65

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3195b5557ea2b9d25733e6e28811b254

    SHA1

    2ab1eb3a006c604c95c9bfa8ce01138886735760

    SHA256

    171129bf74b54a46deab509c31df0f65ec45ca09bb3a88af72f23cc4108f3831

    SHA512

    17e977b24150243a32785d904715bb60058d41337a85b5fb7e3ccf712cd0b783a7ca7178e94a6cd079edcefd44b9e3719e07f3a8ad956ed4a5a16732c7f9c1e4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1cb2525d44b4f4fae202ed4b75f36ee5

    SHA1

    2c16fb42c4ea3a728484edbd0a3618f1d0708db3

    SHA256

    7001f3b4a9e841b5037844a9b6c9cbf0119f044efc7f2c435a3d5f7fd86433f3

    SHA512

    c637c7ce84170b0370dab86fe8b63a274026c603732021021882edd013839d977c727f89202f32cf5cfeeb3385b8cf76b1b3d7a99414eea4263d80f65e77586d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aa4b273befa970f04a2c73fdbf910a58

    SHA1

    c8363761984405d87dc0dbabb069571eeb94f9ef

    SHA256

    0aa9b5ada4f38248769382a5fd48b6acdccf9c6cdb88e2db5f610b28b60a722c

    SHA512

    24ff66bbb1a946054e7cef1d42f024065a4556296319262a4ee5240aacdac07fd3a4d4e6cbc657bb53a33767d12208dc0be1c63ce94e8fe5232ce2076257b664

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c76bd1821ad79edafd32a4630efc2541

    SHA1

    88de29161eb8333c3993976194c0bfc72da66e74

    SHA256

    ce4c4964ad124121f45995d99d97dfe016fe377f0f3abe4b51f64f1dfd13e2ec

    SHA512

    e20e0db68751caf2d940c20b9d22c5e3cd7cfb9678489d6b1aae3c18fa5794d1a860994990a965c7ba4e8ef699bc8215b36139cf0019fb34edb4b16495b78b86

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3779ba18a3261e9533043b6fd9517357

    SHA1

    177616acbbc5dda361c08f702b8654c4acacea55

    SHA256

    7b03e2aa6db0c7cc8fd41d7801e6fa0902b20253988291d2241aede04e198e1b

    SHA512

    d93436c4a4d1a89c670ad23b66f1d68562580c88f02180fe8201bb04d2854fbc856794b68fa21a32bda595da5c998ebedf45d0e4e6696a9edab12659cccf1e03

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    794582084dabec8490203a4ca2fd73bc

    SHA1

    3c18d62e8b68b159beb7ed378c280ae258a19786

    SHA256

    2e6069496f6a507360153390afbc1124f6146a3eafc1046920eb0e92657e5f19

    SHA512

    1e69b29304319acfcfb26df33b793adc49f144fa4f808df69375f50d98f8b2230b3223e4ce7d4d81e75fc19d6bd0929ad069999cbe68b7eb295195719e73b8a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a8581589f8169e20ca67ce501940dc75

    SHA1

    dc9f02dffe54925c1940a039f505a76183de71e3

    SHA256

    eb4e5ea5f52c43b99139d7a6b2a513a6bbac54b546935f2650270a51f5f092ee

    SHA512

    3f46a1ad4ae919f31e72e53fcf385488a3cfb135db5d0843b142994e821237916b7446f213c62026ad46150d6e888f51fdcab3d8073a2a21b308399ab2fb060b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f8125381d249c79a0a218760c8d42fc6

    SHA1

    dda72dda93f05277e5b9bd5253ae14383c25c9ac

    SHA256

    ee5434441446623285146a44efbcd4c061ca76c62854cd8913d7dbae231bafdd

    SHA512

    a418aec6f4f3525df49ff20cfe796665f3c90f805a765987ebf62e97439dc2c959df250b6137a4b9548967ae54c188b1d05d9f0fd786ddb84c0303b8bffeffcf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    41864130751a45c553f2a5cfc0a70b43

    SHA1

    3b502a1302cb3973314940acfc72860a214d6326

    SHA256

    96669dc6f567bab4174d2597d8a4417169e8135698a44dd067a73e3f2016acaa

    SHA512

    2848cf41eeab4d79531b9d84681e6e2bdfe409bb9345238865c8034935b290eb67c94abdde6896ff70e10f7671eca67b86af3177847e8db0a030a5a847ee3a7c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab70DF.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar71AD.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit