Overview

overview

5

Static

static

5

beab83ee3c...83.exe

windows7-x64

4

beab83ee3c...83.exe

windows10-2004-x64

4

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ss.dll

windows7-x64

3

$PLUGINSDI...ss.dll

windows10-2004-x64

3

$_1_/Panor...th.exe

windows7-x64

1

$_1_/Panor...th.exe

windows10-2004-x64

3

Order_de.html

windows7-x64

3

Order_de.html

windows10-2004-x64

3

Order_en.html

windows7-x64

3

Order_en.html

windows10-2004-x64

3

Order_fr.html

windows7-x64

3

Order_fr.html

windows10-2004-x64

3

PanoramaSt...ch.pdf

windows7-x64

3

PanoramaSt...ch.pdf

windows10-2004-x64

3

PanoramaSt...al.pdf

windows7-x64

3

PanoramaSt...al.pdf

windows10-2004-x64

3

PanoramaSt...ro.exe

windows7-x64

3

PanoramaSt...ro.exe

windows10-2004-x64

1

PanoramaSt...on.pdf

windows7-x64

3

PanoramaSt...on.pdf

windows10-2004-x64

3

PanoramaSt...on.pdf

windows7-x64

3

PanoramaSt...on.pdf

windows10-2004-x64

3

PanoramaSt...wer.js

windows7-x64

3

PanoramaSt...wer.js

windows10-2004-x64

3

Qt5CoreR.dll

windows7-x64

1

Qt5CoreR.dll

windows10-2004-x64

1

Qt5GuiR.dll

windows7-x64

1

Qt5GuiR.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    133s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    21-11-2024 08:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Order_de.html

  • Size

    2KB

  • MD5

    dabbcebd0d36357da998cf2fce6d814a

  • SHA1

    9c3f0b584204ff6f6b390d2dfb58e98343719b23

  • SHA256

    b6ac2bf90a9aa9d487dfa587d144ab4b980556d810f6c1437692140546ba10a3

  • SHA512

    b675165a637e2d100d9c50774023fc32908b75c496e3b85321a1090ac25607e75e4d417988806293c59960c7e2b280f7dbb5903f2c8d5c9f91e1e647da842512

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Order_de.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:628
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:628 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2700

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    18f742f465de6e45363a9a34e82d1cd8

    SHA1

    02e5265a3cec9736df64c44ef246156d074b4b4d

    SHA256

    2a919afd9a726fc554d3c837949acff6639bc000898646e7e57a3ef9dfae90e0

    SHA512

    e736eaf54d33936db593c2c92961b094a1673d3bf2791af76605c7c96f7797d4c0fc4579deb57061f541ae6f3f21491aad6a18ec3cf98064107589e9550cf7a3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9e20d2e68d5c7ebecb9b1bf1258e1136

    SHA1

    389b190b23fd5d0495beffb28b134576933a9f9c

    SHA256

    489905127f7c573ba1e123e46c1bb52e00dc2e7402a79e74beaca223b855e720

    SHA512

    f78e76bd8e461226bef9aa8ee3b74565a2ac316a8ad54275c2871f7c7f60004e721fa061198d446347946e39137eb1c1d3674f8eb422eb52317490ee669c6716

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    648d2725c09896691914f5d619ae2fb8

    SHA1

    d174513537ad3941044428a0486fa89c5d3c4247

    SHA256

    e6ad3898812e75d655e2112cac8fd606abbde97856ecfcf2c80a1b813d9a20f4

    SHA512

    7514b1f13f29d23653a742df7c43d6a6f3eb8feef2c44a0bc73ed8c082515595dccacd9517e1dea096a63dfafa62a018e674d33a03380dccfbd281b944a84e88

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6357ad498cfac3c679927bef96448b37

    SHA1

    b8b8fda82292b25358fd96d6ae4b8c7fd7ff1af9

    SHA256

    0b2fd4289842b3f933bbd40e656482d6be54a1470d7d5378eeefba43bd28dc98

    SHA512

    51afb2186d1a3857ceb1d831add0d7a37e59d39aeaac38e1d3ea1218520eb212aef083ed34662b5399eb35e8fba3248e041a99b5d26f4a6e595550a247294933

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f686339c8e790f2adfc359a5946bcb48

    SHA1

    ed1e0675c34958d068d4091a6b17cacd66aa949c

    SHA256

    eefd724a927c1ef874d64073782bf96c15071fafca407e78e7f82dc808a223d7

    SHA512

    34dc3675ac767102af1354b3c0e434bf329b1f94f29d7ba9c07caee981b3f933f070b6969c3df4c9e91ff2b833b8fafaca40e6a95b08275574754d401fa38145

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b1e53ea6cded911bf939303216734a0e

    SHA1

    6d7564da42c8820523f1de4ac36e78f8c5ead982

    SHA256

    dee81679f8b71c2b00c31682582a91a876a56ae5576e78adb622e77dfaea5fc3

    SHA512

    99f1d897c42cbd4dd401c6b588bc0f9658a709049b2934b8775cffda1a36a4ad94db0a2d4e0d47127728ae1d2dbea57b65f5c4528c35ef42366be3a48794d07e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e6e8f1b2b624e8fac99c024a03fc82bd

    SHA1

    5dfec419bacf06be931608068ab8f4c633c33852

    SHA256

    6f78157892d246a6bf6240093953e1db68f194d6729929ccff524a6fd093df85

    SHA512

    5276eac86e8eca2529c38c1d32470d0bcc45a3a9592cc4186fffcaf8460a1159eb986585212ac5d8c83d2544d1dc124743472256754731b8306ee416be561deb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dee109bde1faa9ea3e80b36676618c97

    SHA1

    ac996f2934706726709fa81d2b08acecafbb84c5

    SHA256

    04f1233f212272ff4797dc617d678ed6e31de4459e95db2da36851b4adcb9acb

    SHA512

    e9ea4e72b14323e39522a9cdd539637a7fc79a4f00af3881c4be20646a59d8a24e4aec351837fa6105320cc8bd02204e51457fffdae3d23fe0eef63e65c37387

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a29620abda9510f2e5803ff7cf662aab

    SHA1

    3f43a9dc0394a85891e26a01a176a7dfb80e8648

    SHA256

    ca236acc7db5c4e72d60675ef897514cf4fd84863c7deba29a8cee1b3b0d44bd

    SHA512

    a8d641a0ff271dc575c70d10472b3fe640d9df2af0f5e9b14bb737c9b26b7d94d77624cac16b0dad63db0ebb80f26b6e26526c41dfde7a24aea7f073d47a023e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f7ede2ce0b55212bc80743aeb2af8808

    SHA1

    766aec62ed1cbceb0572d72b79e9250a256c040d

    SHA256

    530a41f94f0c608714fcc3a84c95b831808c4cdacbc6a906490f4e3fec8599d3

    SHA512

    315426c5c51854edca028b4ea94f10ff6298c8cd5fc74e1699a64ebfba269e6a120ea4fd626baf9104d0719726d77fec64f49fddb1b5bb79eac5094ba49425f0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8b391c31dc465835239a740ace99e102

    SHA1

    7998f1a60ce1130698fe1090eee970537251ca58

    SHA256

    78a532c55b52438e7fe3ccb48cd490887e3a71172e30794138a8e8179f83df27

    SHA512

    f73f32129f1e9c3a84cd4c6c34c4ee5359b2260cf5eafa5eb0986dc87135b13443cb197188889fbee5728a8353d04f72560df77e48bab23565f289c88f9d2a19

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3f0c38219d60d78dbbea5c4eca1e34ba

    SHA1

    33369893ea590b173f93fba5fbd3c529e8d8957b

    SHA256

    fce5cae50c721eddebc89f41f20060a3db6af85f93bf93474abbce2e0901db6d

    SHA512

    c4799c47e0316b21e310a111bf4f40f69bb0124828a89f83dafd48ef8a6aed05adc45029f66f8f0dc7be981a508518d34b3faa3499e177dfe423aa924ac33881

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b4eef3e99efffdebc6145a5ab5d92a46

    SHA1

    8ba30eac989fc69b293267890f036d7a304ab47a

    SHA256

    e5a773898ad3e811b53b87167c5ca1ce49a97f76f8e270acf8b43e86afedfeeb

    SHA512

    4fff87ac526cf546b8f7015410accd6cfb2c29ab1e57bb09b392c97b224ff0f10c83b246d281a0ceadc3614d9358fc57b3f5f265ea06be30401b1cad22cd5e1b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b97ed41023e332d0ed01ebd19180974b

    SHA1

    f1c76f3fceaac72bd6315cb2e176a29986be0d64

    SHA256

    b709489912ae1b962a72c3a0d8f8f05dd03a4802142c42547b2106c489d14f6b

    SHA512

    76d29b650168280d22e03087b6e0213e7daed3ee9881351dd2e6052b7cc30c8b789a71b5d21a85d886747d7bb025e491bf8a77c0178d6fbd4cacbc329448e229

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aa4e3162932562aebc66e48c9b24cabb

    SHA1

    ce5bd98a0f9562746dd4c29e944a4d1615f3c44e

    SHA256

    dfc730f5c02687db5c88b2bd6039ced6745fe18401b593479fcf37a403159e43

    SHA512

    04e277338b2206b456c950432e77e59818d7cec23666ae769e84c5850b34e9dfd34a3e87d73abccaa08090522bb569cc8b981c61411676667a3787e4a75e3e76

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1ecbdfe709e7f70cfb2f72fe3b13e142

    SHA1

    616fcb6a2829099d01abbd9c5602c04465f59d74

    SHA256

    84d9852046b50351dbfed1cdbe9434db1b63ca29214fd0fdf12097a88b50e8bd

    SHA512

    f51b4da4f0785645705ff50e9482e75b3ac9281479a7b1f5828d627bbbbf2c98af842f9436d571f9c955a91e49da6e2b736d6d5160c381367736c3e2d4ec3e77

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5e87081f448ce6aa08ab7c95890313e1

    SHA1

    ff33b17d0f4dbdf73be6e4d7119c961ac79fe465

    SHA256

    02b003822144752285c6d4a4180c24cb4f3f4b512ed94026292f850507b7ae4e

    SHA512

    43084c01ac0a628e9705de0ba5d8e86544d28c6bb5620c76c9dc9724a49433994541c20e77f5ff50252f7a512883bb02cf952fd3be276c1d4d15391f33ead61a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0d33fceed3ec44b8c7e1c7782abf61c0

    SHA1

    131edcf2f047eaa6b65780010115194c7962a998

    SHA256

    108e965c970e9e6f55e46c5fc748ee55043d0936c9b99c7e89669e0cdbe7ab12

    SHA512

    ec26a9968354d4b1a0ec102b25f61c2f2f8404f71cace57151809f339cdb58ccdfd4ad1bd738ee00ea25cef9a03298ad1e9e70b9221c94bd31b9e79fe6f88452

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bf980f26045b96f74d1f7923c329a466

    SHA1

    5150a9674244571389f980acd345238db119008a

    SHA256

    271ef9e94dec9a6facf11dd03d795c693181e9d84f6bc8907abf4577527106f3

    SHA512

    b59c930dbda7046d0a66b9ba7024c000a9f5acf9906b10007515980544ac5c4b82aecda73af685c43bfe88725d29e1a99c153bec26ad5c986058bcd0e63a5a6d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF8E2.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF9DF.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit