Overview

overview

7

Static

static

3

FanControl.zip

windows7-x64

7

FanControl.zip

windows10-2004-x64

1

ADLXWrapper.dll

windows7-x64

1

ADLXWrapper.dll

windows10-2004-x64

1

Autofac.dll

windows7-x64

1

Autofac.dll

windows10-2004-x64

1

Emoji.Wpf.dll

windows7-x64

1

Emoji.Wpf.dll

windows10-2004-x64

1

FanControl.IPC.dll

windows7-x64

1

FanControl.IPC.dll

windows10-2004-x64

1

FanControl...ry.dll

windows7-x64

1

FanControl...ry.dll

windows10-2004-x64

1

FanControl...ns.dll

windows7-x64

1

FanControl...ns.dll

windows10-2004-x64

1

FanControl...es.dll

windows7-x64

1

FanControl...es.dll

windows10-2004-x64

1

FanControl.exe

windows7-x64

3

FanControl.exe

windows10-2004-x64

7

GongSoluti...op.dll

windows7-x64

1

GongSoluti...op.dll

windows10-2004-x64

1

Google.Protobuf.dll

windows7-x64

1

Google.Protobuf.dll

windows10-2004-x64

1

Grpc.Core.Api.dll

windows7-x64

1

Grpc.Core.Api.dll

windows10-2004-x64

1

GrpcDotNet...es.dll

windows7-x64

1

GrpcDotNet...es.dll

windows10-2004-x64

1

HidSharp.dll

windows7-x64

1

HidSharp.dll

windows10-2004-x64

1

LibreHardw...ib.dll

windows7-x64

1

LibreHardw...ib.dll

windows10-2004-x64

1

MaterialDe...rs.dll

windows7-x64

1

MaterialDe...rs.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    21-11-2024 18:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    FanControl.exe

  • Size

    1.3MB

  • MD5

    9b94d3f94fae042147cbe5dc8009370f

  • SHA1

    3116e6fa60f5cd0d580ff748d6ae0499e7534ff2

  • SHA256

    6d99e5b8af7bd2312f7d3aa2e42514ceb40ed3203dfc669558e8d5d0879c724b

  • SHA512

    1ee4b0a0d5a5eee964f20f875b6c0254086b4ac2925e47be64e943e4bff97be2b536ebb787dd9390160649ccda6a29f3134800901880458c407695186c5dab71

  • SSDEEP

    6144:ny2M4ziRCIr+bDy/oUMs2p+pGv1xPGUD5p7aQNwul3k8+uiOiK6kU2SPSC5rII2e:ny2M/CIr+bG/oE2cI/uUjtNu/rf/3pP

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\FanControl.exe
    "C:\Users\Admin\AppData\Local\Temp\FanControl.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2296
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch&plcid=0x409&o1=.NETFramework,Version=v4.8&processName=FanControl.exe&platform=0009&osver=5&isServer=0&shimver=4.0.30319.0
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2000
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2000 CREDAT:275457 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:1808

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8466e75e84acbfacaacdfd1a31f110aa

    SHA1

    4229fe543bd116c4d5fa50b4fcbb6bac672ad932

    SHA256

    8ac1cdaf5897b59d9d070f8f80a802d24bfd64902b392103780eae888a1dc390

    SHA512

    e66a0a2412e070d3ea41012ebc3fe2b4180d667f2d2a1082528f34c22d53637223ef5070b5ee154affcb3e6793044c1d7d1305aefa3590dbf27857d8adf71c0d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f0fd32214e785aa47408f45b3aa350f5

    SHA1

    8821a84e9ee971fc830f154c3e7c24dd066be569

    SHA256

    760517f6767cb6f771772a2fd5cfb908a93aac832e2ee2d1310b25e45c8e1e16

    SHA512

    27bf0a3dcb4d0e76b4dd227f965f703f604adeae5df39b1fcaca59518a9802a923188bce4af3b4fe22564b54695325dc570b5b182292fbe0d989db0e7ca2c7c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    43245ef3975f9bdb681d4d5533a9ce70

    SHA1

    acf6f6ed8d0b6c307f0abdf6ed78e5ee980660ea

    SHA256

    1334eab0575628eeb5edaf76f54b8677cb1641d847cd6b90942fc698d6ce3b71

    SHA512

    bb7f67d08f31cd157e47bfe2a7dacaca15ef9c1526101c25723dacdcff8e7e7dc86a957d7362118cc7a8d6be544037a009ad84ba6fb2b35b474dba76727b4cfe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0ef7da64d718f23fde3fb2e736776dc4

    SHA1

    d7a995df767d4de2fdc950d3f5f2bac98b7b1244

    SHA256

    eb95e9c339a1b652125496b43661e97ee40140ecb2585867b6b9d2c136b3eb56

    SHA512

    9e4ea51cb09c34bfd048fecbe7278cd3d0bd73c6492a40dd74c8b57851055045620245d4461f58e3d7e998e3bedca2df2141a6665d1f682b59bf74265c6fa621

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8fa4b2d11d86e325eee1d90aa00ddf89

    SHA1

    7d216c13caadd23c9f09f32313ce7c1008f0a8b2

    SHA256

    238fa6ed0e49a2afb1876065b62a88cd5eb75450f488ce2e44f04da95fda4c20

    SHA512

    2ceed4e368fec9869453b010f40aa4a8134d99c15f33fa64cfad2dcb4f52c9d55a82674ff87d1bd4038b252fa973f1342b9531f8284f64b9a54a22ad00176a72

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    44cfc0e4639b01e36519d71a9df9fb6f

    SHA1

    bb2e2f1c84bd5e7db30fa2aa879b5b50ecbb3e6b

    SHA256

    e562fe0a632bdb6046fbd09046e462c3e06c04e630613620cf4b65f48f149c13

    SHA512

    a53fdac2c11977866bc3b180423299c440d7412f2cc257c783715455b06e5184a9408cae34693e3651352452069a0b2f9b00ba7fc1615d9286c3869edf86137d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    24869ef34398104383f64361743c32e0

    SHA1

    503eead3f86f3abdc0233884b42a64071338490c

    SHA256

    36e640c28915f8195f0f016838d008a00a848385c15f280b9c23524f7d76b6fc

    SHA512

    ed44b59e4f6a6b9b8202aa24c21957272b57fe0b75b28abf6243636e6d7266c1d91b2f8c5cac134e7547fc7a884aef1849281d0ecee69e2469a84094469953e6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    97e703ae0d4241e9bcc29a759f0f86ac

    SHA1

    bec54f643b54d7d4f66bff6e4a7830dd9ae5189b

    SHA256

    9ef58eaf2a262debefc2f5eaa7bbc8eef859678d1ae93c01ca5fc8ea7570d926

    SHA512

    29fe853d857c573c88f1fb5c44d032bfebd18103c52715d5054345e8340fec08db63c202d1ed6e5a3cb6b9fd1f53094d8c9dcae6c42132f0b8a5514444ccce74

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2d9ff18c268bd0dc313c81c5d007e1d9

    SHA1

    b7c5d3beb68c44915ed42521c37fa6ac49edf568

    SHA256

    a4ff490eedf8c8f0d4abf7dcf74d3d61aae3cc912928cb89f10a02e64d21d165

    SHA512

    412aa041bb0c7b0ebb72bd030345d6bad1fae2831c5a064c0c2cf95be69ccbc4a45cc9fe9985b514bd6ebd40d45222ddc7e9cd4136adc2bc7ffcee80ed5757fc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3b515d2cb32af20a5e1936c484254b31

    SHA1

    9e60d032939eab912dca6f6e8ced75594577f4dc

    SHA256

    86030a80ae106f3fa4b93acfb5bbfab950dea54e5bb631b4a7df00df12341fc3

    SHA512

    bffcdd2fd1385bb577349f21dcfb38adf44c3d6f1cea91cfb466631ded8bad95a515f5ca93b19b55f0fbc6bb0cb9bd6e5902611b958c59b2e179f0678336aef6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cea0a5bcd6463a8092dc721b6b8a2768

    SHA1

    3be341355b739d70b6ea4e7f3572a11faedc5746

    SHA256

    56e072b589979879ec4280f49fa1feb111a9d1ca5cb49cdac8fb839e46009bfa

    SHA512

    18980ea47640aa18e78efb819c51e446008a6636543a3cafbb7a0b7b8a67a26ca9183a4157335b5c2713e7e3cba6b0a09f00ca0dad018331c5eb3edfc43138d9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB138.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB16A.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit