Overview

overview

10

Static

static

3

Setup.exe

windows7-x64

10

Setup.exe

windows10-2004-x64

10

datastate.dll

windows7-x64

3

datastate.dll

windows10-2004-x64

3

madbasic_.dll

windows7-x64

3

madbasic_.dll

windows10-2004-x64

3

maddisAsm_.dll

windows7-x64

3

maddisAsm_.dll

windows10-2004-x64

3

madexcept_.dll

windows7-x64

3

madexcept_.dll

windows10-2004-x64

3

pdf2bmp.dll

windows7-x64

3

pdf2bmp.dll

windows10-2004-x64

3

pdfium.dll

windows7-x64

3

pdfium.dll

windows10-2004-x64

3

rtl120.dll

windows7-x64

3

rtl120.dll

windows10-2004-x64

3

vcl120.dll

windows7-x64

3

vcl120.dll

windows10-2004-x64

3

vclx120.dll

windows7-x64

3

vclx120.dll

windows10-2004-x64

3

x64/Templa...te.htm

windows7-x64

3

x64/Templa...te.htm

windows10-2004-x64

3

x64/plugin...ns.dll

windows7-x64

1

x64/plugin...ns.dll

windows10-2004-x64

1

x64/plugin...ns.dll

windows7-x64

1

x64/plugin...ns.dll

windows10-2004-x64

1

x64/plugin...ns.dll

windows7-x64

1

x64/plugin...ns.dll

windows10-2004-x64

1

x64/plugin...ns.dll

windows7-x64

1

x64/plugin...ns.dll

windows10-2004-x64

1

x64/plugin...re.dll

windows7-x64

1

x64/plugin...re.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    23-11-2024 02:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    x64/Templates/TemplateCorreoCliente.htm

  • Size

    2KB

  • MD5

    ce4c1f3ba9e690c4119e8ed39aa8eb78

  • SHA1

    dc2da00c92b51431c01c5e598de4665c9989e856

  • SHA256

    e17621dc67919e53a0d1be6a03fa0d97f01c8932f8d8912d556327e620310432

  • SHA512

    daf95e6329b060fe230096fc7a594cf0a13801e2dcf9869affa5530a2d03bf6c0dd2d9340be5c312b82d41dad48057f86811a23b23fba93b0dc9a478986ac4ef

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\x64\Templates\TemplateCorreoCliente.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1700
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1700 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2548

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    94812f5f69cea4bfcb330ae7cef1eeac

    SHA1

    94c001ff99345cc396f8a3f120017e221bcc2e81

    SHA256

    cb307b544f1f74fefbbe85d0457f55a6216e1561ad4a8d36fc5d0c31d521eb85

    SHA512

    31587358cefe7d4fc1817a7893d2f70381aa6c49f409aff3f569defd92bb113daf95b484ff488d3b816f3aca85abadb7318dd662fcff267f2e5217fc5f2adae3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9531da82d885733a7aa1ba90e08c7349

    SHA1

    359b29de71acd14905b31aaf46e9edbc71964f92

    SHA256

    84f5a0439c361002a55e9cdc24e018a5b7770351420b5d936526e8f3152fdbc8

    SHA512

    48d021e6f09d1a77818deef287d11838e8dd55fd8ed8e00a7ed5c40288b21bb7b56eaf8045e43ef19aaf2721d05cd2d700a3680b2dbfbfc0a7da755c6ae1ba8c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c06744959363ecb059fd2f876fef6b1d

    SHA1

    59470f8827f27e1de23fd62fd7d8fd9c91f14b71

    SHA256

    22eca5fa4a93038884d3a31e8c8ad4a9ef963380913bc8d738f46f9cf4a77e47

    SHA512

    735cef2b194c75dd42302ba46538006178dcbcd87f23226d1e1d030c88cd9c48b80c75326e2dafe660c72e8fad00ab297f4b4dbc01be5c77d06b8f8e554160ac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    659e58142c07929188f8e58636cb641a

    SHA1

    5cb60cfe341532b38fd9fbb8db8e5f0c05cd2c40

    SHA256

    90c051571860468208a384cf7e567f1064685770b622e256265f3f3ec36f6959

    SHA512

    06d36dc509249c6da8b645b2c1f7480adf56e572c12c6b6e6f5ceba5f8fd93614c9171808079b818a74c7abd48436e090af7a13bb0a87ffcdebd284cb3115d91

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c0178c070a1923c957715aa983a3048e

    SHA1

    6bb4ef428d46f4487311f0a111ae195d02d2948d

    SHA256

    64f25cfdbd327b13908d772c4b825b6cbde8f6d64a3d6ae45f42566f3baa23fd

    SHA512

    cf200291b48ac445d5d242f649ad8c77d745b98f0d62fa2264c5ca32574e5109b3a0c918423ba1c704e270a79be8bbea43e78f0cf22a57c226349954623cd6b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e7bdc000ab33749e70cfebd462db77e7

    SHA1

    0a82da61340edae9e1bd7e8f39b8a19a0df8071d

    SHA256

    554c9341552fccb95f56fb24ef673af3ac5e6943cac1b6e4f958d78ee7c05143

    SHA512

    a5080cc7a9f994cd5cb58e32073747972a53410dfe2284fd30c7d8f43366c06706d589fc66bce160cc7a93826b57cb9d580e71ee32f88ed9c5f1b6d3e5c03606

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    23cf0d965cde4147661470b63fac8b6b

    SHA1

    1f6fa90b027fdf295c8032aa75afd6e6e5a30480

    SHA256

    7f7e24932894b57c646f65255e6823d8d6565b0a74d8bfc4683c96b3dcf71046

    SHA512

    9289e0be5689612c3f5a9bc662369493f2feeb6877ffa5d25cc96f6b924f0c937bcae0f8cae124a972c23e29365875b5a5d09006e47d6fe8629c62ae043a2d2d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    29bc8bdd9bc887e8ad69d00986bc9f7c

    SHA1

    a10a2599f604916f11fca6492879a0fec67d6b02

    SHA256

    d54faa1dd0ba5ffea9d468d2ba74b27fdec5ba142b30ed07eacb70d04d57029d

    SHA512

    c81e5815d16755199ce534b302785194c018c0e7fdc5f1b927cd923a345b84df0d8e8586aaff81bfb25daf6deafbee53eb34d18b295758c7658c810bec4bc587

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    49c88ba4366c61f44245c07b218baf7e

    SHA1

    3c251779e5679d4529d07c9d707dc5d3c3863a63

    SHA256

    2dcb519561fb07bbb2f87621354707aa6b928eb5833e94925b51f7a51abce1f5

    SHA512

    c15c752edbac789d0d8d2106fa79531ecde3ca284215092257c787fdff46094784dcdb4b07bdbefc2761bd23511ad3a480d95afd4d9c55b66031c46ff732fc09

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cac6abaf0cee2d1148eb7f222ece53f1

    SHA1

    134f53d400b5eabf3dcd780e5d05f9ef39b78484

    SHA256

    86e09f9127de7c16e81a3209a6a491c9bf10e1241bf2e7100581c29f10ac9afd

    SHA512

    d814069ee58ae441192e3e890993f89d04fd1ff7a0aafb50d4e3f8f180bc3c549fae24acbc063718cce2771223aaef537f4f628733cf806660208748612e127e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    72c4677a6bf652e6507d87d5ea2d9049

    SHA1

    397cb33a25021ca7e4320048f0f7eefc853f62a2

    SHA256

    6fed7cd9b1dde22d11ac13173a629e14988610eb3e9d6753e87e8a9b311c6330

    SHA512

    e38e8db39af60e2e91f3d260af5f17db0b89749f3ae7a5c4f09169efc5c83c61bfc330905f3ce3c766cebabf4ab808240eb03828438d2416d4fad6c7dcac0ba4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e1fbf6bb3620709522ddb73e6ddd43d6

    SHA1

    b9d98c4ad1d35b1c4756a9356a6151d7a93b4265

    SHA256

    48abf7addb02ed8230dd15fd6e84f1acb2a86a13134388095ac2c82f7148e5f8

    SHA512

    cd18a7dd32b66a56efcbf5075d79d7b33852932786e022bfae1271b3145ab263f0e352e31c3d210c83cb9ace0066895c578eb4e3be2c6472469e87f008b0e2df

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6e00f6c99d54328b4516abac9180bf9f

    SHA1

    34eaf1a34998e8abc285ac49221b97b9165b455b

    SHA256

    b5e6e80cca5dec66d1323c4921926bc8e7a69b022f7a50d9bee98a7f2d592159

    SHA512

    dad01758289f45485c8095540db6dbcf9045f6900b591c9563f02efb32c095a0e19fcde1bde0816a2322db0bb46611e04945234fff6acc406dc11d708edf7aaf

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC381.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC45E.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit