Overview

overview

10

Static

static

3

9e20a516f7...18.exe

windows7-x64

10

9e20a516f7...18.exe

windows10-2004-x64

10

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

contact.html

windows7-x64

3

contact.html

windows10-2004-x64

3

privacy_policy.html

windows7-x64

3

privacy_policy.html

windows10-2004-x64

3

uninstall.exe

windows7-x64

7

uninstall.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20241023-en
  • resource tags

    arch:x64arch:x86image:win7-20241023-enlocale:en-usos:windows7-x64system
  • submitted
    25/11/2024, 22:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    contact.html

  • Size

    319B

  • MD5

    48b7875eddf3913382a3c299e84a27f1

  • SHA1

    6a05bcea4829a70ce0e1c105d0568ac5031d3e89

  • SHA256

    88332868551ed40475c1d8b88613910b60773ccb5760083b2037c55a21c002f5

  • SHA512

    d5b3a2f141d07242f9b6fdb71d77b821df76edb9677a2992ddfd16f242afc9df12ce5ae0dbd4c029d1c9dd7dc92b4069467c0ee4816c61e1693c46a8857d4a04

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\contact.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2556
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2556 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2384

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5d83d3e787af79945548f0ef06733584

    SHA1

    799fed1690e28a849fa3df54baed6a30239354fe

    SHA256

    eb7a29f8a59337aa33e792ef4c428e093246919528044ee3987d40272fcf5b26

    SHA512

    4b820f427c837fc01c4026048f562e477deef530befa8f455e2a3a0814acb2e6583c8d4f05a18efc9b97bc85799b83a39465374cc3ec177c679bd203ed50fde3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    64acae17a6a8d848b090d0ad84e1fbac

    SHA1

    570ee6514e8de4ede8acbc24e8e72f7f09cd53ef

    SHA256

    3aadff42bc20adbfafa7fe521d6a1b9b428675455079492db62c99e5e4eaeda6

    SHA512

    6dd090332bd7a8575695f31d94c700ac8f5f8353f94f57bb2a366e729d6be25d9aa5b02b02ae5b361612f011b30e5460cd6ea61205826b7786503c4c8344747a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    175f4a2184438f65dba6e0e6c4fe27fe

    SHA1

    b26c73c09466a4b7281587b5b54bc4704ac71f69

    SHA256

    d65f5f646a68b283190898c92bd10e856e150ae14a9fcceed1ea3f6ba76e6bcb

    SHA512

    a0e95cf9823d90c7383989975972bf049a01dc36721a7e113eab012171538d7c5636658add5216fc0de4da240bff580b32c12a6896eb1eda32c434aca4a68b44

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    492245bf9fd5115c5c87aa06d9b48769

    SHA1

    c0157b9659652158ad6c2b5c1d4727b6499eb16e

    SHA256

    398e3e090461e2fc9772137bb410bcf4cd5fd7b91e1ae8560e31a621ec21cabd

    SHA512

    b741bce42e2a9e91a38851718e083601a751c16bd7b2490d8e1f2c0c4ab4e75f014209f76290bb9fc218f4e3bb4af3249f97080312da5658491eb70adc2ac17d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    20161380d0ffc363803ccfe31063d05c

    SHA1

    132228fa9135b7d6abb3951a61978835dc71d656

    SHA256

    381e8df36db12122043b0776a462f5e0097b48d55590e21c53f8a006ba965b46

    SHA512

    fa52362867f2be7b253422edfbd7ece0fa7f978d67f229833d6e226cfa67547eec025080d1089b6601507fd720af1305445f63a4d72939ac2181c27a60f66af7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3dfc18a0d405c2ec6e10bf03251ff01c

    SHA1

    addf3b2f5e6b70392da025a91683c3c79dd8ea88

    SHA256

    ae20f4673700e8cbc23176e80267f653a65ce33002ec757d0dc28d4bc991fb98

    SHA512

    da7cf3284c9e9e48ad63703fb4cf7bddcd57fef17f8c27a95ed5f17aaed2e521b6079c6d037be204f9ea8447b26515d8bc8240683730e3e1406073cf2b0469ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e5b601362ed8a5f51fffe46bf1e28a44

    SHA1

    8bba20b01a2e1c3dd5a9f6e53dc26194d707d42f

    SHA256

    3b2371e6bbdc2cf96d616c1211649126ca617134a30cd18662d65850a3680ce7

    SHA512

    a2927fab4561ec6de1e623d448d9a4125d24e8d216b89c39733aadebcc069fc0106321e1139882f4f1fe1bcd79fc4b31facfe9d95fa075007fd0cf6503890b2c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    96c5a05b2ad472a448143ff870e0cd6d

    SHA1

    45cf5cb75bb2015249be87184a903a59b5bb8bed

    SHA256

    cca323c8501da2ad7151a4596257fd5d840ac1fb84daf5e839e92132c293ef29

    SHA512

    baf60054e666deab83cf47eda6e436d8359a9bc3833c4ade0c2530f37f025adde1370a6c24a8be89fecf7cc8be3be7d0f7ef0e9f97bb14a824210b7fcf2afbdd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    795d73c0bd5af56b8569c1c9663674f1

    SHA1

    e0d6e915bafe7e25d21f4544f29ed878cea60867

    SHA256

    e1008c705e45a08b408605c47b44b51bf354bfa0d650f367c2675c15ead8eeaf

    SHA512

    141f25358e3184abc88a6c3712e2619ab28bce9433c94ab3786d11c18a3c702dfdfdbcd29b86475527be4c735bd0cd5c18004c5c2a08ec4ab72c53f2ffe153ac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7266a23f8e5fc51d16e3f2371d659699

    SHA1

    7ca4d4edda4d69b9f2aed8ec31387700cd962c04

    SHA256

    9728f846a413d53bbffa887b796e5acbb5fa220a7fb608fcc4dac7ca3bc9553c

    SHA512

    9b92b7537a464ed8e0205fd75e1e715d5f0b2565d5d4a7453850b4f1843d3e6e2bfc07e7f38e39b05912ce31f6ad963131a386d338c0a200391ea03471ee8794

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4b55053cf160e62c7e133398d6734202

    SHA1

    b871745540ec2fbc175aa8a94eee53dc8cbfc497

    SHA256

    64832a980a67c8fce81d168b5552942db26618516bc13c5e36bedfc7f6040b92

    SHA512

    a72a8d18f4873acd3bdc0ff3fead47c73081a2f8b96fba3170dd5b5c008a5af9f8e78e2db120d8bde2f35ba84dcaf1c9ad69a13667232f22f49c6440ddcfd95e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7fa50a3e6cf306643a61418c6f0af98e

    SHA1

    fb440f989d5c7be6cd329ff9bd9ff58a821d3567

    SHA256

    2ad90fdc3e9fb6acb32f196b12d38568b81992adaac318e932c36e63bc8b3985

    SHA512

    e2145445db07e2fa8cb3005f5063c673e8cbe9dba5e76bea3f05f15a050f4c3a3824be35c5a2b84a1768caf4dc618d642f650c204ce5abe4a3ecfa3923c3d3f8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b70aadc41c9fb82c681168191fc66d0e

    SHA1

    56d534ea65a3b33748e5d682f5cd94199a92f5ab

    SHA256

    1b047364fa07d0018ea1612498f871e98d49b55793439e8f28717487ed88cac0

    SHA512

    c3bdab6593f4d35602cd4f31c0f0ff0cce8e2307284ab542cd70ac96be5b83694aab23428e484a74b2102a325bb13938cfd94eca41d68848be944b3c82fb6362

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bd7edac060cb386e78ec1cb09ead736a

    SHA1

    1aff3067e6268897798c803d4ac759513ffd814a

    SHA256

    58e003f15c0dd2dce58e350ee4a9a1654218d7875f6cfaf0bd266e5a7e099ba5

    SHA512

    b6d15c7f2a3a79cea9bd00454665fe2fae19fcce501132d4f56bb8ea8f4089e6295d717101cb412280d3379dbf1ea481614fa1652a32f0e2b02efd17c357495e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d6152b3dcd0a4790002ebb7c8af0f985

    SHA1

    2460806e4afe7b2774aec9e9889411d26f921177

    SHA256

    74c9533a2a1eee9ab1efe2a3bf6ddb2ab4ae3eb76fcc180ff7c6d20dd80842d3

    SHA512

    0514395b8e8c0528ccc545d7ce289db60ddab89c99bc0649ac417d02d51a8a22934c047096775bc6322ea97d368f580a3579e81c231c064093c7be9eaeca1149

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    98cbd2b428238836c3322f6bfd06ee5e

    SHA1

    22fe21dc9a007742b9c9da6d07bef89036aef06b

    SHA256

    85174715ba4786c7118613cd3fce0b7fc19a9c08b58cfd283d9daf4bba3936ba

    SHA512

    ff5fe7eb667fd8a02b988b4f748e96079befcf1fdffa6720399b027f187d5e5112e31afc9016adcd05d642f00812e9b3cf0ec25e870762212195b0f0d5a6bd31

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    33ab4343595263f2476fb7ae251c90aa

    SHA1

    1c6332768fe04820ed955727e5f6ad81f71facce

    SHA256

    ebfeff93955777be1d610732bbd7f6e8cd14a33eaa853f67e8f740f0511f965a

    SHA512

    7259fa8ad649431d2c95bb71f2d2c513de91935164a7bca5cddb1108b8de1e320919767af537cb5f754cd9a9f987458e010dae3965e0356d1e4babab8b107edb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    07773e2eed05e0c013f6a16a034edc04

    SHA1

    c43d3f98352a3a5de29b4499145a6a60ddc237e3

    SHA256

    9fe69e674853422dbc805f10ff64c6476e2ed6481b09420dcc15e1d342a009fc

    SHA512

    59609db5865b52e7a73134239583f00ff9df0037918abf4e91febe107b62ba69f49b016ec4a2857fd01db784609b599e2a7dc5203ff38095d86ce74ec29acd79

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC8AE.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC99C.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit