Overview

overview

10

Static

static

10

SparxSolve...64.exe

windows7-x64

7

SparxSolve...64.exe

windows10-2004-x64

7

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ll.dll

windows7-x64

3

$PLUGINSDI...ll.dll

windows10-2004-x64

3

LICENSES.c...m.html

windows7-x64

3

LICENSES.c...m.html

windows10-2004-x64

3

SparxMaths-Solver.exe

windows7-x64

1

SparxMaths-Solver.exe

windows10-2004-x64

7

d3dcompiler_47.dll

windows10-2004-x64

1

ffmpeg.dll

windows7-x64

1

ffmpeg.dll

windows10-2004-x64

1

libEGL.dll

windows7-x64

1

libEGL.dll

windows10-2004-x64

1

locales/uk.ps1

windows7-x64

3

locales/uk.ps1

windows10-2004-x64

3

resources/...ces.js

windows7-x64

3

resources/...ces.js

windows10-2004-x64

3

resources/...ps.exe

windows7-x64

1

resources/...ps.exe

windows10-2004-x64

1

resources/...ck.ps1

windows7-x64

3

resources/...ck.ps1

windows10-2004-x64

3

resources/...nux.sh

ubuntu-18.04-amd64

3

resources/...nux.sh

debian-9-armhf

4

resources/...nux.sh

debian-9-mips

3

resources/...nux.sh

debian-9-mipsel

3

resources/...mac.sh

ubuntu-18.04-amd64

1

Analysis

  • max time kernel
    67s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    25-11-2024 20:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    LICENSES.chromium.html

  • Size

    7.9MB

  • MD5

    8303b3a19888f41062a614cd95b2e2d2

  • SHA1

    a112ee5559c27b01e3114cf10050531cab3d98a6

  • SHA256

    9c088caac76cf5be69e0397d76fe9397017585cffdba327692ff1b3a6c00d68f

  • SHA512

    281b2ecc99502a050ee69e31256dec135e8cb877d1a6ba9f1c975fcfb11c062980ee6061d2368b62f91e392953ae6235dd726a9d98e6efc1302f7ed713099179

  • SSDEEP

    24576:dbTq6T06T5kJWSIRWnBIl70mfT76y6E65606F/HXpErpem:t4scj

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2144
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2144 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2056

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3a17b7bdc935999fd14b9c99827a9a66

    SHA1

    32fef581a5480bade30ab9036c0f0dfee546d49d

    SHA256

    bf3fce0116b13ddc3d6430c19e3bb83b2a242c71433e24f91362404e5639b4a2

    SHA512

    ea1301f1ed78a0fb0b7b503a228bbb0acb469670c6a53df032fd1b80d3a93b33830f5b1e718e7d93dcb244a00dcc8c17c28fe96880d9ebd76ddf837e6e4f578a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f25827a7dc4309b918029f67c87b3ba8

    SHA1

    ab5d2896fa48cc2c131facb8aeaa6e737f39cde1

    SHA256

    dc91bfc8e1c2e6c69fe0c86931599b2ccf05cb8e2fae67e736a9b3e816a9929c

    SHA512

    16b0949e71eb2be601d8e90fac5cb68d9beadc265844bdd960cd7347464fea0bd6f3aee5b70744e65677cbcf6804c8e583864cf42ccd9e9358f28ce7261dcd0a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cef8528018e1e9855e92da8eb4f913f3

    SHA1

    e1e1cb491fddf4f504ed3c278b9bf6ba0073f666

    SHA256

    ee63ee41f21dcbdb2ce39d13d118031409c78732a621454e9f9ba68e1f5d59ec

    SHA512

    c24a41fd69a5f40cf451dbc7370cde0fd49c152efedcdd7e8caa6254cfce58faaf1b4a5f3aef631cc206a86df6c179e6cc1cd94342ff7b73a5da5d7057c3e325

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b86b3f845abf1e387ce9871d2e26d89b

    SHA1

    6355f6949185262e14cade5d8d3fb99c68032ae4

    SHA256

    f63768413898ede82fb837f01d30d57ab9231e145e40fcd25dc8221641e966ad

    SHA512

    08f594314e9bb233a6463eacc3832eb50dc39346bd890f018c35052e9b599b4dc41e3703c876ebf2884c05201c7a3dbffa208aa37b7cbe64e1203ff8f1fbe4b1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    007e234205f0a41f1879b824672a04e7

    SHA1

    d1644d71efcca8f1edd48937146fe4cbb8a01652

    SHA256

    e8de176d494c43f33130313896c9028eafea08576248ad6c1f0bbfd53e4a6851

    SHA512

    d9c449b0b9c184494d73e4d6c1c4bcfe58a80f1499656c5fe3aeefbf9e0c5dd51de8fb3776779e04864c951f98af7ee10536ebe05674ae9759b9bc12e7912098

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1058d2bf5401a1317cb22f42dafb75db

    SHA1

    8db48b3a99c8fbab7590965c3c9f29ca6956c1bb

    SHA256

    62a7dab06d76da995f0edc49dfbea53a541a8dfe7907b49f6535bb98175078ba

    SHA512

    569802680f1d7cabea871de589957e75b90d520ebeac7a7e83fb3d5a36c83a4430a94b0e78f9bb76635ac00f53324a3d099175344dc18b42cc13b7396601f17b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0064c02271cfb5e2d4bae5b1e465f1e7

    SHA1

    bf517c28d8c9f77172ebb40fff2e39487eb48698

    SHA256

    a5bd5e762c942bf8c465a6a9460dbdcf5c43910529455a1ca46cc420a8b6c083

    SHA512

    0462fa0bee14c56122dc6ebf8750d6c3f84f12fa4972bb5e47b55fcc3b2f1f7496d52919c6e846135cfe2b6a4207c1a8daec10d1307a3ca62c0a21198f6bc6f8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7136fa4dc2f977a78afd12f793344ea4

    SHA1

    f06a763f863c87d352772278c0beceaaa38a14f0

    SHA256

    c99e871831aa1887a14127b2e91137e4812d9948cab78ef9c597b8b1f7341be0

    SHA512

    00c46eca25122a4906668ea7f8a50d06670b9ff884d07442e62f14fde6c7365a5a32aa9d719015d7a1d92efa7d3bea93b1c7d864da34d1b5830d7b3ff1fa5019

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6a893f711ae7978a3ae0313786024528

    SHA1

    6293e2979da806a36797596095591ef4e4457250

    SHA256

    7e2cfb9818cd7ee06edefcf1968f556a96f6280720d185561a15e168ab4875b3

    SHA512

    20ca910b4f6c4bf698abad42f67b721f10ff56e9d04c21beead995b1ee61d36e2a6937187c0a897531b7ce92c05d9c29be4c3562479937dbaaf747b8133ed5de

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cf75dbe2190b0c8699adec6a1b59f9ce

    SHA1

    ef8942db7c3ad736931f8adde4d1a1dbc8a51bcf

    SHA256

    e5c49e52ea1cbf38a95f680eee9d1e8d38359e4f20633ecfb532c7444a55dd15

    SHA512

    19eb92bbe3b261e70578bc6f3b84a74d754088e0d9d1010266732a8f4cb1dd9156ffcc6346d4b3dc4b112abf75a923e7c0fd892bd0cf1b3ec9fa291f94c9aff5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1ec4ada62149d8341dbff369457f08bd

    SHA1

    cf14caa4d6d5e8556925a6b6623c5d1c07d474a8

    SHA256

    29cdf3f3d05b187ac3889fbc74cbca99ad551b5d71eade1e9e77394afade9e92

    SHA512

    e5f49c8a52e024ee33b78bb5887469e0f9f2ee01b6306c3f212b3a970f386a1de1030fb86692b7dee8cebd8bb0decb4dbf4f9a00c5a6fda9c57aa057d9da59e0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9eff9c8044289cd1c0b7bc08c0f32225

    SHA1

    5b98243b612fb7af34dcb52850d2f26cdea91a55

    SHA256

    4906cce76ddd9328a84fa4d23cd9cbd11d3a4fd38db901cd318d98e2c17ea6cc

    SHA512

    e3fea105a561f91e323c30a55a15f40c9a36d1e9aab11c03e0aaf3e52d9d8a2fba31e01f0f7b7687c90060c8d75c3e915c9494cfdb4cd4111e203f12df83826a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7605e378fefb6ca524073054c6485f2c

    SHA1

    2d85c22ce738c3132df746127d5f97b987409764

    SHA256

    4b41fa1f246cf5826ebb634c590442dbc829cbeaccf03e0608d7be72eba38f44

    SHA512

    5030c8c0cf51d30e9517ccf363ec529b8a2f3015563c6c84828df030707b2461d444bcf5927e9f18b2a61d52c4de96a9a41fd7265ca67456061d5fbcb687f889

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7c4d61aa38028405fc1d1fa5133f10b9

    SHA1

    c5395639cf9c86d630607658fed5b47d167379c4

    SHA256

    6b63178b108c3df3d9f5389a3b19e54b0cad4262f49773e484c30be821995364

    SHA512

    536feff09b43081db5a384ebe2d5865c4f098e5c98d8400d01e0c6396552d80e1929f95d45ece7c58d306ed250c3e34380afe7390e018e1a12555d92f6b8bc2b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab344D.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar346F.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit