Analysis

  • max time kernel
    120s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    28-11-2024 16:29

General

  • Target

    Softcam link www.satnet.biz.htm

  • Size

    8KB

  • MD5

    138366e862b24e5035119c5272d57aa3

  • SHA1

    8035b85bfffa0591d3cc19f98c1140d5feb19f06

  • SHA256

    eab287387197e7b5a78c0cb673ff8719d2059558918e5117f8b0fd052dc106b5

  • SHA512

    30c78ce65fe6658a56e9b94e743f73ef8f9e08a72b786d8837258f98298a05bb784e9435a8912dac7e6eabddebfb32cda92f779cacf0c861661b14082a23fb50

  • SSDEEP

    192:eCfy4AbY5z5gnn8AkABPaXf27Nuz0A0YC3yZvOZvbWN8ewMXnF:eCfV+Y5z5VAkABKWKUYKyRORb0jpXnF

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\Softcam link www.satnet.biz.htm"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2240
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2240 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2076

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    085895d68df1ce0a885c1675fc945218

    SHA1

    71d6da72182507251f1c194557afbbb4ac1472e2

    SHA256

    f3483770d0bcda7077d41401dc35ee57a2df666b833ec8c6565b24538657908c

    SHA512

    1e445b64f8d09e400c2565cff5a93783a10d40f990473d3a6a17cde29394132e1ff6b4832c7bcdd71483eb581a016ffdb5cb7ed5012d4579f0b0fdba9a116b2e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    61d5d29b63de007aa88b383938322e7e

    SHA1

    ae13f1aa37dbd04656373a1ceafbd345ee152032

    SHA256

    7c4f3bcca8c11009ce3067cce5d534280e13408e4f03da7c8608cd347ddf91ed

    SHA512

    e6ff786657f23f29fdf63bc97ef4a01177546980ecb9fe7a476e26b8e5221a7f1beac95879dc7179ab740ed7d2ecadf6cfea2783ba92832c7b17c6feafff6633

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    775b86e1cbaadb2526208c53f727be01

    SHA1

    39c523e0b5bca299e043e509cd1358a34d75d48f

    SHA256

    7dc3e984b0f6a397d0b6b11881e8c21d9e61975efb093a2d34cb0a0502d831ad

    SHA512

    17224746755c02c5cda2798fcd6a3f8df805a9ab9b0bdb1e2d4a7c61d97ee3d6f5039cc7ff1414ad7136a509aa1fa4b36e728b7631122f35c8cb8948ec13b205

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    93e1f9c49a1794d371b7572ca626f4af

    SHA1

    0337ce5bf68395dc675ed44562c76bd639327891

    SHA256

    82f726b19ab35e81ee2f2d2a29cde7fa6a5c8b21f0212039fc59aab3d54db35c

    SHA512

    d1a365017358c6f926d493684b3c4bb4e2fc2a15fa4444744097f6d6a10ecbf62cc15eec2e22515ddf0784eb1260af4f9b0c54a880f55e05047d36b20f644a17

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5ececc61665b655df66c54960d4f6e40

    SHA1

    2ddf2349e92819a096fd00d88d613afdfb3b87ea

    SHA256

    9fdf578666c2f73c6ebb5637ebad7668a11d401ff3addec2b80212f47077b933

    SHA512

    895cf9c9094a9c793932b9dc47b8fc9082954b79b337e6fdb79355a954415ffe637e70b02b367cc1219ff06bda8c7c4e645a13dc6e0194705aa2efda862919c9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    62e32c0be1f5e94310ad0b123f2ab25d

    SHA1

    0cc8a6e3b084e84d9da574829a739d1b727735f9

    SHA256

    498ec5a384c71f80e89b9bce2ad55c5eed10ec977b5a6556d858c0711fc88d1e

    SHA512

    ca45102f0b8c993f801f4a621b609b84a807e48d931d971fe6e629e24d038c1637bfa4e9b215940b1d1f62c25a8f757d0821e2eea3fe7276853c969be8339a75

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6907e4f47a92eb0f56864e9f47035ed8

    SHA1

    93068af598fc9bace89e6a68a143809904b3a9f7

    SHA256

    4204f4e48e87b7f076f60e46c49cd8ea928df68bff0a6025d061dbccce26ba31

    SHA512

    c5fee41699d9fa58c3c1ff969228e5430472e286dbb7a23ba58b62e3ae41784d337bf059cfda0f637a465790a8a406eea00f8e5306625947b51d26ca6eeb90c7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4cd14e18e2b2b520ca3ba7847fd407c3

    SHA1

    89bfd207dda6f18186d8a466ee985669544634ad

    SHA256

    d05ae66937f475d9f07ebfaa605512588aaf9b2fc26d1c8152ec555c66309203

    SHA512

    d1d4d984e2417c58959a76cf36c2e42a26773f281ce1c882c681cff8d89fca193cd6d9c92b9f1f01a7d9660ace6873b2d0154eb6e7a1f2e4a3c8acb4fa71445f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    18be4bdcf911ea9f793030e366bc15fe

    SHA1

    8b4210f2022cb72230efcb301a9eb25cd8107434

    SHA256

    1c8ef77a86d2ad295368da2f373aef5a03a2d82fc93aabf7f3df7b6e5e683039

    SHA512

    b2cc6cdb26285a44cb03203ea60b517ca59f2cc600dcff2a58ceae2c44d1dcd0f54ea3c6cc4b857d3a63cb4f43afd99a2e2181f32e95c63e8d01a5cb7f260b55

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7918ddb222aa274da06646077d7f1ba7

    SHA1

    e8ce561e196d608f096b19b795f911090d1382e7

    SHA256

    ea266c290f0c23046b35bf30df8b3f0b2c984bab556ff2ca0863a3eaccb05fff

    SHA512

    58e79a361cecc26a5bd28a2afdb92c640fa8569fc64ed8c367d537e78593fe81b9f006267d78dad51b51b6592352b50bc0d537053680936cf85486925103d52b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    17c0ad91ffd2e68a8327a5d2e2f52e7d

    SHA1

    c0cf29783c4363911aa8d75f0cadc7a0a2f3284f

    SHA256

    16aec58e1745c020a1d62d388308a2498960ee9c78b66637dce09c271e02949f

    SHA512

    7a23d9939285ca8ef44a8e7316ec078bc36760f8acb795e21d503b3efdaee03c00534e07c952d6d9baedc8697aac59e331e62338d0c9925e693719c7df4ae611

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c0e5f34f0c0a26f78c6f2331be894576

    SHA1

    0202b60b171ecb88b15b6f17455c15eb8ea407b7

    SHA256

    c415395b71bd686245fd6c26fc04cc8a4758b6d0b8a6c090b55658e2a453db30

    SHA512

    264e1992cbab77bcfb4d8dd4a2b720f1f862de3dc0843a8137cf1ab66ce99cf13a621192c125374838d0d84f30b6783a549137a82b64ef5f57b3b120de73bcef

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    25de9c5b2381a051bd739d365bff619b

    SHA1

    863bb59d0659d3c3f435a685b7e7c5fe81517107

    SHA256

    1a6dd1292da3bab9bf7793db4679896422eddbece886533efdee69e57daa7728

    SHA512

    dafed5a8245504426c9dc610319859cf763abf98319bc32a9af6d0136bcdb8cbb6583cca251a44eee7a8411886bbc7dae6507f7b1116ae4d778d444a1137c028

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5d607c82e50e93cb7ef6a72337a7a153

    SHA1

    6d42d833c33665e1092e0d86dde035ea08f1eb6a

    SHA256

    efaf8147700ee4de4d66997af6ce0e0fb77c8c6178ba08a3e7d606904a71e783

    SHA512

    36b15550557ebac616bfc563564fb06d1d4bd8c2fdc4f4566adee57afc0001633819ce51ffe40ec72ee35e732fe21ab9b8bce7e94f73777a626b16d4b235011e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    eb5e9a7829b1ac28363bda28a46aaded

    SHA1

    e7f4f4fc4d2c00591a524bb0ca18282807049053

    SHA256

    cae192faf278fc7184a96ac7564f0e1717a0e80093bcc45b1eaf4868ab616d58

    SHA512

    1bb80d5b890353055d8ece05a8126f7056011db55bbb20b5e7ca983b12fe9c7748d41785592524a102dd48b1a817d6b4b854c5ce0c3081d4c4d2c7710ca65b25

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7412ac277fa89ca0f13939b8a5a01009

    SHA1

    3a52e8ed4fb5d523828a07cc756594c8879e65b8

    SHA256

    42f8bb489e3986aaf531ef89d54b7320337c7cf68c3eb8769eae09568de8d17e

    SHA512

    0c52e5f96b06b648e9b18601fcc723765b7462b005adae1c5cff8349de618ccd82cce7632c7570d260650a5ef2e40d64cd71b4ebbc6836502900edf5c91cb50a

  • C:\Users\Admin\AppData\Local\Temp\CabF4AC.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarF57C.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b