Overview

overview

4

Static

static

1

URLScan

urlscan

https://mega.nz/file...

windows10-ltsc 2021-x64

4

https://mega.nz/file...

windows7-x64

3

https://mega.nz/file...

windows10-2004-x64

3

https://mega.nz/file...

windows10-ltsc 2021-x64

4

https://mega.nz/file...

windows11-21h2-x64

3

Resubmissions

01-12-2024 15:26

241201-svbb7ayrek 10

01-12-2024 15:25

241201-stmntsvkhy 4

01-12-2024 15:20

241201-sqsexayqeq 10

01-12-2024 15:19

241201-sp74zayqdr 3

Analysis

  • max time kernel
    145s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    01-12-2024 15:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://mega.nz/file/4K0wWBZZ#YX1lnHLgIRYuZPcNkOANd8JT9mPtFwxtOyFcMphV8_I

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 43 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://mega.nz/file/4K0wWBZZ#YX1lnHLgIRYuZPcNkOANd8JT9mPtFwxtOyFcMphV8_I
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2084
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2084 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2176

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    81cadb18c36c61cf2704e05d1a5e68a0

    SHA1

    ea9eeaa0efcbe4ddb6c8c3663c0fbd446b0109d3

    SHA256

    5adef885cb4dc7268a1e04462ef774a7a727ee78c898f25a74b7783528e18511

    SHA512

    a815be287f2f47d687e0d3ae9ddb4f72669ce6e61007714fc88167a397864a88cd1ec1bb79d7b21914e46edc04228afd0c1c7dbf88f3db8997cd086ffd9886bd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8abce42aba33b56d76a95839f7f6e85a

    SHA1

    2f250549375de31613c0baccc14eae102aadad7f

    SHA256

    b4a7b036893bee70779d276d7f255221b95bd71e6f304c1a2f2d09d0faa25866

    SHA512

    bf3602ff6e5acaf24e3171338138d900a209fba9dfc901b33ed32fc142a0806be98d2965b550366b05a5b38834b8144a297b75110a29c71b22b540dc8942f459

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e8d89ef63c748f2f17aad0d2643775e5

    SHA1

    11dc09d73da3220a7970a4916fc1c9f5559ae33e

    SHA256

    0c358c0f84ec5344685cd4ed54789ee33e2d2b2947542792298738b5a1cb3a52

    SHA512

    d6949373c3106c09574af55c723a649ae2220bbefd90a9d9817b16f6001e347177219d4168e74b7966883409f7e133e3fd7485c6192dc1ab4870a1b6ad7f5e30

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8cbcc6d5f8e1cde0e75ba32c471f2468

    SHA1

    ce5f563566ccbfbf8865539e02767b8cca181979

    SHA256

    dcf4600ff6f722dfd4e1b4f67462c458ade23ae7c76c556c87b8fb9fa445973d

    SHA512

    287cf81353bf3d6aa1264a5228a96be39f6a76d926510b2a20c59885b749a459de15aee3e4982bde1de41f47c128b9c38a27b831459353eb98ede55c4a244ca1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d09bec99a30240bd05c59f4b40babda5

    SHA1

    21aeaf81fbc714fa5d0b8899d7acb17f38ed6620

    SHA256

    782dec3ac6ed73a9c7b41edd0c041419cbc2908f3211332485daf9791535dad8

    SHA512

    ea400857f615fb5f2455808ed9d679140ce699a3a116a0aac504a8ce4350aa2b280cd44f26936ea0c559247652ff5b2a57291125cc34cb1c2a3f74361cbc5972

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dd97e0b887796356b827cf34177330ba

    SHA1

    7b218a148d8072eca94a4c6567a41c460e8fd359

    SHA256

    a67a9b470a3c84562dfc51a05a8819748211223d014475d46069e7b8be656c5b

    SHA512

    06a584175c215e4395ec6bab1666dcbc92ec012b2c84787b3eb19de7d9b8087771c159756b256b2a0770a5b6c7440391236688bcf799947476e0141f5a9cac57

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fd0faf8b1c71560489e4d32928aa50f2

    SHA1

    b4c061dcb66479b1047b243b640b70c9fcbc43fd

    SHA256

    c7e46f33c683c76d0a408710870fcc82d956f82063785526a0c6a27dbbfffa54

    SHA512

    bf8b7875e49dbaa030a94617e3d91419e6fefa9b0a01d3202d320348675d87235151ceea1940ac1010d2a943b490a461033d14758ab434de5a883c7da2475fd3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8fbb4f68a2195774924a96606a7ae4c1

    SHA1

    20d443513b1b4c1d8aa2a0f9c58b2ae3ab8c1158

    SHA256

    3cc9e2ab2a8b11c06af0b45984f7de22c4e1ddf4002d84b031b7702fb77301bb

    SHA512

    3663e8e665978e7396292c96f77c33a24674e4a1614bc4675ef53f6f8fe36e39e1e7e8d38c51c9cf2b914d6ecbea0d13cee8cc8f9d49136619b6f7846b825ecc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e2c9935c12e7d082dfe5e4c7dfcebf2b

    SHA1

    b438291f4234b4df4ad67865d778c5563ec4f83a

    SHA256

    bbade84b68fd6adc422bee602b4f4c22b633d0886a5a46e84bb76ccc0438fcab

    SHA512

    f128760e82b20da5de61ac5dbf9bf35d51c4fd9827e3cb5721ef75b42e5afacd3893b2fbd0ad7d65e3608b34f36d27441a4d0b293fd91a91efe086dede2ff2a5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d379445f7fb8428c8b9d74a4e62b9980

    SHA1

    2651e9d9834cd790f5efaaca58d32f60dc0a581e

    SHA256

    6d402466af9a6a591f9458b232aea7170b972fbd3bab72d29e7c994c203c7a84

    SHA512

    66a72416d4875cc64688c8951558f04e88aeb20ca94bca067a9b2fd51e6b0531797c929e6552dd3dd7cf9bdb4190f7970151ffa6b97ad44dfdb5cc3cfce142b8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0d1c16964d39db891c9341690dec273a

    SHA1

    01af92cfcb9153cea036d56379cab7b76c265efa

    SHA256

    fca0f76e395948ecae3e88163424c19c6e5f6fa1d3a8114e5e22d79c3a80a95f

    SHA512

    92efa5ce04f8e76853e469683283f5a7f1ed46984870beb044a24cfffde4d61bc9a032a113351691b03692baaf13d083a53c4a5ce1f760b6c5b7be8948f6643d

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\0qn8gcy\imagestore.dat
    Filesize

    6KB

    MD5

    ed9ed98ee5b745aeabb77899614fa484

    SHA1

    4b2f2ca1ed97858068c136bb20b26edc1156a042

    SHA256

    6c76b7255ae7058ac90eeac161840772b0d6fa142f56af0ef729c451f34cb4ce

    SHA512

    27d8441c1f36d6301919c0aee074c4fa4d07022c89785a5e76d4dcefa53b7b2f131f01084e05d8d811ed73958a375279db70df5e12c479ac294ee8f12617a56a

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HHT5LGG0\favicon[1].ico
    Filesize

    6KB

    MD5

    72f13fa5f987ea923a68a818d38fb540

    SHA1

    f014620d35787fcfdef193c20bb383f5655b9e1e

    SHA256

    37127c1a29c164cdaa75ec72ae685094c2468fe0577f743cb1f307d23dd35ec1

    SHA512

    b66af0b6b95560c20584ed033547235d5188981a092131a7c1749926ba1ac208266193bd7fa8a3403a39eee23fcdd53580e9533803d7f52df5fb01d508e292b3

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab994.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9A7.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit