Analysis
-
max time kernel
18s -
max time network
17s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
02-12-2024 19:16
General
-
Target
https://drive.google.com/file/d/1wBmODFs1_C_MQoO5Z6xkvSNzsU0tJw4k/view?usp=sharing
Malware Config
Signatures
-
Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Modifies Internet Explorer settings 1 TTPs 28 IoCs
-
Suspicious use of FindShellTrayWindow 1 IoCs
-
Suspicious use of SetWindowsHookEx 6 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Program Files\Internet Explorer\iexplore.exe"C:\Program Files\Internet Explorer\iexplore.exe" https://drive.google.com/file/d/1wBmODFs1_C_MQoO5Z6xkvSNzsU0tJw4k/view?usp=sharing1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2268 CREDAT:275457 /prefetch:22⤵
- System Location Discovery: System Language Discovery
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
342B
MD5698cebe7ac71c4644ac09dbb5c80f250
SHA1945bcb2884f6887fe66deadfa8ee9a9e586205cc
SHA256987eacc080046392c9b327bd117bab528eab789133deb02f29105a11c0ae4d15
SHA51279a781b650b0c86fae9d4029fb875833b6071e8e0201908df08adc4327c41901739758a300bbd93732efbee831f70af4bc5ca30b2659cbdff3944540cc2263e3
-
Filesize
342B
MD5c75fb4b52e8750ea0e9bef7e36ded033
SHA16485880fc152ef4f2f2d74bf737c613381a6d1fb
SHA256bf79f745de391917d1c859c6f7ff6a8ae12d88e13a6f1a103e09318312229726
SHA5124b9c3a1ecc1a351bf00a39655d3d4c3058fed8e0ad6191590f38657cfb331c2b81090de04aee0ce41c9aa49af95ec2fc5a3cd84a63cb5e4d4faf9f717e406f53
-
Filesize
342B
MD5c3987c032c203b9ab901c2f7cb566efa
SHA167937f93f96a545108473fb8532cf8d6d6d5e3f9
SHA25689b264f9c87ab24cb36f36d5d449ba759da5bd651de7a0bd34de6c5f1a97fd3d
SHA512c9b736a1e35740e8c7c54a4e507fd3999e246cca0106426d73fb3f3bd6ae21c1237add9bb5524786fda86b5bf6bf364792e5420afd60bd0d59a26bfa6bb8b6ea
-
Filesize
342B
MD515d9d40bed926c0c197ebe0bdcaf0e11
SHA17bc601119d400ff58c2fd8938c78a7ece5f1a41a
SHA25611c1ba3ba9834762499cb4f5e3e406ce7b726a62a93da42b6123e1393b46b416
SHA51250296335a94caf599f706d8439b13f4553953b3043969b1224b90fa8cd2aaa2ade35b7902ccbd8b895a7c7e17a10d0486629bfee891186bb98d3443c55928b1e
-
Filesize
342B
MD50266a0c64403f3f19caf2bb15586ee9f
SHA198e18500844cff6e5115332988d2370d517a197b
SHA2568875ae2964befca59d01dd6314b977156dacbf70c59c96214e1d38400274585d
SHA512d9f174abecde4f76e4b198aa65599320e10e61887df261b27654739910c37d768501286767640f3d10fb865c5f89fd21b456525879d02792eca92eb30c653a47
-
Filesize
342B
MD542cda642e3fdae1686deb0790f1f77c8
SHA1a05a41d9091edb4adf5728a6da5321cd922bb5c4
SHA256ba69d2284958d4fe3f851087555d8bef565f5591bdc2e1e3249153640837b219
SHA512f7218950a42a57cd7813828159823a03a493c9c7ee0ab36aadb63c45f07da61f4d0ac5db30b06a397c09a72babe85ddff06237c3dbe368cde4af83c9664bb193
-
Filesize
342B
MD5c8e9b56c2552162ed10ae6bb6e6bf918
SHA18a9c0c922c4e1ebeda6716a724c3ae8aa9589bf5
SHA256bf1059a5c5595f08a00078ad3a3d6ce662ecb9efe1ed69fdfe85ac6a3ce08139
SHA5129774afe09d4f526de33fe020363315c1a91823400616830f73c5695b13e8fb9d5998536e76bc725c6592df4353a52f44dff8175d20f73b43f48f71272fb384b4
-
Filesize
342B
MD5c1ce3538192ff591b4db3cad4430940f
SHA113ae0ba13f778baa235f1ec48cba15bdc5fe4fab
SHA256f10720dea5ccd35fc54e068321bc6f399b35adb7916c838c90f9f0357ca7f9fe
SHA51233b009b04ca56a33c23dfac8c5e6f6a7c23c5da3b990c91930f9cf03b379001cc92b49a7e020430992ca77ad236ea2c0e314c1d1e0ed07e06e3e859291106eea
-
Filesize
342B
MD5d0c624579b0202595c01744caf660711
SHA1881b45bb995b43d55ca43621c667eb9a993d159c
SHA256e121b0895aa76fe5d2d4718c326c61abdc588bb5cf7347d61c582d2c3c72d819
SHA5120f8b554b30d288c0282219a002e5ccf3d73e6df2e9dedb8c96e1f4c75b666f12b7f46967b498edb2ac00bdba0631c73b0269a392b4a7ab93ffe147dbd8a352e8
-
Filesize
342B
MD51b85425bf0f00b8c04920d4cf00bceb6
SHA16062f9395456f8f1ed20ae1570f37073b746f56a
SHA2568d1655a054db3f3b5bc5ed8068297b732e555e74b83e15e79864026cf4668b95
SHA512392e9e7a939aea687a5dc90af680ffb7f74b032a044f8c33561ce5dd60006abd3e96c109237e519077b489a36f6a3c1f804b10291bfd149ff313ab603c147a79
-
Filesize
1021B
MD5ecbb71a8e328ff030eb1b75780ca40a8
SHA185f82f0ed4d9d38f124e02bdb45671d39f3984aa
SHA2564a651992b8b38580a3a50590c1ed3edcfc0b90cde6aa3a71380311240a7e24f0
SHA512471549c88ca933445d155768fd701e67bd60374159f7da79a62c4d1da3b89360479a739cd85b9c71df1ddc15c442b79ee4118874c8d7f3a2bf0a20764863d1c4
-
Filesize
831B
MD5916c9bcccf19525ad9d3cd1514008746
SHA19ccce6978d2417927b5150ffaac22f907ff27b6e
SHA256358e814139d3ed8469b36935a071be6696ccad7dd9bdbfdb80c052b068ae2a50
SHA512b73c1a81997abe12dba4ae1fa38f070079448c3798e7161c9262ccba6ee6a91e8a243f0e4888c8aef33ce1cf83818fc44c85ae454a522a079d08121cd8628d00
-
Filesize
70KB
MD549aebf8cbd62d92ac215b2923fb1b9f5
SHA11723be06719828dda65ad804298d0431f6aff976
SHA256b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b
-
Filesize
181KB
MD54ea6026cf93ec6338144661bf1202cd1
SHA1a1dec9044f750ad887935a01430bf49322fbdcb7
SHA2568efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA5126c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b
