Overview

overview

7

Static

static

3

bb98eac438...18.exe

windows7-x64

7

bb98eac438...18.exe

windows10-2004-x64

7

$PLUGINSDI...ad.dll

windows7-x64

3

$PLUGINSDI...ad.dll

windows10-2004-x64

3

$PLUGINSDI...st.dll

windows7-x64

3

$PLUGINSDI...st.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

options.html

windows7-x64

3

options.html

windows10-2004-x64

3

popup.html

windows7-x64

3

popup.html

windows10-2004-x64

3

profilinstylin.js

windows7-x64

3

profilinstylin.js

windows10-2004-x64

3

utils.html

windows7-x64

3

utils.html

windows10-2004-x64

3

interop.shdocvw.dll

windows7-x64

1

interop.shdocvw.dll

windows10-2004-x64

1

microsoft.mshtml.dll

windows7-x64

1

microsoft.mshtml.dll

windows10-2004-x64

1

profilinstylin.dll

windows7-x64

1

profilinstylin.dll

windows10-2004-x64

1

profilinst...ild.sh

ubuntu-18.04-amd64

6

profilinst...ild.sh

debian-9-armhf

3

profilinst...ild.sh

debian-9-mips

3

profilinst...ild.sh

debian-9-mipsel

3

profilinst...ild.sh

ubuntu-18.04-amd64

profilinst...ild.sh

debian-9-armhf

Analysis

  • max time kernel
    118s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    03-12-2024 03:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    options.html

  • Size

    1KB

  • MD5

    78d30b78b429379ad6dc5395c077a3d5

  • SHA1

    303803f9516484603b1f9c9c914e905197a96e41

  • SHA256

    ac55ba92e8cefe20e5378a9290f6b0cff8b7133cb1b3791da8c34ff724e7adad

  • SHA512

    98bf6172eb8297c51ff4f5b427bdd306fc00c68893b6c732397decb067a30ac89cbd26c81160e58b09c9fc5c34b42b70465775c2550ad2ee9444d263ddd9e425

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\options.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1904
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1904 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1680

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2d806c7102119ea88ed88a1ff2c502ad

    SHA1

    b9aa581a37b117728a672efc9e8fb30a10cb5bb2

    SHA256

    7db092631094671760bd26f9d2d1492bf608c7e92039e928b1f91a2874876e6b

    SHA512

    d444f209b656bddf92e8ddcaaf340a003427bcc2f29b11fb3d1872824786d0f6cb7ed9f36350aaec8776d12c9f43f2eb7b2151789e77c3089f90abf83122cd27

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ac34c7c324d171e0a39a13386aa078fe

    SHA1

    53b493239524b92e66f04edfdcdef0e1648847c5

    SHA256

    554b634c903be5224217459455b76ddfafe539ec099813d224dcacd9992f5051

    SHA512

    2cf9e339513d6321e07aa89ba30064de3c054470bbb686301a886b8fc316df4450c3b306153eecdc4f74776f988b2a511017bb63181608df9a33e16554146269

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    53d5960ff4fc2b35c96ababb0c66d1d3

    SHA1

    cb3c83c1e39e0b7103265962d82a4a3f3893e420

    SHA256

    0197417104c9891a9427006714926b933529450da315b46ef707a475d4bec62f

    SHA512

    ba2e838c2c6276c45c37f2bde976dac9dca5a6632236352c13f706c1ae4e8b13e7e767c0abbe41547815e646df449bbff860b96c81e3643c8872f32564c569d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b6d0ebd3304b785bcc524f8b7e636c0f

    SHA1

    a02705346ae13c793dea6331118be46a7905e1fb

    SHA256

    d3b530f137c478fb884a24239f8fb3c795abab1cf28d5647f2579f872bb1ae7b

    SHA512

    2571cb5a6c50a6557f8199b41233a30193c2b893e69c21db2b0db0a58250a325713cee4944cd57a7b3f4f936c6b6c3fb540efdcfebf41d52cf84640b3e171d01

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b0419bd249ea444a3b00270138201d2b

    SHA1

    152a944d39ce1d4176a4e77f056a702fe5db3289

    SHA256

    14528bf4b12e0832ed28243baaf77b747a445606c17884b1ee184a85c2d81920

    SHA512

    b25f22d172030fbb9a67e6668b389e59baf01573ced1124ddc40e1327d2c80ecc2ef3441ab6c14f7b4d24923145f43fc8cc9a61008d07fcd2a26c6f0f79ca270

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7badc88985f6adb6b3f1e0b825b27ae1

    SHA1

    e1f67c1fa3186db64703d732c683c33f040710c5

    SHA256

    dbd5c1d305182a843f57ac6283bbd98840f48ccf49910a411ecd3c9cb320cca7

    SHA512

    2f7536ad082a4c6e8422dd9c55deafbcdbc2a5de4c6a695bf409e8bf950a7329ae7a53e9e08abb3d3f124f34f11782bcbd1581ab1d8973c6861b9a8bca497d6e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    92b1b00d29385f838bed3f9df27548dc

    SHA1

    32d71e06af617b188579200ae61825a7ab16f428

    SHA256

    faf4ec1aef93b2fac95c7fa1d894cada1c570fe4ff8e043348ac12e1b7bbfeef

    SHA512

    bf389c76b69fd03c7a3b2e71db5bf8c6cdcd1f0771e068600e1eb0e3adeb958942ed9a3606a0ec79aeea630ccca277208ca4ed0da81bc4a71a96b3113c9eed7a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5e9a8dbd770e7bd2b82d69a8c2adf9bf

    SHA1

    0fd585d4d4cff7e9c4fbe3d37e23aea809f3c7e8

    SHA256

    0d4e16cceee3b1b20b63a4ba8071c3b05751782b66254c2148ea1fed1ffafa20

    SHA512

    8f4f443d6f0c5ba485c383158eb6a3eee1c5ed381fd6408c9037f40946506cd17990b470f45d8975642953f6a721d360ade7c310999e6a91407d47f59f00703d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    954f1ff6f26895c660549d3493e4724b

    SHA1

    b64b63f0d3c21e7decf4e03bbfd57cadedbd1fc9

    SHA256

    58da334e71a76bd265050ff0ee48c28883fbd9d06323888341cc3c13a6f55c45

    SHA512

    ef1a27e114ecf5846b0f6e5676426369bf2722d2c61adb2617b24d4deb6dde0fc314839f9a2dc85490e1d19a7a7be68013c396845fa18a266d5d1f05ca986ace

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8c3e8536c1c3f5adda3e365126ad1379

    SHA1

    1b214fcd1c932e2ee96369491899660c065342b7

    SHA256

    82cf3d74701603f12c1965f6c972a607c641a6e8890d80f51d4620cfdb723ffc

    SHA512

    42885aad67ac6de092f9d5811da95c6d57848ce59570ea6b654cbfede2e2dc7a1f38d708ba563ebbbc1bfd953fea0989384167a8007379445b456ec3f815acad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fa5d281a9f7d3d95577e08a2678a9029

    SHA1

    dedf8886d69d627bf0140a5e580f2e7eadb77509

    SHA256

    b2b8c97db9ae9df8e286a9d4fbc705e605af9fb1f12fc410a9ae65c0589ee67e

    SHA512

    ff3f63e7e32fc15bd006488d5b3c2f4b2d001242a899e9a4ec4e67aed0cee8c89cc1b958dc94a927af3b6a47bd3bc26bc9ba6db4c4566200a84fe37e9c3a18b2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7d13812a948a4d468467dbaacc1c831c

    SHA1

    9d56e259362b2a78fd852c04b9b724e877b20426

    SHA256

    1c93898742fa2bab613b3ff39c66c24d9ab329583a5b8f980f7bbcc8770fcbab

    SHA512

    69be08b3df89884cbee2d050dabd42bdea8c1d3df726492bde4c2e276adba72614cab0699e8a90b21ceff09f38cf3f7c9eb46091ea96298428c0237ae2a200a7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    72db7fa369a9af5229331353bc0dbc89

    SHA1

    14ef10fcc187b46be19d590ee06d3eead9127bf8

    SHA256

    a9ce24090754befed7a8c6f86e4d8a9682698230eabb6bc3a79d4e09e522de5a

    SHA512

    ba753ae0b1ef1a200e6e64b2796cb8f39785f92a928e13d76fa36b99fb483e3d33fc8a4b1984b28e0d34db22dc0423e74286622e07e378d13410bf50dd43429f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0407487da998957e88a639d33ae55c00

    SHA1

    d36559ee71eaef773f91b94256eeb05e49bc92d8

    SHA256

    006338d861da0c48db023cd668bee5cc2c432c67eadfc6b6f183f597c9cbbebd

    SHA512

    e1a1d7bd744168579e41d35553ce1116d1828a24342185c158b6e71f5f236ba9bce9d6463483eb4d25ac7da616d24ffa9899c0cc02ebc75b125ba0cd40fbcbf2

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA1CE.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA1F0.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit