Overview

overview

10

Static

static

7

c60b982e5f...18.exe

windows7-x64

7

c60b982e5f...18.exe

windows10-2004-x64

7

$PLUGINSDI...ll.dll

windows7-x64

3

$PLUGINSDI...ll.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...te.dll

windows7-x64

3

$PLUGINSDI...te.dll

windows10-2004-x64

3

$PLUGINSDI...om.dll

windows7-x64

5

$PLUGINSDI...om.dll

windows10-2004-x64

5

$PLUGINSDIR/xml.dll

windows7-x64

3

$PLUGINSDIR/xml.dll

windows10-2004-x64

3

flash.dll

windows7-x64

3

flash.dll

windows10-2004-x64

3

help.chm

windows7-x64

1

help.chm

windows10-2004-x64

1

order.htm

windows7-x64

3

order.htm

windows10-2004-x64

3

top flash ...eo.exe

windows7-x64

10

top flash ...eo.exe

windows10-2004-x64

10

uninst.exe

windows7-x64

8

uninst.exe

windows10-2004-x64

8

�...��.url

windows7-x64

1

�...��.url

windows10-2004-x64

1

�...��.url

windows7-x64

1

�...��.url

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    05-12-2024 05:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    order.htm

  • Size

    4KB

  • MD5

    3466ad8d4f79883987a3e7169ccd5108

  • SHA1

    c749098f410170d1849609db8ef562cfea0ce9d7

  • SHA256

    284baddf885da8b57a35f6f2a72033ba6a60ab7940909094ff5744679d0961aa

  • SHA512

    d16fa72153b4b43f5bee978ffb7aa0a495641b2c6ff966e049dd300323e87b646687954618ae9225077086884844328e01ae41857f7d1eaaf1cf20d1e9b425c8

  • SSDEEP

    96:fgf4G5PePLcpOR08klJrGPexDlsFcwVIuJEMxJfZUHY4dgkAoPexTqafkU9o6Ct4:fSBV/Smll4Nl9Wjqx9Q6

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\order.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2824
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2824 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2688

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    24970fc7a911caabef4dddb7442f15cf

    SHA1

    fb224d60275e0a43259820451034638ce935ab76

    SHA256

    a38f19594f657219503f2bff2650c223cd4d5d05a8701c490c94263a22d6fb76

    SHA512

    77d2921323ed52b06f2a09ab8a39c349d25f45caa7661f7cdf21575ee45ce70ccbffd55febead99cd94abce62c9147f5d3e0c327996e0f5db8b9df5987d1034b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f9ae99a690741bc56bae56bfa25012c2

    SHA1

    be84119f7c3251e482cdc0ee22d7b8abf451abb8

    SHA256

    88fd5156d7c875af2cab6704559b904eb8a58f7199ce8eccfe7ec9e49da20a85

    SHA512

    c3ef79c2cf52c700a9ccfffca0ef66f82f2641076c588b7d7eb8a0b78965ece9b1f20f58e99e52b000f1ed1365cf8b5aa868113aec0bb1e14cc94e48e1cf272c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9cd7ea351a86720325d24044cede790c

    SHA1

    d90777c438d142d4d3b5030c67153091a833d76c

    SHA256

    042b03910bc00d32e38e5258d9a0b1129c292a7f06b88f6bd5408b6d8ae52513

    SHA512

    c29c5987e249bdc38777a9f67d6edaec387783ce85dee1bbe8a635559017791f4e4b59e2d0934154efaa586eeae10bfb787d2227e71258f3a682f49cb34fded8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3c5bffbd55bfd03b95ab2d6d2eca80a1

    SHA1

    b187821d100d830a95db771ddeada2c3e027e059

    SHA256

    c4579de0e4d4cd4b98169409298b89f440b2b2355002ea2f11d4c86704373e1b

    SHA512

    578c9c9fe66d13e39902a9d4a14e4888ca56a52bcaf5946010a2449c8d18bb466e002db89a2ac4bbaf18da547c89834fa11d985c1fbfdc54e750006d5a620fc2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    49242d874730a7dd1c970995463e390e

    SHA1

    b2b5736bd660094ea5640f0a1fef3cda52519fe9

    SHA256

    5688677bd0d09b8238585c1012feafb7c22e13e96be8c45553ee47162fa7300b

    SHA512

    cf19cd66a4ef0682f3fb8c0641619dbec916dd619736abe2d4c1a9158cec5c7dfcc75ed7fcab1fce575f607c5ffffedcfee9217e67eafaa455d6954875dd7d0a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    91abad88a574431b14d89e9ab6b5938e

    SHA1

    de6ed0ac035ae5eaad669813a2531faf2be3b512

    SHA256

    92ed7a9a50ded8373a6e3637f8acaab8365e0d1982bd4a3bb6aa42eae2f27b86

    SHA512

    6f648ac39602cd54e7d69f9f83b3b4925f5389096b31b234c8b414a8a2019e0b5e9f0f7ed3f587580e13b5e806ea8525617babcf82809452934c90b26fc8cb61

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ccb9f5f8c0f24a9fadb88ba00d9f4362

    SHA1

    13bd2957d58c536dc5584ed5b12733fa0d75c669

    SHA256

    073d21bfa48a268f5951e81c06d942ade45f06162db59cee1759fc75f1da40f6

    SHA512

    df074c3267183e08bfd55c055665928d29da09f47513902e1c88ccd77929091091f9d55bdc79cce55c06793a51ea9ad1178e63bfb26353546e109babdabbc25d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c14a6369393c2e4f20f1dde04936ebc9

    SHA1

    156efa66325a319635c895e89039d12450d889ee

    SHA256

    7d51a0b9a7090abeb04bd9fdee972ae46b3c060d63e771cd6e5ae508b7558359

    SHA512

    2c9e306509a8b1ee0268d96ebd2a632bf505a38753f61eff4e4314d7654fac4f3eba88c98655f60d50b89c2a58726254b10eba11f64601edff3da0e316656032

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5bc7b19f8ff39aa52a84fe032463fa08

    SHA1

    fae664ba55ed81a24d9f9c97174ea04845d85a6e

    SHA256

    02fe551683a5e029d7591ed2aa77add9fd01235c60760e36cc29ffd94854a5a7

    SHA512

    59940f1c0ad930ac357187ee71a3e2711acdb60541ebe134b331a21ee78d3f0f3475c4422b8e622b2d293dc9cf54fef7a501f79c8612c701612d44568c48710d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6a3ff7c30559c327a63e8df304835e8e

    SHA1

    7fb03e8a0a192aa9d09cd86da09cdcc9ec289d42

    SHA256

    a25b49a590dd180f173261fc22aa3e175220cc3cff9e33f638c94403953af6a5

    SHA512

    672efa90a6399dfbe5f3e8a9d55f478d5ed4002de0f173e5928c7f94a7f17a27b3413e9a1f6fb06fa040457ca6bf71b82cdf233271f95b72a783735b61211487

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    44eb9d19cb1ba6eb29aa9f09c577d796

    SHA1

    6e1e83818a50f060671c718f68ef06e8d5716d59

    SHA256

    9168015a30b9fbfb8171eae36cfb59070ed6308b899f9769cc121e367676b1b8

    SHA512

    1b8ea9ff5d28e5b6287a47753057cf19938dcd50d1a341f882ac282b37775b1898689d661709727266b0cd27392a72d378c1f407b9b76936216af40b32fa3973

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dab327faf202defbe89b5201e6900254

    SHA1

    aab676993640380fa786b17f45212e1685b22318

    SHA256

    0bca1132686be10def0d45363b6a459b7f2e0496b8fdfdc7665f189e453a15c2

    SHA512

    408b1c30909fb03f04e7b7604568f558786b2f8512766ba4cbe6ace4372b826305785f84fb2782f79ae2d89cc375c0d45c8cd26b96e8cd3004bd869107a577f9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    34db2a602eac1d319c35a1a881ed5876

    SHA1

    fa83d8a0443d818d203c5c08709a76530d0bc6f8

    SHA256

    fdbbda7f5230006f1f279fdf99c47a9a4be0405147bc4beb8e196d59e0363fe2

    SHA512

    73973c8ba5b00487d30bdd2b57601ac020ed54362d203db97d9e5316a10360cc614b80add53d260edd906e216482011984e425f5c2187538a3ee7a318f0fb0c4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2b553dbd3730819fc392c16f3b5bb2f4

    SHA1

    9ffe92e6702fd1af5b855c359b0fba2da259f725

    SHA256

    4fa2b077a4726f1b10adf0c2e4540aa560472df8fa0e276098eb9771a1e4e881

    SHA512

    0445b47cc4aee6e6ec394b955609f8536e74df242fcca2315f662f47fbbe246a364091a0713c91d4a847975ed351d4c2ab12ecd93387f8bf38c0022a114a0fbb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    58d4595ed081af84177d04cc56e6a701

    SHA1

    cfd0519717e3a2aa10d0d4a16bbb0b77963aae05

    SHA256

    ca219c242ee27bd9fb0bfe9d008fe91fa43556f2715152bfa843e3318c497e5f

    SHA512

    dd7e364c1c1bcd43a8d1b9d5eaa2618ca95693d85dbf30b452776edf3bcfb5a147d94541190d65e986001139168471542649a609c66dcd9f20b96951d4bbf6af

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    df32f931de9ad364ba2aa6384902ef4e

    SHA1

    929b276e6e3f048f60a3e67190c4a7c9b70a5577

    SHA256

    7411b199ec9aca600eef29a6ceefed6a362d7f717d9d93ac7bf9c11ab699f43e

    SHA512

    a9a10cd855a968b094f0ec6cd9ae78f216a788253ad741c790debc283a0458501068080f664c08eea3d3e2061e1cace5a5a6f89d3a258caf0fda28704341694f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9ec92f538ee27d8f62838959c27c2ede

    SHA1

    62d9b48bb163112970176825c8f0ea676d258a91

    SHA256

    fc647cb9147bfaa770d68030d5024149b4bd9687024f34fd771f630f0abb26cc

    SHA512

    49b542fb9e601337ae8d2ef930e0cbea92e5c907a1ae48aec49e3bf9e86edc47ef630e561eb49f5cdb7a37572f86820da476948bf4e6c975185ff63e701efa50

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f505a73141d5f39b6862f7402e2ae845

    SHA1

    a89f880a3984ecdd5f66350a54ecf7feb4c0cd14

    SHA256

    4eaf20fe0a27d8ea4375208adcc7112ee2b58b052edac3ed305ed9cec4bbe6f8

    SHA512

    b2cb02b76dd02f33293a65b42bd76c35a00f68c3523da88d1db3635200ac3f60e1481b27245d4af13910d2eff608fe973642a76e809288a0e63fb624d285909b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4b10c05c4bc668c4844ed101ac3d24ce

    SHA1

    d56a5508486655f68e1359115ba030abf2ec3dc5

    SHA256

    7b0846950d800b4a99571b310106bdc3f9bf752ccffc382a7762d6f59a87bc93

    SHA512

    e2526d242bc5d50d4bd7774b6d42af8a67915bfbf2c70541fb70bd504753439c92abbe242926f3a12c1dbaf294d144ad4e9f034a1a2845c605316f77d56c8aab

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab74C4.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar7555.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit