Overview

overview

10

Static

static

3

9e19fd2499...86.exe

windows7-x64

7

9e19fd2499...86.exe

windows10-2004-x64

10

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

LICENSES.c...m.html

windows7-x64

3

LICENSES.c...m.html

windows10-2004-x64

3

NSIS.exe

windows10-2004-x64

10

d3dcompiler_47.dll

windows10-2004-x64

1

ffmpeg.dll

windows10-2004-x64

1

libEGL.dll

windows10-2004-x64

1

libGLESv2.dll

windows10-2004-x64

1

resources/elevate.exe

windows7-x64

3

resources/elevate.exe

windows10-2004-x64

3

vk_swiftshader.dll

windows10-2004-x64

1

vulkan-1.dll

windows10-2004-x64

1

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

$PLUGINSDI...7z.dll

windows7-x64

3

$PLUGINSDI...7z.dll

windows10-2004-x64

3

$R0/Uninst...IS.exe

windows7-x64

7

$R0/Uninst...IS.exe

windows10-2004-x64

7

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ll.dll

windows7-x64

3

$PLUGINSDI...ll.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    06-12-2024 16:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    LICENSES.chromium.html

  • Size

    8.7MB

  • MD5

    6ff57c0aeccdf44c39c95dee9ecea805

  • SHA1

    c76669a1354067a1c3ddbc032e66c323286a8d43

  • SHA256

    0ba4c7b781e9f149195a23d3be0f704945f858a581871a9fedd353f12ce839ca

  • SHA512

    d6108e1d1d52aa3199ff051c7b951025dbf51c5cb18e8920304116dcef567367ed682245900fda3ad354c5d50aa5a3c4e6872570a839a3a55d3a9b7579bdfa24

  • SSDEEP

    24576:2o9dQ06p6j6j1WOwRiXjYmfy6k6mjK64jK6gjK6e6cjK6feGjl8PpE:BFOeGT

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:596
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:596 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2372

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9fd31c0582245d096895b85e86fd0e0e

    SHA1

    627fb5c4fbeb165ecd11da7b750f1a8427b36738

    SHA256

    c26f4ed8e2c2850c4de75a804618809706fca38567d418e93d628606b7f98652

    SHA512

    1126d5e9da1d07d37f5d25d25f943773ea9143f483f5dff90660e399413ae27afdc4b06edd6b0f37438192d98ee574b4b07eff1554f7b29dedaf5f6e8aadd260

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d42df3053dd21a8c8d0e0cba3bed11b6

    SHA1

    f7e5e03b170bc5d2b7fb1d5d2738aab00cbc20b8

    SHA256

    f5eb8a4d3c380db32cafa652a710b61bfe2879a661841154d75e640b7889753d

    SHA512

    45a36b0cf00739a3c167c4107145f3766c0bfd9935c268234f8ec322d26c8e92bf1f62f1e20b4daa340f4c3643e2f72513b9d79d3f1f4de1bb26ed67fe04d564

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    88548248b1c910cfff9ee272fa4548a8

    SHA1

    454a6ef58360f87eeea64af6b854786616cd6950

    SHA256

    f3183daf92ceb68903958fc97e7ec26c524d9dfa634e9116e288d8c7abb7d4fa

    SHA512

    74f66cc05328e6edc71cd43df60426a674832550cd49f110b8072d086416bc1777cd584f93598d0a0d647280dd52e8a89eb855aedae5eca8608c73494d2e1714

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a26acb19dc2779c376052aa8f20efb06

    SHA1

    00a2d39d59f1d0d7a44ecb3c320c6af34e2e2d23

    SHA256

    595a968a2bf61bdcc13a0eba23cdf8c5a256e8133c29bf3e486f277ecbd2e0f4

    SHA512

    886cf749b85a40562fb65b52336c18adcbd73a6b3ca005994ea9e654a5c67d1c54b33b69b91b5df56975451f9581871d10df8798fc446d0eb7cdfaa6987548b4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0cc63c9706dabb997a2f8b4503cdc92d

    SHA1

    a2551be003dbd97915569a4a76a1ff25c0f58db1

    SHA256

    b0fa5c1cc5c10149b0005d4e4ba59d05234323eb7ac143c3b7954a7ca9f804d4

    SHA512

    8f9a7beaad670a6e0118f978d5c87036df45ed7892156f54a13579a2e2b166b3a135a8fa8f19622aebe32e6c333e3aacb097b7a8817626abc319a0801f2bd6a8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f9881fd861f9d0f193d7e000089f3837

    SHA1

    97220b49349bfff4040c589e747e7e544ae12aef

    SHA256

    56b951ad3883e1df725c09cbb142fc591edd263464ea1c5720daa1e9213cb269

    SHA512

    112ba4915dc1142c3059b7213927c15a454cec12bb741e7d512219ad137affd46f95ec1ac68dc09b5201c7bb647234165bee1f7ab26c7d1dbe95392a0887475d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    569f552d1cc5eb7ca283fe62d0914836

    SHA1

    73e3bf97ad9819c3734ad51633c7909927fa484f

    SHA256

    08fe4af6bb6c16210705d4f9a0b4d1615d5e774c43f0b29b44faea0895164ee8

    SHA512

    5410d6b4e79caf68929b00007d7857029980686f994ef7eaa2bc795031ecf5633ea8a5659ab0f795c695206e729375fb4091106a49a7888566ef67368bdd414b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5eb4da987dc227f614d1ba7b54db24ea

    SHA1

    ad89f757664d7bd128628223dcf4b3e774eb3c88

    SHA256

    e707a7d1b974fb8c7fa4fa372bf65ee1a6e2031e769f5c5308165e3dc0ad2b70

    SHA512

    5214a7a309ef4259ffa56608ff98e73d4a956ff8cf944b2d205e1e8d03f9f5d59ceaeb3df870eefa54045915680398174b1c0cff53c4741daa2a05bd8f8afa63

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    40bf15afdb84877005cbb878ed09d903

    SHA1

    4fe4e903b39bc3d7118e2a4770f300095a7edc58

    SHA256

    34f4a2b3ce68e83ea3f2da263e07dc16fe89b391a47aae7bd3f658c22e8b2c1b

    SHA512

    20de7c97c7a7aa1c0cb34b6b964887322617d6e610cd40227b418703ae9672711230f9b5bec066041c0c8ab3d44ff3a69fa1ce6b4e3577661a255ae0f74f8611

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    92bca421552914b0f3ee0ae345b71232

    SHA1

    661ce506a78e9880a73d88656b77338cb8d073b5

    SHA256

    922292bcc8cb305c02ba1cb7f6e0662f8f208ee06e3a4cad60e28c36fb5c9292

    SHA512

    5b6b847bf1fd8cf01da2110273367f0664f3771645a95329c2a080b4b041f39a78f427e1dfba6a24c5988605e669622ee6c981ce7f32f805654a08f8cc2d9a95

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7fbe739b46d18dedffdabb399927ca43

    SHA1

    dad7f3f61097ec41fab49d863b47806f8610af0c

    SHA256

    ce1982a3302687c63593f286327286969e4e76f9c203e53d9867256fb34ca180

    SHA512

    4d12c83f1f4dd299c3c6299a918dc10b5154c8d7606d2e70d9d7abb061162a7b38b11a0bfe6fed27a5dac1c46f61b6834e3d973af002c13ce06c31ad0193d263

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    198511238df560dab59faf1140d457c1

    SHA1

    9fc8425c9349652ccf01c7b72178ec74ea61b9d6

    SHA256

    ceab202e4a76db60690090e844092a7c586726d4437a23694bd007b645a266eb

    SHA512

    e61f521ed9314be7a06685cec150c71132d5581519937f4479e528979f9018ae0701ba7208f38210776cec735bcca15396736549a00e99b9caa495a229395c23

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9228bb27bec1a92832f46d7742fa76b6

    SHA1

    0a76f3b3aa82e2d300699344eee6fd6c60ea5968

    SHA256

    b9206aaf5b83d0b31b4d5733be6dd8a0e670366ef7834ecdfaa9a9e0edc3bb6e

    SHA512

    100456e212f59fda116e1b30b64bdad5f6d1c2e0c3d8dac5e2b6a3d1bb8d80ebdcb879fbc6bda0d5e39c092068bd0a6198a02ca8962ea57a8eeaa01a7703bbbf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3619bd6fed1da4470687154406c2b612

    SHA1

    471fbba123fca4b8312cfb7b4bfde5fb28e517d6

    SHA256

    fbd89efed2b8c0e7308d13b2d75f92fe66ca93a7b931b116a8874dbffcfea07e

    SHA512

    25026b887d528e46bbf7c660482396f83a98f030064651c62feb0e408dc43dd7e051a3de577b87674c93a8c0ad079f5773f5ce29b20ce6e91fed7428f944a3b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabFA69.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarFB75.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit