Overview

overview

10

Static

static

3

da57012639...18.exe

windows7-x64

7

da57012639...18.exe

windows10-2004-x64

7

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Flash.dll

windows7-x64

3

Flash.dll

windows10-2004-x64

3

GLWorker.exe

windows7-x64

10

GLWorker.exe

windows10-2004-x64

10

Heavy Weap...xe.exe

windows7-x64

10

Heavy Weap...xe.exe

windows10-2004-x64

10

Uninstall.exe

windows7-x64

7

Uninstall.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

bass.dll

windows7-x64

3

bass.dll

windows10-2004-x64

3

readme.html

windows7-x64

3

readme.html

windows10-2004-x64

3

Analysis

  • max time kernel
    136s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    09-12-2024 15:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    readme.html

  • Size

    11KB

  • MD5

    6f6a356cb7b6abdae9bbac125716814a

  • SHA1

    2b4f2b424cbc7b80658150d38497a2020f905712

  • SHA256

    e36783e0574502b90e7804dc54306fc2f839f60a1b6339007469b9b94d1eed95

  • SHA512

    ca169e7410a80a9468b34879d37e4250636428db17d9ab9e5178a508981c95015bdf5a5fd24631f045f7caf49be4053e4c4c0873cd6bac41fa07e27a04e2c03c

  • SSDEEP

    192:Ks1NOUYzy9/nLqwFDLaNmqcJgNQ9yG68jFJvEGK0cumDonNe0WyovXOrs1rsvwoT:j8+9PuWK8ykEGKEmDoNQyPrs1rsxZyBO

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\readme.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2108
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2108 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2512

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    95ba0eaf5750c53653d2c327d3f19cd6

    SHA1

    86dc38e003616c42ba9d9af3c366eb6615b9b027

    SHA256

    26dd90a2ee7daf28f53e587c559aa06f64c8b4faeda2c6fc3fb7b487176bdd11

    SHA512

    8e5584cd45a5ae9c46275ff4ce8c2c03eef9e47d701322f74d4f9b8fe97a0131241aa380d8dc83562613fc4eed31d03b8a45de6504ad40df2979852e0501ffaa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f395099f55eb55e96ced1e766be6c853

    SHA1

    edfde10d3bb40f663ab43535110acbca7cf4751b

    SHA256

    4d35381adae97639fb0fc34d0bde5ae73d6b2dc8f6daf49d0008843720b3dced

    SHA512

    c7bdb3796eee125d54b37261c0489d227b7827279e97e0a1dc5fe534d281b314330307629f556fb8285f0176fa27db11a2c1aaa8f803d3335132dfacbb991f45

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4c67fd98b6d1ec47899ed2e251af7c92

    SHA1

    c6bcbd7df2d030610a6848c98d56b5a7fc242954

    SHA256

    83952b93f2fbc94a4cd867918966e8bb726553c29f69c9b7a3f10667f788ce57

    SHA512

    e897cd55ea4faded67e79f65d3e6c2c6bbd02794889321f66d79123f1e57f594c6d1ff358dbd2841024b3bb940c38eb8b27537913162b76612b4441d501508e8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e767726477a5b3e12bb2f4bd9405835d

    SHA1

    502eccf4f2034c26c4cd3f321f627ff13c16e838

    SHA256

    bc0521feed0e595bb89a1859b01eb5ac116ed243939ab056815894edcd4d20de

    SHA512

    2d7ef644142973a3086118e68fd1cb1575872c3d62d8b3be4e691ac83accda5ac483501d99626a08974d301983e9127f6cb8e9d06b5f278ee23403f835aa47a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8d13e8514fcdbf0aeb911fef6f40e3a8

    SHA1

    b082c8185ba5aa8072edb7906916534d25e405d3

    SHA256

    5c4906f145d51816398e88de2a8094cebfb8800ab9aa57171b3e5d4e03a0dd1f

    SHA512

    9a558118d1fbec9d2ee595a74578d385ef4b2aff958035ca7aa8e393f62adb9c4a6d1826004ad608a5a1e8e6e4c3b8793d649692365cd902fe89881aafe430fd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b1d4d2fc150a519b80cda6d8e3f8cfd0

    SHA1

    f8ca9b38a5b46d9f6bdd440af566e70a50fc9a69

    SHA256

    1a844f790cc0d966a6ff36d9a958c698d48baaab673fcd437099ace8daa23b26

    SHA512

    a3cfd0d0f80516e85cc4fd73b7e2a6c4ea3142e77160c7aeb923f261a97a070cdb8d1770eda49df6bc5991819b492d89fa9ed7fdd4556a1a3b34305f8e29becb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0a2486f8a5e8dc2eea757110edea0788

    SHA1

    10bf887d22fe2b46b3d98ef6a2853f3a14357ccc

    SHA256

    40148e5a8bdf87710b9942cabe461d0054b778c62304149686d33ce76476bf5f

    SHA512

    d5f7fefe56c4ea46a3146d8ca9c04e57e66de880aedb756840951c86c9c7be51c8f362e702439b4a0bf7361e2d54a9813e045407da27346340532d32f4098575

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9f95335e993afffca7215c15a0995377

    SHA1

    c74dc0785b15493de5716934375614834880d501

    SHA256

    723b868e4595c9c87e4533d6305a58b3fda80ae5033d41a67d0f53e93fe6d6b2

    SHA512

    d28c58863acb9fed44ae4bd9de06684fdfe705952fca8f34ce877373193859c00823e6836f37b33413311243d0797b11f119cdd4b2594b76a01fd52e9e1c3ede

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3c4f6aed909dcc35d1f968487b443060

    SHA1

    56031e98d132b21c9a21e0f0ce8f75fc838676c0

    SHA256

    9ae92deed3b7b43d2dcc8ad06ac1a441b23f4d7c32d133fe796aab88deb9a900

    SHA512

    2c7e9a78abbbdd043406d5d15ae3e94639414bcae0a0fda8f1e38ef66e949222b0e88795990f52f7c971dcf32cd1dc816e153ad7e9ab49d122dab2d41e699a41

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    28339c2d8ee8c3dd7fec3b5525056304

    SHA1

    6ac45d78265bf8ed2b64e3cad49977c7c96712d0

    SHA256

    6596b1b2bd2f6b142623539d083c54e51dd0e8c20ff8c2d0e6e768ab12cbc19c

    SHA512

    d89bd7299a96b2e673b9a85bd8d050eda559e83b614ca89033aaea96fc8b6ddf6d7fe74318e958649aad501e93bd02fe16579651196775f1df7c8e749340780e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ea274d5815b8412998f73a52b4cf2d0c

    SHA1

    9d34d22a3ba908bec63d62261b056da4eb831757

    SHA256

    108cadba184b39a89c02d63d450ff9e2336913d7fde7194dc286dc4143edc0a3

    SHA512

    36de2caa63f28c83a9099e893f153034ba75fe4bd0897e0e8180ec41cd18da379ba474619e9c28b4a6c8941dadb860edceff0d5ff7a8ead2dac0e55d6798166c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a70ebbb1b35e5572af7cd33fb0e02092

    SHA1

    7e2aa43b0645fb58521ebba95d3ff843fee30f14

    SHA256

    3757be72ce30db6e0bf6e3f8b9dac9d4826d49defc8888bc6fdc2bd0e04156f8

    SHA512

    36474ffa432d88f4444b43a873604987f3d94fcde947e1835b490f70966349e2212a2dec3acfea1f6d65db36a323e45f5eb9e78fa1266f977ddb819bfb6235a2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cc56aac632d2256b4e4d7b135a9cbf02

    SHA1

    adf2bafb6e4ceb89f299704d5c77f15f27959c3b

    SHA256

    b1cc79c4480adf6f4eae7ce95967cd7703324f78efbcbd21c2370f43ff59b202

    SHA512

    b0c69fcedff93c97ec7c1527d3cf3cef15c9df238294fa4dab1eab736ffae6526fc5f112f51e7d3c047ee0bc5269221532c5773fcbf6efe51cba1670676791f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7b8c5538720d0957a6a56997b37663d1

    SHA1

    59ea4a3442e3cc8366ba7b94c33eaa671fbee476

    SHA256

    06b590c9c73fddc833ffcba59d0c4d0d15af7a677e3c311534001237bfc2dfea

    SHA512

    f516f96bff67840a6dbe2a3e62fea90fd4071fd3a017554cf9464c266c701ad5477b781847fd053b52d4b28effd06b4bf77a590fd491b198befc22255a08b7d1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2596b7a240b39019609496fb47515558

    SHA1

    5093304c891d07d9625023775fbbd77dd57e2194

    SHA256

    464e6997ae0b6bbce84222857b42f811b5bb79c399df70730f5579f69aa6528e

    SHA512

    fff6cb9697731ca6b4554d2e2ea4540185c3b90e9eeacc07cdf160bd42d9dc6d486e8498e43e82b1fce117f6ce52837c062cdfecb8506bf6b54214ee0870e459

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    254f1cd0813e2e7246d4bc05ff545c0b

    SHA1

    fc03d80dbbc3b09e82648c762b763a2344bf6bdc

    SHA256

    7b98af2d41ee19928c1d8c2159b859fdb54f4fa752463e95d4c8a4fd19c92e8d

    SHA512

    8c08c0849d7e8c911b167af38ebbdb9e887ece41e0e19041da9d346ea60314b656a9f344feb993c3fd21b465efd88fab95951b03470292da050500e32bb15f08

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6057504a2edfb9f9705a581005308575

    SHA1

    1c86c667427b244a03346898d1a2adb8782f9b2e

    SHA256

    c0cfc3c3ce400be4ef254348018f5a50fb98733da480df1bf223de21858f071c

    SHA512

    6fd3c858127774f56b3dd84afefbd8ade4412804c2cb807fb0e0e00739a86ba2f515048e72d8b059e282b4c559d66e93bd1bf479c97df1d8209775ea3ff2c8d3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2a835aeca9deb5837571c1d593cd2dbf

    SHA1

    73b7d14931b48116a7be12395422dd531887e95d

    SHA256

    49e685348908a8da6d9c88de3a9c53be4242b782cdb29607f3666d025f918a90

    SHA512

    752b2002e91eb44bef5332a7c76445e429a22c576da17417361af7c7262a95612aefd6a65cdd6424ded11b0d63d7f039b44b5449d1c8b21f18f8d355ccd268ed

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabCA16.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarCAC4.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit