Overview

overview

10

Static

static

10

artwork/bg...pha.py

windows7-x64

3

artwork/bg...pha.py

windows10-2004-x64

3

docs/relea...ge.vbs

windows7-x64

1

docs/relea...ge.vbs

windows10-2004-x64

1

docs/relea...ort.js

windows7-x64

3

docs/relea...ort.js

windows10-2004-x64

3

docs/relea...st.vbs

windows7-x64

1

docs/relea...st.vbs

windows10-2004-x64

1

docs/relea...ame.js

windows7-x64

3

docs/relea...ame.js

windows10-2004-x64

3

docs/relea...pts.js

windows7-x64

3

docs/relea...pts.js

windows10-2004-x64

3

docs/relea...ons.js

windows7-x64

3

docs/relea...ons.js

windows10-2004-x64

3

docs/relea...mon.js

windows7-x64

3

docs/relea...mon.js

windows10-2004-x64

3

docs/relea...3d.vbs

windows7-x64

1

docs/relea...3d.vbs

windows10-2004-x64

1

docs/relea...ow.vbs

windows7-x64

1

docs/relea...ow.vbs

windows10-2004-x64

1

docs/relea...gs.htm

windows7-x64

3

docs/relea...gs.htm

windows10-2004-x64

3

docs/relea...es.vbs

windows7-x64

1

docs/relea...es.vbs

windows10-2004-x64

1

docs/sourc...hub.py

windows7-x64

3

docs/sourc...hub.py

windows10-2004-x64

3

docs/sourc...s.html

windows7-x64

3

docs/sourc...s.html

windows10-2004-x64

3

docs/source/conf.py

windows7-x64

3

docs/source/conf.py

windows10-2004-x64

3

plugins/boot.js

windows7-x64

3

plugins/boot.js

windows10-2004-x64

3

Analysis

  • max time kernel
    143s
  • max time network
    163s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    13/12/2024, 11:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    docs/release/src/osd/winui/help/docs/Command Line Settings.htm

  • Size

    57KB

  • MD5

    2e61a0b1f50d4e5e8b021bf563ff0633

  • SHA1

    8591074329922b57ca50a9a0d92bcfbc417fa512

  • SHA256

    f4fdb814bb1e4b9c9b27d23e46029617a07ef46b7f07eb08a6ced7cb2230084a

  • SHA512

    0545898def25b762de323cd822b9958848d66e9828e87f6788b1550f0870385a1e6dc48c18bc235b881c334a327d20f3881552d7e17fa7c6cc7b4ae5cfa22531

  • SSDEEP

    768:3B8/pU+TppNmmUi02ODejI7GaRaLJ0J1IJb:S/y+TXCxss7GaRaLJLJb

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\docs\release\src\osd\winui\help\docs\Command Line Settings.htm"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3044
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3044 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2760

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d13feaedf2d539eb6891f087ac73a501

    SHA1

    b31d9c710a17201070ee0f10291e4d5ee632714e

    SHA256

    0dd5c170c6640c19d01cc35292b5733503551cf4bee17ec2c61d8911fed447db

    SHA512

    f1cf99d92bc43b49cf790c688581570ccc4323dc251ef81d32cfe955f5e0e3dcb3c81413c6eaf180bc1f08a1478090e85b2cdc6e395d88c413734a69884b4f22

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b463219fb36491eb6c078e34f75ac3ed

    SHA1

    b720cb28083882c026aca3f5209e687d465633a7

    SHA256

    20ca2a8253f612578c9db08e56820523db22b851d6b15dae384e5920d4224a3e

    SHA512

    e4a416e6534b3d10bb0b9bbe9e07aed8f1f9c31e131e5d2805d8e97dae4edb71388fb0509a7c4550c2a3a9b6c908ef5a293aba9e93667fac2168569be436b78e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d35e859865aee14fcc138457071e78de

    SHA1

    e2abf79dfc7c2722c84facfd3ead6db0cc357a3e

    SHA256

    744f20126f64004c6ca1af4883f4a5f3b618b6faf56d023f7928ca76bcab7ec8

    SHA512

    52c53a074d0fadcba08e9bfb9bf8a9a10c90437c17fd4c6bf4cf059749cf20118ad498fed8af27d6c08ffce844a726b725c8c85328d45704f735a814ef8cfe5b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5b473602068adffdbfcb5f6dc851b106

    SHA1

    2c3db37e5dedef2cf9b97e951af6b1cf00b8afaa

    SHA256

    bc5176a94b53c54a8d9da40acb6708685160cd144a3ed1d83151ffe321559530

    SHA512

    e99299a496cbd35b5f7a94d18767e6193102b09479112cdc30f3fbd08be425639c35155b37831b580b55898ec9253d498c90129802c21028859d9a597143a42b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e307a4758a4e24fbd6407373523ac003

    SHA1

    3dc797ae3348cdcd86bdf917ab27f0956456ff08

    SHA256

    5598b4432ce3e433d2883f6bb68dacf0d2867b4197e91f8b56c02f644c63c1ad

    SHA512

    c63671e4858fecde8ea48a7129589e1ce7b7cb75a0730e373f195e0ef80882edb44726af670d25723a97fb88e37c1b12ff8545f1486f64f9b7041e8f0df4e2ca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6c79f39cae362d36cd93d0c059452e82

    SHA1

    36d5d53e004c6a965828688dccbc6d581a02c6bf

    SHA256

    3d01ada1247e2d9d90be230dd8fe420aba3f996ba6033c27895ce7c5913177b3

    SHA512

    d01e1e14ca2f61faa630da3ba550996c1e08d505349a94075b0d57cc5917545a1382845e49d80024c24239a611d15a1fc4236d16baf9f102efcbc5921a6d88e0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    52eeeacedeb77a9692c13d404f96e295

    SHA1

    8dcbc53d369f93a6a32ec474acbeb04e33dc5b39

    SHA256

    20488e71b1cbd5d114a554ca2aaf520f5175ac91b2e1597da49350fb24afc280

    SHA512

    1e86d2525188f4ef13e41ec6e774ea0f51821290a6d78a51991dbc13807063621c2f652a69cf31e50e890d791884baf729476791cd7d6aa16785d9459862ede0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a5677375f5e3aff1915bc4253f8f27dc

    SHA1

    c4fc47b0f62f75311530d6525c7d00dc52d21b28

    SHA256

    c171a2aa3ced5d7e3e7c7888f355ff180c3bee71ec4dc96e9f1a833e24728f67

    SHA512

    d188bba6ace971a4642b1110f4321689234231f7ff5250ddb7f4fef2fdba9abe8722841657aa25fe0dcd1e1d70546e5717b0e61cbc2ef4b68d3b9dbb7a3ebcdc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ac9b40c185a1ce474a94988506fb0cf2

    SHA1

    226d52baf91127a738a6ce86faa710b4d297b406

    SHA256

    f6cff4c2be9080a7f73238c6f4dbf813978566859d5c17b8576e94808920152f

    SHA512

    e38d02f5a0220fcef9936aaf300a2374f8a0848e1bcda0db12d5a4e70bedd2a7419e6638e8fabffb72c032f637d51f7f00e580ddf197c5e10a82bcbb95c17ccd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d09efc3abd0e101b753b8e7b72b629d5

    SHA1

    0eff32b57f96c11e18e6a439d23863301ba52078

    SHA256

    c9cfd5d37acda9097b39034cc57d4295ec26acf16f29847a54ea14d60db401d7

    SHA512

    83735eaf09989ad45e86b3d990cbc20b9eb1ff6470b83ce59b6ec8880ca8061d7d49c27b735a757f2f58a099a7e7e5d008da5c4fb4452034e550b3e527c9f02e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8b79e379c20b8137e4a1a942b558a36a

    SHA1

    d3f28fcef8ad6ee1f9745948b2c2daefddb552f9

    SHA256

    aa88042cac07158bcdf7cae6713db6273f53648ed70bbbdfd89898ecab6428f6

    SHA512

    85504a7945d5c24aec316bd19b5a43cdaab3ca38013c124dbc0d30556f908f03bda5c53c7c22bcae4e3a005cccc1b87a6ba7fcd435aa733676bbff4da7dab31b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bfc6a8eee3dd723d6a5f1f49e7e5323f

    SHA1

    f9be25565ee10b13943270adc0dc0d6706f80786

    SHA256

    0a3dbd87f1bf4091b5f70f361d7d124679b3a01ea8e21cabd03c027accf446d2

    SHA512

    b19f32041935f9bf7c8c2b6b6f957034a978b4b393e24e2034f91e81131382fb9f56b407bf8164296e925e6dc347e75497ada0fa55378dc15a6867b5f185d165

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    897d2d73c3a54671fe65f017f0aef1a9

    SHA1

    412c0461fb074fbeb4135437b518275aa12a2c5e

    SHA256

    068bfa2b275b85fbb831928661fde149653b6d1e29c1bbff5c6f6d6414e0402a

    SHA512

    57ec09827bae6365d2a2bc0a9638e79ca4ed0ee19869b1d00fd7a88049c107687913f5a877f032f0757666ad03505d406b9399b691f38b3ab7ace008eb44aa72

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b5844b4fda594d88ca3033b5c2149ff4

    SHA1

    9195cc3f82b4314ca2fef89b69b8ede1836f5f8c

    SHA256

    98bd8e637954853438e553d672db8870e6c6d7d7c2485f36188195eb9a2bd36c

    SHA512

    5cfeac92ed0d83e8de735fdfbab03bd4f2bd4fde1fdf5074564ce043c9ddf65776b5b5f53a71807574a2cd03a9db57d7f78b0a6671ee3fc49401890bd1ecf6c9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    62ea505c6bfd9915b4fc051cd365f3ac

    SHA1

    fefa3e1ecc356b39dc0e7fde5f39e4df8de92ab5

    SHA256

    e1b893663ee28b02b2f4ae091452f74123784c6cc3cfebb745dfdfc3e63cff97

    SHA512

    5599f1f300d45140efb6864bfa25417a26cc62334d0978efb804bca4d5fdaa633080269cd821e0c3c55760be2cef676f339c5f5dd4acc54f123b8403a7fbb505

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    955d07530b4c13c692b291bca506bc0f

    SHA1

    bbbe04e83b97bbd5d1aebb5e6e369c1d5a567860

    SHA256

    edd93690711788d1dd1cb02ad0f9f375507f0c529c7420161490af254c12f235

    SHA512

    f1e06bded601c963591cda873bc223be66e0280b845a2c108c66b2c31a76f951f1192f78d525cb2d9ee9f8ed94ad67767b545c81c9fd9d4855e1181ec7aa751f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    da17132d9f28c85816030f90f26f172d

    SHA1

    174062f69bc288d22de48ded015759b706b8a417

    SHA256

    dd076b82417f26727cfce1ea8bb370ec8a22c44350767b3f2fba389e6338212e

    SHA512

    9e89e63f616b5d5e29c896dcba7429c64b47aad5c2942c62b2b6f7ac557ebfdd28cadcdf490107c231491e11272d2246358d3836e9500ba68f181cc92c06bf66

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    072570fe455b897050d16c400d2fb2ad

    SHA1

    0fb924f1b062e3b6a10ad2cf6c672ea9415675a6

    SHA256

    7ec31f9930901e1302a0d7f62ac3d3612c925bb12fc2ea53cdef7148f4e2b046

    SHA512

    810906fbe62374029ff144124dacf63ab03338df7e3bc89dea3477c12bb256b4a03a0726abadd7fecef287f110e37bc784d471465b1a31eeee1b3c18dd73f386

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e7eaa829cf3acfbf48e01a5fc9a3c9d6

    SHA1

    75585f0a4154018b51f80ffcb09d3851ce04f464

    SHA256

    83e3a84f3c5eee5015a96f801d6d5962f4413852088e78606d9a72d6ccae3a5f

    SHA512

    233423e5279f35936cc512b1235d03aea949e2f60a554c3ff7b4b1598eb153e48cb7d6bedffeec33dac5694a47ad18beb0d8e54f72d3281a1ae2f3a17611d9eb

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5D02.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5DB0.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit