Overview

overview

10

Static

static

10

f6c0e59d2b...18.exe

windows7-x64

10

f6c0e59d2b...18.exe

windows10-2004-x64

10

"MT.dll

windows7-x64

3

"MT.dll

windows10-2004-x64

3

"MT.exe

windows7-x64

3

"MT.exe

windows10-2004-x64

3

"MT.dll

windows7-x64

3

"MT.dll

windows10-2004-x64

3

"MT.dll

windows7-x64

3

"MT.dll

windows10-2004-x64

3

"MT.chm

windows7-x64

1

"MT.chm

windows10-2004-x64

1

"MT.exe

windows7-x64

6

"MT.exe

windows10-2004-x64

6

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

AKV.exe

windows7-x64

3

AKV.exe

windows10-2004-x64

3

Uninstall.exe

windows7-x64

7

Uninstall.exe

windows10-2004-x64

7

qs.html

windows7-x64

3

qs.html

windows10-2004-x64

3

Analysis

  • max time kernel
    134s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    16-12-2024 01:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    qs.html

  • Size

    1KB

  • MD5

    1f8a533b1761fd59231b763303647650

  • SHA1

    8f4f75b6b7228257b501c6b3f990d27c55ee1b7f

  • SHA256

    1a962c7395d596113445b2b7fa0efd5bde4b64a413aa528daed9b7327aa2ae07

  • SHA512

    f04535920dba1a820b1253c61b347bde4d14307258b1ecf866b9f481045cef074307500bdb1c4bb5bfe4f9a22811ba79df42f38141df15d3ae332b445095ad1a

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\qs.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2792
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2792 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2660

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    427bda2e59a3bfa3b3ae26b30b889667

    SHA1

    1278479b764728788a325b6178fe88a072c37990

    SHA256

    a5f6831d329196a6f3e893a12c981956656e8ecf47198c95ebc9d9240d216ece

    SHA512

    360ca57767110910bf229c57e4ec3b578250012e54ba820528ad48d82e865c5027391df183596c9986e17a4ac4055b941bcefa7187c8bd9d561e8fe03a784485

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dd674adf9c659877c7bffa4d57deacf0

    SHA1

    45c0014da9c95784a42ddefd3f352425714b99a0

    SHA256

    be798bac4e4d3399edf1bed8e078bfe92c25ed08274dbcb1b04134b812e3163d

    SHA512

    79e07c87324859affc8bc0b926461a30384d9ad05fbfd380453369cc43f34856566673142750a39f122a938b869a7772cc36e9d4d0ac42ebf10a195f24296399

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4a20eafe37efdae4421bb928bd9fb27d

    SHA1

    89f9bd322545224069c2eea4d33ba2773f53b5d2

    SHA256

    7b6e32e5239789967f5ab90a942a8e1afaeb721a4267d4d3f7be9cdc2749141a

    SHA512

    aabc4f6fa15f97fa65dce2f461c2b3220a9fb28294387a44ea7c1ce0bec4c5c2a2b7bf947b83915e996b6e9f9c7a3c88cf8712d7190d15bd9827d92dc3707209

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c208b6ce833616d4d99b8635e513eb49

    SHA1

    d3db3381d2c39b3c986f58097f99442cdd57298c

    SHA256

    77594686e67aae0435cf17be9792abc379a0214772080a71d82b4bff83e9a306

    SHA512

    317b39c2688f7c15be5671aa614ae1baa267835fe572a99d5f3b5c40650708df3f6fdcc6019dec4fb9b8e085c3d93925722c79e722a03847a2c86e87b1ac7d6f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c9362dfeb746a1384a35604bb3c1b48b

    SHA1

    391d3e0f295c3342644a592226c0642920d4f792

    SHA256

    5ee75fb91ef4e1c8ea430f6caa106d6d385877e8334aea94b92a94528dca9cf8

    SHA512

    2bfa9b684e316ce29a43455d2f1e30619e65f5ac47cb98a2cfb979e2be5dfa390dcf4a67c478f714e591bb42e5683930693c2aac531303908d989ba9a226b3f2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    509f02608078595fddb3ba9dfaded6fb

    SHA1

    97578684216c30b685d02921a7121248cbfb6276

    SHA256

    0d0b3d8080912dedb9952c342805988d495bef397fb9c4c1300aeef8b7f20f0d

    SHA512

    3ae8eb4fabe83d9e541bda4360ba954a4cf22ae17f36fb7bf6cc1734b4622ec7818b68bbf64a21465678eb12f2a49ece256ec350ab5feb91f1e6b2e331f08dd7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0eced954676f83511f1ab4ba6bf46292

    SHA1

    6392286e8919ebe8c930032d9586e07254cc1f7d

    SHA256

    5a9911462b21ed607189e5d940ab0410f5065b9b5f468485a916892397505822

    SHA512

    5c701ab0e73943ce46ab92bc35668378455b34ab3cb8f2ac046be9b3cab4643aad6ee72154a6bb2f10a015187d2f342194e22130284e216099d9153d25105d72

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    af378533226312f2cff417389e179797

    SHA1

    85d9543f5432dd1c22961578131d92f73b2207a2

    SHA256

    8b44d5607807388be30809d8f677dfacb375f3946a064763ae3056f84ea2b400

    SHA512

    7694d85f3af4de07e041c0e28e01187992d563de5179f73000d1b57ecab7e4f5d73959c15b1ba1b435473534367e5de0f6abbe885a99cadc38dab020ac5586be

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    933794afcf78336e7c0262208539fe4f

    SHA1

    10949bc5504b6ad5656a9edf0e7599be0968846e

    SHA256

    3c3138eca19e2fcc79512625c6414a3bb5997170ae3d71d1776d8486c2cb63dc

    SHA512

    3135043055783eac7d70fb244e60efaf3f0dc4b035eac898aa5847186c2bd0d11b2dfbe946932b81f342e6bcb936bf351232169e8b9293101002ed137fc9180b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ec33ca5e026650dbb1b839e4018631f6

    SHA1

    a2878308544c38c3b570c192470919c9ed6d3f19

    SHA256

    84bb7e411e0f8761e1f6a2cda2bc464fbab303bb3de0a5d734b451f6bd646d56

    SHA512

    91f8de54b826da9dd73343bfb9e7d67f19f1785740008bcfd7be63430ff86696b41b55fe2250d0cd13939de82372403c6fe76880dc03da3e0829d859f8f7473a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fc0360c15cc92be1fa3edd89b7f16119

    SHA1

    b852d511f3b445c3b9ba6524d233a386a928ed4b

    SHA256

    dd3c15a576a982dbc6d9af0677d6fe559f24da9e996e8485ad95c9029776ebf6

    SHA512

    5a0f7f04f85ec6b06428a909294864a10c39b75035d6749a2a6e67f57f0ddcbddaec4813de9638a16ca91a75b63200f9455a127afd1f21e9a6ce25c2b5357d4d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8ff0d113c28e955c98d59efc2b88011b

    SHA1

    65669c5eec3186ce36e6aed9eedc8b7749488de7

    SHA256

    0aac06cf1c917c887a97b9c520e28faa2284aa825230c8b6f008f23183a58884

    SHA512

    d13ea96ed85c94272a38cfbb5e6b6c8f76bf41b4d52a5e6c72b9f1eba89f321e1547adc78f55bcdb4f5acb8849754e1fc4d8bd9f7ad9c5a11c28615dd6bda1ab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cd2248449fc67d7cc75f0a4001507011

    SHA1

    5081f2e866fae9f23649bbf4ea6ff27b105bb199

    SHA256

    a7b656641c4935ae8ef0602d369dd17f3a5a4100db43ea828eb5534441068fcd

    SHA512

    d309d907eb74da0f0c61134f20a2a30efcc55755b538ed7c10a628af76305e6a2884e5a91c5b90c9fa1f22ac6e0edde13f986dea2e9b9e345f94aaef72f50d2a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6ba581d95aad619333ecd386ef08da46

    SHA1

    f47ccf695885ba1642cc218b4c296c72fe2992dd

    SHA256

    09767f9eab091711d46f1bd480f2c2eef1b5a477ac9bb4b1376400b2e8f6db93

    SHA512

    b76babc243c79acf6a5004af0896ae7c2a2551339ae25236a12b62d85780951e5cad00251130916e86991f6c50850ef58f16cfe509e0222171516546c5f12dda

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4ac22f2023a74341d669c4b54fe2db20

    SHA1

    83fbaec616b7d2b64fda16aa86ff6a017a672959

    SHA256

    21707d2a8b75d5bf9dc226e7334e7596bba8639d9d3c244da3fbc080cfa1dfca

    SHA512

    6db03de451f59bca39ccd047d900d4e9cee8a2b28d36dcd19181b9c94c5e9803fed699e843a3ce80191abb4675fd733c4d9ed6f58fd0365c85d55bfcd36244ce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    96a632fae119e70b0e3c34a975b1d1f9

    SHA1

    8d37730714da449c92646ea1f3e33ba2e24fb725

    SHA256

    a6390955dcace249842c5495eda08179ad36cbb19e1193d65ee1728c29ce72d3

    SHA512

    8f0f87c69679736d732efd265857ae5b3a5045821f5ad41c1a1b5ac4cf5441d3192d2eaefa4ea59c1f30c85a4725df1071ef16dc58cb8922b75784038fa01946

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4236512fa1f81827c12835a11206d0c6

    SHA1

    6df3a97d2780e601cef10f4e55a6dd005d941e9f

    SHA256

    ea6fec4d5593050c124413d10548c8c119c77c296bc4e96a63010e9bd7d007e3

    SHA512

    0dcefbb57ac17548fd2a32ed57b035c2216e6aabe03445f37b28663186bc6e4e9690e9bfa1934a686c45ed21fbeb26b33caf7206bcbc0a1bd4fa080e2ef9303f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f638d65d3ebd3393d2e504d7dfdea78f

    SHA1

    e61a9a075b81d8415da1c2ce4f2fe11470001f18

    SHA256

    64c2f8834df623edd73e3ca20169f0802d4d4283860b7a442f6734bac3e329e2

    SHA512

    688513cd1570cf7ce714898eddb16e2e4781fd48a6306cc78eb96fd26ec8bfb51f7de5969c6001b34c082b331870d8e91d65efca44bd20485558c58cd987c9fd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    67580d7e6fec3bfda863a9f50b23e936

    SHA1

    5c90c7e235eb331309d681786105dd6545b3bc81

    SHA256

    ac98b37dddcd06ee6474aaccc36fc4a64475b0bf3cff96685757f52894a5120d

    SHA512

    68c2304f68d7614c8ce556699da38a5b3f5bffc047d5e4c41ddacf77e06d7b948332bead486a72fab5148f32f524f423a4d57a532509369fbb8258927659c8c5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabFFB5.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar64.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit