Overview

overview

10

Static

static

3

(Subcontra...I.docx

windows7-x64

4

(Subcontra...I.docx

windows10-2004-x64

1

RFQ_SPC-NF...v0.exe

windows7-x64

7

RFQ_SPC-NF...v0.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

GDesktopEn...0.html

windows7-x64

3

GDesktopEn...0.html

windows10-2004-x64

3

Honer/Ocul...et.exe

windows7-x64

1

Honer/Ocul...et.exe

windows10-2004-x64

1

Honer/Ocul...MC.dll

windows7-x64

3

Honer/Ocul...MC.dll

windows10-2004-x64

3

RFQ_packag...v0.exe

windows7-x64

10

RFQ_packag...v0.exe

windows10-2004-x64

10

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Delsystems...MC.dll

windows7-x64

3

Delsystems...MC.dll

windows10-2004-x64

3

GDesktopEn...0.html

windows7-x64

3

GDesktopEn...0.html

windows10-2004-x64

3

dotnet.exe

windows7-x64

1

dotnet.exe

windows10-2004-x64

1

RFQ_packag...v0.exe

windows7-x64

7

RFQ_packag...v0.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Drmnds/Dal...et.exe

windows7-x64

1

Drmnds/Dal...et.exe

windows10-2004-x64

1

Greatheart...0.html

windows7-x64

3

Greatheart...0.html

windows10-2004-x64

3

Multihandi...MC.dll

windows7-x64

3

Multihandi...MC.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    21-12-2024 18:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    GDesktopEnums-3.0.html

  • Size

    1KB

  • MD5

    5343c1a8b203c162a3bf3870d9f50fd4

  • SHA1

    04b5b886c20d88b57eea6d8ff882624a4ac1e51d

  • SHA256

    dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

  • SHA512

    e0f50acb6061744e825a4051765cebf23e8c489b55b190739409d8a79bb08dac8f919247a4e5f65a015ea9c57d326bbef7ea045163915129e01f316c4958d949

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\GDesktopEnums-3.0.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2520
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2520 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1736

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    904f430466846dc3f8e213b8ead9ffb8

    SHA1

    bf0c9319175a9907aab6b8dc5bf3ecd413c1ea85

    SHA256

    234188ded18987ac109db6fe88fff18a956bd5bce60fbb00653a92de4c4210ce

    SHA512

    4ab1b46d51234dd0ea3c991b4c009fdc3dccc668e9469b3ed71fbbf157fc5fc5019e091c970b6bb955e61c3d1d97cfb434537d986879096b2b6e75fa817e54c2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4e00ce1fe6de5b60898a29617555da16

    SHA1

    6293c3d5d3cd1c426c14864866a01cefd5a7beec

    SHA256

    62eefced4564f6e5b83425fc34cf2f36fb745a820effe8526738f23e91602d3b

    SHA512

    a09ba1c46dccd4df7d8abe7a66321871f1cf9d47188ba4a66ec38d4f6bd470e209f7ee167385dba8f67fa4fa9a75be0d6a9540417213ed28fea5b062bf2a9a2a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    de05c5dbdf0fd99fba20e9f9450c92d7

    SHA1

    a5c25b75af84f84fe051a233637788ad86826802

    SHA256

    6a97953464ef3bf9934d48646fdef5ffe4c4a091e7fc1053a554c5e397a3f337

    SHA512

    70ab6c2a35b98e06c5a6f4a794d68fdaa3e3dd1b2597e5554990286076ab0edf12937c9f17492457fc51cff465087fdf26deecf0c0749ad79b37db28927a8827

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    702c9a87d013fb45129c881d3ba985d9

    SHA1

    ccd87ae73b6120051f09887983395886597b0a76

    SHA256

    3dd02dac9148b0193cedf77d25ba1e001ba4510adbdd483a5670f74d24727a94

    SHA512

    8bd8a2c4a370605c4f0b480a17f5b8cc7857bd8188568b5ae32a125abfe3a4f05ecc5f01dc4a0b8c820b27b1cd21fe96d15eb0a828c52f18144e5894210aefbf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7dcf0392e4a57711ffe4c5b9714d9b4a

    SHA1

    41d12776b3d2b23dd90a3fc8e84829500abe71c3

    SHA256

    ced82330b09c84b78a4eb5a35ee5f2108ecc2cc3d9e59b2b8dfd996fbac017d0

    SHA512

    c12ffd001c4ed5929e5aeaa7f6b34bb2d0fe1b1f624edc26cabcf5d479fb079e8084117c00b6758b623bd0fbf9d0b3d3bff606d0a962213a7e4ea07ec31615c0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bfc1466bdf4455440a8aa845d491964a

    SHA1

    724e744d64966288402493150bb29a10f3b86a2e

    SHA256

    9cbd2fda6d863a8626fdbaef69f4360233c1a62d7180dfe60692d0ebcb4ffd90

    SHA512

    693f99e29042ed9e2871ed9f431615b9ea8b0e8d87b9cff1ee7c696dbf5bd71b692c6e3fdcc93278bf8d198ebe954a19912b750170b4da2473c1c5a4398e4d79

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0864459c7cbbbec68f4c4c66409d239a

    SHA1

    2655dc6709e5a3f27a8c8abd10ae0c29d3d99629

    SHA256

    685b1d0bb81aafae3eaacc892c918c5939f9b858ed85005aea18ee347379b8e9

    SHA512

    275f76c2f5bf08ad1b744f385b12223b9b90ba906a3cf4a7777cbbc41b9cbb003f8b2f6081fa5b80a7f721129a894a1a739f80aeabe02bd3fc473191bc980a42

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    50abe67562eb4f7f5b0d722b6ae78428

    SHA1

    0ab48ad504b032ad7b197b18745ad18711a58b3e

    SHA256

    87f736c843c30a7d003d588e48f3b820ffc5f57a9d2b60c1760c4a1a45844474

    SHA512

    4457956e7592b0f3463de24d26ceb9e9289ba5f71dee437b3052e45499dbd1dee34cedd65d9a684f8c1a41bb044f3a56631f04f4ca723cf2fc2eb0e60be917e4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a3544dd693d3d808b9e3cf849d474cf5

    SHA1

    204e0cf09a7308f4196c51d226a99af37d1f949e

    SHA256

    80b02bc7a38e65291eb5adf9ae290fa4db26ec111190fd8223e866f8b68e7987

    SHA512

    f34d6b1a74448aeeddbafeb4ceafe3f104e3aaab258ee58d8738f838df49a8f1c55d77c223101aacc72c3feae4b0129ce3bc7b8168880e67862f5ed0af74cb38

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    405e0897f39f5fa45c15e49cd353172a

    SHA1

    64ed8e8afecd0b67dd5b80c93ff18df1de54cc89

    SHA256

    d3c33f7942e1f6b50a49db8b34f61a00ca3366562664abcb415e8480aee423c5

    SHA512

    4e99ceb0215506dbf92aa26f546aac2d5279423fd6cd6866e5bcc679469d0df7a5d426f1b3abaa7f43ee30632727b20bb8897a597c887db68af5b956e42656e7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d0c0dc80ff5f5d5af19d23476fa48a94

    SHA1

    4b3deb0b3413bc57aac91f9244c89226e901e615

    SHA256

    41cbb2bfe648334113317e30d2df3c629bde6381c3057e1d6d394ca16c470226

    SHA512

    26e00373924a363b47569000dba1c9b34a7c9f1186fb474179742292482f3c402c973e4deefe9689092253b05a3e736032bdf3ffa121e2cb81e085813a3456d4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9eafc77b42f9fccecdf85e93283e9399

    SHA1

    5b43f79f6efa8d95cf6955c6fb0acef8a73e7d9f

    SHA256

    ecd76092780af1951f64ca6617b8649862ee59718c04f4a1f06fb968e3e66481

    SHA512

    9ef8758a4114b0d5ccc5bf82bf2f9028347a4df13f7cec2e06b3f7cd7b56d986d3ca80d9f4362e63dc1979bb5d388e1817138efae6d3d59d0a88a71361a8a1ab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b823737993d7a2d59132c6b730b22c87

    SHA1

    84a5f54080763bd48ae55b6f1993c710907e5abb

    SHA256

    ec5574262377541b896d1b27159fb323e472d654ccfcb5196893eec98845a322

    SHA512

    2e911083247ca727ca06b03617321431a07862556adcdf70e7ad158f79d8d279e7465be1c571b5a0a8ae3ac4e312b352aa8cbea21d3d69c5965ea97c1243cdad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    da1ae91babeef4b653e779b0b0e65528

    SHA1

    136905a45f50eea468b614ad31e948f1ea8bdebd

    SHA256

    18b041b5f9877c4fd9f288ea4545cc7f3dc14327fa2f8d70c6c9cebb72f31be6

    SHA512

    e80c9a6263711541672cba5ad146bf465f9c6eb133b1aeba60beba433b4f5940db3590a2ce42d8bf353df107a5bf15ab0f04d9f00210db7e34c63aa7db201932

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c5882dcb263f4eb748effc9b26c65797

    SHA1

    3cacce9e594c6be82a7381009dce060fa6e5c401

    SHA256

    c80f695539a944f0d41eeb0efb96abe28fd5f2ea4e1ef89ff7d2973c9cc97248

    SHA512

    fcd4e78f80c8b655b1634895c8224bac78fe7c1927b67b6d40c0ae4ebfbde3759463a2d00dedaf489094cc0d01b46d3105bc9521d300c2f439f8a41240825168

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    13a181b921b66be1f0b23b509cd6fb09

    SHA1

    083a7c6d783e9858e8919852df6713c3b2d592cc

    SHA256

    665aae9526cd71f43b6ead32d91610e10d369a9b16f8d2eda2b647118d6ffd4f

    SHA512

    2e6702d06af8cd5e16888d20d7fddf266e547ca144bf82308c8975dcf37fd3b13d4daf8c61d4ed783aec5240e369ffe48a02201a029617b4f4479700de62962a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dd4d931fb287b679b0d466d983a9255a

    SHA1

    c8f6f9ed4e242b8f700470b90ed0389b6c52c5c8

    SHA256

    7957367852b59ffefe265170fea1a3c7471e97ecb174b8b4b5e75bbeb478348f

    SHA512

    48aad38d1d07df4f03b59f9c3d4ef855ef8d2017838783e03d99a158aeab46e98a46cf025777282cab7e4662be6dc02a02216cd91da8d6b0653657f77bc1896d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a9fa9926137cdde10bf2f097e620662e

    SHA1

    2d0e8469f1a3b268e32bafb8bfeab9b7a0df3a4a

    SHA256

    71bb6b8c345c42e17a57a438fde63948c0529a60b253cd9af3ca780a3e2f2f0d

    SHA512

    9cf6fb7e9c7659a8ce3105638020f11c99fe3752079becc37c3b6863ee421784fef25b06b8759480c0fa7395b77ab97887455457458a910e5a5bb2507d6ea6af

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d3f53dfd649028fbf034934ccd3daf64

    SHA1

    e15a1e78f9dff9eff1827537c0eefe420dffc899

    SHA256

    2daa074254f93fad21f731ca8cdd815fbd77a14254021d7b16fb415015e2cd59

    SHA512

    6f7cab0c5999b63723c7ab8de754dc9964509051a212c7135385527299a011c9e85838532084d2a804b874fd47ea285bde302ad799e9ea8222e958f0fc8a1e35

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA67F.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA6EF.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit