Overview

overview

10

Static

static

3

(Subcontra...I.docx

windows7-x64

4

(Subcontra...I.docx

windows10-2004-x64

1

RFQ_SPC-NF...v0.exe

windows7-x64

7

RFQ_SPC-NF...v0.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

GDesktopEn...0.html

windows7-x64

3

GDesktopEn...0.html

windows10-2004-x64

3

Honer/Ocul...et.exe

windows7-x64

1

Honer/Ocul...et.exe

windows10-2004-x64

1

Honer/Ocul...MC.dll

windows7-x64

3

Honer/Ocul...MC.dll

windows10-2004-x64

3

RFQ_packag...v0.exe

windows7-x64

10

RFQ_packag...v0.exe

windows10-2004-x64

10

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Delsystems...MC.dll

windows7-x64

3

Delsystems...MC.dll

windows10-2004-x64

3

GDesktopEn...0.html

windows7-x64

3

GDesktopEn...0.html

windows10-2004-x64

3

dotnet.exe

windows7-x64

1

dotnet.exe

windows10-2004-x64

1

RFQ_packag...v0.exe

windows7-x64

7

RFQ_packag...v0.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Drmnds/Dal...et.exe

windows7-x64

1

Drmnds/Dal...et.exe

windows10-2004-x64

1

Greatheart...0.html

windows7-x64

3

Greatheart...0.html

windows10-2004-x64

3

Multihandi...MC.dll

windows7-x64

3

Multihandi...MC.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    21-12-2024 18:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    GDesktopEnums-3.0.html

  • Size

    1KB

  • MD5

    5343c1a8b203c162a3bf3870d9f50fd4

  • SHA1

    04b5b886c20d88b57eea6d8ff882624a4ac1e51d

  • SHA256

    dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

  • SHA512

    e0f50acb6061744e825a4051765cebf23e8c489b55b190739409d8a79bb08dac8f919247a4e5f65a015ea9c57d326bbef7ea045163915129e01f316c4958d949

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\GDesktopEnums-3.0.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2816
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2816 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2792

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    99b6ec1570e3245fa9c5d95574ebbc2c

    SHA1

    51dbb9d0296ec0c5b230f10a65c1d31c2edaf746

    SHA256

    5c21ed391b3dbfd53a45f879b2674d1a632c3e056578753102f98594531e91be

    SHA512

    262102c2895a6c809bf20dbc308df11e3b1f87ea2ad90c16d6b8f5c63f7598fdd1d10f134be3943013cfcccda4d3023d14b3518b4ee5801fadacabb9c4a45b63

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    681b67edf1e801648c7795419c755d59

    SHA1

    0d6b38e1d3ad3baafbb46fd432ac36ca13539d2c

    SHA256

    5cfd091a7fc3d156237e71bae98e1f97c583f03c66062748700f4752a6b41168

    SHA512

    82b8016430d428dd31cabb2049c7aa20e8e18e12ec9f8e2c5da4a598d43fc17480b0df6aecc4aa977394afb5cac6000ae7f23de447581c85aacd193ff860ed55

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0ab3f02fa331e0d8164e41b0633560ff

    SHA1

    d6daa3c2dae05054f5ea3c5377cc03d5dcd206cc

    SHA256

    8e33f3daed2a78219f6637ccc652f5fa73c838046af2572ec33280915e47a9ec

    SHA512

    a2bfbd7b2eeb6617df7f912d0cc5e0f09b17fd8a6a6ca9470d57e1f6f51be0f52795536ba55a0d5954de4b4eb58e59794e66abe2cc853b1e9525381de793b941

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9711b7ad07c06cd08db25ca3f6e0ff5c

    SHA1

    ee141b03e678c601c60db71e7bda22f4be45999e

    SHA256

    9a580b652a0c93641ab1fff2d51984d03aff6b2b11506a35e5badef23f709d7c

    SHA512

    075563377e8220a581abe4082c2d040b52dec7cb59da232505846038171d61cba0014613c5b7fab2be1c3f3b762fcc1ac08290c170c1a0afc0c0eb9eb78ebf6f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e4211e18494bea223c25adc8694fd85b

    SHA1

    391a2e99f09ee1aed09da3fd72970c7e01f4d55e

    SHA256

    9bc65351b033450fd3980df1151eb70e190d88242b26eb17929967b5f1e87161

    SHA512

    f6b57e6dc5bbf7e71216148d71b7e3a9daee77b0552d3ab39d8a1ce5844493829bfbe94584e6851c047254896622a89c0c19fa3932baad300205019045f42c96

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f4c8885d7aac6c6e6fd39f1d4918da8f

    SHA1

    8fce2ef16f3c7a3e56cfcc8896b313edc6285a23

    SHA256

    15b622230ffc98b20f1cf8687c386fb433b4db501f24b1cba37236a6e8a2220f

    SHA512

    2d94e71f5c93cf75073d73d9298bee6400b95428d6434fc18790d49cccdbcd83aaddb672a68d77a47982b87829acfb469398c4cfe65c4a336b26e769974940a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    de58f66caa0c2a179f19ef996da15d7d

    SHA1

    c0ad03ff1845dd9c67219e7430688d898f970cd1

    SHA256

    964b2092f8a4ea5cc5e8da3bd693650a361b6be6f0d8ec8cca5dcb9836d64563

    SHA512

    a6ff350b582ba0447fc08a94f88e81244c67ea925e491bb8486f8674cecf9912e51d9cb00592bfa8a6bf154e5ef953f25a043724c489e1a7760a6d3657c25028

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a06144ba5f11f39dfe64b4fac8113773

    SHA1

    15a206eccc4cebe52d4531b630ee2d24fc5ac873

    SHA256

    7343702f47b9032fbb83e0a4537f77a6760b2e9761d2c3b4dbe2d2e0eeb7c9fa

    SHA512

    0452824a4fc47ad570f1f4bb2a7483be5fc0914388cbb7e7d6ea6ab4f5a9ccf9337e4753f16962222bac8468e9fe43ac3075818618b94176b35591577e5f2a9e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9de5069a305168ee4d1b409d4f43a2ec

    SHA1

    e18bfa1e7caad2fbfc98601d216981624839d2b4

    SHA256

    05e224e7109a387f0127ddcc6e5798e86219d6d98f58504efd889002d383e3b2

    SHA512

    a1e3a19843ddd0d060074a22b25a37c761dd6932dc45daa7496c2d2453a481de59814ebf9add954600e073834873722c26816bd540673e0ed2da95e507373d32

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    54a1653e6ea67cb1d194d5e9f9521679

    SHA1

    e2c99e7e348d87d7c089055cd327fa6e6d4838b4

    SHA256

    e1353d57c8bdc913ca01f15bf1cc9f7dcd63daab47fc1db7d81856058272bc06

    SHA512

    326c4fab8a72485f21537a419b4a539126c89e970c5555d9bd8c6ec0806622efbb32cc3478d4856212d92303387ec5573a9d57af79bb95bfaa87da9fa0d2dd21

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5aa23360de41fca256fc0c50f02c4cb4

    SHA1

    0dc7bf8210156070860c3db75b323b307782ea57

    SHA256

    dabadc607ae248b850761d4d58dbc45487226bbf759fc79ea24720665e63604c

    SHA512

    5f0b25296d9fdd3993aebd57e6d84cc6345af276f7b8c7743f030967f830818603a4528bddaeb423c97f1601738bdd813aa9f6973922fa5daa718058db058c63

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4b4d1f0bcff782a6984ffcb1ff0951fb

    SHA1

    9c673eebd7a27e1cad21606267515de67de08968

    SHA256

    d34b2ef35c27ab3257998ad49ce83e1d84843669dd0f48c0286f70e7e8bcfe3f

    SHA512

    7e4ffc3ec44a541633b05360c24bca3b94ba348c0eddb3a65591303543c866e3e618f6a1b007d2127965f8630504f5fd78a58616d8abfc0bea4c7e2f34f50276

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    156e731cd5da685b86654075c7fe769e

    SHA1

    4b1681a00badce10f32359ddf684581560b2c93f

    SHA256

    7e39fd62136e59eb3dd4fa6f1544dcc4dcfdb30051466629f4cd589f081d0ae4

    SHA512

    baae9e34d96fd974b09f8ff2217ddd2f0edf2211cf8cdc72f6b9ab0528f7216478775cefd4e0bcec060892ea9a974d39c402198f391e9a7820ab5c528359316a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    72cdf20dc7df8b3b0f8cb4ca24f0ff4f

    SHA1

    dab6dd55c538828af6df41e4cffb7b77cc8fff21

    SHA256

    ca8455f0eb5fee984eeba922cbe4dff9e30b54b7449796f39ac8499e5d0aa519

    SHA512

    7a58fa56fbab56d0a70364bbf6918124ea16cd07b733fc83adecee0a59232fd9b65a653320bc423d4b057cf6b78bf5d79d942e151c1d7f104a0e3d7489940eae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    855a27daad91f914ed7e50798e7f4282

    SHA1

    6a2842ba6519ad4fa8b3d1f18616dbac36cd8883

    SHA256

    02389fa39b0d002909f8537867d794dbfee319ea0ab60d17a2bdb9e7413a8435

    SHA512

    165e7d4cfaefcad2609d4f3dcfe2beaf0c66d652fbd29168eb56888605d69ca03bd629742e74bd9c92b128f2686b95ef6809044cd6f6324b0f2999bc84ed2393

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cc55c2c2677354fd10677c1cdd3982c7

    SHA1

    827ad2b192ecd2cf2f7ae521851d5bbea651c76e

    SHA256

    c8d2d2db7ab77ef36699bbb74e3d6b1c9bbf15b62bfc3518b25c98abf5aadb46

    SHA512

    b1f28527e2d0a05a9f9f27488a8011678a6d4e10e5fed5adf2fe43b90ca69aeb682a0337992ce2485e29cf39bcb48e63b68952dc22c44407a943ceda3b1d37c9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6c688628c365a7dcac925d597322200f

    SHA1

    afc99738dfc5da5a67da9629f140f22fc05301ab

    SHA256

    5e07c58bcbba79d7d896a5bb121c217f480bead9e2dab40448006299cb49e8fa

    SHA512

    ae0865c897f73a45d9f5f062dc11570354ead4f757e2371c8f5acb65f745704e8166171630e5ac2ca8e42e8ca2dd1f1a71c8c8cc08a3d375904b19cc9a3d9ed3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c954395d8eef4b27e9ed0b6e79d6293c

    SHA1

    b13787024fbacafed45f74f5d56c6ccee3f136c4

    SHA256

    37ac74c615c07e1df84d22fe98356ca41704f0d94481cba1fc4251b629191ee8

    SHA512

    5446cb1b8b09af3a5d11b87a6942c1b13926442604486e91db7892b7044a2fb0d54e372d86b42d70a598ff7e42252c797952b6e30c8bebe3028af0e603618802

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab719A.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar7259.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit