Resubmissions

22-12-2024 23:06

241222-23gzda1ngv 4

22-12-2024 23:00

241222-2zdsjs1qem 1

22-12-2024 22:57

241222-2xjwsa1qck 4

22-12-2024 22:57

241222-2xjk1s1qcj 4

22-12-2024 22:55

241222-2whx4a1qar 4

09-12-2024 21:54

241209-1sdzasxpdp 7

08-12-2024 13:35

241208-qvq2javmhx 4

25-11-2024 21:52

241125-1q82navmfp 7

20-11-2024 22:33

241120-2grxfsvhqr 7

20-11-2024 21:54

241120-1sbtyavdpn 7

Analysis

  • max time kernel
    299s
  • max time network
    245s
  • platform
    windows11-21h2_x64
  • resource
    win11-20241007-en
  • resource tags

    arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    22-12-2024 22:55

General

  • Target

    .html

  • Size

    20KB

  • MD5

    1b074a4ee8eead8afdcef0fbc0c3ae21

  • SHA1

    af880a4d8fee87ee37e8b7df0b6300e700cbf4cf

  • SHA256

    ec32183425f582f636d59a00571e501ad3161340409a73731dc32b956a890a94

  • SHA512

    312eeec043fae799b11d2878831effc15d9ab750265852e9f9c4a5aff335b4a946f0cf3c313da7e6679e0cb65a75b6b91bc83ede007bfae1e47cef9cb9d9a5be

  • SSDEEP

    384:rRp65t9DpmReVoOs4Ai9ylKeGMYU8HhhbEez2n75u22zo2paWhOwob05Bz+m28Jo:rRpMBVoOs4AmyI1MyBhbn+IMWhOwob0O

Score
4/10

Malware Config

Signatures

  • Drops file in Windows directory 1 IoCs
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 6 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 26 IoCs
  • Suspicious use of SendNotifyMessage 12 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\.html
    1⤵
    • Drops file in Windows directory
    • Enumerates system info in registry
    • Modifies data under HKEY_USERS
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:2584
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xa4,0x108,0x7ff82fa6cc40,0x7ff82fa6cc4c,0x7ff82fa6cc58
      2⤵
        PID:356
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1980,i,1918885101533154723,11401097203059659389,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1976 /prefetch:2
        2⤵
          PID:940
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1672,i,1918885101533154723,11401097203059659389,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2456 /prefetch:3
          2⤵
            PID:1800
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=1960,i,1918885101533154723,11401097203059659389,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2472 /prefetch:8
            2⤵
              PID:1652
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3048,i,1918885101533154723,11401097203059659389,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3080 /prefetch:1
              2⤵
                PID:3356
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3064,i,1918885101533154723,11401097203059659389,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3128 /prefetch:1
                2⤵
                  PID:2820
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4380,i,1918885101533154723,11401097203059659389,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4504 /prefetch:8
                  2⤵
                    PID:1076
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4688,i,1918885101533154723,11401097203059659389,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4596 /prefetch:8
                    2⤵
                    • Suspicious behavior: EnumeratesProcesses
                    PID:4244
                • C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
                  "C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
                  1⤵
                    PID:1908
                  • C:\Windows\system32\svchost.exe
                    C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
                    1⤵
                      PID:4552

                    Network

                    MITRE ATT&CK Enterprise v15

                    Replay Monitor

                    Loading Replay Monitor...

                    Downloads

                    • C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

                      Filesize

                      64KB

                      MD5

                      b5ad5caaaee00cb8cf445427975ae66c

                      SHA1

                      dcde6527290a326e048f9c3a85280d3fa71e1e22

                      SHA256

                      b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8

                      SHA512

                      92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

                    • C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

                      Filesize

                      4B

                      MD5

                      f49655f856acb8884cc0ace29216f511

                      SHA1

                      cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

                      SHA256

                      7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

                      SHA512

                      599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

                    • C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

                      Filesize

                      1008B

                      MD5

                      d222b77a61527f2c177b0869e7babc24

                      SHA1

                      3f23acb984307a4aeba41ebbb70439c97ad1f268

                      SHA256

                      80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747

                      SHA512

                      d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

                      Filesize

                      649B

                      MD5

                      5b746508071077cac0ba273add7497f7

                      SHA1

                      22040782924467ce245f00fa879257a0ca249ee3

                      SHA256

                      b100a99e82cb9901b2e7f5a07a992323e89ecbc089678769f0c6989b296cf76b

                      SHA512

                      ebb4654dd72bda72dff58eaa28a1741c62c43c16fca0a540f38c373ca89d2728b81cd4d067bbc75efa64f3a499a156c3359284674f5489ec4d0635044a4ecf52

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                      Filesize

                      1KB

                      MD5

                      6111110b460e01c3250f9a25228cb385

                      SHA1

                      019660232817573461c3b5463c95d109cc80a33a

                      SHA256

                      95e259c085891096accc704de56d524bd040552235708b6191e0d594f1dc4545

                      SHA512

                      6db4dcfaf39d8ffe529a5cc88102123e17ffeb5cf01d691a1b6661a3fd3d1ed6347108452d5ef1fdfe472b6191bba7b671091522ddc34b7fe98b592082e2fc46

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

                      Filesize

                      2B

                      MD5

                      d751713988987e9331980363e24189ce

                      SHA1

                      97d170e1550eee4afc0af065b78cda302a97674c

                      SHA256

                      4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                      SHA512

                      b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                      Filesize

                      9KB

                      MD5

                      953f2d2efb5eb7c3fcd30908faa73615

                      SHA1

                      65bc38853b28b48453ebf4ee5cb3408c4e50f348

                      SHA256

                      342837cfc45170baf2c4b7eac9e612dc999a6fff10aec855e716d8adcc5310d0

                      SHA512

                      0a4f473702dba5c2b60ab1449e744165c3a225435d5bd53cbd1e70be5f5708913c7a59518ccf9c7f6d6a8ef9b2144e058e7246dac3efe613ed3546ee2cbfac53

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                      Filesize

                      9KB

                      MD5

                      5941a051e8f188cc4877adeb13cf4250

                      SHA1

                      4f2f07edb245e4cff0215932f5500cd726cceed3

                      SHA256

                      e8b9c4f9fbd1d48defa91bb28ee663843cdb144884809cadf7701c30dc5153fa

                      SHA512

                      0412f39e4fd1e0624675b55efa8aff36f3c74b06dea034f235dec0f1d9a47cc11a6d9f1c53137af9c1bbb08e9dc6b70ca0d44be0b4473f1812e7b75efce7a7c2

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                      Filesize

                      9KB

                      MD5

                      32e6fc19caae08f5f677daafe1c2a685

                      SHA1

                      612a66999d5024582d7e578c81ef924397b6fccd

                      SHA256

                      9e8ad9ad4c76ea17b2d7faee891a600cf185412d87b6108eb812112b4fea89a5

                      SHA512

                      2a9390b53b81eef1b9ed3a8efc734acd7c58587b6876676d4742661fbd7c0e0c091419653bc1fa109579b988983345e3414a8f643b50980646eac01ef05b0b40

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                      Filesize

                      9KB

                      MD5

                      347199b3690e127be6b613d0bbf8434f

                      SHA1

                      b69bc4914c3f2047a77e3748516fc3c2952f8ff6

                      SHA256

                      a81c021f4122d0fb6965e448c5ea7cd9eb57efe1b221d3ff596851f8ed6c19bc

                      SHA512

                      022f6ce1b8f6a4f77d6d1ceef2dd69269440b3d90b6126b82a0fbd6970fece68a25f73819e3006725352cad4ed77db637b12ddc9681423b08873ffeb1c02e4f0

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                      Filesize

                      9KB

                      MD5

                      ba6529ccaff5b2e15f8631a9f086a936

                      SHA1

                      86bf0022061759b8fa8291c07be6fba0c49045d3

                      SHA256

                      b51b861eeb489cecbb628a2419ddcc3573d654b3dc83326d1da346e561ab1a61

                      SHA512

                      08f88c60b83f4485f9bc23796e7282536818618a8823854463897c5bced80149ec47d8b6088ed7346caffa36d8625d9e56c2e12c2286f298ebdd9f7b505b4e3e

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                      Filesize

                      9KB

                      MD5

                      4dc84422b13b41613a78886d300476fc

                      SHA1

                      d945ce6138c855356798b6cebabf444d5514fd04

                      SHA256

                      3db4bca82d151dd5654500f92382bbea349ea79988bc312b6e268e811233c1d0

                      SHA512

                      7bc6953c0ea163443497a38abbf32427ff860e304e9dd3079cffd125b2e4ebd8d4975b10b9a9ede788246a15519384c468bbb1acf1d2a1087d3b841a8f88aeaf

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                      Filesize

                      9KB

                      MD5

                      5d20a7cc2f94623abf382867c9d63d79

                      SHA1

                      b73541ba6a7cfca26f3f51bf34bf30e8c9425e0a

                      SHA256

                      c65dc9465991382e9edd267d2a20615028d40e6ae126e67fbc09810b4356c1d7

                      SHA512

                      e0733bfbb4649643ad276ce3beaf7a23918f44859d45776bb00f9204228c9afab5f442d32fd5c0cb0096db449cd4bb33f73c42014d4007817f1f524c4d4780d9

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                      Filesize

                      9KB

                      MD5

                      4457ae4887d04fdc5de09c17beacd7d8

                      SHA1

                      91b44d0dad6eb35313cc6edb524b191dec2f06be

                      SHA256

                      41186ee1515f2b43e132aa8f2b52fdd5032c32b7993ee292d1b364f7a04064f9

                      SHA512

                      2c7582834ad099946c5d212b85161feed1ac390aa948d0aa7cc0a2450464779025324f349cfd229e4b83298eb89d4965e8b5c6fb22211033774c28e310e5ee49

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                      Filesize

                      9KB

                      MD5

                      9cce8cf6bbf9ae39b2b41952144d6de1

                      SHA1

                      054625b7ffda1f328e3bfd2593f3dac93134fc52

                      SHA256

                      73f3bd1d4da2bcadc2ae479332ee2e02cf1f3285503198f6d89698bcb1bb0885

                      SHA512

                      5c92d1b87fc4919312b0fd303b2d6a7489a90690b5abbc4f0fc41660ff52b4ec0ad9e9f79a3ac37e81afa6b4ab22bb1cf253db80614a9a37c70e0dc2f94619f8

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                      Filesize

                      9KB

                      MD5

                      d52b6882028652be11b1133c097a62d9

                      SHA1

                      74c85e02ee35dfda76273b372f910cd1af396d34

                      SHA256

                      a0fc3dea942c8969860590f6fbdd59e303f5f6d4f391e360641941dd74116f4d

                      SHA512

                      bf6e5e7ff2578cec92557ade36f572dbfdf83ecba59c9723cdfc1e084b02e7bcd851b39a759dda2b57268db6ad3f5f9171d8743dc1b36f1bb0c89c9cc038d2dc

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                      Filesize

                      9KB

                      MD5

                      46744570825e64cf028aa5f2dbcc281d

                      SHA1

                      ad9f8d5a57b8c0e1668b7c7d885cf3d8b884db4a

                      SHA256

                      474babfce5b69f55c4238bd82bcf1e2253b6737e034f3279ca4bfeb7009908b6

                      SHA512

                      499ecf242419100073c0d09f83d7464db64696dd2988a054a9fa59029b651eaa4c289791819f695b9730cd05fe39a2db0447def5ddf69fe8b5feaca3a8a382d4

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                      Filesize

                      9KB

                      MD5

                      49a84b1da70dde7fe90084471b97f8b8

                      SHA1

                      a14c50907142377c0565c7a736983d70d4d29097

                      SHA256

                      92a20e09031f9036dd98a6fee408b5c705f268e6cdd7d3ea4b3d97a113ead914

                      SHA512

                      04d69a3856992dcac97f1f2c98bfbdd92ca44d1266fcf0846da0bad760f3344890052b509e4031087652bbbff7cb8b075210f9f2be989a843c8b807253a2918a

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                      Filesize

                      9KB

                      MD5

                      b0ce5bd57d3fa90321967f486837e8c3

                      SHA1

                      9289d54b6cb70f59a58d44f4b1036cfd31bd64db

                      SHA256

                      12424a5d2986e920ad22718671824e56e3b653e42d6f8a6f592f2d982ceaa64f

                      SHA512

                      23c6ac885858a3f8c967519d3e97a315c8a05a5e4b9123e325f2c3a5e0818221363bde7cd4f9db179fe510764655c0bacbaebed17b10b23feabb8158b370add2

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                      Filesize

                      9KB

                      MD5

                      3cd9e3b7be605a79d5d9c8aa20a15ee5

                      SHA1

                      c9d866b63d8d207fa0749c7a1e0800ba40a125b2

                      SHA256

                      b78e1b3a9cfbd91d9f7b6c63842179455d3d5981c1480aa03a1ee14c7b33ab6b

                      SHA512

                      622d815045067e2beb37eaa391daeb22783d4b2b5ad809c6d348e6e1ddd095c3db1c5dcd1d2db030f88795fd6ea63f44d376b9dec1dfa205c76dcd4bebbe9281

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                      Filesize

                      9KB

                      MD5

                      b5f725e40da531b1ed20f1bebb992201

                      SHA1

                      b55d55dd00e09c22b4fd46f680d2c1c4221855b4

                      SHA256

                      ed2def95d09c18958dd774369d3c8438dbba53f722540440a8314de40d1948c0

                      SHA512

                      21ac002e3ac5935ccc1776ed6863f6bf9fdf032eb4fd33fdb70a6fe21fe23ff9308946954dfb20efa9a318f2c662ec4ab23fbd4177db0dce69a011623f00a74e

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                      Filesize

                      228KB

                      MD5

                      1fee117c4aa3a0b6f41cb9d690f601c8

                      SHA1

                      d99ebe12f633ad85034d495c024b462d1f2f3e92

                      SHA256

                      99ca975c0443347e49e6f92e3d06aff841a6549f9a436312163cabf669001611

                      SHA512

                      25e3b905fe74f496e75a97e97a4b4e4da83ebd5b6980f2a17c22375aa784c76f0bad2c1216adcb345c31cf7f5083d658f0beba686a0b7fa92faa8e29f5cdbbf5

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                      Filesize

                      228KB

                      MD5

                      dd532b5a3f0440daa7e1fc4508266f27

                      SHA1

                      3e62be497851e398f146351abb351eef10d19731

                      SHA256

                      b346d210fadb973de7423754ab274058ae2b27b1f68718c448aac44b64735e37

                      SHA512

                      56b23f4f705d1297d8d7afd6dbad59f1ec352fd2eebe9e38464fce173879ae843b03cdc29d9432d3b6ef42cb7bc9537ae68c50ce16c5a92278d95e3dc261d9d5