Analysis

  • max time kernel
    134s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    23-12-2024 23:44

General

  • Target

    LICENSES.chromium.html

  • Size

    9.0MB

  • MD5

    c5de877a372447fdd303c1026fb432f2

  • SHA1

    6fc0a751edacbe061e97248fa550691225891030

  • SHA256

    4bf4dd1a05ecba975c90d85117dea74b0e94114f882bb26a7e7d1029afe8fda8

  • SHA512

    b3079b18419ca854118e12e8d4681c9e66ae55fbb1f69cfb3ef6322a1c17557c0adbfab5ced030133af814d39483a2b5c7090ca3abb545e8808ffb6abe6b3ae6

  • SSDEEP

    24576:G8QQf6Ox6j1newR6Xe1VmfQ6k6T6W6r656+eGj7dOp+:fGyeGd

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2772
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2772 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2648

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fe3470c37ce1ed10af5d8bdb7e44b5bf

    SHA1

    43db4fbe137fc73443d147435adf39ee40df1f79

    SHA256

    3932001d6c696d9b1334eaae3d61613d6c818acf64240a728f0bd8e069bf4765

    SHA512

    112bd423e94e09f1d86374f8f021f8c797d2db2bfb2cd8f37502abd1fb0cb99a872edee29845e0b76bf35ae712455f37649535532e8d648025f61c18ba18e451

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cc6977d2ec1bc8119eabb68b70110b6b

    SHA1

    dc41ae239935aaa907d70fd24f1ee76c69fd2ead

    SHA256

    0a69a634d64fd0986ec5c9ff90c2301603b64e786827eb8129f198b9addcc4fb

    SHA512

    956958af79df92be434ead5c70ba4c273440d813b41659a4f9060eee7312fe48ab23dffeec6fa2bb7a4683c6b239a10945c8e335a686faa7d670fdc80affb708

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d86fcf5bb36e7e31cf0358de84f605a1

    SHA1

    29d64f68bb1ea12049d639b65d082e45905c6b65

    SHA256

    717c42e08718dcf7aa40ae53095f90dc4176d0e764dbb766db20878bcd54984e

    SHA512

    cf87605092c4deda38724b650f68b4671b01a7eee243a62f1460d2005ea3473dcc1a2877104e9bc408043b17f31cdff8ddf05233359e4b5ad4ef0d72342dd784

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f3f2ee6be42a502c545d75e30f4fac8d

    SHA1

    77a442016f515c8613b3ccc304b7ffcf0e52f252

    SHA256

    e07353d233a6c7dffa88c185ec4202e360803b0d1954fb826f1302e98dd1e151

    SHA512

    219cded4446e82d0f94ac7552d67fec838d71b438ca819bee7160009a88c07e8c09c57b882019ae2f2d92b45bd0b1c5e6c5440bc54ba7bc546cd00c5227dd274

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5d6efd36a944f8e711098d7cb87fae59

    SHA1

    6c8cfab23b50d37ee61e8536a3a5e475c0a8b928

    SHA256

    4f489daa7fa3bcf89e55680921ea5b152d36ca0032ef842b50f663974be94ac0

    SHA512

    7abed00744593d96b5adba4a13f1221c8d3425c2e6cc96e7556dd710024a2dfde840acf2c5c4c657196570bfdc368094646a3ab19b7f9f51a0830dea2568862e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e1a476438e97a56886dd41ffeed80bca

    SHA1

    5782df9c3cb8ea527dbb95cf4055f3d5934e3088

    SHA256

    7a55942651f9cc314bf97d49bc82315e797cf1885947c7c5fa1fbc936ff15065

    SHA512

    5b7eb8c269cc2f05290e203a0d774d2f6a7e0ee2676a4c57a363ceac1836f76a2d4a42db70a18aa7f4b076dce4743322bdc6bc93499a339b2ba3ad48f33745c2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    343f34cb4b1d93025c126db43c450735

    SHA1

    ea7971774a9bfe4b4453e0b87e3369cb8097fed5

    SHA256

    5e4a35a86b245643dd1f75cbf36fa328b10aca07beb427a516a6f429a055a4c9

    SHA512

    397aa40ce7c3685519b18b96b0ad28ef84edcccda0d236ec58db1eae4c3e7ebc93907b8721d092b5453fd0e68d2fdb133f821c76b50a8cf77a40b8008983ea0b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a8eb76d65486f302416cb5b886b56066

    SHA1

    a87592e43cf4cedaa6b374a099e7ed05b9826276

    SHA256

    dde6f67b1dd2483298b8efbc79cdf97104f329b420ff2e6d5c4c71c5372b9fe4

    SHA512

    370baacd982ae26dd6320aaa2d46969c5f78db0697f4373081147968b49587b041e30f16d87cd3df9da79aab825ba8cf52ccd7e1daa346e7ff6f46853efd22b3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ee59aa7317994dd03c9e77cab1fe31f0

    SHA1

    6016a251cfa4ab5b1087c6199d1344a3c79384b7

    SHA256

    f193a3f8b4ba579fc1221bf2e3939f8b33644e7825b10178402721f25a85e776

    SHA512

    1272d16400b9290337ef70634c8bedd5feaa95ba23872cd7fd95cf3b336eb881125f23bd4998bb86d5bf72aab3ea20a4623a4ef24e8bfaeb1b8fa9cc3df2f7e8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5d21e28e2ddad3433c5116f6936de7b8

    SHA1

    acc388b1b4c8ecf749c418822448e962de55a643

    SHA256

    780082f68e55dc315057811c0b7225da9484c9af5942635fdfc107d0fd2d8964

    SHA512

    945e89a62a0dde35c23bfe478934335b4a2b9ae66a46f4e810e7f87517d2f526564626ac26ffb4477c12cf32ac50058e9601554d18b6bc75f1eb492fc98d1600

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7141bd3646dcae1b739609304c05cbf1

    SHA1

    b871ca93173fe4f03cfe9e6a732d3873fe3d42bf

    SHA256

    57e4f43e6b6ba89f5c9462ed03a9da19407c1fb40f39033ff28aaa9d1108cfb9

    SHA512

    013c3f1e6c4932be790342b52b31831682210b6b7e7706af501531a8f3d4ffb426ffbff2bcadf92a3e78ebb4856b638c426177efa396ea22fc50877a8f4b2463

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d9ea46a62a0cb613786478eed70ae82f

    SHA1

    6ece9579caa6065026e0559fa9a67417a99bd4ee

    SHA256

    08f075924096e097d4e0c896d4463b7f315a5d2c52bfc4358e9a3a757dda7b6a

    SHA512

    fd54ae2268a9eb4ff9b1e2fe7a80298be7dc7b814f709a362c1a56bb36ed6006067f6f2fe34a67756ee9ff0b0f035d7fb9dd4c6da0e05123c22623189da73bba

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    530d845e401d99193b438a4de9e2fc58

    SHA1

    e4b48e3fa00eb7b876eaebeaeefdcbac353ab9e3

    SHA256

    971428214ed709b2de1ea063a7482002f1ee7b72b1d406374fd04cff47c68595

    SHA512

    2d56fd406475c5660ea5a64f4e21da114aa6eca5fa5a18aff06bd6342767ceee9deec9cf345f83ba251f71fa238461213a2796393cb6df03df9e7ad104dd3448

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c00f1ac23334b9ebb80499ab77d2856e

    SHA1

    9d09140eedf49b2e8dfeadd60f640c8ba9ee2fee

    SHA256

    cbd81cb4803664c91c47026201bde7cffc4cb0e6165be8d4f2fa9fbaba03c824

    SHA512

    035167619377852eb69203434fa369b79f2301a17902bfc7d8f5fbf574ada388114e7e6dce2b1d34c96ff6ea92f5a9cf69182b5a908c7a3426df9aeacbc26fc9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fba947296830deda91dc2b94b576349d

    SHA1

    cf0f9f9aad4e1f3890e4f7bc11ce0ec4573a4c57

    SHA256

    e67fe15f9e6aa5b126754ef1f04db41b1b52844a33906c1b3287c22787db3391

    SHA512

    a6b3c0938c00b49bcc85089737ad531a05ef96be29883da133b86d4e4b78502f476bac7eafda0ad650863463c5a76a817c7611678c7d9f9f1e9264be3f825a62

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    00ff384832d3f9711c365dc0950f279f

    SHA1

    7b3747a74be95908e3571b8e9f0abcd1e84dd932

    SHA256

    8bafdf3d2939ac7145781510fa5d5c014f1c028e61f42ed4efb79a0c53e1584c

    SHA512

    676b5b8deff0a675477ed202873b24347acc8a1da563cb73bf346cf99fb9880b738cf50dd6c624addf11499a061a51089c2db06a926290243ed3904ecb19f4f5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0378e1faa273f4e314cadb36cac89374

    SHA1

    3c183ba44cb7f604fac7a728d07518dab9ece518

    SHA256

    c0f5de258fb0d3344473f805b2bda085ee8407067e65854d0a9333e7c78efd46

    SHA512

    6a3abc407d690b6ff345d357f4d6e4dff4c5404768936fdfa8bd60a10142900a6566fc1f6be5d5a3ab2e1ac33d68c9c2dc9bd57a45fee53132077920a1a3e536

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    af26877b3abac68c78a7b2d2c976e65a

    SHA1

    5147bbe2fff0d5993c7d409c827123b795f8d0b9

    SHA256

    503181587490fdafbc01ce39aa3f41dfee9a90cf2033ac61f689db0c415247f5

    SHA512

    3f960b175a34815dfafe2261a837caa57eaeaf99c0e5932ff8ec400e19fd25a2456bda63ce80050bac6d87bb25fcd89a3f764622bbcaf4c8a7566e2b3ad4daf7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fd615a0d2c2cc1850be2da8ae2da1bea

    SHA1

    45dbbda760ef3fd03ef3ef6c1031054c0922cf45

    SHA256

    46828b16d76d3b7815aa2b12aad59d77e495679f53d7b27d60215d32a7b8d797

    SHA512

    1a5171046024c1c1aec48024db9bcbf6149f262319e1f2830f2986b98ed96ef2f4d6f58cdccd24eda6a50473979100506eec68739ba9a6408b64ab229b1ce289

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    199e64262657ad1354f92765fe616918

    SHA1

    4f28c5fcb1d3f684945076868554ca28b4c6f387

    SHA256

    12b9102c9ea69e8f93bb644c8642cdfc17f9395f7a51679847de7bf2a1c3a082

    SHA512

    13ce35d8fa87c0b62fca5508839911df195a28a31d45a23d96af392a0e954baf97b40eb81128990e93a95826c40e2a8857e41064d1d20b8261234104745004cf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    595b1e99ef8b05fd00a3d30efd6ee61d

    SHA1

    1aced1c88ea18b3205609a9383b249baaa7c58fd

    SHA256

    e9715709b0165d92c304ec350a73e1d4ef5aeadf6b4cd9cca765f98dcc7a5284

    SHA512

    61c0d3477e7c40e52f9601073bd8a15f37febaca78d58ddc277e44f7dc34db4fa886a98552766595940fc5dbe0949cb8b68dd04c2ca3095cd97ff2b163478051

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    61781b4833237ad545f6f03d29d4f408

    SHA1

    e435572daa89796d4658ddab76e14377a3d55ee3

    SHA256

    e683d63879d2895e02d61b5308075cb65462b931d886b8abe2b0304179845f95

    SHA512

    3f48aebf14131a65cab7ba83ff060243df544abf5d2d44f9bc1d927f134882871ded81fed95323dc70c0bce73584bf9b544121fe50aa7cbd14f40c30552edcd2

  • C:\Users\Admin\AppData\Local\Temp\Cab585F.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar58E0.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b