Analysis

  • max time kernel
    122s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    26-12-2024 06:27

General

  • Target

    LICENSES.chromium.html

  • Size

    9.0MB

  • MD5

    c5de877a372447fdd303c1026fb432f2

  • SHA1

    6fc0a751edacbe061e97248fa550691225891030

  • SHA256

    4bf4dd1a05ecba975c90d85117dea74b0e94114f882bb26a7e7d1029afe8fda8

  • SHA512

    b3079b18419ca854118e12e8d4681c9e66ae55fbb1f69cfb3ef6322a1c17557c0adbfab5ced030133af814d39483a2b5c7090ca3abb545e8808ffb6abe6b3ae6

  • SSDEEP

    24576:G8QQf6Ox6j1newR6Xe1VmfQ6k6T6W6r656+eGj7dOp+:fGyeGd

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\LICENSES.chromium.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2396
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2396 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1804

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cb5ef3c7a64bcd58f6e3a338bf04f6ec

    SHA1

    26b52ed3cc7704c029c39bc489b0330ba31504bd

    SHA256

    183014b4006e7858e6829f0e3932db80a68fadc907a257c42ce262bc9d407177

    SHA512

    f16db4c7f0cc8f0688699aa7d5808f2c6c98e675a3528e9c166964f19d84715d372c4ed310fd4366d804604e2d8777cfba9a843b30d8367476bf7ae42acfda45

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e07a41d3614ef4308da10f604886b7b8

    SHA1

    877bd2821b86336d79c9fd0386e0911bb084c089

    SHA256

    c30c7a8eb20857faa581a0c7a44a867539fb250237971dbf8d4b6230d3498f6d

    SHA512

    8698076de9e77114152a3d9810cab402516394391e80e90d59e2f27e7509ec6f4e9a91ea8aa529822a171186327b92fbc6d3da2583f9178b402b7ef9047489c4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8c09a50f90f8ada1eb98214f09facbc1

    SHA1

    c02088fe8e4063afb1c118a3edf701e0affbe135

    SHA256

    48228b13aaee1a22281f8f73d3157a7cffcaeb350ce7011e50ba1f6aa5497f2f

    SHA512

    db496cc2a5b35fbfbb59c091994883eb343fd868d968efdb33c770a947907e66259cd553da656a0f7de841d499b2bfeb2c6bd47d95415f15e329e2572fa66ad5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    becb330aa9dbb7183f8b28e340a3e3c0

    SHA1

    66808afdb59ca705f2ffc76f7086ce64cd372e5b

    SHA256

    ce2d68c3f077b262f6232627e77983a36754d55523af2acd0431c9d0b345b05c

    SHA512

    6e43771ef3558de333c4f368b8ae9ebe91b5f692a2d113d330d960dc88c3e8f39459bda83c8ce891153afe4b2693573a63d6ce05b798947ffb6a44e08cf2933a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    42908ec8f38611c6814f676c8bde3710

    SHA1

    0ccd3dc540a4159b3de7ef7a92a0cd30dcc04010

    SHA256

    001eb5c5f4629ef314f3f1548c353e248f9ef0e8b6434d53d8eb37992f3502b0

    SHA512

    2a3904a09136e690c512c68406fa5724abf1e50b921e85a2f1618c705b1dbfd0c1224bc3967941ed9ebe5b62f6ac0b0b3305338bf76c3891b8d5128a1fba8c25

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    873274a326d764bfebcccdf644c7259b

    SHA1

    1bed8dbfdc98bd275897b4a8bd56cab0a4852831

    SHA256

    236939c1e88efb982c1dec152f6edda9fdffc26abcdf92e44e503a3d91734b3a

    SHA512

    4268c1890954c8f6512a431c85b133fd1c72103ccdb43a976653878a819059ba11b511acda361dcb3b2bec2b84cda89e91d950ddaf7a0c63515bb8a457481477

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    23b80df9bcfc48a017292f70b7ca5f1b

    SHA1

    5f817bef47abcfd970f4ddd18fd314bb27edc833

    SHA256

    9c510e7b04852b90d8cca844d46d5c8aab8356bdea3625f7fcb74563ef2046ca

    SHA512

    6e5f5ca370a98ac1b0d1fe1e2a47ccd581932773d98976ee4fe4de155087119d62b7d003be6e4a6ff6550d2ac82d1912834986edf1b50a7ef28742a973f25c4b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d1767301b7ddce7b20afe22ee652c5a5

    SHA1

    9e873b388958061484b64f0a1ca4bbed0728baca

    SHA256

    9d6770daedff11cf455b85a0859fdf0ba2b754418f3fa6538df64003ee6c9867

    SHA512

    93b469595aa4d985fb06d7b21a14e0946661c803eee87aad787d08bac321c028e49a8efd4b98a6f25738781dbc8945083ec0a8c392ae071a17464681430559a3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8be7e0fe6c5688ed90ab8a40b168baff

    SHA1

    b1c0d8b93a1d94e362a6e68a6be7daeaf4f5bf3e

    SHA256

    62a00b80a236d62379d8f0f4971d9dca57a334cdea8850707fd29af1c6696c2c

    SHA512

    e38cbb5bc3a9f29fad56176c239445e26e1b8a206f616aad2ac738386c4acd6f3bbc276b142c19688d7ec25b9863fdccf79bb88be37d1ff8fd1812e81f6e0c0b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    122066a8be4f89496af63e09908dd618

    SHA1

    8087212c24d710a87fea4e6b5d95e6359b252166

    SHA256

    628d8934b70e55ae01d5760f635e87ecf7e0b2dbb0c35cbe02d56b5f1757fefc

    SHA512

    5845d9ac92afacee6c5c3b4469b485978f89a355c0142ed711ad56f2e4df4144e513ecb28ac7660971ecdd9c9d5183ffe3c83bf3f168bcde695f184b71a5bd37

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0dd82f60942f87e582bde14865dc6b82

    SHA1

    09085999eec453562e2f85e0b3389d928eaa8e5b

    SHA256

    ff59a6fc68280a7f2b0165abcf0b9d93ecad7227a4992ee3fcdb37956277db76

    SHA512

    8e7506db67e511a731407ad26f01050b2bfc70c0a28377f8d7fdf0f1ddd3d0833145cc7638fee405ac5def408d217d3857dae7871bd5e399c55e240c5dccb1a8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    14bd3dfce6d703b6d6c3b3ea6863c1ef

    SHA1

    7a007a72323ab18e1a6f2da5923949eb0c260e2c

    SHA256

    71d15fb1142daeee2ff7720f5a5c0b0759f03fda12131a34085931bff2376386

    SHA512

    b7e563a6dc81ea7a2dd7b98512d7d0e3065b2191a1f75bd970711dd8155003033e1f5e03979d28e041d90b4fa4359b24e524ad24b67cbb8f83d9df3db0e378f3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7f28ca5806ba798995cef4b6a97d74ce

    SHA1

    fc27c8cefb1e224f8fea222c37d4ec9922910cbc

    SHA256

    78ae0b2f8a36ae915037d9f505376731f2cea63d932dfc1124f343aba39ca10c

    SHA512

    80198d3b265461f0f72c799f4dd813239215c2560093a783f271f952c06f01fe35b582dd91ed9476d6f5e5b8c353f6c8cc4d4528c9017f7ed5d870fe9878da0b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    825c892d563f6c1c5e830e9416c34eeb

    SHA1

    6f751b75ed8b663a57bc4a89d20c0bc78fdba5ef

    SHA256

    48b1e1219664dab228a6fefeac4a76cdee9213468b595407b73a16769b006d9a

    SHA512

    ee17d600d8efeb5fd5db254ce9f5bd71a6c4cb8c302a5011a42a1940a5dcd5fdcb80b158f1f4b657b55a9785e567310d2ebd86116154b0e01cc1bcf426ed2a4c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a1a2df27b4d65a93e7d3ddcd378cbc6b

    SHA1

    88ea223e1723374c064a481054eb49e898673fa7

    SHA256

    6927f49bd3a6229df488e90e5f25dfa2886df6be5f336244d97a74537f602006

    SHA512

    127245e18efd0831ab9e1933a62c81d080284dcb9fb259bbd5be72d489666fd09c13fc4df079842b67b452c4a7ffda58ca4440afdc21e5650dec21cbba809af1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f35088637d702179c209ea497fe02f08

    SHA1

    1306a7e6bb94fd3924d04575a0b99193d0295ccc

    SHA256

    a409adc9963db24d01035fbc3cc989c2e6cd38cdc5641b3474a60470a8bbe304

    SHA512

    e918cfa3ba22eca59831eb11269a5919c26a9b08510e2068aacb23ca8b6aca7f6f90ae4c22fabf4bcac376e30fde1a1fe2626486b5652c79a470df5c24999008

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e2be68ee31415f9ab9e0fc211ff9c765

    SHA1

    29b2487d8ec0826ff4e18bbcb8e411ffbedf56ef

    SHA256

    6726e87bdcbd34c903577a2688234449478541b7ac11c6ba44aa6fcc0519b9c5

    SHA512

    dbb471bd1148588ac30030b614ea6ed8514c76ddd321e60b2dab8f92648797c3c8af0229bb9142b1103b0c68dc4e507b22b3e6b9d5788437b82a334d8f664d74

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    690c82df92df3a7c2c9512e252c2d545

    SHA1

    2c892000a82660d80fd3a0b8024ede1d10b2b9fd

    SHA256

    4a0e921c1bbd052c596b97b1ead54a6d32381fa7d343d9d7f22dbc5809c1aceb

    SHA512

    a0655ccd08eeaa6a1a3f1970480fd051fb622d8cb4c4b370b786eccc93b32f02a9698c724a9ea39b7015171274c24acca9abec804bb1c841f5bf1f85d7303545

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ae2cde262ad95fbbe559f090d5a5e81b

    SHA1

    8b7b706162105bf69a1b0a1a9ea68ddf401ca231

    SHA256

    7147785f94c4bcbecbf22b1717fd75d3316a0c01f0d1e936cd7816b0b66682f9

    SHA512

    1484187bc2e2366c02dd1ee149b1e0fd75079e43bcddb0bcf6a98454516be8c171ac446db08971255cd39426f07e455ccd4137dc78306f4ca787edb180fff3cf

  • C:\Users\Admin\AppData\Local\Temp\Cab31AD.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar323D.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b