Overview

overview

10

Static

static

10

Projectsig...pi.dll

windows7-x64

1

Projectsig...pi.dll

windows10-2004-x64

8

Projectsig...ct.dll

windows7-x64

1

Projectsig...ct.dll

windows10-2004-x64

8

Projectsig...te.exe

windows7-x64

3

Projectsig...te.exe

windows10-2004-x64

8

Projectsig...no.dll

windows7-x64

1

Projectsig...no.dll

windows10-2004-x64

8

Projectsig...64.dll

windows7-x64

1

Projectsig...64.dll

windows10-2004-x64

6

Projectsig...64.dll

windows7-x64

1

Projectsig...64.dll

windows10-2004-x64

6

Projectsig...sh.dll

windows7-x64

1

Projectsig...sh.dll

windows10-2004-x64

8

Projectsig...td.dll

windows7-x64

1

Projectsig...td.dll

windows10-2004-x64

8

TWRP-ROOT-...eD.exe

windows7-x64

3

TWRP-ROOT-...eD.exe

windows10-2004-x64

8

TWRP-ROOT-....1.apk

android-9-x86

TWRP-ROOT-....1.apk

android-10-x64

stub.apk

android-9-x86

6

stub.apk

android-10-x64

6

stub.apk

android-11-x64

6

TWRP-ROOT-....1.apk

android-9-x86

TWRP-ROOT-....1.apk

android-11-x64

stub.apk

android-9-x86

6

stub.apk

android-10-x64

6

stub.apk

android-11-x64

6

Analysis

  • max time kernel
    122s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    15/02/2025, 11:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Projectsigma/Stigma Ultimate.exe

  • Size

    3.4MB

  • MD5

    87784365c0d576fe07b36f4909ab3fb4

  • SHA1

    da511641b9650f8d5aa03a88ea37015b06770150

  • SHA256

    d53379815e7a1bc021bfbfffef03be6aa372e8e844fd8f781561f646f89947d0

  • SHA512

    a88490e1d5123545f8c2f959fabb8367a3f996ee9f0e7ac4366f8b9b792f177ccd6edba21016a30d5ab4265c5a24fc49d7f59b161109a0319202f6f717d333a1

  • SSDEEP

    12288:N/mgF6tAqsGMcQtXmwHh1GdW/46MdO66MdO:NQAs666

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Projectsigma\Stigma Ultimate.exe
    "C:\Users\Admin\AppData\Local\Temp\Projectsigma\Stigma Ultimate.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2440
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch&plcid=0x409&o1=.NETFramework,Version=v4.8&processName=Stigma Ultimate.exe&platform=0009&osver=5&isServer=0&shimver=4.0.30319.0
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:1636
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1636 CREDAT:275457 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2564

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    26f7f97256641ea1d93d072639996a36

    SHA1

    59c2a9be6359ed54d6646a9757195cb80a846686

    SHA256

    90f6803b9123139d25d2acabb15067bce9a98365cd28ae846fd257e7b6572974

    SHA512

    da3a8d06a9a8f3e3a06266d54232594a3aa4b5c2f8be270b11f128f3069f9a413986730b4cce38c64e0e2834f6a92fb0920d48f31affe4c96756ba39510f7b93

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    39311429977f0d5e2918ce90f9186ae6

    SHA1

    a868531bd390b8417b9f22f32311ff286d54e95e

    SHA256

    bdbec657e88541c2943fdcaaff3a56974a95ce01f587b0715db2df9589d568ef

    SHA512

    c7c3b2bec903e85afa1ec9eec34eb1656df94eaa677b6b7159026a99c2273eaff3121a542ea6ce42cfe0a9d7b6787a54c23838e0e6ee4227a7d9f0e50b1ad1d0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    28ab7f2fa9aee5c771f30578f26bfb18

    SHA1

    d0eb4e415d4772a0fb1ae57211bf2bb168678e2f

    SHA256

    7c5f3551c5ec8424ede494616ab153db06e303ca93facc8ee6ac5c432de65863

    SHA512

    172856ed97d302cd7c78ee0ece467fb960dc5b5fa587e7cb2d6b7f34083ab0c16cd8d234ce59a033fd4d91c18a5eef829b24462a9b3e76c9808e7e2a9ca6bd22

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2d0db5a5b87cd7c69dfa7807e0599e7c

    SHA1

    773a1d3ece3f5461c3e23bb87e9cc1e40bb22020

    SHA256

    342881f96c2c0433aa890b47e637d14a53d47be3b5f66e4c006b74ffbe72bf99

    SHA512

    991bd5692cbce866694a1caac276d1bccd2f7939ba2424d197905fb3319a154ee4c368e2e83e035eb32a34508aa457302e4eb0765a7ec3d54d87c7f173a009bd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a952db8c74fe6bba4979f0747979c39c

    SHA1

    9d4e7c720d2769df55453902ab842e43660ebb73

    SHA256

    64508f2f2c4bc6023ae84bc5a44ae6fc41860a95ca24173fd1771573b4781c0d

    SHA512

    7d3d3af0356350058f4eeb2e7281f8d92ac5870e22a16085e5c409b9b038d339827770d346cc9e40200cc4ae55b5aa6c5ec0e81d95f3db71cc4a6b5192f17551

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3fd28f626fb01b770612245b91336a61

    SHA1

    21f2abcc968564c418ac6d26ecd0b39a2740f055

    SHA256

    9de4feb7a3d9bacc15e67f5988231c60b5664a610cc886d16b356ec384293261

    SHA512

    b4e2ed49cc65b46dc5c59431717b6d17702dac1f2b66e5354b035b425aef16f2bf0073e1d7123458e823173a5cf0da5cf55526e42b093b99d6801286c8421950

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b8a129439b67a881d679292b435aaca2

    SHA1

    3c0cc21f5f0361123c25471a785ec9af427d6195

    SHA256

    e5c1a804fe8d89952a27d70d8798d87360824e23e0b22f1008c7599cf11b912f

    SHA512

    71806c7e3c66ac074145d00f08276cd2bbe1a24e49d30ed2dd6442e276a3db447d35e90278c01886d306eaaced9c0425860f8533b91f93710d669edae5f10417

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    55c384d5aed66616a610973bac6bc34e

    SHA1

    ee122095c1a425423cb0fa452ab4ee3c8a7c0a25

    SHA256

    2ae311c86845efc6b0703e93fc421c61f43c6698e2f87e6ee0291b1a3fdd566a

    SHA512

    1571225e73d25a3dbef4dd024750465263b9562417e7b25ed41467238ef51a8aac2d8b6ea186458b96934034e67b72bf0fc5f09cdfa66244c0d6c423db481c98

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b46318232fb71483693441032f93cfb7

    SHA1

    abafa6d1a6e6a9974329d6a63c6f29b3c5d3d97e

    SHA256

    7b0780e0df2d1bcb2be9a18256cdabc4d0e5720ffaac3c7a0a2d54fd02f1ad19

    SHA512

    d5047fbb7c23cec761f87634bf9c118c3b188a21002a760b087a44c6a0420ddf84b48b95f4f75d0409e8f69f6e615adcba645197f905bce50b7e63f3c103ffce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    309b0c3370bc008ed73f9d880a79f50e

    SHA1

    a82979ab7a2bd84eded9c01b86fed7c7574747a4

    SHA256

    a94bd976d66c9fd5da354c5a4c7d827eb38a09841f1a8fc5eed9192245b928f5

    SHA512

    fc1307f4ddbc7f2e3878d1fee4cdd671398be3b5d1e8aefdf6a2d4612b8060d918ecad2ba1ff0b8b1f106e49868f7d53fbfa240cda210b7f757d021c8b6e414c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    18509a9d68380c40627129e20df70e7f

    SHA1

    fce7591dd340fcc2e87e2dc70a7d4df26b10a68f

    SHA256

    7e7ec18ec03c8d424db382864cdeee622601e73995adb5664672ceecc7dd840a

    SHA512

    dc8ad2bb3421bd34d1a8cafb1fc6fa40072369230fb715d3d46a650ffef539c3e793b827b305421a97c1e64680a3689e04363af21798d06b547dd35d8bd03955

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2aefde47aa2ae702d9f02cc5e60efccc

    SHA1

    dd25f41568c9045929d8829d222f38419f4ef7dd

    SHA256

    0d0c60584e5861071136e9204af578c5fcb5d5bc048b83dde15f1a0c2362dc58

    SHA512

    a1b46568954a32bc8431651132775042afd6c8885144f51002d8c836fc260c5438e9c4623acde1df44bc56222df82ca5415b427be9a234a5fdce6bb27292d35b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    26712a225bf8adc5cd2ef6a66490479c

    SHA1

    a91f7a91deee291d2c4bf152fbee33c7e9d8f50e

    SHA256

    38d275c05cc15f730e33aedd135fa3a7ce20fd7bc3fc4aa8b5ab02e1b782809e

    SHA512

    fe755f983dd8ecbedf32a991d7d5e1281f540eddd377610a4ccd1ed178d2e530213e468a498c6e2cdd9923fa5209de58894dc17c9af915507cf7c657042a752c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ec5a6fcb8f541c6b75afa276c99e98e8

    SHA1

    f9ae1559c31c73dc9d58b5fa47ac4d1f2a963905

    SHA256

    87978674fc2a20678ba6f43188d7b23f09bd419c59097a1b15f540511fd8eb3a

    SHA512

    63c39030b2f0e4e5b54d34a6ec2714cfb016acd7c1fe2666702372678c0498cca69648342dcf8cbc569af5e6730b3643f43028eda90f637709770a38ab6d0ddc

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB924.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB965.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit