Overview

overview

10

Static

static

10

Videos/64/64.exe

windows7-x64

1

Videos/64/64.exe

windows10-2004-x64

8

Videos/64/86.exe

windows7-x64

3

Videos/64/86.exe

windows10-2004-x64

6

Videos/64/...E.html

windows7-x64

3

Videos/64/...E.html

windows10-2004-x64

8

Videos/64/dump.bat

windows7-x64

9

Videos/64/dump.bat

windows10-2004-x64

9

Videos/64/mimidrv.sys

windows7-x64

10

Videos/64/mimidrv.sys

windows10-2004-x64

10

Videos/64/...tz.dll

windows7-x64

1

Videos/64/...tz.dll

windows10-2004-x64

6

Videos/64/mimilib.dll

windows7-x64

1

Videos/64/mimilib.dll

windows10-2004-x64

8

Videos/64/...ol.dll

windows7-x64

1

Videos/64/...ol.dll

windows10-2004-x64

8

Videos/Adv...69.exe

windows7-x64

4

Videos/Adv...69.exe

windows10-2004-x64

6

Videos/Cap...E.html

windows7-x64

3

Videos/Cap...E.html

windows10-2004-x64

8

Videos/PsExec.exe

windows7-x64

3

Videos/PsExec.exe

windows10-2004-x64

8

Videos/PsExec64.exe

windows7-x64

1

Videos/PsExec64.exe

windows10-2004-x64

8

Videos/READ_NOTE.html

windows7-x64

3

Videos/READ_NOTE.html

windows10-2004-x64

8

Videos/crypt154.exe

windows7-x64

10

Videos/crypt154.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    118s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    17/02/2025, 11:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Videos/Captures/READ_NOTE.html

  • Size

    3KB

  • MD5

    d2294fc6905efe047a0663b7ffcf79d4

  • SHA1

    9bf17f976f73ec0ce4f05dbfdb5d4ebc9fc1f2d0

  • SHA256

    c459e80d8500c3db9810f63f835e5cc1e4f08cb2deda4832846edf1eac31e1dd

  • SHA512

    983e14d90fe1f5c4993724e1d8ae57132ccda5efc62f0d14146e36c8982d0315753c6aa573f97c6f7d29136051e65eb85bbe9a02846b431a06b5e71ec1ac8a28

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Videos\Captures\READ_NOTE.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2680
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2680 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2964

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    582e9bb383ce6938da40bc4fa6fda6c3

    SHA1

    c06c8dc355b58b7fef2d72a5f7455c011d30a635

    SHA256

    e4b1623a2c88ae82481c3d290d580e164e5de9ca4f81bd3e99dd99c9c01c4a9f

    SHA512

    b21d53012806453112f8c833f30dff4e6b1bf592c8391ab948312e8eeedd26a4a3e4d46decdb1a14b6b25b6574f8e103b8aeb0c4efcd6bca886e3afe982765c7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c5e4f981716ffe269b20329e60141779

    SHA1

    b59dda94211a45628f70f722384d5595ea3234c3

    SHA256

    61d9d3d4421aaab392e62f8771089aa0e5cd26e7206544574aa89cb7203bc3ea

    SHA512

    70bbed7d6513729677ab79d0cf47fb2689e7a4d54a14160c2b64ed6f4b633dcc688faa87743ed4535de891ef221cc51858f77936ec2ebf0ec056bab575cbfc94

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9629080b0d45c7e588d890cb814e065a

    SHA1

    f3d6bad6b72c96b82769ff6f56961ecfb59de68b

    SHA256

    9880ff2493cd99e6a703cf392ce1ae2409174a648182d8370a3576ef902f8197

    SHA512

    7b6f703926d811421004928c9b0b13a025f91fb9f2997e981c7d1bfe57e50acc656e6d61f53ddf2bc0424959174e5943d03f35aeef4102be3de2990f1818c1c7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    42e861b9acdbb9fc187e251601fe9684

    SHA1

    b7795671a39bbed9954ae77d7999ebc4788be93f

    SHA256

    b4a9abc562309452da70e417d10d020ecddb70d3a18d80da1c4e983cc0ff3291

    SHA512

    5283594fbde083e1d639941ec8fbefef23ab06977860ffe801d163d4ab794f0477a8c1de24893db79670b5009ccf7adaab33f1ac9e051f3643b4fe176c45edb0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2dcb44e0d354e51050e9b62c17e71dc7

    SHA1

    dd4c1fcd00135c277164891d21a19945aa06f995

    SHA256

    725279232b1662472fb3e256906a3aff53275181f0a659fae46ab1037e72d083

    SHA512

    34403eb7c8e73a8b9de25450c9f690001d2f2795a4f61582290f3afa2fda9fc039f543182ec824fbb27116f011f8165f11f49159e85fcd2459b0e4bab07c58b0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bd9218de027da2cee9656026a02bda56

    SHA1

    dbcf7b712bd0561a19ea7b9d16fb3c3662408eda

    SHA256

    e917a198f6d26b0d7069d7538500966cf254c3bdfbfd9ad272addcf16fe9a511

    SHA512

    ffd6383fd666b1850c27fba530a52a020c14541995cd2f543aace2a08f02adc04f147ca7ea6c631cc36e332e45019ab50dd1764034bfd8dddb535598acf12b45

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e5d058ab154d98cb33e77355490f2405

    SHA1

    909e174e53c9750326eb768fc7464ec21e976678

    SHA256

    81f383df15d07cd6e35c31cd00d99f61fc563910ecaa225cba04089fae606a82

    SHA512

    26605897db12e05ca9d9022e7045b77d9d64ec329075110162d0188462955baeb972c415618d72196dc03d891990dc4054918849b478637f29466c8a888dfea1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    219b871ea283359cc9c5e038dff552f8

    SHA1

    4ec555c5dd68871059d17f1c7379e61918a8a3e5

    SHA256

    00ee0bbd6e7aed4423dc7759e076c7436b91d1799934f07aae503863e7bf3352

    SHA512

    af9d379b16ff97b930952ce64ab3c6271927fefb22df179c639a43bc3dcff38d443e94be211866e103b24b210eb160a645574b1dc05de7fb6c587b322faf7208

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    32a10674e1d988b5b4769160b2b75d33

    SHA1

    a681356dbc97e411278f6bd44e4549ca7035e040

    SHA256

    8642c78a328a179f27a35405427fb52bf702f6ef00993fea95b69260be86b8ea

    SHA512

    db864ef12d41089d60b59ab19124c602a689f1c781c2bf27bcded3a2a256b4b226164d90f85564a08b7182b94972d04af2b2f7726845e78a29e1005f89e8a4ea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0400a7d445030866088bda376d2af7a6

    SHA1

    0ccd83a6b0715c8a351e496a77bcf6ea1ad94be9

    SHA256

    5f2b65936913387a18a0aec4ad633b4097e3c4acaefd323ec1d20776c4ee46a7

    SHA512

    7260849e9e390169f9151662fd26be03bf1aa170d132d1855d5cf9df4b3bd93bb38bfa2605e7350f90ecc7ca39b26fb467ca92b01960761f64839cf146ceec6c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aadd54a1ddd5f262183f71bfb99f9524

    SHA1

    5c65c73a8cc748dfd6dfa54f494f84c600bafb24

    SHA256

    d0b174e37e417a4d50a9c53a08355d82a6be0a1fd663f7b6a48cca6af5193ace

    SHA512

    41d08f4cf86f76087c750a9aa3907c07500efc319ca65c43673b1133368e24f84a5ef90279cb9e54c51a5818ce124322c148bf9f7c7881a09ae66d904094e28d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    557b7d37238fed2fcd27ab739943fb8d

    SHA1

    7c986479d26cd521a9b8b22ca94fd6b69b5ca808

    SHA256

    c95a9c71e74e4d2357bd1b4a9d07d271f064b77ef01fad6bc50886048e83e70c

    SHA512

    bdaaa22c90da5b8c504e6c633239e9016b531b6bfa722cdbb0861b91ecdb8cca0d6ead4365e191b38c9304042ff150846ec5d71d1f6de44f8b2f1ac572bdb33c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6da7c946139e340b17f7728b6f7b14bd

    SHA1

    d684a1b00ae0e171ae1ddd22963b61d02da8be32

    SHA256

    5663a7cc828c81183398400b4b59721d794a05b31b56742d3486f9988654becf

    SHA512

    b48aab3305efba06e5ed01ead2067b166bedccccc261a5b99914d0b8ff44dbb53c6761d175b374975877a9a5fcf59c88618b3a4e7676b04e5cd9beeb997ca2ca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8fa825f6e1dd56ec629e0054c09a581b

    SHA1

    1d9aa0946c0731095f1099bacac26543e4f8bec9

    SHA256

    e3b5d595d65c838969efc7ff68b1aaa208e3665682b1d0e8252e07a33ff8abc6

    SHA512

    36457db26037d2bbbbbbf5dd3147d4bd3a0eca72401603775fb70a187cc047e0909e6b215fdee6083da4aa3be33a8ea3703dd757cdd3128de7a20023f1c48d41

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE11D.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE170.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit