Overview

overview

10

Static

static

3

AudioCapture.dll

windows7-x64

3

AudioCapture.dll

windows10-2004-x64

6

HTCTL32.dll

windows7-x64

3

HTCTL32.dll

windows10-2004-x64

8

KBDTAM99.dll

windows10-2004-x64

8

PCICHEK.dll

windows7-x64

3

PCICHEK.dll

windows10-2004-x64

6

PCICL32.dll

windows7-x64

3

PCICL32.dll

windows10-2004-x64

8

TsUsbRedir...on.dll

windows10-2004-x64

8

WiaExtensi...64.dll

windows10-2004-x64

8

client32.exe

windows7-x64

10

client32.exe

windows10-2004-x64

10

comcat.dll

windows10-2004-x64

8

getuname.dll

windows10-2004-x64

8

ifsutilx.dll

windows10-2004-x64

8

manual/manual.htm

windows7-x64

3

manual/manual.htm

windows10-2004-x64

8

mprext.dll

windows10-2004-x64

8

msidle.dll

windows10-2004-x64

8

msidntld.dll

windows10-2004-x64

8

msvcr100.dll

windows7-x64

3

msvcr100.dll

windows10-2004-x64

8

neth.dll

windows10-2004-x64

3

netmsg.dll

windows10-2004-x64

8

panmap.dll

windows10-2004-x64

8

pcicapi.dll

windows7-x64

3

pcicapi.dll

windows10-2004-x64

6

prflbmsg.dll

windows10-2004-x64

8

provdiagnostics.dll

windows10-2004-x64

8

remcmdstub.exe

windows7-x64

3

remcmdstub.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    134s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    17-02-2025 15:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    manual/manual.htm

  • Size

    80KB

  • MD5

    15036497c764bb502abd48efbb1fac46

  • SHA1

    8b2bfb63b247078767b101581e4c63a8ab8792da

  • SHA256

    0b72ba493a432e307df3a21d59ac255d301f56cc602cbc19b8e05885339bdd77

  • SHA512

    3a5ed6e54384e7cea58bfceff7f47a6eaaacab6f95130b96865de2003882a13d33b76923a5eec41a33575814489e0f598683ef8a62dafad305b51f7caa953a05

  • SSDEEP

    1536:vIyp2DSWFvOo7txeogjFSlPYJ4nA2RnZavtUcmTUna:oEFSZc4A2RnZavecmT7

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\manual\manual.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2280
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2280 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2976

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2dc458b7c04918f9fc93311e7f0403ba

    SHA1

    2bdc39525fa34bb402ab2541f49bb5d93be9d958

    SHA256

    bc8ebf138cd8bc86c674d59b015578d9cef0d8c6f8ec9c97348cff55e6409559

    SHA512

    50f1ce34189263346188c65b3d59ceb7b03681a7408830ad64fb2ec4e0c50433d5a49806a00263e9074771e241840c3706232ce4ec939eb24757ab90170f89e1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    442da8cfd42f477e87e7cebd33013e75

    SHA1

    6e0eed116a43865e75d4cc25b22305b6d33aa845

    SHA256

    5912648589040992888e0c8ef74eb1235e33171f7540fc22158e7dd7a6b4ddcf

    SHA512

    ef8536eb0da772dd50445f38504312cb5696902304059b416be592a9f2276e456859c69cab22fd431075822732dc6cbaa0bdecd522c9d6581b9e56d41e67006d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    34b563bfa6886020e72a385f84b90386

    SHA1

    ce0f2a2b3792faa6959bae687fbd7c3da0724960

    SHA256

    79ea8447e29389ed714438dbb6a78b1d24e894f5b60b2d4139a9d7170eddceee

    SHA512

    36ae9d804f6ec495fe3662e46f89ddb6b3290e5c6cd9a744e8ef55a86d0fbd65e8c0ca854cd93d771b4478cc1bb22ed813b6bc0ffbe7ef562cc25656906fa10e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    08feced0121d6940e303e10067d357fb

    SHA1

    ecae191f734e5a7f951e030c71981a4ca4da96a8

    SHA256

    66b0927b1769e0377b12c201de6ae60bea8c57f216488fb64f317d45678ead26

    SHA512

    a0ed634e0c78654b560e4e7f72526bc6baf80b98db491ee69e0c4ed67fd89b88583a53220e753c7e237103b5055ed76065587ebeb9e04a22b8b57dbc549a770c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    be0cf14c23ba2ac738691bec78955bcc

    SHA1

    2443084a42b46091e9094ca2871d862b88db70bf

    SHA256

    5d2a781d3db2cfe90bab6e9849d50f7262e30f722051bf9214a5939c82cf3958

    SHA512

    479ae31369ea3b8f2223e2447c830df972c93d604903ecae7cd9fd4102e8ff26ba93daba84db23d282cbc12753855614419141c2e6bfcabcf293792844d35272

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    06ade071577e0304d002257a853eda25

    SHA1

    de883837ed474fda4e1e2f22ece9b8a71ae26f16

    SHA256

    66ac9792ecab8fb694fa4ee344c99f834664bb6b288f26645e29dd6316f0e8cb

    SHA512

    f13141f6df977b1db8263c24753642044c10ea0e675fb936c1922ee7504ec2b8b28f19b77d47b23ade69230cabcf005bbb8c32e823afa3b62bc4f6e262fbfb92

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    60493abab363c4530bd1b49d95adccd1

    SHA1

    0fa151021164a384ca6d96b6bff99ca7d1661e0c

    SHA256

    aefd1262eacf73849070ed1c82db60fdb3688f7915e825d2a2acbc8e285b7c7d

    SHA512

    07e9b1a0f3959ae128f65f0231df9868ea82055acb727d4df156e608446a12436d7515b1f1fade3089030228e87b6779f6300836fa6e0452af3cb3a32ee72df6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB5DA.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB61C.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit