Overview

overview

10

Static

static

3

AudioCapture.dll

windows7-x64

3

AudioCapture.dll

windows10-2004-x64

3

HTCTL32.dll

windows7-x64

3

HTCTL32.dll

windows10-2004-x64

3

KBDTAM99.dll

windows10-2004-x64

1

PCICHEK.dll

windows7-x64

3

PCICHEK.dll

windows10-2004-x64

3

PCICL32.dll

windows7-x64

3

PCICL32.dll

windows10-2004-x64

3

TsUsbRedir...on.dll

windows10-2004-x64

6

WiaExtensi...64.dll

windows10-2004-x64

1

client32.exe

windows7-x64

10

client32.exe

windows10-2004-x64

10

comcat.dll

windows10-2004-x64

1

getuname.dll

windows10-2004-x64

1

ifsutilx.dll

windows10-2004-x64

1

f_000001.js

windows7-x64

3

f_000001.js

windows10-2004-x64

3

manual/avf...53.dll

windows7-x64

3

manual/avf...53.dll

windows10-2004-x64

3

manual/avutil-51.dll

windows7-x64

3

manual/avutil-51.dll

windows10-2004-x64

3

manual/binkawin.dll

windows7-x64

3

manual/binkawin.dll

windows10-2004-x64

3

manual/manual.htm

windows7-x64

3

manual/manual.htm

windows10-2004-x64

3

mprext.dll

windows10-2004-x64

1

msidle.dll

windows10-2004-x64

1

msidntld.dll

windows10-2004-x64

1

msvcr100.dll

windows7-x64

3

msvcr100.dll

windows10-2004-x64

3

neth.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19-02-2025 14:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    manual/manual.htm

  • Size

    80KB

  • MD5

    15036497c764bb502abd48efbb1fac46

  • SHA1

    8b2bfb63b247078767b101581e4c63a8ab8792da

  • SHA256

    0b72ba493a432e307df3a21d59ac255d301f56cc602cbc19b8e05885339bdd77

  • SHA512

    3a5ed6e54384e7cea58bfceff7f47a6eaaacab6f95130b96865de2003882a13d33b76923a5eec41a33575814489e0f598683ef8a62dafad305b51f7caa953a05

  • SSDEEP

    1536:vIyp2DSWFvOo7txeogjFSlPYJ4nA2RnZavtUcmTUna:oEFSZc4A2RnZavecmT7

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\manual\manual.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1252
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1252 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1588

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    76312f89ee2fa39d52c515a148866b92

    SHA1

    3ed63d94bf7deea6ef9c8ba209ba51a6b9096109

    SHA256

    e07c07665d3f1bf6f92889b342406d1db0bff24d1cec0ed810ad557a18116446

    SHA512

    f9697496c2ab7384b20acc8fcb9b6d395a7c3a4e1f65439fb84232dbd24b1230251aba134b1c9d8eea750573ece7233a5d8c1301d0234f4b91c120745f98e121

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a0fabccf7c314949fec507dd73865ec9

    SHA1

    f94d5694ea2ed4e29ce2c3a48b04c691932c70fe

    SHA256

    45cb8a1b9c7a071fc1c50be42e7ce8d6b04bbd8abbc3526577b1bb348c3d2fb4

    SHA512

    762f62b9c1c8476e9598b95f7a7d3434aa179e6f580fb7b4204d8b05400870724ab6de7a721de3e74f0a18667a3ded38262806dcdd6ba9d47154ec3862339068

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    48039729ed26bfa9c12d598497aaea21

    SHA1

    9605e0a15c8539a5e36243f646a5fd73c3561f91

    SHA256

    9a7ce95d38efb4feb51e443c72da56f202c538f46552b801c2362896a282d675

    SHA512

    9e17ed1e979be42720e905c870d3d9d2de3f441b953084475c7129b8531f21c9264e34956816a95f7e61bca1e5f25b4268bfcfabae6d233def435625c6f47a4c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4645006636136e6a087e1aa92d8b08cf

    SHA1

    49282df4d0211b130656f86f3d8505f36ccfa735

    SHA256

    a9ff12c964ba4b458272516f6742f7ca07370db89d6247c67ccf16cfd046d8c9

    SHA512

    44873eecd5e89c45400c6b2168c3fc990475724b6cdbea0a219b5018aa2d2bfcd32b2cdd0f1e5dad853babfe819e75542333f667284849154731e10ab667e5e6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    826a3ca87080e3e88dc6370ac2f56b90

    SHA1

    d96323af1f966537d35813ef98d4b067d1999238

    SHA256

    a44d4f51d016189124ec0b4ae6dc91ced9d09000c407fe4de6204ab1284f75aa

    SHA512

    61a888ca8ac1b91590875d5072509809c24c2b8191ff5ca2aa58c4982964f851260a304f820efe2059deb148064b4dde901f967eeca70a8fa92cc43fc8147709

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    97cdcda391d35f720a14656c34f3e4ff

    SHA1

    777350c3b86ff33d89b92a96cedc523eb48a77a0

    SHA256

    d6af087a41b7f90e74cbbe80af4a213870dff74292554677ba391acdacc5303f

    SHA512

    52e2648ec105a3383683649195b44de47afc8bf78266975f4816f4045ab9e9b4fbc3747b09158b3770652524225c7e5a7ba8d839bcff28c0cb92a7aecbee38f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4359bd2b3a6346429db333317cd1768d

    SHA1

    91c2527c04d26a03585995fbbf28162dcb3ee576

    SHA256

    31f443e99b113f010231fd8fa949085598edb1dbc337728669b74efbada73b5b

    SHA512

    6d336f80497493a35c378672ce4d34f064063bc854e5bc6611f497d5bcd6a9a9737ce102d204acb0e9c27dee26261306b5838042dd77544025d3bb7a5fc6ae21

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9327adcf03359cec1176da89945e8650

    SHA1

    c0e1d8cce5446fa7cc080493e50cf3b02ac15773

    SHA256

    5552c42397427b9925ecd836dfc1b87a59484e9c8211622e0a9b460819368ef8

    SHA512

    0d8627d11d0fd0dbe53c7917f7c04a8af0a91d391aa50b6f6f7da8b9c71e3b275d18461e2c00762916bc5c2b6ec86f93f305aa5460b4367913a3725fd6a619c6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8fbda06370da9729593e940b6f8cc647

    SHA1

    98a2ed99cb1013b7f155c93e764862dc331f4bfa

    SHA256

    b5a5d7a1f066219bff833a50e95688ce1c974d71db0701837924e3085a392205

    SHA512

    84b8e5a8b052dd4dee1c935dd2f6c1d041f704b0a198ac3217415e121a5e6a4b7a7d3ebd6f3b9cd8936d9a640ee80e32a731a23f29875da57e03dc2124d005b4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b50eae52cfa6604aba0e5226ee32a077

    SHA1

    2c5bdf2869b6b6da259541a7573d08bb3324e624

    SHA256

    41774acf590992b013a3715cbc08e40f7f1a5ed1942d86d62cbfbf1fda372fea

    SHA512

    c81a08e6ccac8dd478cce99230136f6a3c628bade5112236e5b68d4f7b96d4e144cfd1faca80506de156b6c6bdf10b9dbb1940eb18a8628452fa1e2ebc7ac2e9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    891f0cc3341f69037bb846aed4322b60

    SHA1

    2cc330028a83eef115025b40e2fcc0ee5cc812af

    SHA256

    42c437b64dcc516b0508c76c65700fe907692b95c56c0bb8e5cd04e24757298b

    SHA512

    114d8d675518b1ff918a2d29b6f46af70edba2065d40fd68fc5c428537acc612fdaeb2ff4aaa8045487da0f5c8220a931fc2a0f3d7e37ed00b33aab7013f08c1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8014aca867674d126cd68b86e3d2bb39

    SHA1

    4f0fc8d1891a61013715bc11e10ebfc92b99f987

    SHA256

    54d77f3a7488b3844abbabbebbaf9287ffb1cd9353d0a4747fb5e3ac06799560

    SHA512

    9b053d0a896872fade33c4d20381f40cabe89dad1f095dd0e921332ca812cc1a1f4af0c4e653bcc94050d9a7edf9799aee35ddcf319e73639098dfe21b623334

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabBD59.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarBD6C.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit