Overview

overview

10

Static

static

3

AudioCapture.dll

windows7-x64

3

AudioCapture.dll

windows10-2004-x64

3

HTCTL32.dll

windows7-x64

3

HTCTL32.dll

windows10-2004-x64

3

KBDTAM99.dll

windows10-2004-x64

1

PCICHEK.dll

windows7-x64

3

PCICHEK.dll

windows10-2004-x64

3

PCICL32.dll

windows7-x64

3

PCICL32.dll

windows10-2004-x64

3

TsUsbRedir...on.dll

windows10-2004-x64

6

WiaExtensi...64.dll

windows10-2004-x64

1

client32.exe

windows7-x64

10

client32.exe

windows10-2004-x64

10

comcat.dll

windows10-2004-x64

1

getuname.dll

windows10-2004-x64

1

ifsutilx.dll

windows10-2004-x64

1

f_000001.js

windows7-x64

3

f_000001.js

windows10-2004-x64

3

manual/Mss32.dll

windows7-x64

3

manual/Mss32.dll

windows10-2004-x64

3

manual/avf...53.dll

windows7-x64

3

manual/avf...53.dll

windows10-2004-x64

3

manual/avutil-51.dll

windows7-x64

3

manual/avutil-51.dll

windows10-2004-x64

3

manual/binkawin.dll

windows7-x64

3

manual/binkawin.dll

windows10-2004-x64

3

manual/manual.htm

windows7-x64

3

manual/manual.htm

windows10-2004-x64

3

manual/mssmp3.dll

windows7-x64

3

manual/mssmp3.dll

windows10-2004-x64

3

manual/mssvoice.dll

windows7-x64

3

manual/mssvoice.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    20-02-2025 15:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    manual/manual.htm

  • Size

    80KB

  • MD5

    15036497c764bb502abd48efbb1fac46

  • SHA1

    8b2bfb63b247078767b101581e4c63a8ab8792da

  • SHA256

    0b72ba493a432e307df3a21d59ac255d301f56cc602cbc19b8e05885339bdd77

  • SHA512

    3a5ed6e54384e7cea58bfceff7f47a6eaaacab6f95130b96865de2003882a13d33b76923a5eec41a33575814489e0f598683ef8a62dafad305b51f7caa953a05

  • SSDEEP

    1536:vIyp2DSWFvOo7txeogjFSlPYJ4nA2RnZavtUcmTUna:oEFSZc4A2RnZavecmT7

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\manual\manual.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2088
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2088 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2376

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b818746d014e8faf4790309b7b1e4d2c

    SHA1

    89b47aa635abc18eeb260a4a10f9c1969882d761

    SHA256

    11d39f1dc81fb956437dab5c034dc40269c157f6d2404f3fc5f875314816def5

    SHA512

    27c3e33e2d344e08ec08bc6d200243656f0cfb1c541a2e46eecafaa2405afc7f3eb4bfc97204a726639c1d2cf49b1899df404125078cc18f2a0b52725aada243

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    45f961e66db488ff2e32843348eed173

    SHA1

    6e1445a0ef97393fc56b76430ca7523b2dbc96d9

    SHA256

    e122a1ff42ab3c562d0db6882749820582c92ef3309304f3224551034b90d059

    SHA512

    671c64096db8f78e3889ac3295b1d38b8ebcbac2a6b15de27a98fe1bb83a1c6f1496712b88c4537b6f443232c87f724d9bd9f95dca527e67c7c9d98677568eb8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c310a8a9f8f8f17e75c0009dc4dfabd7

    SHA1

    9323269d1be332a43a10ef122fc3fa98613d738d

    SHA256

    81b067dda63f859edbb4f9694e40335ab394826e90de5027568a0605476a4448

    SHA512

    07a1dfbf6273ab7d1715b421232a8dc8b3b3acdaf4c0d3fa64d970bd6ca50649a5e4771b55f526cfa81f9c37c40e4de2ecb2c391b79d18e71d6a251619495189

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ba428bf6517770279686f64515cb0ffa

    SHA1

    feef64e9b8decb2f3a942900e260f3794d6832eb

    SHA256

    4e78a41713c180fb52dd96215366974df8fd852b59dd86b1436427ef725458a1

    SHA512

    8834793e986d977174ce6e7eec69e0ee502a581c7330ca51675ea868b3488f8c36b4d5cbb7e58caf4daf899d7d0c09385bb655d161c22b5b360236d7711c1a25

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e0faf5b691df00614cacababf094469b

    SHA1

    f6920af467daac9473a11c440f71c800146d7f21

    SHA256

    0c85da9d00122b92edd2bed7462ec51b745035f237be7affa5c967e80347e02f

    SHA512

    9ea44d8a2175fb349e0d990b7bde20835dbb18cccdf266dda0f6403a1e5dd226f57583c22dd649c83faf96288bc7690b9d91b1f6dcc7b6f8069f89ca14237d92

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8f83625a631f57ea6941b9b35cb73e75

    SHA1

    3ebd48e0c6578c0e3ab9ccee5f4dd8eec577373e

    SHA256

    e1fa85f759224bb1b856eb6b183c7af6c04523869da8fe330d7b9b45f75ff1d2

    SHA512

    86d53677aefbbf72cee618c1b4240acd75ae4cb0a30289ed6ca22bc09ce74101964feeea52ec44be28640f11b4cfbf0118a00ba2a94c8fd294605141cabd759d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4e7b2a7f30075485df3646d7b7fa9fb3

    SHA1

    64fdf60c573e733fec73bd7a8a294274fa570b33

    SHA256

    b439346279a9faca00a6c6f75103a15cad6679d02b4cddff9219632e30449327

    SHA512

    7bdcdc55b97e938556c96689d7265ae8f0d9ebcef6bdd12ae9f7c83debc6258e2242719716c8f70878a0227413f66d2a57b555e730246db8ae0e81c6c530983b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c5217336a88585a080a3f1dbbec5beef

    SHA1

    2e913204931fc3f46cd573eb69e3b5d897320e37

    SHA256

    754020429d6a8d2fc7d585bbc5f8d660fc76b93ae1f7b6b5116e74c4a60a7b5e

    SHA512

    7455992c3c14b8b85906e0b38aa351f4187c999b83078e2c67c694f5b423fc595f8ff63897ab66814e861f09599b6e99e8134827c0afdf7ab14fc37123eb68b0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dc88ce01888d8b8a7d49ce8b6fafe747

    SHA1

    c5d2204b675588e98b1201343faa3e2859374878

    SHA256

    3cb5d1fc289d866cca991065a079f6ea0a5c363897bbda19615bb0cec4f7f34a

    SHA512

    d4d6e257a82db840a595cd476b5750b9bf26806b5722e8ced0de7842b1c76b39519e26b58e90887a9748189c3e9841367d89c643f4a99e3f0b6cd64540b292c6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e5718c3520d1392ea2f5d3294752322b

    SHA1

    a4c6d37f74a0a136a6767741ecbe86ed526157db

    SHA256

    755f7aff9568a6c37813dc5461ca557d2ef3ad55f391edeb0b830930e89d573f

    SHA512

    8383ad8481e092e76e378619002d212a93f537f260bd8cd899985f123ad8398d87563ec07a1f9cb3acf2087b3a4413b4d096fed3731d571b1a4a612a6a383bf8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    75bee71a39b71b853c3a27f404cd2b27

    SHA1

    d6f6fa056952c0df8b33509d8589c21525e188e6

    SHA256

    70c9752b7a78451b091257722126dd1317159a968f03b8efa9c7b369ad9e623a

    SHA512

    9fc40744f652f152e8f1f82fbcb861ddbc8cae2515afe7517ff4ae94203c6aabb50256af15fc67493c3b07605a97ea61cd3e6cd5290c88dd582834ef23806df4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1f3debe72610aad51405ab538c65c26b

    SHA1

    d6710a2db32eca453b3d1d107544f698eba9ca91

    SHA256

    c58cd6438158ab2dd12c1f58e6b19ff3c21862ae0bd071b030b632d691e820ca

    SHA512

    6cf2261291130a2cbd79c005df9c024092cdddf6552c87d258095521dd24ae689dc30bbac5deea17fd489d5b488bc15277be9c1f2d4c859153d48eab93284114

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    062f2927349e2b97ed93759518c10468

    SHA1

    1f558fcb0c18e3063cca52f555577c5e6d4cb41d

    SHA256

    b1828259a60eee1843960d6576a0e5f5d40c5e0e2ae8f80be63b07918cca47d4

    SHA512

    bd60b8a47d66becee97ca54c190548ccd3ad75459464718c7cc74c633e1bb25d70c7374f61bf9c6b8604e123c406d0e8f31b060a0bbf2f25a5da21989361c250

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    50a712bed405e7222b8bd46aa8f980c0

    SHA1

    fa7bf7aed7ae708be7ae05cb8f94c3c065c5fa72

    SHA256

    61319f2977995a9b4185f290c4bd66d071a2a2335963d08fbf335bb15d196a10

    SHA512

    e8291b1ee9237c29834b20fbb405e7efee6535d6ff1604cde0458c52f62616c2e874d00a91ac61d557e71749e3cef7a854f10a5a04307af06d3c0cb08eef5a78

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c5b5789afd469c973591dd71c73b694e

    SHA1

    6cec7ffa204d08c5b21290207ed9fcd84aa39054

    SHA256

    8d6158605eeeccf98c9b85c60b63be9e6c4c4dbd38a311345484ec68b141477a

    SHA512

    b3373d616dd2423bedfb4d74761d39809d6e0773cb4b2eba3602ff7849e7d1c319b74eecb85fbf9956975a93af18538fcc8af8087a97461fbdc802344e33f5f1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7f473e9c688ad7d4344152bfd67f54bd

    SHA1

    a76aefe60166fe7c8411f0e64049192941fd413d

    SHA256

    09c90dca4a490fc2030391feb90b959e788b4fc8a3d92a0d38238c90da8f1c5f

    SHA512

    a4df00895d060cac1f94cc49a035097d945585b38e01053fcf549f95cd651b3ad98f00786ad5ff04890ec60f1cb0e6bb6a2084b9343b5806f8f4eb5b24a6df45

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    674ca0b3dfb78461542d7ee43f738c6f

    SHA1

    61e9811e8345b35952c75d4733cd9b448c69a216

    SHA256

    68037dd6fddb4ec913c1f9d398bc023bf21928211fd02a8287c8aaf5a1b3b16b

    SHA512

    3bb753d0d2e0e34e294839f3493cb7f77bf8f0c54a129244192569087008dd71ba31ca1b7c0537526c976d7be9123d8d1bdc7e0fa563312c76a28de34df4ac78

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    226f841ea4a0ab89b282f102c0560671

    SHA1

    47bc51afcafdccf5cb0acb089841e215d9270634

    SHA256

    6f0399d5bbc4d40af647baf5cd40ae7b0e86edc9d7d2497b506a9098cd561b2b

    SHA512

    f448c90850b5f56aafe8d5d2fd1d93e23e6afb0bdc8ae904b32a2dbdd98dea235f6784a48276ad1adf14b2bf5bc9e7a64b6f6183a9ebe66c6437b7563174aed5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    367487cedf2b0058e2ce3dc46ca9bd23

    SHA1

    27d2e1c8374911569b5cb97da06fef159d3b5115

    SHA256

    98837a81ad96c3f786ef990c658f8210ac8a0340c68227d6b47c68a20f03afe5

    SHA512

    93bb68faa89e9e5695f671db53070ab9bcbc6046102bdd9f7589f8c291df525bebfff329b005e49e7a518fc057ad5378ae5bc0f50b64969784a5e50050cd1f5e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD819.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD87A.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit