Overview

overview

10

Static

static

10

PlutoReape...MS.exe

windows7-x64

10

PlutoReape...MS.exe

windows10-2004-x64

10

PlutoReape...V2.exe

windows7-x64

3

PlutoReape...V2.exe

windows10-2004-x64

3

PlutoReape...on.dll

windows7-x64

1

PlutoReape...on.dll

windows10-2004-x64

1

PlutoReape...n.html

windows7-x64

3

PlutoReape...n.html

windows10-2004-x64

3

PlutoReape...n.html

windows7-x64

3

PlutoReape...n.html

windows10-2004-x64

3

PlutoReape...n.html

windows7-x64

3

PlutoReape...n.html

windows10-2004-x64

3

PlutoReape...n.html

windows7-x64

3

PlutoReape...n.html

windows10-2004-x64

3

PlutoReape...n.html

windows7-x64

6

PlutoReape...n.html

windows10-2004-x64

6

PlutoReape...n.html

windows7-x64

3

PlutoReape...n.html

windows10-2004-x64

3

PlutoReape...e.html

windows7-x64

3

PlutoReape...e.html

windows10-2004-x64

3

PlutoReape...n.html

windows7-x64

3

PlutoReape...n.html

windows10-2004-x64

3

PlutoReape...n.html

windows7-x64

3

PlutoReape...n.html

windows10-2004-x64

3

PlutoReape...n.html

windows7-x64

3

PlutoReape...n.html

windows10-2004-x64

3

PlutoReape...n.html

windows7-x64

3

PlutoReape...n.html

windows10-2004-x64

3

PlutoReape...ics.js

windows7-x64

3

PlutoReape...ics.js

windows10-2004-x64

3

PlutoReape...rap.js

windows7-x64

3

PlutoReape...rap.js

windows10-2004-x64

3

Analysis

  • max time kernel
    140s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    05/03/2025, 20:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    PlutoReaper/PlutoReaperV2/PROGRAMS/PHISHING/cryptocurrency/login.html

  • Size

    7KB

  • MD5

    4274f4194a8806dbce4b2596684aa498

  • SHA1

    b7e6a10ea693829861493dfe162bb7c3c1639c8a

  • SHA256

    0c8190be1be671249b9a516114121c232d1b90b44a383316f5ae3dc7d002ffe2

  • SHA512

    6e1a6a21cb798c20ac9e1ee826b66468735f609808e41d43d71fde5903d4dcb2f0a555e10c26fc1fcf02f524438ec96bce81eb3e85e18787c438f2a01c1efc6f

  • SSDEEP

    96:mGe7ZNWrDrDFIbTIVxw1vw+Z1vcQJy/+OrQ/EYwvhGDIZ/+mQXOCnCZPCYC9Gi:Wx4cywMh7ZsX/CY9z

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\PlutoReaper\PlutoReaperV2\PROGRAMS\PHISHING\cryptocurrency\login.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2704
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2704 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2672

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    71KB

    MD5

    83142242e97b8953c386f988aa694e4a

    SHA1

    833ed12fc15b356136dcdd27c61a50f59c5c7d50

    SHA256

    d72761e1a334a754ce8250e3af7ea4bf25301040929fd88cf9e50b4a9197d755

    SHA512

    bb6da177bd16d163f377d9b4c63f6d535804137887684c113cc2f643ceab4f34338c06b5a29213c23d375e95d22ef417eac928822dfb3688ce9e2de9d5242d10

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a1d8132d2c3b62fd34f1101fa3664f9d

    SHA1

    58528fe718b905e1d401fc17c302f8555fd4c729

    SHA256

    67374c68d01d4d817367e564cbc61fbfa0e224636eec3592066e989fb95c7a26

    SHA512

    b824cea6943a62025a87340e05e80da84842b9b1f938879e0567be04122dfc968edfcbbd015c1bd27b51b663a1c12f634273540dd72007963435570c735dfe9d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    13c157955c990065cc85ead819b1cc37

    SHA1

    a176dcf84cae84137743570bcb3a7dcea71d2e46

    SHA256

    b4ced78d3d8aab4a42ed7d04b288a1a3eed2d7fd0019550b734d0377aafd308c

    SHA512

    3b595824674299b81a8dbb6713a39b913cbdfe3c505e752bda033da1b003093d10a1314c35aab8c5a2093b6b041b72e10c76748751b43657632b4cf0da75708e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bfa07a88cf7940fda5cbf61151a174ac

    SHA1

    18deefa32d2403baaa27a6fd34f3ceaee11043a7

    SHA256

    fe159368d0bbf29e1d0713c168d412861c42f94f432c83d16eebdc9952035ba6

    SHA512

    979282c617dd314354f5daaa48385775b1d48e0878df67eaad490748e1fb309fae29b0238db2c7eb4cee7bd06ec00af3293eb583f40ab872922f697f04547ca4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6eac1640536f613e56c6e2710a3756e7

    SHA1

    07a898acb370d0846ae3a611380ff141facee7de

    SHA256

    73e6583f6efabc758fb851a88eabc66f92950df99e985e07db8305224fbb8cf7

    SHA512

    2a226fe4206631d3aa67f870e88a69e116b982b74e23a715ffd8222ec06759eaba5f2014cedf625c6d17e780f1b8dac016f6284fc3b5a8809acfc8f7fa20cb9d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f04ea937dd3ba42f544d348fa9458325

    SHA1

    e35a1af371aad3d13b1dc67c73d0be0123a1ea27

    SHA256

    d9048377b8382489f2f18a53d72d483e8af1da714606059e2a2db8a5fd6cd1d2

    SHA512

    1def891c40de32e659b41cfc7e5fb5322bff28fea1c6319bc733611a30a62ea053978630f20c81ebf3fb9ca619b0ae7b3ecc77c3ccf5240b8f61dfd4fa9dfb0c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    49290793d498d50da83cf7e9868a1800

    SHA1

    92611bfc7dca5e0088f82ca77cf273b6b2353ae0

    SHA256

    2e235baf0f940f00d7f3e67743c79f96d1856f5a99cf3315ea92b2ec5b28923c

    SHA512

    53e4929c80de9b20709bb39b60dd420bb37a29c67bafbab97dd777b179479c31b3e7cbfcdcc3bb3b89eaaa2a8a24b1e45c797b42d252f0754b3a8179e56c5693

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    38ab86ae87af274fa5155ae2fc6742e8

    SHA1

    8b3dfea4541d7335de7e7d61d64d4729ff817296

    SHA256

    a1979326e89d5ac8996d81819f095048485dac409a560f9d38fddff86ea18bfe

    SHA512

    332ac006b49dadab87d8bb847201309cdeafc4b19e31b1b69e22cf09c3a9212a4f8f5df8fb046e0ec6ab71344aa09173abe99a2f81d97463a69d3325668fd615

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e19383edd5fe201084d06d455eae227e

    SHA1

    a6766677e69d839ba3a666987f307dce82793c64

    SHA256

    22e2a7a03dddc7e3158ad22fb7e568a5083eed0bee98b25243764ee11687e1f0

    SHA512

    c54b5bf69c30312da0ea483b5bee2b52b4195bddb07a2e399d089bdd6f337800163519a6039d9d28c6f0bbe344e5f434bbf0db886c0b59c8db30e31c89ee4c2c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    242e6b0bed7d4018ec89f42c5556f708

    SHA1

    1f61cb2c2a20850719d00ab02d8f227afe7b60df

    SHA256

    2ea987628cc1a207874af3545c7f15cf32d73f6b7982c91612d56a48e2ef48c8

    SHA512

    8ecc03a347c39042e01bfab2ce4dcd1e047b29b784f44fdaedca7da449a249fc41f3c90dd64fbe30080a6c30ae94bfcb09c69b3fe80336462ff1aa5b7e897fdc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7e1b56193a543bef1d3f58b30e17a441

    SHA1

    23f25de48b939f8ef13d928f67b1158f4ef6ad40

    SHA256

    77d152d254de48aef9853e660ba2a3d7a952018f530e127b32d0052b29d21555

    SHA512

    f53bd9386bacc871d382aafbf7300968d09db6b4747957ccd80751799ec7278a2e84a84de595f4fb636f342c16a85aa43ddbcb056e3e9d5ee5d6906de3c9adcb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0baa5c2a10b959e46a8bb3a44ec31f4f

    SHA1

    b8fcb1745caa7d2ce49a5c3e61928aa6d8b2c6f1

    SHA256

    6779a5171e646bc6fedeb61673c5d09b8ab4404bcc84c94cd2103fa3788ddf63

    SHA512

    c735cef1af39deb5fc8d13aa54f2446909cb8067cae8ac7ec78231a9a46197a814fc71f0cd0d432d889834dd89504f06943153da2821b5832d15c046cc4e7b75

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6206.tmp
    Filesize

    183KB

    MD5

    109cab5505f5e065b63d01361467a83b

    SHA1

    4ed78955b9272a9ed689b51bf2bf4a86a25e53fc

    SHA256

    ea6b7f51e85835c09259d9475a7d246c3e764ad67c449673f9dc97172c351673

    SHA512

    753a6da5d6889dd52f40208e37f2b8c185805ef81148682b269fff5aa84a46d710fe0ebfe05bce625da2e801e1c26745998a41266fa36bf47bc088a224d730cc

    Download Submit