Overview

overview

10

Static

static

10

PlutoReape...MS.exe

windows7-x64

10

PlutoReape...MS.exe

windows10-2004-x64

10

PlutoReape...V2.exe

windows7-x64

3

PlutoReape...V2.exe

windows10-2004-x64

3

PlutoReape...on.dll

windows7-x64

1

PlutoReape...on.dll

windows10-2004-x64

1

PlutoReape...n.html

windows7-x64

3

PlutoReape...n.html

windows10-2004-x64

3

PlutoReape...n.html

windows7-x64

3

PlutoReape...n.html

windows10-2004-x64

3

PlutoReape...n.html

windows7-x64

3

PlutoReape...n.html

windows10-2004-x64

3

PlutoReape...n.html

windows7-x64

3

PlutoReape...n.html

windows10-2004-x64

3

PlutoReape...n.html

windows7-x64

6

PlutoReape...n.html

windows10-2004-x64

6

PlutoReape...n.html

windows7-x64

3

PlutoReape...n.html

windows10-2004-x64

3

PlutoReape...e.html

windows7-x64

3

PlutoReape...e.html

windows10-2004-x64

3

PlutoReape...n.html

windows7-x64

3

PlutoReape...n.html

windows10-2004-x64

3

PlutoReape...n.html

windows7-x64

3

PlutoReape...n.html

windows10-2004-x64

3

PlutoReape...n.html

windows7-x64

3

PlutoReape...n.html

windows10-2004-x64

3

PlutoReape...n.html

windows7-x64

3

PlutoReape...n.html

windows10-2004-x64

3

PlutoReape...ics.js

windows7-x64

3

PlutoReape...ics.js

windows10-2004-x64

3

PlutoReape...rap.js

windows7-x64

3

PlutoReape...rap.js

windows10-2004-x64

3

Analysis

  • max time kernel
    117s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    05/03/2025, 20:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    PlutoReaper/PlutoReaperV2/PROGRAMS/PHISHING/facebook/mobile.html

  • Size

    9KB

  • MD5

    781baa7878daf277f0faba6353ed541e

  • SHA1

    1aadcd6dcc52218b5652f7c91d9c4d741536307b

  • SHA256

    2117e2514f1666864ca757e53dd379dc88eaf92255613057fa5f0668aca68379

  • SHA512

    88c0efa80ebd0a9f91e5b245d6d55718a2f1bd27a645ed9a96b831f38e6eeb98c20a744c665342c4f47b40a8228cf41a33b0b2864d5c301345c1e4f8cbbcca49

  • SSDEEP

    192:S/GYrJb8WGtE5f6eE7w5a91mFsOYoTKqob:S/GYrJb8WGtEET8a

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\PlutoReaper\PlutoReaperV2\PROGRAMS\PHISHING\facebook\mobile.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:536
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:536 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2296

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    71KB

    MD5

    83142242e97b8953c386f988aa694e4a

    SHA1

    833ed12fc15b356136dcdd27c61a50f59c5c7d50

    SHA256

    d72761e1a334a754ce8250e3af7ea4bf25301040929fd88cf9e50b4a9197d755

    SHA512

    bb6da177bd16d163f377d9b4c63f6d535804137887684c113cc2f643ceab4f34338c06b5a29213c23d375e95d22ef417eac928822dfb3688ce9e2de9d5242d10

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    9bbc1a9fb985fa3f9bbeb8f8bcb3fcca

    SHA1

    d7fda21141675b50a9a1993720e3586e11a6c5a3

    SHA256

    404082a6fbd5125e93973290620644eceeb9493f60cd41b83ce9519c29d37986

    SHA512

    c15cdd92406ed9597cca4d004a210a086f2776cc07b25b5f8faf7167a7316791bca186ca423158d56238dba5cc703b3c0cad549dee64365da2bea52237e67606

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    43575832b8eea64fcfb511abdce24c29

    SHA1

    cfdf20a364e4ec5e6bbb41f1f4efdb4cf4176bbe

    SHA256

    a37c3633326b9a553d53ec10bda1f6fbef47f6d95d7933fdc0f1cea94473549e

    SHA512

    3661a297d7f23a693e76e0cf83df65f53f132625045c5bdfde14de106a419ca85c46b99654f4b495e06f97f9273905faa8cc8aae7b07d5a37e2ad5ba4297c964

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0cae3e56f986ef2938159beefeae0512

    SHA1

    ba051b1208127bb0f9196cc0bbe21cbbefef1fed

    SHA256

    da1eca70038c4189884deb31db3adf4c268da4c549f18d1ac56cb4edc0288117

    SHA512

    797e596b92dc41226cc115038886d6dc392cd5e56ba14ca8c4e1dff7e6d8bac6387b86aebac8cb9092a9e65a4bfe0772757e360b82df796740c1418dadd844ec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    32fed5c65411aa655c44bf0de693a7eb

    SHA1

    00272cbc299f6c9e84df778361f33359de512200

    SHA256

    5b16c8280951edd01f0f3c17d898a4c2c3981c4f057855d9c68d4b719a8618a9

    SHA512

    bdf1199c54d88cad8380f5899575bf8daa0f2caf8563d6d5054b5d73c20617dd993c06f26e9faad17da961aa82dcc9a21a7b8b6c3858f25835d304183c0b8740

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e4ebb1582d92f728160f1d6f6d696a41

    SHA1

    958e2b1e5d0c42fb247178819b45752753d46b53

    SHA256

    74c5385da5fde42ddcce10003b9b43231bbba5523ecd4ce78fd67c108d48b3cb

    SHA512

    5d24919b523eb4d1de267c84a2b3659c54aeeba20a29fa82dab6ddc5537ca0997c6136da1db566876b1b9b456d6dc4f7b80a687ed4df87d3ad1d891f2c487ced

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8a011623e5b558f3e50828acbdc2b897

    SHA1

    c807e86d1089b1ee49ceba4a72b68aeb13a7566a

    SHA256

    6bd63d19bb4cac0968e8ebfff00beddb032ac33800061e2ac2b2ba8f78300ce9

    SHA512

    926c2c7341f74846eeb4d2625c98805ca5e7d808fc264cb48c38dd49d13b0ba1f386435ed4946943779dea7ee1e85b8d11d027730c1594ee940ea4e26b80659e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7e2dbc936873f61bb04445367bad72db

    SHA1

    dd7f776154ddbfcc165501a0b5ac166f2bd846fe

    SHA256

    75346fd27a32b78d74df00ea298047cbccb978a883d0c0073530955ee24212ed

    SHA512

    9f94a2a8be4bc93309983af9a0d586731ddcfba25206c60e917e4cef6a49df96dad41f090eaadc344de2d17680a2001b1c86e8ee50062d9fbcbb8be5750b3ea5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    1b41bbd9ff5ac663fba47a84a099c999

    SHA1

    54b28d6640cbca8667d512f692068fe5aa451e23

    SHA256

    7d677a696448ba4b4741125a94aee31d64f7c21b7b6873f6dd50987b7145c93a

    SHA512

    c50d4d20ee5cddeb5f044bef46f72831e57647cc82b72caaa3985f8d5f6179b619357bfe7e272068f5a1be0c9bcdf731cfc880b82df99c0880bfd2c36d32abbe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    d7f4a56d0adb0ee8e0f021262bca399d

    SHA1

    bc4e0278387cff5ef88af6b625a3770b935630c3

    SHA256

    c473bf013875e44c60388e9a316b492d219deefc4f7b0b3f1f806a5b86ae63aa

    SHA512

    4173ef8e9b21a0737df8976981c79cfd5b1246e1ad59ef881e1d532a0f0a651dd4f7d9ab91b2a9845d788a44cb94ca30696f645baceccc66d7e77af676e5efdf

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabBFC7.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarBFDD.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC306.tmp
    Filesize

    183KB

    MD5

    109cab5505f5e065b63d01361467a83b

    SHA1

    4ed78955b9272a9ed689b51bf2bf4a86a25e53fc

    SHA256

    ea6b7f51e85835c09259d9475a7d246c3e764ad67c449673f9dc97172c351673

    SHA512

    753a6da5d6889dd52f40208e37f2b8c185805ef81148682b269fff5aa84a46d710fe0ebfe05bce625da2e801e1c26745998a41266fa36bf47bc088a224d730cc

    Download Submit