Analysis
-
max time kernel
137s -
max time network
138s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
-
submitted
05/03/2025, 20:19
General
-
Target
PlutoReaper/PlutoReaperV2/PROGRAMS/PHISHING/github/login.html
-
Size
12KB
-
MD5
4d969a8b2808c635de7e359e64e64b67
-
SHA1
32d826f58a3b647f0ddf25b5cea4a8e13e737a58
-
SHA256
28ecf3a981f4b2eb37b499401745bc5b06ec1c80b27c3d45981edefc53ac45d5
-
SHA512
c648486c0657043e9bd1771f6ac1ee41e023c14e81f4e67da5e950adb749700121aca2bdedba962284434860a3899f2b21133ecaabeabaf96a3df96ddf67dd03
-
SSDEEP
384:Arc/x+o/yXVYRYhHyQrmbPi3a5HymU1W/7b:Aop14uq5bsHxU4X
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Modifies Internet Explorer settings 1 TTPs 36 IoCs
-
Suspicious use of FindShellTrayWindow 1 IoCs
-
Suspicious use of SetWindowsHookEx 6 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Program Files\Internet Explorer\iexplore.exe"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\PlutoReaper\PlutoReaperV2\PROGRAMS\PHISHING\github\login.html1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3068 CREDAT:275457 /prefetch:22⤵
- System Location Discovery: System Language Discovery
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
344B
MD505732850c6696fd89041d42c7fdbbc42
SHA1ef29a7bc170b9a1d3d1aae97a761c64fabdb8ebb
SHA256a6f42ffb3044ae1b95edd629d63d288fa8cfebf9d61307e9e9cb37a23c0ed294
SHA5129311d33b01c8d95b19ec2ca545655777b479205af37cec553a91bf4ba8d2211e5d60219a7dd9ae907173ab01101cd980730c725aba520f0b15f7351077d0b70f
-
Filesize
344B
MD53857571ce343dc190ef1a9e45695e74e
SHA1240f4229d89dd73bef24062f352e015cdfca3688
SHA256fa9b76d44832effd30531ceb71cd65367d2500f0c1cbf1a25f987e54e2c36010
SHA512f90e786f140c5d19e881c7643b66268cbd04e1d7a0e9289d2d4c125f8e70788e9549a3c8f472c6308ad10353cfc8be35fd9fceccdee4e20888f2852cd266bd68
-
Filesize
344B
MD56719b27031e3174bba85ecad1179ccfc
SHA1e49530e0399f4e143ebabdfe2ebad3bf224de84b
SHA2562cba07bf64873f5f17a59d98f0bfca0d768595efeb9ad82999a97b19db390844
SHA512cdcca01f337722cf89275ef8eafb436116c7b75794ede9752fdc5ed67815b0d4774e1e385fcbade9fc77790b224961ce704dd421fe28a45a543b87b6804e18b9
-
Filesize
344B
MD52a38c83c16109df5f447779131f9f4e5
SHA145cd8a4faec46ddc9180ef7bf43a9ea5137c0dae
SHA2562eed5a20b9621e735d729ea12810ecd9468065a54ad7a7e34180251b996896c7
SHA512f180a93ea526396af713cf6996533d771256306b964109fe551d82888fa1fdc356dce26e742ac0ffb4a6c7cf3d6a9b23e310f1a7a006d48ed062da6f00c3f6b3
-
Filesize
344B
MD51906cfd8c5ce164ad0c6a8242ff40cd2
SHA1a67f388a14e654a3c52ccaca3bce910c7b5fa32d
SHA256df7bc1c7c6c65e21c17054d6ac5837d6da1e8d2d4f51b98d9380ffdac4c8feb7
SHA5129b08bb82f3d602f5651ccfd9f4b0f18e9358f5a4e45132fc23ba2294ba9c2ba43fa697015b6d744f40af121148aff624a8f6a3fd37d007eb0033bf192a9e4eb0
-
Filesize
344B
MD59c57145d63bdad370c2d0c669020acd1
SHA1613fe1d9c4081f6b6050a3d889d27aae1fe6f74d
SHA25606197f6d931bed7093477a23b4c636c46d93e8757c2c8b3de997295e0d3abd71
SHA5128723dc045f3d764604a6fd494caab56104a4e14a479fcd9d162af6503de166ca9d258c9427f28939425d8c7856ed78fa13efc7ce2347e639aa92d86777fa00ad
-
Filesize
344B
MD53e2fa5c21c41542034d466fd040364c8
SHA1ab3e24b8208edf1cefdbb095115753f8fe47c0f6
SHA25616f0ba423f0851996d0b89de6470ddf7dc8013ea2a55510f6bd553ad800988de
SHA512a22b193d0b7dc15852b407a0de9734cdbd3ae885d50ee4220b850b2bee8059a63c41e05c49630e3ae41079ffa116b129f1fef4f8297bf9da5cbdf3285422d928
-
Filesize
344B
MD581c8a2ef789ffafa59ba1af75ba2eb9e
SHA1475d8d01546d3b0c20426dc52e6f8f8577e903ff
SHA2567b31a580aa2cc9e59f280167bdec111f374c9ad2dd5f8adc9a5eaaa65d0a547b
SHA5126c0817f22cdb37c010f04836fff602041d0253dbd4136bc9052f55c37294f123adc22079ea9bbfdc6141827e1c0940262246c4b7c9232bbf19d22186c37fe3f6
-
Filesize
344B
MD53637c6499f11f3336c50234978fde264
SHA10360f4350afcc5c56a5a8e8465127a9b5614463f
SHA256439278678efb4556cd44889fda921c0305f9387728ec530b23c85d17999c4f86
SHA512415a46f2f79b52ac29b3c3e05b64a57e8954571d9459bf04b3c6cf8d36df736a928819fefc645c98b20e47625516298efaa780f40ff87e0cf624efee51aaf169
-
Filesize
70KB
MD549aebf8cbd62d92ac215b2923fb1b9f5
SHA11723be06719828dda65ad804298d0431f6aff976
SHA256b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b
-
Filesize
71KB
MD583142242e97b8953c386f988aa694e4a
SHA1833ed12fc15b356136dcdd27c61a50f59c5c7d50
SHA256d72761e1a334a754ce8250e3af7ea4bf25301040929fd88cf9e50b4a9197d755
SHA512bb6da177bd16d163f377d9b4c63f6d535804137887684c113cc2f643ceab4f34338c06b5a29213c23d375e95d22ef417eac928822dfb3688ce9e2de9d5242d10
-
Filesize
183KB
MD5109cab5505f5e065b63d01361467a83b
SHA14ed78955b9272a9ed689b51bf2bf4a86a25e53fc
SHA256ea6b7f51e85835c09259d9475a7d246c3e764ad67c449673f9dc97172c351673
SHA512753a6da5d6889dd52f40208e37f2b8c185805ef81148682b269fff5aa84a46d710fe0ebfe05bce625da2e801e1c26745998a41266fa36bf47bc088a224d730cc