Overview

overview

10

Static

static

10

PlutoReape...MS.exe

windows7-x64

10

PlutoReape...MS.exe

windows10-2004-x64

10

PlutoReape...V2.exe

windows7-x64

3

PlutoReape...V2.exe

windows10-2004-x64

3

PlutoReape...on.dll

windows7-x64

1

PlutoReape...on.dll

windows10-2004-x64

1

PlutoReape...n.html

windows7-x64

3

PlutoReape...n.html

windows10-2004-x64

3

PlutoReape...n.html

windows7-x64

3

PlutoReape...n.html

windows10-2004-x64

3

PlutoReape...n.html

windows7-x64

3

PlutoReape...n.html

windows10-2004-x64

3

PlutoReape...n.html

windows7-x64

3

PlutoReape...n.html

windows10-2004-x64

3

PlutoReape...n.html

windows7-x64

6

PlutoReape...n.html

windows10-2004-x64

6

PlutoReape...n.html

windows7-x64

3

PlutoReape...n.html

windows10-2004-x64

3

PlutoReape...e.html

windows7-x64

3

PlutoReape...e.html

windows10-2004-x64

3

PlutoReape...n.html

windows7-x64

3

PlutoReape...n.html

windows10-2004-x64

3

PlutoReape...n.html

windows7-x64

3

PlutoReape...n.html

windows10-2004-x64

3

PlutoReape...n.html

windows7-x64

3

PlutoReape...n.html

windows10-2004-x64

3

PlutoReape...n.html

windows7-x64

3

PlutoReape...n.html

windows10-2004-x64

3

PlutoReape...ics.js

windows7-x64

3

PlutoReape...ics.js

windows10-2004-x64

3

PlutoReape...rap.js

windows7-x64

3

PlutoReape...rap.js

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    05/03/2025, 20:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    PlutoReaper/PlutoReaperV2/PROGRAMS/PHISHING/badoo/login.html

  • Size

    211KB

  • MD5

    7e38a80c9b9f7f806b070b3e82652163

  • SHA1

    24fda725c2c48dd3973c6d55be84d219fc7c625b

  • SHA256

    df4d5eec529e8d3738403fcf6654431241a2614724a7de37f7a24a22495893ae

  • SHA512

    78cd39c18c621412356f96e06d2b1cffcf4783bbf45d8064547325096a6849566dca8e8ae1e2a1ce95d6dae5341a2fcb7d6120744e0a986470b943fa13ebae2c

  • SSDEEP

    1536:CqKS/fJKQCoTKODBjlIG+AfupcG08iRYVXf1q5RnpEnXdtxB7sHi/vCh6TVCYjS6:J3XuPiRcf2nunXdpsHi/qw9jaqPfw2R

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\PlutoReaper\PlutoReaperV2\PROGRAMS\PHISHING\badoo\login.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1972
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1972 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2356

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\35DDEDF268117918D1D277A171D8DF7B_18751991856D0E8514DB78E8979ADEDA
    Filesize

    408B

    MD5

    c58b846b3b236f9662389303a803c2a7

    SHA1

    8cd1abffefcf062b5d59111e64b164985b95ef5b

    SHA256

    1fad7503b256afd4b08de1d37240d6f8dcf94386125b04db45b0348bc7984f94

    SHA512

    7f55809f1727b4073155ce4efcbd19a0e1eab755d58c564b8d0bfdec1cfc3243106989ca74a326db988bbea4d902e2754a31c8f9e2e788d3a923a8deefb11a4e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    a6a0ba7689c98678fabe2d019d13763b

    SHA1

    69402ae83eba8123da188d8b77f21595de1bcbe7

    SHA256

    c12b58242d17bf7f1257c8f9aad651d1886c1a411cf4c6a604cd5b3777e3e714

    SHA512

    c2c9de0fa7f5374dcc9bff4e57ae7aba0d691d398d92db76846f1a2ce937e6e26c953eb70d65a446874cfa12dd8dd4e503a17db1dcfbae4556b0ead2a4125875

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8b38fce3667d5dad1a297554b0ee3486

    SHA1

    d4401f1695bda3fbf40ce3059484634c51e7de32

    SHA256

    aa9a2bf27c46016e79a443b55cad99994e2be01e22fa528ccd1eb133e4a93c1e

    SHA512

    a974c1b8934759ff80c2ea25de8cc434a87139aa731484865225333391ad5b0a9e45bb965a7ec8b2af1fbad7c050c9a5decd7779c07761eb46d078b4b12a0d28

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d2b50097e38250eb73d93f60e5d5b6a8

    SHA1

    a849a858c10b5d650a950a48c93d8083785bad54

    SHA256

    b702a03315cd4e889b9d7cea91cf5290ba7010981c8703e390ebf7e8153e5e08

    SHA512

    bac6e1de0b6e789921f502d7a62583e162baa86a185ed8021e083246157fbd7828845dc16a022f49323f2731b8db40e31d173cef0f28bf563112bed3202510cc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f2dd286abbcf5819865cd390148f6adc

    SHA1

    e906348dfd8a4b9b47b2a493b02da442f9c30fd7

    SHA256

    d1a2ef52a7c0ba4b2d03b2a4b96ffe29e925fea2ee755d35d8298f85cc71aef3

    SHA512

    408f5b8add2e162210d112b81c77d48c41eafff69c446f7b1e2e2a60b8af30f2c4cd926076a3ebd21c65a9c9704cb8c9370138900e9a5e1a6d81defc15baeffe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    27f994c2e95f966b28cb68e78c97889f

    SHA1

    7c76811fd200233a66461ae3de3a4562b1811c06

    SHA256

    f30fc6d8df95050db40734bd7d1841269f7b9287d534c8b3ef0be555fcdeae92

    SHA512

    bfe10127c8b276f36991c0927f2537cb6ceba6980f632ede7d5bcdf1ecd8243a394443eb81bdf80c2ef36680b555a0ab3936c07614fb932e8cab2b366609205c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    09991c008a4b27ed28ea05988344d231

    SHA1

    b85475fada6b833529f7de05a1a067d3b0d3204e

    SHA256

    5df1f4d56dd7e05662f03188cf2fd3cc52ae45a05483ec5316e62f8ef5a5be5c

    SHA512

    ca9cf9f1058cc786a4fe9637d72f927c76847b96a68d7d74c4fb00da7a008c657856f264f62479bd98c6c8ce64af559e50f318089c1df8bfd29bb98f2e7e8110

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB
    Filesize

    396B

    MD5

    7e634c1925e1b6a57f92f597f69e4ab0

    SHA1

    98c84fbe0df4f1e26542239e36fa268136603236

    SHA256

    d12dd9e175e1ca5c2f2988236e06951883b6bbd7ce3b7c42f8d11df15ffde7e1

    SHA512

    cb8adfab4c28882829aff5f3f375ad1b478cede1b9daf8e87d425da6c6bbed34e4adb85f16c44b1c411e9a309499283eeca46c34e29cfffc616aedc79e92f874

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    e965b9002f3856cbee6107397bdb74ca

    SHA1

    247dab495d51d80359bc9b79a58b410df1f59643

    SHA256

    46f1e4dcb57bf7228be45c4f950e8ed13b42b9d461ad0d9bcaf5c2eaa1067683

    SHA512

    8b680665f9469c9f24a0b38fa26548f16b4aa1dc072c1dce0a1be30a39e73e24903287d7022a351302b347027ceb25c04915814df9d7cbccebfe4f1d854792f8

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabCAAF.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabCBB0.tmp
    Filesize

    71KB

    MD5

    83142242e97b8953c386f988aa694e4a

    SHA1

    833ed12fc15b356136dcdd27c61a50f59c5c7d50

    SHA256

    d72761e1a334a754ce8250e3af7ea4bf25301040929fd88cf9e50b4a9197d755

    SHA512

    bb6da177bd16d163f377d9b4c63f6d535804137887684c113cc2f643ceab4f34338c06b5a29213c23d375e95d22ef417eac928822dfb3688ce9e2de9d5242d10

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarCAB5.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarCBD4.tmp
    Filesize

    183KB

    MD5

    109cab5505f5e065b63d01361467a83b

    SHA1

    4ed78955b9272a9ed689b51bf2bf4a86a25e53fc

    SHA256

    ea6b7f51e85835c09259d9475a7d246c3e764ad67c449673f9dc97172c351673

    SHA512

    753a6da5d6889dd52f40208e37f2b8c185805ef81148682b269fff5aa84a46d710fe0ebfe05bce625da2e801e1c26745998a41266fa36bf47bc088a224d730cc

    Download Submit