Overview

overview

10

Static

static

10

R.E.P.O.v0...tor.js

windows7-x64

3

R.E.P.O.v0...tor.js

windows10-2004-x64

3

R.E.P.O.v0...ix.url

windows7-x64

6

R.E.P.O.v0...ix.url

windows10-2004-x64

6

R.E.P.O.v0...64.dll

windows7-x64

1

R.E.P.O.v0...64.dll

windows10-2004-x64

1

R.E.P.O.v0...PO.exe

windows7-x64

1

R.E.P.O.v0...PO.exe

windows10-2004-x64

1

R.E.P.O.v0...ss.dll

windows7-x64

1

R.E.P.O.v0...ss.dll

windows10-2004-x64

1

R.E.P.O.v0...rp.dll

windows7-x64

1

R.E.P.O.v0...rp.dll

windows10-2004-x64

1

R.E.P.O.v0...bx.dll

windows7-x64

1

R.E.P.O.v0...bx.dll

windows10-2004-x64

1

R.E.P.O.v0...64.dll

windows7-x64

1

R.E.P.O.v0...64.dll

windows10-2004-x64

1

R.E.P.O.v0...ts.dll

windows7-x64

1

R.E.P.O.v0...ts.dll

windows10-2004-x64

1

R.E.P.O.v0...th.dll

windows7-x64

1

R.E.P.O.v0...th.dll

windows10-2004-x64

1

R.E.P.O.v0...ty.dll

windows7-x64

1

R.E.P.O.v0...ty.dll

windows10-2004-x64

1

R.E.P.O.v0...on.dll

windows7-x64

1

R.E.P.O.v0...on.dll

windows10-2004-x64

1

R.E.P.O.v0...3D.dll

windows7-x64

1

R.E.P.O.v0...3D.dll

windows10-2004-x64

1

R.E.P.O.v0...at.dll

windows7-x64

1

R.E.P.O.v0...at.dll

windows10-2004-x64

1

R.E.P.O.v0...me.dll

windows7-x64

1

R.E.P.O.v0...me.dll

windows10-2004-x64

1

R.E.P.O.v0...es.dll

windows7-x64

1

R.E.P.O.v0...es.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    146s
  • max time network
    184s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    15/03/2025, 22:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    R.E.P.O.v0.1.2-0xdeadc0de/OnlineFix.url

  • Size

    46B

  • MD5

    59bf167dc52a52f6e45f418f8c73ffa1

  • SHA1

    fa006950a6a971e89d4a1c23070d458a30463999

  • SHA256

    3cb526cccccc54af4c006fff00d1f48f830d08cdd4a2f21213856065666ef38e

  • SHA512

    00005820f0418d4a3b802de4a7055475c88d79c2ee3ebfa580b7ae66a12c6966e5b092a02dc0f40db0fd3b821ea28d4aec14d7d404ead4ea88dc54a1815ffe26

Score
6/10
defense_evasiondiscoverytrojan

Malware Config

Signatures

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    defense_evasiontrojan
  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 64 IoCs
    adwarespyware
  • NTFS ADS 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL C:\Users\Admin\AppData\Local\Temp\R.E.P.O.v0.1.2-0xdeadc0de\OnlineFix.url
    1⤵
    • Checks whether UAC is enabled
    PID:2872
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3036
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3036 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • NTFS ADS
      • Suspicious use of SetWindowsHookEx
      PID:2896

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    71KB

    MD5

    83142242e97b8953c386f988aa694e4a

    SHA1

    833ed12fc15b356136dcdd27c61a50f59c5c7d50

    SHA256

    d72761e1a334a754ce8250e3af7ea4bf25301040929fd88cf9e50b4a9197d755

    SHA512

    bb6da177bd16d163f377d9b4c63f6d535804137887684c113cc2f643ceab4f34338c06b5a29213c23d375e95d22ef417eac928822dfb3688ce9e2de9d5242d10

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    d211d7b924697459325b05f259443818

    SHA1

    0f2f9bc5f2c9eb278de67d4a9a0e10a49a2c3b75

    SHA256

    f86526c29523255ff144349f61ba852c8ea590f9b236485e47a5f6379aa403e4

    SHA512

    71fe01c409f3151946ebc0139345c886cc00ef6ff4b99548dccbb247e838083e14cf9908b81415eaacce8fe8b85088687a48608e8d1e489e89fded8c01c8db9a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f6196aa9208587991f84e74226df01dc

    SHA1

    9a024bab86d3b798ee9384505dd76a9513be16b2

    SHA256

    747f488ba113417799b5367889cd56204f7e749c065bbe079cba46579633362c

    SHA512

    7029eb63136eca10f47a27a4d56b0f0fb858c03576c1c98af5d1377bc6a5bc603c6267773f265d4e0adae2c24b658e9542788d607c31f9bbeba7b4951b84310f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0bc28ac8ed62923ead29c2cc5af4893b

    SHA1

    bf38ac9b60d3a2e05297e524bdb251ba72e6f68e

    SHA256

    d938e85d871239bd90c5dabc6fc1c4b93e68e1f116cdb5f7de09b9de940d5d44

    SHA512

    8a9e6d142adb62b9ae4ffcaede29ec1f30ae98f7e8192b7ca76d0ffdad49aa9006b34c39b429ebf48fcecc5661342a6021a5cdd68ad082254422913663bbdb93

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    89434875d7ad25370ec3b79ea07d702a

    SHA1

    914e6f6fc0f0a9e319701c23e06437c45f4422da

    SHA256

    53920a128e5f2297baf2d4aa37d7bdbb0e3faad9492c0c8bd51ac94e48a55446

    SHA512

    776143f31c4e2d1502bfeebd0463bfef32e1201efc515112a533efa59156a57ed7386eed6993cfae42b5797d7ee35d53455bf735ce0ad11266d3240f9b51e3a8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5a0388e7a20b2a27a47a12ce56f1f819

    SHA1

    f4469cbaf2625988620d41854ac770b66aba12b4

    SHA256

    b16a99767afe70ad569921d2bd664a703c2458a5442c3c73b3b2136480713236

    SHA512

    ffee98c692a8fb30149e82d562c300211c8d28b110d173481179e5f2bb1e478f72c71358c106f75c24802d71a6acb6bd430283cf04869680df63ab019853663d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    97972ecaff26e5cc27330cebd0f256a1

    SHA1

    315fd6a5869a80124bf0be4b044f9bff776816ec

    SHA256

    73359c5f462f6c14ae54bde0d9a457fc65be4f1f3e496f7ebbdeddbdc64c0a46

    SHA512

    ae73d34f9b1d7a6c61b3f98da054aa58da5210797b0ba1799fd877408acd8c3444ab0280d7d94663643c9a82f572ae3beb9ba047c7cec2322885c443bbd5a210

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    41f7001ba667c12a792f2dca1a4cb483

    SHA1

    605634450a6e4267b32679dbd65d89c710cf4ae9

    SHA256

    7a17ab454f74a4ac02915128c5e5fe685936174916c8de667c6b16352447c580

    SHA512

    1042519bd3e729155ff693fa4d164b492da8c7c8aef8373a60c45a4078e23c3de75e10a8c82cb1ac597bbe27f7fc000db4e7d7237db2b44923b1a252a75677e0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8dff9e741fcfda6ca738faf24b303936

    SHA1

    c3bed2cfe3a3287f1b0275cc17ded97ee87d7f4a

    SHA256

    da38d7d8fd2a6bf3d98348274117c1443bfabd3534822d4d516c796699a024e2

    SHA512

    1c76b29953cf24749753346e1b040ff6e791fe2463e05d5442bd1c297bcdf42fb5d13807fca4dc1277f4097b988557f577175cb571e3b77371e93c8b8b52c6b5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    70a06e4b84175371ac0981cc4294014f

    SHA1

    47b9a4b3f2e6c4ab732043f7b8aeb279ae8dc33d

    SHA256

    303cfba87c44d3d8818a0d099694b4784c4653ccad050bb4d1be664c49128e5a

    SHA512

    e50332abd1826503e686decd550e29a1457297c8f1a21f065e6e56f73566545a5f97a742a247dde954ded1f98a5842711b704eb320214e1084d968e695d0751e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    76ae55b92b5f804969b6c997c82e5a5e

    SHA1

    8c3688830ce49502d7eaa3bc1f6f757130fed733

    SHA256

    ac129b1bf958e54ff49ba8055e199354c5c9e556677e76661623141b972306b4

    SHA512

    d1f47ce91632da62e94352831ff59df15953e4950b8aebc0a6b237b25c4e1f18dfa9d97775b095414bec4632cb9a02720c853ba80247c9c3becdba5c271cbc0d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    67e5d39fd149390376a516b698ec275a

    SHA1

    ef6c73e392cee86662103ff4644919e356d8496d

    SHA256

    c3042a6bfaf5e535423f3f047f18abf3a6b61b6346c01adc25b0ad7de26170f2

    SHA512

    5b803f2ea6df0a0fe098ce95a7d8002cf54eac18f6321c899bd8a95972158ae2c7855ad4f8d505f4c309143a3e8adfdecec854b6bcbad677176d2dcc2c84ca2b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d548ba0c026ab790d85b6d86d381e553

    SHA1

    7cf6592a3478769b0864dde3448b7e177f61e871

    SHA256

    662ab7221c3caba876235910dfbe24e0225555efaffc080d507addff65261e53

    SHA512

    355d9e47e48350e84158fdcc683e6a963e855e4954d8b03ac4ab9f9ca6aa1c549ac0b850c1f02656ba9fdb049149c6cb9c32fd7779bc0bce7a3fb93d1f4c3e50

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    c370dcbce635bb48bdbcaf2a937286e1

    SHA1

    e8c41689a5d51b978513b9c0c57a110f5d359532

    SHA256

    86520e3c8f6c8ab06ea4559fd6879442d57dfb4f8b4c2e71a979722503af0a18

    SHA512

    c726c819777fc04b34d9ecc55b371581e3bc583ba6d62007ae876e7de1c7b4f332edf4f6de1dba9ae3a1326eaa018fb06b04d23dc046eed15a5c90bbf15804e5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    2c8641a623a41c2a41a396e381f76af9

    SHA1

    a1f02202af8943ba21f02cec7aca638ebf0f581a

    SHA256

    f5ee239036e0e71fd06597543f9f439a382fc13d6aad15cf6b4e682922069f24

    SHA512

    8808dd3a1c6038bedbb17775444fb67e3ab3cb893ad1e104a5dccfdf168c3c79e50d4a52971da0528457bdc52d70d58465be92af4ebaf7fff697f62efd76131c

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\W023LVX6\online-fix[1].xml
    Filesize

    13B

    MD5

    c1ddea3ef6bbef3e7060a1a9ad89e4c5

    SHA1

    35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

    SHA256

    b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

    SHA512

    6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\W023LVX6\online-fix[1].xml
    Filesize

    2KB

    MD5

    2a720640ab5abf7f60b87842b6999384

    SHA1

    18d8e930ae413e20d9ed38b3e8d7fc95ba9f63c9

    SHA256

    044d1d0c0507573c4c900a9eab1ab7440917030980ed7b65fce32bdfe8d50772

    SHA512

    6d5fa6dfac4add14f8e1a359d087956995ab40e5f8dd1340de69ab409f5cabb914d8a68f6f86b3406dc37c45d2941667ac8f2133684b74954b3ff715fa1a8a4e

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\melo7gx\imagestore.dat
    Filesize

    1KB

    MD5

    69502431c38afb8083e50cd339f5c476

    SHA1

    6683a6be869e57a621bd0fb4bad5b1adda55eb07

    SHA256

    51986f605d6f00e3a741f7c5d3d14126a8b1a559c00239b41ca41fa775378462

    SHA512

    0899b4c8af6ca061a3d7fcac0dff741163e9741a75d910571d199d87fc13ea25c016ad0ecfb734995605832cc39471a2dda4fa0c9716fd25f5cadf632bab1482

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7BCOPU31\favicon-16x16[1].png
    Filesize

    1KB

    MD5

    89db4cf9f3e2951f677919931ae16d12

    SHA1

    c52a7d97ac4cc838ed54ee9d2a682c9305a675c6

    SHA256

    c1fff90e1a74d5b51203f2a7b60270db5a105741217a3ce1d1a220504e43e96b

    SHA512

    5c7f06bbe108ac5915c303e32253ccdc78690f81c096568234a6a1f4c7ed8d2171266eec91139820bcf9222268ab90a9c79882b10a2a190ab81eadb5d61e7d7d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab46EF.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6D66.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6ED4.tmp
    Filesize

    183KB

    MD5

    109cab5505f5e065b63d01361467a83b

    SHA1

    4ed78955b9272a9ed689b51bf2bf4a86a25e53fc

    SHA256

    ea6b7f51e85835c09259d9475a7d246c3e764ad67c449673f9dc97172c351673

    SHA512

    753a6da5d6889dd52f40208e37f2b8c185805ef81148682b269fff5aa84a46d710fe0ebfe05bce625da2e801e1c26745998a41266fa36bf47bc088a224d730cc

    Download Submit

  • memory/2872-0-0x00000000003C0000-0x00000000003D0000-memory.dmp

    Filesize

    64KB

    Download