Analysis
-
max time kernel
69s -
max time network
154s -
platform
windows7_x64 -
resource
win7-20241023-en -
resource tags
-
submitted
15/03/2025, 14:28
General
-
Target
R.E.P.O.v0.1.2.Multiplayer/R.E.P.O.v0.1.2.Multiplayer/OnlineFix.url
-
Size
46B
-
MD5
59bf167dc52a52f6e45f418f8c73ffa1
-
SHA1
fa006950a6a971e89d4a1c23070d458a30463999
-
SHA256
3cb526cccccc54af4c006fff00d1f48f830d08cdd4a2f21213856065666ef38e
-
SHA512
00005820f0418d4a3b802de4a7055475c88d79c2ee3ebfa580b7ae66a12c6966e5b092a02dc0f40db0fd3b821ea28d4aec14d7d404ead4ea88dc54a1815ffe26
Malware Config
Signatures
-
Checks whether UAC is enabled 1 TTPs 1 IoCs
-
Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Modifies Internet Explorer settings 1 TTPs 64 IoCs
-
NTFS ADS 3 IoCs
-
Suspicious use of FindShellTrayWindow 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Windows\System32\rundll32.exe"C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL C:\Users\Admin\AppData\Local\Temp\R.E.P.O.v0.1.2.Multiplayer\R.E.P.O.v0.1.2.Multiplayer\OnlineFix.url1⤵
- Checks whether UAC is enabled
-
C:\Program Files\Internet Explorer\iexplore.exe"C:\Program Files\Internet Explorer\iexplore.exe" -Embedding1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2096 CREDAT:275457 /prefetch:22⤵
- System Location Discovery: System Language Discovery
- Modifies Internet Explorer settings
- NTFS ADS
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
914B
MD5e4a68ac854ac5242460afd72481b2a44
SHA1df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA5125622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5
-
Filesize
1KB
MD5a266bb7dcc38a562631361bbf61dd11b
SHA13b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA5120da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc
-
Filesize
252B
MD5f2236be673a19ab7b94941f7961ec21b
SHA1e26421a38bc42b044033ab6017fb9eb2ce552631
SHA256c7c4e8d5966766fafdb53e3082a0dc7224632b6cd51385747a34a49767f4000b
SHA512b839629beff885555b77dcfaac35a623c6d030b8a4fba17bcd225919dd50a34a150ca28d430e698d1a3c5eec473c32471b929409338ef2925931dd06d9b11e0f
-
Filesize
344B
MD59b6450b3bb462ae3bc4f45b1d8dd99d2
SHA18963740d0b4749ab356bf76bcd4bdb0d3cd39111
SHA256d0d0487a469b78adea0cd62c7f5e58a223ec8860f4c78ae55bbbe10ec7608ec0
SHA5126846da269352784b021114c56435815b5fb648d0d8e0a8f61a887b86e1d2c0e884f3ce43ffde3ecf347174897981d049cdeacc21bebf2bfe4bb3083de6f13ff0
-
Filesize
344B
MD556beb803b3112263323818abe032d175
SHA1c092732bda8327d7e2eb05c5119ac90a5b505d1c
SHA256675f705c5534b711256b589abf22a67f6862d1a445b185805b40b2b36ab53869
SHA512ef6e33d40540aab9c268763cda2afec9e885a11b8fe02039a1cbd9da451991727d35ca22dbaf12398d9f4c3a8a2e4f9926e6b2661349768bade60d0f332d812b
-
Filesize
344B
MD5c505bef690757b086e1415f61b433b25
SHA1647757304585b19b0bb86f05e3f1aba0b46aade3
SHA256e2c7693bdd59090bf238158584de866db95663c76d0e6c2b03f46292b73cfd85
SHA5124b1093f08febb610d9c0385772a129416d25ec3f9f17384d5ae858df15d6731ab56f5104b969e5c8dab1ede42d89652e695b492a932a80ed010829fb78bebcff
-
Filesize
344B
MD5817781ab708b623a7bb1f084c0bd9687
SHA19a95ef67f53959039373aba39208c7b0d7f723a9
SHA256ec4f0ae5195fc32042225987a912149b50dc6b4347b4727d4b5b6cf681797b34
SHA5129cfaf75ba1cd8a12f34fff400f8f5b1c743bc512545b56e8cccad6e45dde1ce535faceb0551139e4901ee8def7006a035edf2f7debaf34af302ce57888cc0a60
-
Filesize
344B
MD51af0a5ff4b7f821ae2fa3965ef4dc786
SHA138e1ec4af4aa384e6c192e455ea74beef0bbad6e
SHA256d3fa2c665e044076f97c6ff33cef34789d320010614712bc869bbdc030fd9f21
SHA5127334b051d94a3b0679a4b24e8c5bc95364b4d761f44b9e6bf0c593c92513b540e9211896336bbbfb53167ce3f1f71c046449d5b9884175764b3135d43605bc76
-
Filesize
344B
MD53d11a021c208ed1d68aa0ace474d3804
SHA1d6d942b16f155fe2f539360417262f36ab2ed3a6
SHA2563a26bf112f94429a72f1efe34b49aa1b1336569253db6a61d1d032cc5a0ed149
SHA5129be95819eed4cf0eeab413a83690108d0775d543af3b6e4e1e373720e03fd67357ac53139903b584ec5f8f6fd96ef06e8ee735781e1e16a406e5703abff279a6
-
Filesize
344B
MD5b0638fcfd65db66b13a5367e18573180
SHA13f5c7bf6df9e5e704638bbc9faaaebcfc6041fb7
SHA256b226ba49ed3592e8a3bb86b5cb11fd77585dc9b5bdeda896148adbb382c04ed9
SHA512bc1feaf63c278d0c39d1ac033b0e06e128db658812a39895f328dca71d7b6bbaeee3aefe3347e564554cfb99fe52d9170a2ead33f9d50ac1cfd9762641d4820c
-
Filesize
344B
MD54b848473624f08cbfb6d417b257371df
SHA17948acefc458446c7c37b3f576db3d99afed033d
SHA2568c235404198f55469244f14422bff1a7058e55294b0b59e7f3fb520c59208be5
SHA512bb8a406c0d2aacc31e1f867bfb259b23f067c0b4f7458e28fea604aaaab05aead2a09ac348144a511772386ec9066206c34970910beba1cd7b2a2679c284ee4a
-
Filesize
344B
MD5dcbdbdcf0db7cb2c594ca8e3fdf0708b
SHA1f133cd73b12d6f18dcaa3233a31ed1b22c738834
SHA25630f4b092493117dba019599614ae25f33f6adcce62d96c058e55729c3dfd5dd9
SHA5126db708fc6335ece01f51953481fa966eac4484d194a5a64ce49d2301cede417e99aa4f10bf0f910034016d3ed9f3ef436414d5b4598f49c3cbc67beb27e56bf8
-
Filesize
344B
MD549cd1d054790e5b4dd8ca0b0f19f9baf
SHA1d2c20f8ab17b62c33842e09346fb0e2f0bdf17df
SHA256267a0e067e99f13dd477f7b964fbac2a06414b29bd083a4d49e72d1fbed26176
SHA512b12f1b115ba316189b8c476c23587888c6d41e53d5254e6d238a587823b6c7a11fb5b78ed20c7176e9ec0fd722cfa2e168e8af4c4348fd4d2f86af1593cf0877
-
Filesize
344B
MD5fe37fd08a3b4915c0aa77c76ec002e22
SHA1b9857206086d71e541ec6cee45cdaa2d7da304fc
SHA256d1ba43ccc39c90e5b6c61a182fc59658b14ebae049b55438d56986803699de6d
SHA51252e834d1e2180f7e5aac92390af91b3167dd05a475a838d670b4ca11d72792b6fe64333b09cb524d8737980b7eb4aa00acfdbd9a4b5c2bfc33d70339b16bd60e
-
Filesize
344B
MD5ed06b2a3aa0bc45a293d4eca3ff80d29
SHA1c568406a5b6d56d3ca257086914da29124a3982e
SHA2565d0040cfdf3147e6b1f5c3f5e49e43f94c24a03537e1a181eb0e4830fbd105d1
SHA512f84fb1733bce713b86a37e53556374dc4e195439dd4ee4f959a7c0f64204655d3af3453046e52e0daf5981a7e42734f29be4af0eddb5777804eeeffeaa94b5f7
-
Filesize
344B
MD5172ea040740b7a2478383a731bbe0882
SHA174aa41b742917110032433dec3d1ec0946e540f5
SHA256bd308ad0a6a1c25f82ed001924b1917845013c7e6e6118194bdc8625d5fed11a
SHA51260284b0713c4d909aac90d84ad07b3635cb01d6f02650b3f86bd10109208c9836ef9e01559814b47c90e9954367bc75451ca97b9a56c4eb773a13349b25bb1da
-
Filesize
344B
MD5cf4286e4be89f0650163b743248030f4
SHA1a9cb012fa8be3ce6fc26d7369e4c8d6cc33a5ed2
SHA256b21e67ada91efee3f21bae80778e0c926d90ad5454a57db82d3e64ae77bbe39c
SHA512adef82227eb2c9c08802011557411732df426577d40f1ba1a91d68238f87df547c69010ab6d1793591507f6c269ea9951be607dc879ff001619e458940a0ca76
-
Filesize
344B
MD5d88b283b64d14d84e13956160c9c13ad
SHA19fc60f41c24b12c3e4996b13ec23e84eb21caa17
SHA25626432f406eb04a3902efb92b4e38d47a20f13755a12ff56a86722d2a78e48f77
SHA512590002f5acb4e43a6b545adb800436459006e7022ad1e0938074cd56ff98e8c324b16b5595d796a720a2474600d59db3e72769b430718b3c2f18dba2064039df
-
Filesize
344B
MD571a7c63917ae97f9af4baf08d61d917d
SHA1c8c39396699fc478c1be9ae637f9fb378a17aa54
SHA25605399ad60ba9911f541365eb6eaf0fe097ce9bbb5967023991a087fb9c53d8ca
SHA512a96833b7b8db50dcd677b09de4a2e03dfafd0a30de4b9d19a30c8a2696e32e7301628ef348fd8c10baec07211551f3f0bac07d77e697296cab77eb6132d0e661
-
Filesize
344B
MD55fc45f25bdd01f4dca49060f262bc3d4
SHA1684774885e8e4bef3833e23918d3e6f448b673df
SHA25649434ec81d7aa16c248ea9b765fbedf613269601dea64c22b8c7bfacf9c54416
SHA5122826fcf51f289bbe215a1e095ace29fb72cd7e14d19144369477588d86e65b5ca43f3d135653778c3a31819c7b27abd632fe60e4b1a56135e66267c5a76321ee
-
Filesize
344B
MD5aedffcdc97b2d93a92c2761c15716c8f
SHA16221144a08385866fc5d9b86d66c5c8560897458
SHA256cd7aefec01057e0e551959926ac2ddf2d3e1a7c050bc683a52842cac1b740dce
SHA5129ab11066c18bf614e6cecfb9f27c96507ec905870d790746b91525900c73b2d626aa4fac2a0699fe3d9d5e955e591071162800f28651a71d455e18b67bbf86a7
-
Filesize
344B
MD5363e3709e86a0f2aaccc914564472516
SHA1aefd1c01c5d781e8ee84b303e695d597f0b1760b
SHA2562c0f8d18ad31f0adb9990999029830ed650b4462645fbe0d25b42bd055939bfc
SHA512e40fcc046de31bd7e4c3bc316e1fb2fd976cf409d357c8ec68e6449e865ca97de20b7445ed2a598f20b0adfb48411d7999a802e714952635dd13d9c4f9adc797
-
Filesize
242B
MD57a5e75e4346ed35a093608b017b82df2
SHA112c5baf281885a83b071314bead21ebfcfe7c46b
SHA256d0d1c69f63b4c6aad78baa6164d2b794109c93689fc84df862edf755a02e316a
SHA512168c830039a62f233b99e13b189eeeb6c28724d22d9a6964e495d4dac101cd0c14eb0cccec0d74003b0b92230ae077bfd8c0e7c2dca1cae46a7a6ec75901b05c
-
Filesize
352B
MD5e488a33a0ac0aef23274ba5d4fba72ff
SHA1c367cf5d215f52ae17499c5e239f35fa34061744
SHA256967c1514d3c8f73c7bd43a3141428d273dadc3b319b4aec4d83e915a2123b5d6
SHA512ca07a16232a329906ee0d93407016dc64dc1e27eb17c3f4b9f450e9ddf6a7c1191a7cd17a4cbf4aff0d860d6d06b7e823f7136984e507ce105f196e460f8d5e4
-
Filesize
1KB
MD5c17498138425b0f041614c768f713c6c
SHA1a8bcdb0f792a5f7605c559601ec251f32ecb8d45
SHA25658bb6b464bc8ca88fbb36d8533de4c4a7ee78d3dba40c1f78922e0d8810e3992
SHA5126fd0a8e947f1b15896dea064c26c5af34760cfa37a75f564f2d9626ff10ee78c86a9138124ae14ada797f950b4edbe5dc946670baaa57e5d8e432b7da190bb27
-
Filesize
1KB
MD589db4cf9f3e2951f677919931ae16d12
SHA1c52a7d97ac4cc838ed54ee9d2a682c9305a675c6
SHA256c1fff90e1a74d5b51203f2a7b60270db5a105741217a3ce1d1a220504e43e96b
SHA5125c7f06bbe108ac5915c303e32253ccdc78690f81c096568234a6a1f4c7ed8d2171266eec91139820bcf9222268ab90a9c79882b10a2a190ab81eadb5d61e7d7d
-
Filesize
70KB
MD549aebf8cbd62d92ac215b2923fb1b9f5
SHA11723be06719828dda65ad804298d0431f6aff976
SHA256b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b
-
Filesize
71KB
MD583142242e97b8953c386f988aa694e4a
SHA1833ed12fc15b356136dcdd27c61a50f59c5c7d50
SHA256d72761e1a334a754ce8250e3af7ea4bf25301040929fd88cf9e50b4a9197d755
SHA512bb6da177bd16d163f377d9b4c63f6d535804137887684c113cc2f643ceab4f34338c06b5a29213c23d375e95d22ef417eac928822dfb3688ce9e2de9d5242d10
-
Filesize
111B
MD557c7beeea7204bcbb6560fbbcb44d76d
SHA1d1caa04c49c7ab6b43bbcbfada38bfa67622a02f
SHA256c500ffd86849146462693e9c890cfe78b0170c0c8d97dfc6ea13d5eb5da518c9
SHA51299d7ca8873703764cfd8be7da7699c4f77afb8c20d34c820651ebbd0b37c2293e40de1427f1ff82bd5b9af576d47858f7d92b05052c3e5a8f05fb45f7030fed1
-
Filesize
181KB
MD54ea6026cf93ec6338144661bf1202cd1
SHA1a1dec9044f750ad887935a01430bf49322fbdcb7
SHA2568efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA5126c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b
-
Filesize
183KB
MD5109cab5505f5e065b63d01361467a83b
SHA14ed78955b9272a9ed689b51bf2bf4a86a25e53fc
SHA256ea6b7f51e85835c09259d9475a7d246c3e764ad67c449673f9dc97172c351673
SHA512753a6da5d6889dd52f40208e37f2b8c185805ef81148682b269fff5aa84a46d710fe0ebfe05bce625da2e801e1c26745998a41266fa36bf47bc088a224d730cc
-
Filesize
46B
MD559bf167dc52a52f6e45f418f8c73ffa1
SHA1fa006950a6a971e89d4a1c23070d458a30463999
SHA2563cb526cccccc54af4c006fff00d1f48f830d08cdd4a2f21213856065666ef38e
SHA51200005820f0418d4a3b802de4a7055475c88d79c2ee3ebfa580b7ae66a12c6966e5b092a02dc0f40db0fd3b821ea28d4aec14d7d404ead4ea88dc54a1815ffe26
-
Filesize
64KB
