Overview

overview

10

Static

static

1

URLScan

urlscan

http://d

windows7-x64

3

http://d

windows10-ltsc_2021-x64

7

http://d

windows11-21h2-x64

10

Analysis

  • max time kernel
    840s
  • max time network
    844s
  • platform
    windows7_x64
  • resource
    win7-20241023-en
  • resource tags

    arch:x64arch:x86image:win7-20241023-enlocale:en-usos:windows7-x64system
  • submitted
    16/03/2025, 05:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://d

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\explorer.exe
    explorer http://d
    1⤵
      PID:2864
    • C:\Windows\explorer.exe
      C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
      1⤵
      • Suspicious use of WriteProcessMemory
      PID:2860
      • C:\Program Files\Internet Explorer\iexplore.exe
        "C:\Program Files\Internet Explorer\iexplore.exe" http://d/
        2⤵
        • Modifies Internet Explorer settings
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:2128
        • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
          "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2128 CREDAT:275457 /prefetch:2
          3⤵
          • System Location Discovery: System Language Discovery
          • Modifies Internet Explorer settings
          • Suspicious use of SetWindowsHookEx
          PID:1752

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
      Filesize

      71KB

      MD5

      83142242e97b8953c386f988aa694e4a

      SHA1

      833ed12fc15b356136dcdd27c61a50f59c5c7d50

      SHA256

      d72761e1a334a754ce8250e3af7ea4bf25301040929fd88cf9e50b4a9197d755

      SHA512

      bb6da177bd16d163f377d9b4c63f6d535804137887684c113cc2f643ceab4f34338c06b5a29213c23d375e95d22ef417eac928822dfb3688ce9e2de9d5242d10

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      8fedfdec8860016514e6f991bebeb617

      SHA1

      0b4a1049d713d770a0e5074ccc78bd153d7d314b

      SHA256

      a6b8bea7255cf3bde7e2509db8267749b1c3d3978c0719bd672c1d0ad984c3c1

      SHA512

      e424dd0e359a0acd15de29a3e92712af97ec5ae4de328bf33959dabf1714310a7e3e694b7de9f51de2396dd126296dbb76886747fd224a97701489440a2eb242

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      e50e0466b89b077087d2d4d3bbf29569

      SHA1

      b5badd1bef522975fe98371b68bb7f2e6f6f6303

      SHA256

      8358e57f23323a540d863a7ffe32acda993bd5fbdef611d40f8ee1c190d54a62

      SHA512

      8e3782b4741498300e0648e5b85d80ddaddb80c931b74fc56774195f42be931fab2b4092570409fd6945bf4e8cda4bbbbae07a79967b15174642ad30b839e8a3

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      35486e74df02948948628e33805a65cf

      SHA1

      b5495c1e4421ca44beba21aabc7fb8f0edaae6f6

      SHA256

      b3f6138af63b498697509ca7663319ebd1395e3abc8e5e9e46af25e3462e31b1

      SHA512

      6ec7a9f1a15afae46590f34336fdaee75e315095020ca12b48514d8d4bd4e840f4966c9bf3a13a8e3ffed95170149e2c136b895fa2f7bc68d6bb23cfc2988e62

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      515be4fffd79269f6d7aa0060bed496e

      SHA1

      7baddd64673acdd01c03e2bff4807b7460ab2759

      SHA256

      fe57e6284717200b95a2fa294e3fbb21639696ec92c07d3179cd6114329d6810

      SHA512

      8846d1d71fa3cdec18f34ef1e0e50fd129e61f7da2a71b9a7b1f18cf7f9e7d0752eff80f17cfdc2cded8018e3ae10dff0bab176e8d333ca1b649ce2a5a6f9fcc

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      7d362b0adbbc3f9563fa9b084d49d139

      SHA1

      68965c7e8d550742fa205d8e56d0b36ee448dcbb

      SHA256

      ea1dc6392aba5c27fde4a590c2be68906cdf124301d47427e30b372de9958577

      SHA512

      68d591235134ec57befb3070ac635975b1929b23589dea87088589dd059520b94ceab96ca095ddf9d8068b9c66012c94c6e65d30c57b7ece6e745323998dc046

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      db33658a297a839f2815d10e1a66ced4

      SHA1

      736fae2d7089f965c641066be63c4e88fee55eda

      SHA256

      3b5b0cc2e086b54ba1c16f192310a8777f8424fe541c4c4efb8f477243ac4a8d

      SHA512

      2f07614f8a63cc26a0fd15b654a4d5421821deaa2d76fa2a9ffbeed9b652e5fcf2c86cf9b1ca8b2dc81cdfb3e5a99a0cc812c5a650b0aac2f333aee9a4c97d64

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      fdf889db46306ddf455f496a674ff987

      SHA1

      690927b1a0963a44267a7f13176a48d6d5706778

      SHA256

      ee88f948b8c4e058431c2cf3dbcd5d31257724d088f535b3be2e5a1c56510002

      SHA512

      fab520682f2f40a6dbbb1de4a02547eb7f4e6216177a1cde47bc9e59f7ac3ad75fb9857d7d35e2a5b7c07dd97a0f6d2094bcc3e5d6c22323bf81247dac9e666c

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      f59632736daab8b57776aa03108407b8

      SHA1

      72dfb0f9bc2707e48d8f62c4c3ec2f965adbd730

      SHA256

      e2534ff3a7cbf42af471926867d3c9267c2053ec144f3287c3234eb9a8440838

      SHA512

      5d7d693cc7b7d32070e796c64e9f45e0dddb4b0be6bd7688492d395b7d1046d58baca65c46a924721bf632293da6fcac5388d31d7c72864f1f22b67811052358

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      ed99f76bfd5892eff9003c3c61da1358

      SHA1

      8c65c7c2e8410220565313284dbc50e3d369de2d

      SHA256

      b9eee7fb030841b018b69d4a1bfbc32ad66a088a0c80991d25d1a396340a51fd

      SHA512

      359b08ad61599d79bf31f1b150f904be2de62dbfc58eacc6f5282bea1b360c8efa57eced2a83eb66c9c8fa40235b84f73e19e687fb5b6e95acead9fc939c8454

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      9ae1d6be88b8670e274cab1c962e05a7

      SHA1

      8ef38ad4ea5dc9373095ae4d7eab059448f75291

      SHA256

      6deccce18c252561f8735c5afa3f9f99588ce8f1673f74839a89c897eb3c02db

      SHA512

      d8de2daff4a72103be06c915471102c00d6aadc5b5a40bdf7cbc201f3baead5425d12e67a4652a2fbbc55f9e353584c0ba640d79a6dcfdd7134c9e9c4b3a18cf

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      735c292412d7d42a9a4b02bc7044c778

      SHA1

      588fb4e70ebf7951ee5f97ae05c6a4804a9bf190

      SHA256

      bfe218dc4781ac8e71ba7435476c448154803db804b1b95f324a1307d69245ff

      SHA512

      92b8ee08a5623c20d26b2d9484ffc2b55febc5acb8f3e8e1d3ddd17d2a8a6454eb18135ba1b89664886cbc0c848b11c1c4b98e8561906fb8e2b26f02f3fcc2a1

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      4b54f9927c774a9234f5d89613bc5482

      SHA1

      73447d3afe3e0d71c09db503dc4e46304fc8cc87

      SHA256

      d6c192567fb18c548fbbbbad0b73c19d9dbff9d30f150cddec932ee67233306b

      SHA512

      adc26e3a6b259c560c815b88da7ca560a4133e1227ee4fb694d1321a1d3ee5e4b1bea42ccf68245e537fcdb35304153f47c9f820133b79966d4c2babf4f52e0b

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      2c0fd1d69deb8089861e38ec2747736b

      SHA1

      da3b081ab3fb850fef3d641a8ddd67f534a51460

      SHA256

      2270abc0ac877131d9946f40308e5ea2c52c6ac3213be5ab47591300db702640

      SHA512

      836d62258e3b5697e4e39cf7ce3595cad2ebad03c4d5163f28ffa9daa1ba79146abc228c225ad11f611f924395b8e257d7627de42c0521ed1cec234e3085ee27

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      9db506624ff860f562f0c1fc850b7b7d

      SHA1

      59ea8a85cdb3c34dcd24ac1a306628784ff2db6c

      SHA256

      33108a42a15f3078c5f695eaa32e44ffc3e5218491b4e14bf92c9ec1660cc5ea

      SHA512

      89c7254ccedd8acbd794a98ce1c081c908672ce45939bf91c7ce30482eb86cda467ed47016ae13789b4f3241518716d53b330a80d6ab991ee7fd53d57b65af59

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      2626c136f4e150684a8623ff90b8377c

      SHA1

      7313cce77ef854fdeb876739904d6fd308bb02cb

      SHA256

      d856fab05839018888a64fd2f4a71b525d3c3c95df326798ce1932ea64bf7c8f

      SHA512

      2c324c6c891a0ee7b2e9439cb1c364420ca76dee986109e7ea6d219f84346825e454806d39a7ae9d5807d5a048b668cecb4fbce204134d5f1ca9fe1d886bb1ca

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      17778a815b4f3c69deaa80907821f586

      SHA1

      994c4bebfff486ba5ad05d11be1c8e2eba41a744

      SHA256

      e0e3b448e445fc5818ef5ebef0a69fec382151147d87d9272cf3c26a70b3dcf4

      SHA512

      287e84ed1c75db48d844fdebb7d004d70e51edb69f2667207f4d2ebc211112c9f183a73929c91c71fb9bbed05de55a11094834f6f4603a208bf2926d4493c22b

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      689a4bffc6c3191ee734be30793c6f5b

      SHA1

      1e6456748e5d77fcaf1baa59d83c0c9c2c6363b1

      SHA256

      3f71f0f41687eaa75ce5cd9e36a0854fbec816b42cde3d1e2529c413d33cbf64

      SHA512

      9ff6897ff0d6b3fa9ccdefff106500dda0071c914f9db91e06353e280929323b81e8b8ff8b7315131ab88737252702b31327b361591b6a4800e99df23af3ad58

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      17b33c051158cfb06ac15dc21663a69a

      SHA1

      b9828baed5854f46776e2948dfbdfea4efc304fc

      SHA256

      4bb35016d277323566ad70aeea01c85499cd5eaac1f51bffb8c55aed136c32e1

      SHA512

      6115a36c3b66b0e3f1c0db4eaddd9a03090277bba6f88884b6a7a3aa49cea1344e27ba73f0ab76becfb92191d406736b2fdd60c2482869d192b87cdb63710ee7

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      29a3685c71217ea4ac15001e610ab6d1

      SHA1

      9f9b25a18cdcb7e20cbf8adba02ac69b6ff5d8fc

      SHA256

      887a10dc3a8ee49a2e55e9d4130e9531a03b6e37ec7a0965423d26abf5497a06

      SHA512

      3842d944908858560a737b29d8405b345c1dbcca2b2628690d72a31149abaed1ca90ba41f9e078e793e03f730bf900c2883bdd3cfd5269f7927c2bad64322f21

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      3589f515a818cb6a2a9132f2e48d19b5

      SHA1

      9edbfcf5b8bfff056f7424aa387da9bb1c89bca5

      SHA256

      873714dca68d3a16bd0b852404b8cadd1f6964a39ebd55e4692f543aef737083

      SHA512

      aa797eea243d7df6a1c8edadc52d0a7e36ec3c2d522032b300edc091e376034fb9c1ecdf79d910ece93af7023e0344352367e1f88853817ce1d9a75c7a516a61

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\Cab672F.tmp
      Filesize

      70KB

      MD5

      49aebf8cbd62d92ac215b2923fb1b9f5

      SHA1

      1723be06719828dda65ad804298d0431f6aff976

      SHA256

      b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

      SHA512

      bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\Tar685E.tmp
      Filesize

      183KB

      MD5

      109cab5505f5e065b63d01361467a83b

      SHA1

      4ed78955b9272a9ed689b51bf2bf4a86a25e53fc

      SHA256

      ea6b7f51e85835c09259d9475a7d246c3e764ad67c449673f9dc97172c351673

      SHA512

      753a6da5d6889dd52f40208e37f2b8c185805ef81148682b269fff5aa84a46d710fe0ebfe05bce625da2e801e1c26745998a41266fa36bf47bc088a224d730cc

      Download Submit