Overview

overview

7

Static

static

7

1a2bedd154...18.exe

windows7-x64

7

1a2bedd154...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ps.dll

windows7-x64

3

$PLUGINSDI...ps.dll

windows10-2004-x64

3

$PLUGINSDI...rl.dll

windows7-x64

3

$PLUGINSDI...rl.dll

windows10-2004-x64

3

Baidu-TB-ASBar.exe

windows7-x64

7

Baidu-TB-ASBar.exe

windows10-2004-x64

1

$PROGRAM_F...er.exe

windows7-x64

1

$PROGRAM_F...er.exe

windows10-2004-x64

1

$PROGRAM_F...ar.dll

windows7-x64

7

$PROGRAM_F...ar.dll

windows10-2004-x64

7

$PROGRAM_F...rX.dll

windows7-x64

7

$PROGRAM_F...rX.dll

windows10-2004-x64

7

$PROGRAM_F...er.exe

windows7-x64

1

$PROGRAM_F...er.exe

windows10-2004-x64

1

$PROGRAM_F...rc.dll

windows7-x64

1

$PROGRAM_F...rc.dll

windows10-2004-x64

1

Data/Games/GAME.htm

windows7-x64

1

Data/Games/GAME.htm

windows10-2004-x64

1

Data/Nav1/DH1.htm

windows7-x64

1

Data/Nav1/DH1.htm

windows10-2004-x64

1

Data/Nav1/DH2.htm

windows7-x64

1

Data/Nav1/DH2.htm

windows10-2004-x64

1

Data/Nav1/DH3.htm

windows7-x64

1

Data/Nav1/DH3.htm

windows10-2004-x64

1

Data/Nav1/DH4.htm

windows7-x64

1

Data/Nav1/DH4.htm

windows10-2004-x64

1

Analysis

  • max time kernel
    133s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    28-06-2024 12:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Data/Games/GAME.htm

  • Size

    3KB

  • MD5

    e3d70f2bb998119f8c545b2104bd1847

  • SHA1

    fe1f40369cd977c475075acd332aab4d91dd06a4

  • SHA256

    1b08201844c61963dedf6753da0dcee16012af6a2d01c1b883f922b93552fc5c

  • SHA512

    6bcbfabc8b9dc5fc625ea9fd79a3287c95ad33e2c48e2a289381a3f70020a744c1d4a0fbf265a4aabdffcdeb348645a7c2aa2040fce47939ddf2fea46e451644

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Data\Games\GAME.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2416
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2416 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2260

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    56c1ea1487baf97eae6e3c1cf9595fd8

    SHA1

    0bae609b8a3aeab7430fa4f118929c006d38cc29

    SHA256

    52ebaf4a86dbfd9add813cdb402ab09b7cdc44ac488dffde368fdf0159d2ce0a

    SHA512

    2dc704769774e77ea28278375d337f9d957905d1f6e8fe04c78af7363be8ba2ba436aa1576955fe38106c6653d5d544e5f1ee333b4ef15a9086d47ce8eeb587a

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    234eba02d6153106982395c8206b2ab1

    SHA1

    4b1ccd0584eddb7e67b4eac617528b014f4f0d20

    SHA256

    c7132b3c74f695f76be1f21fda4fc60af5282f1095cdb6a8c1468aa75abe3e31

    SHA512

    a9126b87175e44290db94cdb8cdfa5b4cd80b02c241037c864bd512ee6772ca177e3a715fa8204fcc6c5e2c88f5b5634fe2e9ecbf2c0005d7bac2edcf3171755

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5d1956dfeb7087dc1a5c631c80b8884c

    SHA1

    af19a0a9234150f0ff8cb0e5e2014828b1ae0b7e

    SHA256

    e7241defcacc1ce9da7698546969d8ca91d237cf12ca2151bd8e0703417f299b

    SHA512

    17f96525c37a36c38eed72e23645888083a3f6a3c9323fbd045e9bdb7ab202e7bf44e3ad10161a634d666615b895e13263cacbe894925b1a84a78111c319953f

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    da227e472a895aa00f6d969c94828826

    SHA1

    4c6a31a5ae5657244db1e3663377a4d967581fd3

    SHA256

    fb5f189978b5970ac4e59c4252586e51cb27243bb5027ebd37de2097f223d78c

    SHA512

    cf18a115d1461fb67a42453747f2be41be6741fe428397d1fdabbfea45b76369e615cb168a35f30e8c24911b46a3270ee04b877b58bc7c99ea769f977cc54da4

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3606820ced57fab86c8e832f38bfcc0c

    SHA1

    048ec53ef34021eeba11562000b0ed87a58b4472

    SHA256

    1b07e2805a3ee52ea6924381fcb3641142f540bd4ad968dee11b49a993f7348f

    SHA512

    61667c4953766dd2bc57961f520e398ff4f0ca743b6ba5ae98932ce577fa9ca3e1ebc972c943fb35ce20530fbea43a5acd7e3f2b88ab3c161402665a6b8e4f0a

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f2f5633112e2bc6fde2f0a6419c2e4e8

    SHA1

    d4dfbadf11a08852c67844f91cbb3612a1f3869b

    SHA256

    ce72c26130f0f4cdbac5d2e8cb616d567faaabf38d4a605d9f0522f1494adac2

    SHA512

    82377e5b4fead30efd06359f19dac71de8c305c33feefbf98b8272d2a3c6ed2df7b2e1be09f5a63f2abbfe067e914cf61b75f910536b042eee3175f318a0c8fa

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    40f3c3d529d8b27ec7bfc136c70887c9

    SHA1

    1e97c5a371945adc2020ba0e41fa89fcc4bd53ef

    SHA256

    b4fde89c0796757d6751a7c025af356bc5e11e47550fe723dd434616bac48c4b

    SHA512

    483667a51cd26cff72c7b2a49781b0113f861f1b57ca93c91e5a1cfa3763757f3dc9c7ac889c7cbb7f7a208812a9a1e32e09cb08e50aaf80b75a6b94578a2ffd

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7bf9b222d47688c7902d9e280df1f8e6

    SHA1

    62fb7bda7ff030a7c3a6cc4fcd5bf920230ecd36

    SHA256

    2e31a1d58ae916bf4e24fe142d9353a8db1645375e977f0d1214c958ff4b55e6

    SHA512

    ff99d70ed35b988bff4a03e940cf46276aab4a00e2aa76ff5eea92cb4d2f471be1f71e9bfb0e6c40eb796946e76db9c4be84bb11f09c12e4e663d33519b2fc2b

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4ae63b1a1b54393cf433c49d3f4f9b45

    SHA1

    f3f83b4418ce9a10ef45ac18ef52394ff2a42c85

    SHA256

    7edc8181afb57a99a0cd10de919193959ef88e205d73301a012788724f90644c

    SHA512

    4dc9e35d780587086db8c33fc9248f431da1fc91d1ff57f67e4c5b4491f6b0c10110f4f647ba190f57b5892d458495186acab6d47d86d9c20b5bb3157b201d16

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    17030468d312de95ff6f483fe3fb6c87

    SHA1

    307e37dc8d48fb20dd2952ad91299fdd31867972

    SHA256

    062246cc814e8992c593584aee589877534ea7b734d95ccdfb41e835f2fbd95f

    SHA512

    6805f401cb2495456c2d61b4bf6fa84257f9794088592c661099b7587f03ed8511f52ce9b0068284699a0ac01b596421e3ee7778881df14baea75c2dbd0aed4b

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    51312a5ec7ef13bf9368164610d6fe83

    SHA1

    c60ac8380faaa95b9be45b975f0d04257ae0d334

    SHA256

    2cd678be089184172c4ec9593b66b9d982fc89b0d3053850733f52e122c6e6b1

    SHA512

    77932684e3e91f132da5b0ee90bdd1edb8a21cdb9fa7717733207c915462122672a7d239ca3515b7a54854f38e555435db26f2ab5713f6c2cdaa385b7948f468

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    995921dfc10b5c1ddb901595601e46dd

    SHA1

    1228cf27c09c26e1a0b3fdb9dbc6d48ad205322c

    SHA256

    a1cce8f37a449ded4fdb03903c4e9d7152e059c75581f35c747a8fc7233d5c93

    SHA512

    073a111a4992383756342563765731cb85b7bf61febcca9a5782f3116edfd3577900f271da9a77f2af64e4a21f0029e8422412ea45f11f2f6887a08bdcbe2f00

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a5fa3c3a1424426852853a97565b5deb

    SHA1

    51e8162f03ed7df7a9467ca9cf2164836269f7d8

    SHA256

    c6fdad77b485250043b0fe5c5ca9828a2cb0695ef33d4c7d1685e765046ec3c7

    SHA512

    8ebf8a474c657b8308ef2649cffc1c698acad451f9e6be11637db5d96a8a90f01fdcd65da8a654baab67703bab00c092bc15eab0c8b4d1897abf0655f17fcfaf

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    16cf04ca87d5e043c3d604e941d94bd0

    SHA1

    42dca78eed3bce7485af71c2df076c22275b270b

    SHA256

    845aaefc2990bbdf73f68c27db7061cb73a28e2a05056fd10b09bbce1c24eeff

    SHA512

    b1cec79f7571918ea9cbf216fcb69f747e104d0b46b203219a889eae995dace660fd1aa5155e8601b4abbbd4fca653be342caeb0a719104e0476b94f440858bd

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    64c7ff3fc96bd835fe4b92935ceebb6e

    SHA1

    b6024b67a8f185e342a479f8d32963ed9d1651ae

    SHA256

    8bc418ce13114b671644192b6738b3f904f36300e8fac5b166ff5514bc9fed11

    SHA512

    864c39b3ce1b594b7564b04ba1a64c3f69feee72eec21d77f7dedba0704acfd5bd08e5b939c6b27a3b2ebc025b5d2e987708b899f3c2d95dee86533115b9af0f

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0c8d71c647de27dd623b33843ebaff03

    SHA1

    31ba6a9ec646e1646789015fdcf1295efde9c858

    SHA256

    8616400687f56f9e0e1e2255e7b3247bc50b5a5e773fe7fde1322c4f4fa5db4e

    SHA512

    3ed728512edecbd0ffe18b9488c054928662981e163e8cf880d9151c6797d135933403602bb8713a1ced966312258577569272a9f54a143d00472513d59a0354

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    892c7015720b5226b4982e4b4370fd24

    SHA1

    15ac52b380f086972f7d3855d0e5a1738b3639f2

    SHA256

    49bc9e073a2ea547159b80d4b248b16082c453b085b0c6e8a50c0335b76bf6c1

    SHA512

    d04a4f9151a976fc253ecd4b208a0d8fc4d998445d3690a8c57b3ca9485c6f611c6adbb5daff5f0c334255dacbb6c6fa0cea783a8c5fdc2c1a9fde9e4623edf5

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1f7e562a996e8573acd26f484dcbdb57

    SHA1

    0d64a192108c9a659b3d53294e881c5810f02030

    SHA256

    5a6d07189351fef6defffbcf11a5cafa958b483ae2e010693a71469bfe40f673

    SHA512

    d9c9324e25157227ba082ec4007952677a8d20b93a3e55af9fff15f80e05274bf03726b6049d0d6dffe8a8c25cb2fdd2cb952bdef341f1c46c6761e1505b5dbf

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eb1c596a906e7caa4f2d93e87fe6dfea

    SHA1

    7b582a3bdd6ae2de5ca102ee9a73ad01e7ed3388

    SHA256

    b8cd702f231a8d0d32623ab97f6909568d46b28795827f83254ba8581613474a

    SHA512

    9a1129287bc978f7961cc29d3ecfadd889a5d8be53b7fb0388eef4a218a0629d9d7363be9cbfad03154fc48e059508bf3ac3982753f7f1aaf674e2ec1c41b244

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Cab29EF.tmp
    Filesize

    67KB

    MD5

    2d3dcf90f6c99f47e7593ea250c9e749

    SHA1

    51be82be4a272669983313565b4940d4b1385237

    SHA256

    8714e7be9f9b6de26673d9d09bd4c9f41b1b27ae10b1d56a7ad83abd7430ebd4

    SHA512

    9c11dd7d448ffebe2167acde37be77d42175edacf5aaf6fb31d3bdfe6bb1f63f5fdbc9a0a2125ed9d5ce0529b6b548818c8021532e1ea6b324717cc9bec0aaa5

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Tar2AA3.tmp
    Filesize

    160KB

    MD5

    7186ad693b8ad9444401bd9bcd2217c2

    SHA1

    5c28ca10a650f6026b0df4737078fa4197f3bac1

    SHA256

    9a71fa0cb44aa51412b16a0bf83a275977ba4e807d022f78364338b99b3a3eed

    SHA512

    135be0e6370fd057762c56149526f46bf6a62fb65ef5b3b26ae01fa07b4c4e37188e203bd3812f31e260ec5cccff5924633dd55ab17e9fa106479783c2fb212b

    Download Submit