Overview

overview

3

Static

static

erxczzxEr0...ore.js

windows7_x64

1

erxczzxEr0...ore.js

windows10-2004_x64

1

erxczzxEr0...rap.js

windows7_x64

1

erxczzxEr0...rap.js

windows10-2004_x64

1

erxczzxEr0...een.js

windows7_x64

1

erxczzxEr0...een.js

windows10-2004_x64

1

erxczzxEr0...x.html

windows7_x64

1

erxczzxEr0...x.html

windows10-2004_x64

1

erxczzxEr0...ght.js

windows7_x64

1

erxczzxEr0...ght.js

windows10-2004_x64

1

erxczzxEr0...ain.js

windows7_x64

1

erxczzxEr0...ain.js

windows10-2004_x64

1

erxczzxEr0...zr1.js

windows7_x64

1

erxczzxEr0...zr1.js

windows10-2004_x64

1

erxczzxEr0...es.jpg

windows7_x64

3

erxczzxEr0...es.jpg

windows10-2004_x64

3

erxczzxEr0...ore.js

windows7_x64

1

erxczzxEr0...ore.js

windows10-2004_x64

1

erxczzxEr0...rap.js

windows7_x64

1

erxczzxEr0...rap.js

windows10-2004_x64

1

erxczzxEr0...een.js

windows7_x64

1

erxczzxEr0...een.js

windows10-2004_x64

1

erxczzxEr0...x.html

windows7_x64

1

erxczzxEr0...x.html

windows10-2004_x64

1

erxczzxEr0...ght.js

windows7_x64

1

erxczzxEr0...ght.js

windows10-2004_x64

1

erxczzxEr0...ain.js

windows7_x64

1

erxczzxEr0...ain.js

windows10-2004_x64

1

erxczzxEr0...zr1.js

windows7_x64

1

erxczzxEr0...zr1.js

windows10-2004_x64

1

erxczzxEr0...s1.png

windows7_x64

3

erxczzxEr0...s1.png

windows10-2004_x64

3

Analysis

  • max time kernel
    150s
  • max time network
    145s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220414-en
  • submitted
    30-06-2022 17:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    erxczzxEr0rgdxvngEr0hjhvhhxEr0cbchkj8282infoyxZdzc/h0el0pIED0Er0/index.html

  • Size

    37KB

  • MD5

    2cda3d712eda3eaa8b8f1d047186082c

  • SHA1

    bcdeb6ceef9b9ab9bbc48681ac84f6ca9c77e888

  • SHA256

    cc243cb9d3f75fc87a3c899a99e182279c4b49e7c823f89bc9bdbfaf5ff65d84

  • SHA512

    81d144d1587736c8f2994d03eb935352facb0ec221bd36738a159f1c8efd53ca0927a6dd9b407589cb337b4ceababe8dffef2bb6b883d3f3eac6544813614628

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Modifies registry class 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 4 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\erxczzxEr0rgdxvngEr0hjhvhhxEr0cbchkj8282infoyxZdzc\h0el0pIED0Er0\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2176
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2176 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Modifies registry class
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of SetWindowsHookEx
      PID:2368
  • C:\Windows\system32\AUDIODG.EXE
    C:\Windows\system32\AUDIODG.EXE 0x410 0x4a4
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:3312

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    c4a8c03b96371fcbe2e3a0e4b911e38e

    SHA1

    90f79bf49ef625e17a905fa2ff899842e7a22704

    SHA256

    7294630739e87a3772073ff9293df877add559be651ec165d25a366aa50f56d9

    SHA512

    c28695b0b9979118d83163ebbcdbae815eba4aa4e31a01787bb8e220ee90fb7c388f79420a9a708158e3b707a684c4145105ac731a11e0bba701922752c669c2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\82CB34DD3343FE727DF8890D352E0D8F
    Filesize

    7KB

    MD5

    df6deecba36f8d0af53eafa9c51ab1f7

    SHA1

    6430b114505bc7faf945b1bf250b8e33adfd54e1

    SHA256

    60d1053bde5fbca23ed8976f1eabaee9c4bb459d9c997e5a76bb2182ee916d98

    SHA512

    524ba4be0dde21181da4ff97a00caf037f382cf7e128629bbbf0b9e7a65d6df39b78e09ecfe3ceef8ed1f69883d6d1ceb1ae32b36594d14b0d65f5c6ccbfe46b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    434B

    MD5

    d5c1f347a1ea8a242b341ed83a2c1cdb

    SHA1

    d4598971d0fb466da6bf9bb0eda8a9ffe81508f5

    SHA256

    2b312cff85b045f4b5a32f526d8e7b3630d07fc693553e7b715068614c8cb9ee

    SHA512

    b44279dc638267de2448114081faf35cf413cfeefd3b104b6148ae12d39d645e30b8d1bce21849803074b651493650582c206bbb1d6fe1ac1e3a6a2f9ae43830

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\82CB34DD3343FE727DF8890D352E0D8F
    Filesize

    226B

    MD5

    7082ea5a9c7d1abdb7b47a85ef11a342

    SHA1

    c1c3219f31539a67616b57f5731cce890258a77d

    SHA256

    8c0425b5ecf5df506869a131caf45a7d4ad830cc23bcc7af8590756304ec5f78

    SHA512

    e39f5e192bca491cca04e574a1d66d866dc9a86f91c63959dc2e2d3ea0ae22a751c3ad130dd43a0a260674cfbdb46f69951cb9916abb2291d46a72644207266b

    Download Submit