Overview

overview

3

Static

static

erxczzxEr0...ore.js

windows7_x64

1

erxczzxEr0...ore.js

windows10-2004_x64

1

erxczzxEr0...rap.js

windows7_x64

1

erxczzxEr0...rap.js

windows10-2004_x64

1

erxczzxEr0...een.js

windows7_x64

1

erxczzxEr0...een.js

windows10-2004_x64

1

erxczzxEr0...x.html

windows7_x64

1

erxczzxEr0...x.html

windows10-2004_x64

1

erxczzxEr0...ght.js

windows7_x64

1

erxczzxEr0...ght.js

windows10-2004_x64

1

erxczzxEr0...ain.js

windows7_x64

1

erxczzxEr0...ain.js

windows10-2004_x64

1

erxczzxEr0...zr1.js

windows7_x64

1

erxczzxEr0...zr1.js

windows10-2004_x64

1

erxczzxEr0...es.jpg

windows7_x64

3

erxczzxEr0...es.jpg

windows10-2004_x64

3

erxczzxEr0...ore.js

windows7_x64

1

erxczzxEr0...ore.js

windows10-2004_x64

1

erxczzxEr0...rap.js

windows7_x64

1

erxczzxEr0...rap.js

windows10-2004_x64

1

erxczzxEr0...een.js

windows7_x64

1

erxczzxEr0...een.js

windows10-2004_x64

1

erxczzxEr0...x.html

windows7_x64

1

erxczzxEr0...x.html

windows10-2004_x64

1

erxczzxEr0...ght.js

windows7_x64

1

erxczzxEr0...ght.js

windows10-2004_x64

1

erxczzxEr0...ain.js

windows7_x64

1

erxczzxEr0...ain.js

windows10-2004_x64

1

erxczzxEr0...zr1.js

windows7_x64

1

erxczzxEr0...zr1.js

windows10-2004_x64

1

erxczzxEr0...s1.png

windows7_x64

3

erxczzxEr0...s1.png

windows10-2004_x64

3

Analysis

  • max time kernel
    152s
  • max time network
    147s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220414-en
  • submitted
    30-06-2022 17:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    erxczzxEr0rgdxvngEr0hjhvhhxEr0cbchkj8282infoyxZdzc/h0el0p0MA0Er0/index.html

  • Size

    36KB

  • MD5

    4b6c1dee49f73abe790ebd6fe497bb0b

  • SHA1

    69306ffc0c39e0bc10cfc3d344f1efc56a2c6f9e

  • SHA256

    74582de92869818ade898be7ca7dba7b1959c810a48844c885d9a608a94be613

  • SHA512

    d579fba999cbd55fc6b5d32b0b9f2dc9e742c9ccf29c7fbc58f9e8612503d17394d2ed01d578b797f1ecae60c6a4dcdc65f77e72b3d6cb807f8cc3625bf545ce

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 48 IoCs
    adwarespyware
  • Modifies registry class 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 4 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\erxczzxEr0rgdxvngEr0hjhvhhxEr0cbchkj8282infoyxZdzc\h0el0p0MA0Er0\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2608
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2608 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Modifies registry class
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of SetWindowsHookEx
      PID:2724
  • C:\Windows\system32\AUDIODG.EXE
    C:\Windows\system32\AUDIODG.EXE 0x308 0x46c
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:4756

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads