Overview

overview

3

Static

static

1

2captcha-chrome.zip

windows7-x64

1

2captcha-chrome.zip

windows10-2004-x64

1

background...d.html

windows7-x64

1

background...d.html

windows10-2004-x64

1

background/pac.js

windows7-x64

1

background/pac.js

windows10-2004-x64

1

content/script.js

windows7-x64

1

content/script.js

windows10-2004-x64

1

icons/logo.png

windows7-x64

3

icons/logo.png

windows10-2004-x64

3

manifest.json

windows7-x64

3

manifest.json

windows10-2004-x64

3

popup/img/en.png

windows7-x64

3

popup/img/en.png

windows10-2004-x64

3

popup/img/loader.gif

windows7-x64

1

popup/img/loader.gif

windows10-2004-x64

1

popup/img/ru.png

windows7-x64

3

popup/img/ru.png

windows10-2004-x64

3

popup/popup.html

windows7-x64

1

popup/popup.html

windows10-2004-x64

1

vendor/cry...min.js

windows7-x64

1

vendor/cry...min.js

windows10-2004-x64

1

vendor/jqu...min.js

windows7-x64

1

vendor/jqu...min.js

windows10-2004-x64

1

Analysis

  • max time kernel
    100s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    21/03/2023, 06:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    background/background.html

  • Size

    316B

  • MD5

    7035aa39ed76bd237f1e317a6529a74b

  • SHA1

    efd94731a8b75ebec65922059cbad15429110d05

  • SHA256

    f3b897d7305a5f3b0f1e2b78d4c064ce0ef0739d74eea6e8aa36069f479b2d70

  • SHA512

    13783ec8de9c7524aa3fac99a6b24ed5723e6b09d7af3073b4de4a85fe6ce118019e3734facae44f2cb09d56a4e14ff4004c690d8fe787d94a141890e13d1f8d

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\background\background.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1092
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1092 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:268

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    951330f5d20849c173b7b17a4a92e1ff

    SHA1

    601d7e8b54a8fd10745ddae5f0e88a521ee326dc

    SHA256

    e32f4bc5fe7f91de2503658310dc73c4fdc8dcf343dae4c3b10d8b5e550faeac

    SHA512

    09bcb5e1abb6cfd4429d820f39aacd8706cbc9196f2f019bb50cbd2331d9c07e57b075adb77ef1c34da86ccca23a98887e689123437155a99b860db6f152f38e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e97d72dcfba0a2cd4cb6e4c9fe9dc399

    SHA1

    9e2017eda520344503e3aec49f89b6f3aaa39b37

    SHA256

    811319660dec6325fb2569f9e77f0691f057506845ae30b55736cfded4614e4d

    SHA512

    b22253d3e4baff8b47d15a917cd31d750e8213e35d1587eac01f9ee2b09ad44cdcbf1c83b3ade0e360cae108efd0478a570dad539c088970f910dde5eb87ad8e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cbc24e2ce1e986adfc6b9fd713598c94

    SHA1

    dafd641b763a7162298d93b3f54bbfe7e7bfda57

    SHA256

    fcbd252c748414775478688d7e25f787742e0f1db4b47b8a1381d6e7ff51f63a

    SHA512

    4114909ac2279528f87cb58980215ae96075dac23cafe44752ffbf0356a3121fb4b434b4bdf17847124683572ec401d44f454416c3e2516d0f97ca08ecae8c52

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    db03ae2dd36374a93099706494a3ea94

    SHA1

    87ff56d491f86019db416e36d24cf1bf71fe99c9

    SHA256

    f0743233bdf7890e0ad7fe106b133287f260bedab82ac7824308f2b42e948b9b

    SHA512

    a9852b6d706e0e4098fa6852784f129a6709b0769adcb1e9b515c509232269b2601cf0473658e84b5b5367e666628311132f08816fb88bf282573e19ac20abe9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5014bb7256fbe2b419985b7de5f97e50

    SHA1

    169691cb4116e0d85d331d9f3342c3f8fb47397a

    SHA256

    6ed1120b9d197bf46f7eee3f1d279a93c6196cee29d3c4fa6f022f1075196f93

    SHA512

    b4d22044e9a2b62a5cdc29edee0daddf6a2ed78a617b177e255d306a4363744ba126a041b6647a2962111e5144f56a9a25a955399e9d6309c5aabf44037f2a80

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a9cdbef85697c956e1a932fc9e6d25b3

    SHA1

    cbbe5c67a75c60eb5360813d309aa5f6dd907fc7

    SHA256

    21cfaec6e86681871eb4fd95ceecc85b1605217eabc9515edb35e32e5c661169

    SHA512

    526db25083ebcd4245df5a16e5f959cdaeaabb58b231be8e38dbe15de4ae2fab3cee7af0fe5f10cf0446018b9cd98e86648e77ccf8285435f5c831b213bb61ef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9138fe7c739d47b28e68c720a19f027d

    SHA1

    97d75782f8c738fccbbddfb8b2ec516385e2f570

    SHA256

    246232efd5592e332bf614840820bc8484509a5b60d36401df365e76f9bf1dcc

    SHA512

    20b26121461f345ab10da16603de2ff310752dff75a73b7392658e42f0ca103aad057f6ae9ecdf41d376ea6aa8554ce0350a65c3328daf6f510dc890f638e5c4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bf86ccfe925e4d4cfe3de12f9a1c1616

    SHA1

    a96acac6e659babda66d8bbf35fd16b73d21594f

    SHA256

    a2a71ee8b7a1ec0c2838a4d3cb2db216d7b4c08dcb736de8cff9b15289b82676

    SHA512

    a1207a5ca04ace0a96775fb0dd3d6360e79b3f53fe98c0f1395cce11d1f04de96b36a11f6f6adb50d77445585536e2b7d93e47ed0992e8b21eb818a9852d640b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6648c8f9c477fdd2508fca39f983389f

    SHA1

    ed2164f6636987af5fc40468f36e84b50fa9f776

    SHA256

    2259c6caf5b83a0b14ab30b65b2ffa328fbc6e4b9dadc46280184d9d6713cfc7

    SHA512

    301720a1972559b47222a666dfd2b6a882fe78bb4ce97e2e7c34208107744cd76b595600c8ec1daf6969f763bc9bd3336769efcf9a0e7a1cd836bb96fbd5efbd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    76fe5fa30293b54a7ac19364dd30a7ba

    SHA1

    1cf7311d2d5a8550870a38d3972d3ec03f6230d5

    SHA256

    72ef539ab119d4b94fc5f171ed0bc497f6298f3ea115c436acd3149f65a859db

    SHA512

    5a4049f8f11ff820c13778e4c50b59adf40dcabc2d72d5d11b407b6673c0b8080b8e4d0932c7450ee12a76985c6bc37e37a3e45e5778ae76aeddb1507d9bd3ef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6c3b376f5b54ee3d5424efd48b463791

    SHA1

    65cf2525f8185a7af40a1572986298620b2f5365

    SHA256

    92c08619161707eab83ce9525522db2d01e37924b5ff11431a78c282120422b2

    SHA512

    1f8e0d6515cb14994d4c7288206c2e801066fdc15dc08c32c4b73b36110f4b52e7e838dc57ace8fc15e6548985cf9db87f0468ea8a1568c1e84946ced498a9b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    06bd77ab99d9319c24fc9349569d9980

    SHA1

    c2400385261fae22deee88584f5f814a6980ed58

    SHA256

    2ca22f9c3f660e53e3c6dc9647432d5432b415d9780dc24c823c34163a77333c

    SHA512

    5975e8079877abc8625bb653dac754e65435d9b91954201c113e59aff8b40961a4c2059e455445e57187d1c161c0bf6b383f8e7aa930324dd21cea7b50b6a23a

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KTB503AZ\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3037.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar34E0.tmp
    Filesize

    161KB

    MD5

    be2bec6e8c5653136d3e72fe53c98aa3

    SHA1

    a8182d6db17c14671c3d5766c72e58d87c0810de

    SHA256

    1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

    SHA512

    0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\BYNY3GOR.txt
    Filesize

    606B

    MD5

    6f267edd1aa5c22fe61d787036a4f4a1

    SHA1

    fad0e2c5db5c2edb18feca1f8a0e6a084d416323

    SHA256

    f22e2421493e8bf41a5f4675ae8fd0bc993bea8b06bdbb854fc636b56af713fc

    SHA512

    124c8ffcc0f53ca469a22c8354b00155b29b19f6e4a8c78018018c97488f6acf564cac12a4cf6c1261b9e18ac59eeced522db178dae191766b58de31216404df

    Download Submit