Overview

overview

10

Static

static

10

TekDefense.exe

windows7-x64

7

TekDefense.exe

windows10-2004-x64

7

index 2.html

windows7-x64

1

index 2.html

windows10-2004-x64

1

index2 2.html

windows7-x64

1

index2 2.html

windows10-2004-x64

1

index3 2.html

windows7-x64

1

index3 2.html

windows10-2004-x64

1

ransomware.exe

windows7-x64

7

ransomware.exe

windows10-2004-x64

7

tekdefense.dll

windows7-x64

10

tekdefense.dll

windows10-2004-x64

5

Analysis

  • max time kernel
    100s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    27-03-2023 09:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    index3 2.html

  • Size

    1B

  • MD5

    c4ca4238a0b923820dcc509a6f75849b

  • SHA1

    356a192b7913b04c54574d18c28d46e6395428ab

  • SHA256

    6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

  • SHA512

    4dff4ea340f0a823f15d3f4f01ab62eae0e5da579ccb851f8db9dfe84c58b2b37b89903a740e1ee172da793a6e79d560e5f7f9bd058a12a280433ed6fa46510a

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\index3 2.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1680
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1680 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:776

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    76f399763db2fd10dcf8e1188e36ddcd

    SHA1

    7af254bdaab8818bd2088991dbbd4373a92bc9f3

    SHA256

    2a7add1aea9818bec0dd0677aad716f6171a20bdbf88c393f86bc4f099b7e309

    SHA512

    207e45e10641ab26d6c8ac5afb7300deef4a7c685d551e7b675d1ac6c6954d968a0695e18b12195812d7f117787d209e83cc6ddab3d147bede9437fe9ae3bf21

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    b5f887b856cb207b7eafbd6b73220343

    SHA1

    df6eccc304ec06489e249d2901032b4e8b538207

    SHA256

    737b630f4a36dc4dff18928830ccd6a2862dbf2fc315ab24057711f8501ff01b

    SHA512

    143295ec90b8fe35c3000c4cf4fd1a0dccff0d9556396976586ca100c34161e58ab406e797007e6430c9d6b8eaa3103b76ce1c596d70c1a63eebb7c5448af305

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    7838bfcebd4d35bc313d0139a6c9e9f6

    SHA1

    ba17e8974946eab2fb9bf8fb08741b4e88bd2a13

    SHA256

    10e357ecb6a05f6992c89cb1d12e1c9a85ea71e0b308858a597b1eded709ba83

    SHA512

    9d070d75a20ba619a9bc37561eb8079ba9cb51ee46d6d37db0e6dde710f50fa2ca6ee9baad4e71793623ccc2a4d1ffaca0e2d1937d38e1fb653ba903cd2c617b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    467f0d4ff8e26e9408cb65ae014fae2d

    SHA1

    78a06491e7eeb6c166792028ba02caa849c97b6b

    SHA256

    2da7abf5bf3956e1cb10921e371993e1ddd8f3179c012ee129ba58f9dc163da6

    SHA512

    7bfae057bcfe33b669a30bd5ccbb8146fa26292a923ed8d084948c2b3f83407e63ddb90916fa615b242b62e3b046dbc77fa1cbd7c2be97675ed6876594dff238

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    c3ec13b05c204889a0ae6b7bf13e9076

    SHA1

    26cf8d3ffb85fa2d06e922463ed780659874f1b3

    SHA256

    373d396cbc6a11929fd720b2da2bc2d744ad223587c0b210bbdb1d58cb6f8c43

    SHA512

    22ebb87d739645c41c89bc1ca51d16ca781cfe91033fbcaeb1655b397bcc4a51243e511a871263a797cb6bae161f6e2031c81dad2825958b81bc6ed3a9046e57

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    08167868c0064cbd034153b9856b7d55

    SHA1

    c1091d4a1a5aa83c97aec593f276fb404ba073f6

    SHA256

    d46af8913963d125a5b7c1edab69124b88d26a29ba6817931f629d6faca9d118

    SHA512

    c5a1b2122c2cc3d508154df38204b29929887fba287a4ee6a1f6769c83bef925046c00c981e2e7c252b6206ae648dbfb95e34f335cd2cb5f400725530159695e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    59c0c769fdc4f998db1296e4115f257d

    SHA1

    6bfb52359fffca0e22c6eb3a73c125db92436bd1

    SHA256

    b5fc08a4b1d0efcd9642757a04ebe19b2ee8ea42cbacc7c5f9c3d2648976a9ef

    SHA512

    766fe3e5b8e6b18a7bf0025c134c707fa90b1f4b8c01e9c48e9fe06c234dff100793b6cb74918f53c18fbe9e8b6a62fa9d60f34fc442c6a29470c55ad24826d7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    97314416aa95abcd7fde6363df75d6ae

    SHA1

    16c79b29e7235759c8bfa6138dfe166339a3f3b7

    SHA256

    a11361c658f14ba2a42d9ddb5fdf3ef9e7bce3a2c2b73a4ed3b1c946de898991

    SHA512

    5bcaf343e0160c4726574c54b5bf3d8b4790f725c79939a53694256521baa323a6de557418e3542864e0952046c4d3780885cc47f9f762f19d926a946d09ba48

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    f60d479d027c0c440c824267ebd42bf7

    SHA1

    b7c373977fc7754e49110f5e7114fd7c654aeef0

    SHA256

    4b33e296b9516cadacba3f0976b75052c4875aff696b5b755c453c772a683520

    SHA512

    7f4383ef17201973629d7b57892f2fe412da317b41935b7a2a95542a352b489e49b438cc2ec75ea5563fce4f8d55940b493c7298f1760851db625a9362e8f23d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    e182079772468c441af8c906a93cf382

    SHA1

    41cb5182db4b498dc03a4b3653f45b4f17215af7

    SHA256

    e054e99b571aae50c6887b8e44b2cd3aa8a995a33a9c80a7cd7d11b3c7247257

    SHA512

    5c6165c311dff6f407658fbb04f4ca5c885b456eb2adc8af485e4079850258eb3b5c0e03ca96dfafcbbb108fb1de56b5b657afa4d619b33e12883ae338acc44d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    b8e20baf6e9cb6baf726bd87b17e4955

    SHA1

    74ab07fa1dee8713d201397c04ec0f0f75c35e38

    SHA256

    ed0691dcbc0f6ab2d33333053f2b0fbbcf3b16194fee10f1b187143adfd853e1

    SHA512

    7ff1da73ef7cdc3619526e7183c71e8947e0aeed3979345d039f2ffe471d7c9b8c780b4c6b6d5caa82497dc0921fefd76a046ffec015d765ddaa8d00d1a0543f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    44b24b589aa684819f3ed71c310f4ef9

    SHA1

    507135a59691d262e2c059aef1be3843f9474efb

    SHA256

    88cd2857df845cafdd69dab9a8f32585e947759892467bb074edcc55331435d3

    SHA512

    70b2bb5d3b3d03917d130179694774a4059d97fe2421af18569c42659414fd0a19889adcf20ffe981d906557b7a8dd6f5e456ca48572fac7fafbc46ce2bef219

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    9f84a73752cb59485cfe386e8650c158

    SHA1

    be5176be41fcd68928adcc4d9fcb4e1fae5acc2f

    SHA256

    19907dc2ae7ee46b2509cbccb7bc8cefb778a1a0180d19fdfc438ce2263c2ddb

    SHA512

    db4d339655b1c73d5dc4bf39f3c44c3a49d1dd21e6ee1902b1af9a3490fbc563e7649a4ceda0132da530659a8556b7c61df4e1aa2bb4507ddbbb9136659e9319

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S7FIT0B8\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3C95.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3D45.tmp
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3DA7.tmp
    Filesize

    161KB

    MD5

    be2bec6e8c5653136d3e72fe53c98aa3

    SHA1

    a8182d6db17c14671c3d5766c72e58d87c0810de

    SHA256

    1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

    SHA512

    0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\A4R1N0CI.txt
    Filesize

    598B

    MD5

    6db3b4f064983d52d091203419d0a0fd

    SHA1

    d1a076d14a0bc87e076d47b2d95fce069d2d1570

    SHA256

    472afd9e97850e1e01c4b3bec8552c325cd454e1363bfe06052651115c0e8645

    SHA512

    4fa4943fbf3a518262e2f775863ded03874ac789c3e5cb902d0ee77a64d08b542c27a449ee49b39250b47be3402fa78a73dc8310fe473fca01343902f5067c9c

    Download Submit