Overview

overview

10

Static

static

1

New folder...nk.dll

windows7-x64

1

New folder...nk.dll

windows10-2004-x64

1

New folder...up.exe

windows7-x64

10

New folder...up.exe

windows10-2004-x64

10

New folder...her.js

windows7-x64

1

New folder...her.js

windows10-2004-x64

1

New folder...x.html

windows7-x64

1

New folder...x.html

windows10-2004-x64

1

New folder...ent.js

windows7-x64

1

New folder...ent.js

windows10-2004-x64

1

New folder...ent.js

windows7-x64

1

New folder...ent.js

windows10-2004-x64

1

New folder...ris.js

windows7-x64

1

New folder...ris.js

windows10-2004-x64

1

New folder...x.html

windows7-x64

1

New folder...x.html

windows10-2004-x64

1

New folder...nit.js

windows7-x64

1

New folder...nit.js

windows10-2004-x64

1

New folder...ins.js

windows7-x64

1

New folder...ins.js

windows10-2004-x64

1

New folder...ant.js

windows7-x64

1

New folder...ant.js

windows10-2004-x64

1

New folder...ion.js

windows7-x64

1

New folder...ion.js

windows10-2004-x64

1

New folder...cc.dll

windows7-x64

1

New folder...cc.dll

windows10-2004-x64

1

New folder...58.msi

windows7-x64

8

New folder...58.msi

windows10-2004-x64

8

New folder...67.msi

windows7-x64

8

New folder...67.msi

windows10-2004-x64

8

New folder...58.msi

windows7-x64

8

New folder...58.msi

windows10-2004-x64

8

Analysis

  • max time kernel
    149s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    27-03-2023 16:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    New folder (2)/WebResources/Resource0/index.html

  • Size

    3KB

  • MD5

    b497fa31315258244c91634b4e002098

  • SHA1

    c5eaef2948415dfa872885c10a205833d1b01814

  • SHA256

    bd50e83afd31dfd5f9810d389236ac00dc9f5b93f5000121022d8d56166d4c06

  • SHA512

    bbb7303d69669a743a4978c69db559654ff4b80bbda4964f68d248ee82e015eedfc7177fc20b85ea82fde9ed82b3dd24032dc218b368deb2278ad76d4c3608f6

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\New folder (2)\WebResources\Resource0\index.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1348
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1348 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:768

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    6310909c1fbb2b878f1137436088f4fb

    SHA1

    b98bcfc33ed8adeeca1fa5c0957f83bef08e0599

    SHA256

    4e3596d05b56ae1e9db6817d44357bfc7b56266c7d4929f61b44ccf3a71bfa09

    SHA512

    e7c88fe9a771763f3b17418773aed3dead385c36934f841dba39ba321ef83161ac878713cfcbea5b1a4f239382083c6def0f789ac39f7eae31822d060a61dbf7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    30dcdb9e606a09acfba47a23ced71166

    SHA1

    d0f64264366b09423a056e415495e569d04aa81e

    SHA256

    37af8391b3f4475ce063a5e3962bbbad1b064aa6d16c3c10a098f355a5fd041b

    SHA512

    50934de3d57ed42cce08dc1f4e0b58790be8e87b0156c19bbb8fa9bed201d4e9ae56b7a016ea713d537f4b01ddf2d02b40ce99cb686017f398824e2c43a14023

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    5997d0caf97a112035f996b72e45f495

    SHA1

    fa201fa4ad7595f9dd223a25a8911659900fa604

    SHA256

    1b905923798a85357d2ca7d56fa5e5042b28112be1952641f080d7773246cd1b

    SHA512

    f7fbb488c0c2a5e781b5b2d2e919315ed610e00f20ba3d59435a39eac3d717c70156288cafc68dd2bd1b1141b24cdf14137f5863b4e8767ec5377694e19d8ad7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    a810fcfd23629a8a5ade030dbdd54960

    SHA1

    6ee4a07cb5c3086c01414aa363c54fa4d81e8aa7

    SHA256

    095d2bf662e4d7c3d6a93109333577d7fdc25827e524f13d69929eb35526d5f6

    SHA512

    a262b547a470b0aba3ca53bcad609fd9976074f20ade6d87d207f1dd56a5a503b275d7112367b6f63dc24169c4e9d00eaefb4eafd0c912ca1c0aa2d00aa5dcc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    b208a9bcb9dcc711e8246b36e90aae50

    SHA1

    243eca54fa4555a7d82f04d38b91fd0313c52488

    SHA256

    f14431837a3760520e845d64647585c70455a15ad3ad11a080b29295e69ff542

    SHA512

    a4be551261a188f75b87e4b3f1d55e1e27e10894b0abca2c1e0ae4388da30ff034fc795e1038c3849a16d6904adeada71bcba1386b2266e563a8f003f95c676f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    b81c7bc4521a678ba47aa1c333e5c3cb

    SHA1

    585b86f68fa81518e9250a098627c2443da3a68a

    SHA256

    cdaa46b9abc6bbaf2aa0b255ccf0412c3c1bdf886bc731c5d969b754e5de875d

    SHA512

    b93dcd04fc2a5e27cb8852a82609ef4eb4a34ffdce20aec34b9c4b2ab140564b8a57a81d192712d8d41595e22ee1f0cb3c971887d6050aac4dff57299aedba57

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    24dc986e2958e41fc8aa68a45f5c63a4

    SHA1

    a5b8b6643fab83cd3697abc11991ee2a1382149e

    SHA256

    d795ceb960821b2d8df1ff2616e393f0b8e603212b5b364ae06c3881e8bb419c

    SHA512

    1ff5f4f4e2d0116f314dfce9fc59dbab821c6163fc44db6202fb2bb05f9340ee5e53f4755b6d71e3021ce39692c0e66e74df31aeead39e49fd8641681be784c2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    06560bf2b823dc47aba76448c11b3311

    SHA1

    0520a835a7b980ac5f0804af1f25c77df4b56bda

    SHA256

    0fd4ef24464984a62b9402e4359b05f7ce7035bb78205c57625836a8a37b57f7

    SHA512

    f27d9ddd04ef33e77051b7c3f17beba12136c548983aaace885a4ea90aaf1500b1a598873644011247d16fd0ff3b6f3a1c3595027dd0df6ff84372e2054093ae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    bb20d71b9b526a554a81b44faf0f547f

    SHA1

    7c41391494a49d943d4f69d5b46d8ec38c94a0d3

    SHA256

    0e15b2f253e9d2ec3b11ad6bd985c9051fa247618dc70525cfd0931529db570f

    SHA512

    fa9df3750cceb46b96f3bd77a0fe563b25bd9e81eeeb500ed9285396e49f0e3d987045815639fd68df82cd2a7acbe7139c5695bef46c9213be04bf7932c984c6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    7430aaeceee86e6158be656126e1c51c

    SHA1

    86bf7b04d449035cb8922e182564d2504eb4666d

    SHA256

    ed233ac19ca02ecb6d259187dc093101a3fdfecfb8479cfc5cd64c413fb71048

    SHA512

    b6af4e9e4b9d697b493e7c1f8a0991d9150aa2be6542cb3e2a58c356717c56e4f736d60c438e48d2c1ce86e319a597f878f21fa511e4eb79359f4605ca34a520

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    1f6419fd6ff5b7c6f2a2b85e2ce07d00

    SHA1

    cb0c79ddcafea3eea8a955f53259ff541dc1c897

    SHA256

    1403101bcd8828679a836713a1c2193c29a0079c7536ff21f365cb1428187062

    SHA512

    43a12035ed16742254b9a2998d13ebf9821b834c2659b7a6714bec1812e571348aae084a90076d5e728df45be0d78c4ab4ef0cab76d51b4241b418d6addac2c7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    09bd8c012bfd815b75dc9b54b8a1c68f

    SHA1

    0b939754b5d0731a4ee9e8722e2b945929f43274

    SHA256

    30e5148d67087a21c65a70a4bd512291ebbba3c8a7d79b1d8a0cb88aa3076083

    SHA512

    f9fca9b393b2bed8280f4707a2954ad8874d2915b90be9397f46c23e1a7a0a4548fd4f112e5d6b30d487c94c48e59e9012e70a5cd047d0a4e42cb6c12dc086cb

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TOS3MI7U\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE3ED.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE599.tmp
    Filesize

    161KB

    MD5

    be2bec6e8c5653136d3e72fe53c98aa3

    SHA1

    a8182d6db17c14671c3d5766c72e58d87c0810de

    SHA256

    1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

    SHA512

    0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\TFE75W5J.txt
    Filesize

    603B

    MD5

    be79388c5a4f0c63df158844f700cb59

    SHA1

    b89b7bed46d76bdfc9d25b878f6d977339ebd1f7

    SHA256

    473ea5eb1795b8b4dee16c4b37ee3e8b4c1b0af9aa78f46930ff8f21a9299be8

    SHA512

    439592e832b6e8b53051c8b2d44b166b9d554cd2f56a12bbc10b9a66d2041a694fe6faf6d25f31e744eb9b16d37a8425d1eae4e8f64f4dd2744379f338f34427

    Download Submit