Overview

overview

10

Static

static

1

New folder...nk.dll

windows7-x64

1

New folder...nk.dll

windows10-2004-x64

1

New folder...up.exe

windows7-x64

10

New folder...up.exe

windows10-2004-x64

10

New folder...her.js

windows7-x64

1

New folder...her.js

windows10-2004-x64

1

New folder...x.html

windows7-x64

1

New folder...x.html

windows10-2004-x64

1

New folder...ent.js

windows7-x64

1

New folder...ent.js

windows10-2004-x64

1

New folder...ent.js

windows7-x64

1

New folder...ent.js

windows10-2004-x64

1

New folder...ris.js

windows7-x64

1

New folder...ris.js

windows10-2004-x64

1

New folder...x.html

windows7-x64

1

New folder...x.html

windows10-2004-x64

1

New folder...nit.js

windows7-x64

1

New folder...nit.js

windows10-2004-x64

1

New folder...ins.js

windows7-x64

1

New folder...ins.js

windows10-2004-x64

1

New folder...ant.js

windows7-x64

1

New folder...ant.js

windows10-2004-x64

1

New folder...ion.js

windows7-x64

1

New folder...ion.js

windows10-2004-x64

1

New folder...cc.dll

windows7-x64

1

New folder...cc.dll

windows10-2004-x64

1

New folder...58.msi

windows7-x64

8

New folder...58.msi

windows10-2004-x64

8

New folder...67.msi

windows7-x64

8

New folder...67.msi

windows10-2004-x64

8

New folder...58.msi

windows7-x64

8

New folder...58.msi

windows10-2004-x64

8

Analysis

  • max time kernel
    100s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    27-03-2023 16:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    New folder (2)/WebResources/Resource0/app1/index.html

  • Size

    3KB

  • MD5

    0b31851506ed8c5919d9252172b78cf0

  • SHA1

    1d791bd5fd1717197ffbfa50620eb0affd3f03cb

  • SHA256

    efbc2f1ea39a9e840c755820be8b50ee6a78ed604514980b984b9ab1ae18a97f

  • SHA512

    8b33cfe591d23c2bbea14cc54bcddbd8f25833a23ecbfbb2ef85f1a6757d15f93bba99f357d31306732e2b32dec7d01068bb3f0f814dd727b6797f5e60f8c9d8

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\New folder (2)\WebResources\Resource0\app1\index.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2024
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2024 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:552

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dc23fc120eb130a98c617fb7f163c1bf

    SHA1

    38c5e6bfe92910a99768c46fc29c6a1e22b874d9

    SHA256

    acea17c4d99fa302f73afb96e2bd34db41c504162d522befe6937e978d10a2aa

    SHA512

    c56e346a63572790ffe3cd827c0c04dd98ddaf1bed6ff4902b9dc9e4999db31b53dc0fd35f851fc56806fadac4d526878ce9571e5f76a240af69ac9c19e26f1f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3d5aceae32e72941c44e18e8d17ce1a7

    SHA1

    a56fa742ddb055eaceae03f5b4d8da21d6ce74d3

    SHA256

    39b1d4c7576ebd4a8164a54439f0512b5922f347f9b556397e1a8c3738b804a8

    SHA512

    732482e0f2e96398ea8a93b350ab2bcb645119d2fc82834960ca3f0dcf9af57c038d29eff59d1a8dededdddc512e12284c35ec73d9aaa4b764def55e02122a6a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3589ed33db1dc283ae5ec700c364bcd9

    SHA1

    d745368932b874fc8fbd30c8b623a45c1f5b6d1d

    SHA256

    81f8527c51b31bbb9cab681f1476dab2661bd01185f6096b2822abea7d7b9229

    SHA512

    53ef97478c26328f6a8ebb9ceab2af5d9b872ac0061d6e774fb7005cfe69b1eb3799cfb3e8dd5d05f320e4e40864777ae3bee75fff56e4058d74be56b932c6df

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    215bc6c8503de2c5326b92e589f06132

    SHA1

    d915afaba32de0decfa02a61f8ecb568173098fd

    SHA256

    2e7ece7bea02315e9fd0893b588f75ca9dd99f541dee1e8955e0dcc291dec0c0

    SHA512

    dafd1ced492553e04786a2a3a5c381c5e481a4f7fa41d19f1e58ecc6fbd1fc580787f7211dbe06c8787046691de7b67a1c3a55a38c647a3d5898cff9ce62c38d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    25efb348bed85ea27ec83cec413f458f

    SHA1

    3027200156604cca9b651c231d42689d62eab9df

    SHA256

    2e1dce1fd3eecd728618f32628d8ff55d4359e303431b3bc327ac2105d5e04d7

    SHA512

    43d11f9ee0f1d1c17950ab059cf23507d0ae433d684352ca0e0ab9ce35be99a27c5b8f9f3d00bfdbdd689a1f863c37e8fb4d0bc991c9fe1ebb74edbce0d3f54c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    df0909f923e5752bd12e37a64f13d982

    SHA1

    e15ec691646b35c810556101bf1efd6adce85e3d

    SHA256

    7b5b046bf5ba6cc9c21ae68fc786bde50b7480adac590180f133707e56163140

    SHA512

    408b81acc19835e09e35c5970b09bfdcac812b8a13db320fcd7063a1224273b5d20dde7a1c46e71db08de8673f15745d466742518b7399c8f384d6f0fb606747

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    63b039bd449b049caa1cc8724d3d3688

    SHA1

    ff8d4c91a6d40888fdbf07605e792470a4cd1e12

    SHA256

    9896ae6f205e8ec88751ff9bc89a2da5daf10fe750615bf67fcbeccc8249d836

    SHA512

    2181649908aed9056e10c069f98869f2822f98612bcb71e48af3c578aaa14f37bc61761cab48b020745d9d2fe6312c14391670e86122860cc708ff9ac0476610

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    df3e16095b2888aa4c3bf167cce5aec3

    SHA1

    456976ca1750cc289cb1b69c0d258c98648db2b4

    SHA256

    f7fe94dcb124e0bf6da329d3f99510fd5a8b24a69fed405aeda177c25ae6cc2d

    SHA512

    bd9b6002dc100885cae8db61bf271a1fb26cd0a308b02d19c4d87591b00b453e048f9caa7832ec2418e54a7f9c7e032dbde1c30e9536c8c64a5f506fba691d90

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fa72b2e5b813a870a250dcfe4c4a663d

    SHA1

    4676723a77a1c990f74c0d6e253221ee53e4579c

    SHA256

    51c66d4da706623d0410639f28ba162838c2d37a74bbfa724c36aff24739133c

    SHA512

    9990ffae038066d8e0cf69664375858bda55ade1a0ab42a0ff9d619b67c7fc4eff5999616a8e4ef827622fef3a6a8467111ddf70bd3b0b6ee253625ba1cfb5de

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VQ77JNZF\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5F71.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6352.tmp
    Filesize

    161KB

    MD5

    be2bec6e8c5653136d3e72fe53c98aa3

    SHA1

    a8182d6db17c14671c3d5766c72e58d87c0810de

    SHA256

    1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

    SHA512

    0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\BXE2UISC.txt
    Filesize

    608B

    MD5

    9dafe114554163157cd48bee6013c4f3

    SHA1

    8e7d8af9fb559eb0c7cfdc0c61139eef17c1277c

    SHA256

    906fe496b338bbb79a706e83a85b01c4983e986a7b66b514b486caafcfc78eda

    SHA512

    feee5b88623f3bae9a94132ad1e11ab0587223ec9e8e2db09f4533c5b64cfc7e48611d9bd09a010627f021c6ecb76a5bfbb9c28f50767c87ca01d9e8bbffbc8f

    Download Submit