Overview

overview

3

Static

static

1

bg/background.html

windows7-x64

1

bg/background.html

windows10-2004-x64

1

bg/background.js

windows7-x64

1

bg/background.js

windows10-2004-x64

1

config.js

windows7-x64

1

config.js

windows10-2004-x64

1

content_sc...ack.js

windows7-x64

1

content_sc...ack.js

windows10-2004-x64

1

frame/frame.html

windows7-x64

1

frame/frame.html

windows10-2004-x64

1

frame/frame.js

windows7-x64

1

frame/frame.js

windows10-2004-x64

1

helpers/alert.js

windows7-x64

1

helpers/alert.js

windows10-2004-x64

1

helpers/sa...ing.js

windows7-x64

1

helpers/sa...ing.js

windows10-2004-x64

1

helpers/utils.js

windows7-x64

1

helpers/utils.js

windows10-2004-x64

1

img/logo.xml

windows7-x64

1

img/logo.xml

windows10-2004-x64

1

img/safe-b...on.xml

windows7-x64

1

img/safe-b...on.xml

windows10-2004-x64

1

jquery/jqu...min.js

windows7-x64

1

jquery/jqu...min.js

windows10-2004-x64

1

manifest.json

windows7-x64

3

manifest.json

windows10-2004-x64

3

popup/popup.html

windows7-x64

1

popup/popup.html

windows10-2004-x64

1

popup/popup.js

windows7-x64

1

popup/popup.js

windows10-2004-x64

1

unsafeDomains.json

windows7-x64

3

unsafeDomains.json

windows10-2004-x64

3

Analysis

  • max time kernel
    147s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20230703-en
  • resource tags

    arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
  • submitted
    09-07-2023 14:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    popup/popup.html

  • Size

    1KB

  • MD5

    efa459e015b5d5a24c2bd4f99ea3316b

  • SHA1

    498cd998c730a19132cb180b1a276100f10b9db3

  • SHA256

    523a7330b34ce3434d765ef05a678ddd17a93b9a16c1ba384922c581c7110173

  • SHA512

    18661ae22d4aac74f9e4593762092b92752b7eb59176705b3214de762fda89690cffd1389f6870091fd3312b3d6fd29099db1c03c6b1a52f00242c52e7c1c556

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\popup\popup.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2172
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2172 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2352

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f7131aa6f18c396650314a4f78de0c35

    SHA1

    31e7f8d4f9d6a77fe7bfcf6a4fa97ab616906510

    SHA256

    069b994a08326cd30df4eaa2539c39c316ad0ebd767c4d15af3bef1befcab7fb

    SHA512

    3b9f1ca86f0b70f542ab3c2b8162eb1c9bc3dbeba552d5034f8430ada6b54e69c658301225e9bd6b066c571fa5c1dc42857025e5c7d8cd59eb04a487bc6e3e98

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fe49f99698f963b5fd576ff9e5705bd0

    SHA1

    b1cf3cad27923da40a40d89326b6fee5f10edd7b

    SHA256

    783e3b66d8bdfc90b3f46fda461af891dd91f7225f7e906bbbeed0bc74bc1f97

    SHA512

    64742c099c63b074af809f6b8c52890a1165db86e6b0d7cd47a329066fbeef6d4adbe17721bc205b05a2bb433021895fdb55780334bf16f9c34a66504a0a92e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f2e7cf472740cec85f3897f4403b428e

    SHA1

    ffbf62c5b44edd48dcd34aefc2db21cc917e5ee6

    SHA256

    0e76b913bcc17c49127f375dc8c99014196972696c8682e19564b37efacc0293

    SHA512

    a46e6c5e92467c4978d9f5e72d36382f93974885af9986e5ffd65539e476c69a54fc3de0330a3514f3fed48a6c222796127d39d12732f3a1746243d0cba10c71

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    96461b8cc7febb29d5df7466c1d799d2

    SHA1

    fdbf1595662766d2f1692ee5b11bc04eef5c114b

    SHA256

    63e6cd263d1cf43fa3e51d855d0361348c74432e6a1d1492c8825f489d9ba51e

    SHA512

    4d1b121c11ebbae5901092d728200dba3e2f1ebee3c6a78b97a7e087ce207da0e137a706155f8c9229a4d5ca31fa4104d3a51abd9bf0e468ea1b2da207a96ffb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a62542e7c3165bd2898c6c1f14dea7cf

    SHA1

    31accf4923d063631dabbeaa4ea4c784d55daa93

    SHA256

    56a5cd6a5be25d567dcd83d4934c6d0d2ee03a3645e810d61f67f839761e87fd

    SHA512

    0647a97a61b9b9dcbebd08cd1c6d435393ad88ecc9c0d1c4c10005a121711b791ef912a9a5288bdb33e44a0e1caddbb5bf0038824b843664d9665efbbb560b16

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d3fd513191359d95dbbb2504fad3395a

    SHA1

    ba436578511afd6ba7f9101994b730eb7aaab104

    SHA256

    6ab8b2605af52ab5aad45d725133ac115a2d7661b8e5292b665acd4103bdfc2c

    SHA512

    f9d47b0a70da9d5b337f41c8484887750d45614c3d2087f7a06fe2072cdf318e4fafda7a85c133d71a8952fa8f1165ea0c0390170dda5090a022251807efa9dd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8f8a248d66ca8af7edef44850a5a0d39

    SHA1

    daaca74f3ddfc9500d7674a15b2e19c153422035

    SHA256

    d08003b59ba79fa88d9e5ed21e20acc3de190c2c21a48d2c53aad4712b46b8b2

    SHA512

    d36e912a9e0a9088036051f04868ec3271005729d0bb27a420e82ad2a1158117289c5ce4751fc7332d38362fe7381097c7f3d91a405b467cf46daf2c0c80fceb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6b021db78b40d1d9684134dec85816f3

    SHA1

    c5f19a0fbc2519c4142865fa8f5fd98d96c010c7

    SHA256

    48032ea67bc91a6d825e009452acdd2a2a7e0e41057e21ced1c633082e28ea8d

    SHA512

    55a8ea073a9a28bf3a98189cb72fd000881c9bcb50c3cbbf43b52f847599f59f74f26bcff4b398f3738713b963b97407864b4849442ee7d72d8c9d8052c57214

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    47c90a67d69223ee63b316e44c814969

    SHA1

    d1c0173dbf502de8098be37c7bbb69b62a03ff33

    SHA256

    a9cc18e552f4d36c0c8a3573dfb7c2240acd98f67dddcfee7805571844c751eb

    SHA512

    d788733fda4ed061c68f69e6d1779f068d78019b7b33bcabd9dde5862ee5cdc0d178c4d06b3425664247839d6e5022941f17083d9880211b774e77e3c9b6566a

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S593MPCP\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab4426.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar46D7.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\0IUQY6ID.txt
    Filesize

    598B

    MD5

    941306a82405b98eeac2bd0e850ffa9c

    SHA1

    bdc0e669f06f253dd0e20a1b2a211cc51d56df8a

    SHA256

    3e68803d2a327c119fc63a20666de886d38c79d3f56cb82a06e6d3285cc1521b

    SHA512

    c6f6bca9cd4a42a6ee95dc100fe2ca7d9e0a7394710bb9d949a11d92a45b32c2f8c837be10cda0ee6e72e326c6db00f69348b232d2610e2b1bd753379044a210

    Download Submit