Overview

overview

3

Static

static

1

bg/background.html

windows7-x64

1

bg/background.html

windows10-2004-x64

1

bg/background.js

windows7-x64

1

bg/background.js

windows10-2004-x64

1

config.js

windows7-x64

1

config.js

windows10-2004-x64

1

content_sc...ack.js

windows7-x64

1

content_sc...ack.js

windows10-2004-x64

1

frame/frame.html

windows7-x64

1

frame/frame.html

windows10-2004-x64

1

frame/frame.js

windows7-x64

1

frame/frame.js

windows10-2004-x64

1

helpers/alert.js

windows7-x64

1

helpers/alert.js

windows10-2004-x64

1

helpers/sa...ing.js

windows7-x64

1

helpers/sa...ing.js

windows10-2004-x64

1

helpers/utils.js

windows7-x64

1

helpers/utils.js

windows10-2004-x64

1

img/logo.xml

windows7-x64

1

img/logo.xml

windows10-2004-x64

1

img/safe-b...on.xml

windows7-x64

1

img/safe-b...on.xml

windows10-2004-x64

1

jquery/jqu...min.js

windows7-x64

1

jquery/jqu...min.js

windows10-2004-x64

1

manifest.json

windows7-x64

3

manifest.json

windows10-2004-x64

3

popup/popup.html

windows7-x64

1

popup/popup.html

windows10-2004-x64

1

popup/popup.js

windows7-x64

1

popup/popup.js

windows10-2004-x64

1

unsafeDomains.json

windows7-x64

3

unsafeDomains.json

windows10-2004-x64

3

Analysis

  • max time kernel
    100s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20230703-en
  • resource tags

    arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
  • submitted
    09-07-2023 14:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    frame/frame.html

  • Size

    2KB

  • MD5

    2c8a3cf06fb229986e73afe47f3f0ed4

  • SHA1

    a0e9c1d60784fd52ae33881079525bdf32c37216

  • SHA256

    9279a57f438c41816be6515ca740f03dc3d5a3d01cb36405fea95bf5b1ac6612

  • SHA512

    8cceff055ad794e331d400365abfdca26e17fe79c7386dd6c52d746ca18c503a29efcb1bdacc78c7093ff08cfdfbe4cdffac12ddd623798e6c5ac4a214584050

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\frame\frame.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2088
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2088 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:620

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    75208b1ad17da61eb36473484d994b0c

    SHA1

    ffe2eefd0d0eba47f5a08eef3f73ad288cd2304b

    SHA256

    4188d43829d1e8be4c2f1d5357a89fb2787eceb6d7447efb979bd8b3e7a8f1cf

    SHA512

    22fc3c4f6d8f247578989ae519daf3d1739c572a57551e078f621fb0c35e41d49fdc5bf1ca3ccc854bd1be8baac562ac8ab0744525fc53b0833a988dc20c0615

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1efab810191f4124f3b7e6e8c0ebe625

    SHA1

    dd67836695e1e618d23a31683f084872b35a803a

    SHA256

    b10cdfadf1780b16585bbd22132e356ce41ac29c29a5a12bf17033a6f40bd2bc

    SHA512

    76e947c78abe7532c23c6a95097a291566fe358f114c43eee154df10d31e05472661992217c3345e64dfe09bf5ee3310555cbda7f51d53ba1f064d5e5ea38b6e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1a5dc9dccefa5d06f8ae86afb0abca40

    SHA1

    e49f49e0cc1716f123c3be16a609d79a2c4264ec

    SHA256

    84bda32abb1bd96fbcf0c7fa98e0a1536134c1be411e0ea3f8a2aaddbdfbd249

    SHA512

    6bf4e0d7fb37de0c6d9ae8089cceb456c4517a420cd9dd01e2d453d7eac6097b06b071bcd96483047342b8b460f96ad54c03c89fb01ff871886ae087a7131213

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    aed7bcb8901fe51a663a58c9be69d93a

    SHA1

    d2eb40fcd42f3ac474e08c2e1221217bdfd8bcbc

    SHA256

    007aca16b5a2d907446c3275a5c6869f836ba3948be208432a2b6f83e3df0c91

    SHA512

    1d81011d5220e08f68915824e0a1fb8fc4c9c649ace009b41be3b385aee452585f58a8b135ba330214dadfae2e75bbe2e7ab50ab3084a427b9d91146cd25aaa3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    acb421cacc7a9f66132e58142bcf7bfc

    SHA1

    5233c997f1dca831ef7e9a8996835f81cb0bb2d2

    SHA256

    3ee656ee0fb3a816bc6dd18ace18c1b99bad5582795fb06113e19465e9dd41d6

    SHA512

    0dc008e93b2357eccd25b7128b0ab86632a3015414532de7a24f68af29745487042c0102a283866663df4619e3f4f74c1f3cfce163251c54c0e43d7d3ebcda58

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bed776d96d0df37ab5a55f84c877f467

    SHA1

    a8130dd416c2ee96dd4352522814eecdd97c163f

    SHA256

    918df35b004263eebc194852d828553bb57ff32f5e540f6ec75741bb80d3ded9

    SHA512

    82ddc3a4f1792fb6458e549d140c6397dc32e7c1edf7add9586caca4272027f2eedcf176cf8629c40f5273c7c37194382aee3ac18f1e298b508b66adfd614fd1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fd8298231016b54d58945935d426043f

    SHA1

    22c739aae2ecb6b8ec5b70ff32957745510e6911

    SHA256

    f83f832a8df2fc0e3f80e062d851aa155f4e095d22e96fe8e1ad9a6e43547a6b

    SHA512

    e3d852296a91f0453116ba2c5832d4b522dc8fcddb9b683683a66d9df05f8d05f068168b28b630dba7327e61557b75f1a844463ccc35c512628eea90b614d8de

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c22323deef5d194c26a8492bead6a198

    SHA1

    edebc4af4c5d38f36d3cfe34049e985fa554004a

    SHA256

    4168ed6afa3f5ad45ecf47a31fd152dd43d311e21b4bc38eb95a61caa1e17017

    SHA512

    f38d11e650ef88a42dae72af2156353d289e2dea92753ea2f297fe5c0f40b11faf34b2be5414e8f57ab23f162243c6b3f7bf8eb385074ea6937f7a2e1076c962

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3ad36ad0256308b620cece7493fc39a9

    SHA1

    a080f6dad8eb8699dc48810ab1c286c4cb9948df

    SHA256

    ab7ea3660a301194e73519b34acb3d11a0ebf2c56c322d05ba44f54931ceab84

    SHA512

    282b926c9cd6d1666fd7392f06f096ae03d3eda85d51c7eb3f7964f02e3c110fd14e7c8290036c3abbceb3f525e0e4ced2507c6c65359ae238ce5eddc9cbf618

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\00ANKNIC\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab51BA.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar51BD.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\H94D9NUL.txt
    Filesize

    596B

    MD5

    997805300f30984a1b8bb3c08d71562e

    SHA1

    fbd0aa4fb24dcbffbc70f551830ccba7dfe4a604

    SHA256

    8f7c253a8e2da88a20e27f3d3ca47a6bfec98cdf2d6e0406afb5902e57c29131

    SHA512

    7d7f1caa120de00f6b437f1d0eeff59b427ea698ab5e2f1235fcaf40100f7c75a7af5af974b54ac2799a90976aa648746d1a8fb8c9d843f2e9bc97f8f9ff6479

    Download Submit