Overview

overview

5

Static

static

4

var www ht...api.js

windows7-x64

1

var www ht...api.js

windows10-2004-x64

1

var www ht...a.html

windows7-x64

1

var www ht...a.html

windows10-2004-x64

1

var www ht...x.html

windows7-x64

1

var www ht...x.html

windows10-2004-x64

1

var www ht...g.html

windows7-x64

1

var www ht...g.html

windows10-2004-x64

1

var www ht...3.html

windows7-x64

1

var www ht...3.html

windows10-2004-x64

1

var www ht...e3.xml

windows7-x64

1

var www ht...e3.xml

windows10-2004-x64

3

var www ht...ase.js

windows7-x64

1

var www ht...ase.js

windows10-2004-x64

1

var www ht...b5a.js

windows7-x64

1

var www ht...b5a.js

windows10-2004-x64

1

var www ht...b5a.js

windows7-x64

1

var www ht...b5a.js

windows10-2004-x64

1

var www ht...b5a.js

windows7-x64

1

var www ht...b5a.js

windows10-2004-x64

1

var www ht...b5a.js

windows7-x64

1

var www ht...b5a.js

windows10-2004-x64

1

var www ht...b5a.js

windows7-x64

1

var www ht...b5a.js

windows10-2004-x64

1

var www ht...b5a.js

windows7-x64

1

var www ht...b5a.js

windows10-2004-x64

1

var www ht...b5a.js

windows7-x64

1

var www ht...b5a.js

windows10-2004-x64

1

var www ht...b5a.js

windows7-x64

1

var www ht...b5a.js

windows10-2004-x64

1

var www ht...b5a.js

windows7-x64

1

var www ht...b5a.js

windows10-2004-x64

5

Resubmissions

19-07-2023 21:16

230719-z4frlabb95 4

19-07-2023 21:13

230719-z2sndabb89 5

11-11-2022 04:56

221111-fkt1bsbcbk 5

Analysis

  • max time kernel
    124s
  • max time network
    132s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19-07-2023 21:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    var www html kemhan/wp-content/themes/menhan/fonts/fontawesome-webfont93e3.xml

  • Size

    347KB

  • MD5

    76a4f23c6be74fd309e0d0fd2c27a5de

  • SHA1

    2b3c8ba7008cc014d8fb37abc6f9f49aeda83824

  • SHA256

    7414288c272f6cc10304aa18e89bf24fb30f40afd644623f425c2c3d71fbe06a

  • SHA512

    b0bde727e026bef3051ed0c98d3b315a7d72a421036628490b3a11c56276bc9d4c8c8c8d608463609550bb94eab7cb5f3216d93682053657abe1f7e01b287f3e

  • SSDEEP

    3072:Unw+ubvqCDOzA5vK+jRwXxSbs3cMrNKyOATzr3Omq2OE+unSGwd:VNlFyGL

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs

Processes

  • C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE
    "C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE" /verb open "C:\Users\Admin\AppData\Local\Temp\var www html kemhan\wp-content\themes\menhan\fonts\fontawesome-webfont93e3.xml"
    1⤵
      PID:4228
      • C:\Windows\system32\WerFault.exe
        C:\Windows\system32\WerFault.exe -u -p 4228 -s 448
        2⤵
        • Program crash
        PID:3660
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -pss -s 408 -p 4228 -ip 4228
      1⤵
        PID:4708

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/4228-134-0x00007FFBB4D30000-0x00007FFBB4F25000-memory.dmp

        Filesize

        2.0MB

        Download

      • memory/4228-133-0x00007FFB74DB0000-0x00007FFB74DC0000-memory.dmp

        Filesize

        64KB

        Download

      • memory/4228-135-0x00007FFBB4D30000-0x00007FFBB4F25000-memory.dmp

        Filesize

        2.0MB

        Download

      • memory/4228-136-0x00007FFBB4D30000-0x00007FFBB4F25000-memory.dmp

        Filesize

        2.0MB

        Download

      • memory/4228-137-0x00007FFBB2760000-0x00007FFBB2A29000-memory.dmp

        Filesize

        2.8MB

        Download

      • memory/4228-138-0x00007FFB74DB0000-0x00007FFB74DC0000-memory.dmp

        Filesize

        64KB

        Download

      • memory/4228-139-0x00007FFBB4D30000-0x00007FFBB4F25000-memory.dmp

        Filesize

        2.0MB

        Download