Overview

overview

7

Static

static

4

var www ht...r.html

windows10-2004-x64

1

var www ht...a.html

windows10-2004-x64

1

var www ht...x.html

windows10-2004-x64

1

var www ht...g.html

windows10-2004-x64

1

var www ht...3.html

windows10-2004-x64

1

var www ht...e3.xml

windows10-2004-x64

3

var www ht...ase.js

windows10-2004-x64

1

var www ht...b5a.js

windows10-2004-x64

1

var www ht...b5a.js

windows10-2004-x64

1

var www ht...b5a.js

windows10-2004-x64

1

var www ht...b5a.js

windows10-2004-x64

1

var www ht...b5a.js

windows10-2004-x64

1

var www ht...b5a.js

windows10-2004-x64

1

var www ht...b5a.js

windows10-2004-x64

1

var www ht...b5a.js

windows10-2004-x64

1

var www ht...b5a.js

windows10-2004-x64

1

var www ht...-1.pdf

windows10-2004-x64

1

var www ht...ed.pdf

windows10-2004-x64

1

var www ht...ka.pdf

windows10-2004-x64

1

var www ht...CH.exe

windows10-2004-x64

7

var www ht...is.exe

windows10-2004-x64

1

var www ht...des.js

windows10-2004-x64

1

var www ht...css.js

windows10-2004-x64

1

var www ht...js/.js

windows10-2004-x64

1

var www ht...30a.js

windows10-2004-x64

1

var www ht...a5f.js

windows10-2004-x64

1

var www ht...b5a.js

windows10-2004-x64

1

var www ht...son.js

windows10-2004-x64

1

var www ht...x.html

windows10-2004-x64

1

var www ht...bed.js

windows10-2004-x64

1

var www ht...c.html

windows10-2004-x64

1

var www ht...0.html

windows10-2004-x64

1

Analysis

  • max time kernel
    144s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19-07-2023 21:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    var www html kemhan/wp-content/themes/menhan/fonts/fontawesome-webfont93e3.xml

  • Size

    347KB

  • MD5

    76a4f23c6be74fd309e0d0fd2c27a5de

  • SHA1

    2b3c8ba7008cc014d8fb37abc6f9f49aeda83824

  • SHA256

    7414288c272f6cc10304aa18e89bf24fb30f40afd644623f425c2c3d71fbe06a

  • SHA512

    b0bde727e026bef3051ed0c98d3b315a7d72a421036628490b3a11c56276bc9d4c8c8c8d608463609550bb94eab7cb5f3216d93682053657abe1f7e01b287f3e

  • SSDEEP

    3072:Unw+ubvqCDOzA5vK+jRwXxSbs3cMrNKyOATzr3Omq2OE+unSGwd:VNlFyGL

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs

Processes

  • C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE
    "C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE" /verb open "C:\Users\Admin\AppData\Local\Temp\var www html kemhan\wp-content\themes\menhan\fonts\fontawesome-webfont93e3.xml"
    1⤵
      PID:3952
      • C:\Windows\system32\WerFault.exe
        C:\Windows\system32\WerFault.exe -u -p 3952 -s 448
        2⤵
        • Program crash
        PID:4424
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -pss -s 432 -p 3952 -ip 3952
      1⤵
        PID:4364

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/3952-133-0x00007FFBD34D0000-0x00007FFBD34E0000-memory.dmp

        Filesize

        64KB

        Download

      • memory/3952-134-0x00007FFC13450000-0x00007FFC13645000-memory.dmp

        Filesize

        2.0MB

        Download

      • memory/3952-135-0x00007FFC13450000-0x00007FFC13645000-memory.dmp

        Filesize

        2.0MB

        Download

      • memory/3952-136-0x00007FFC10FA0000-0x00007FFC11269000-memory.dmp

        Filesize

        2.8MB

        Download

      • memory/3952-137-0x00007FFBD34D0000-0x00007FFBD34E0000-memory.dmp

        Filesize

        64KB

        Download

      • memory/3952-138-0x00007FFC13450000-0x00007FFC13645000-memory.dmp

        Filesize

        2.0MB

        Download