Overview

overview

4

Static

static

3

SWIXY.exe

windows7-x64

1

SWIXY.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    150s
  • max time network
    164s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    20/07/2023, 08:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SWIXY.exe

  • Size

    9.6MB

  • MD5

    1a43ca8da2411e9ac8273cbfe3f2d03f

  • SHA1

    11db8cf8ca6bf5719c16f2fe7c98c7bb1d3925dc

  • SHA256

    cae9f4e5ed92aca3a3769d6c9eb148eb8f145ecfc89e79941344a27cec432647

  • SHA512

    de17685aaec6b587ff762441065719c75b13990604c840205ea3627cf59f7508848fe087d73d14d6654747896af5ecaf0086292afbe08ddaaf949415699033a3

  • SSDEEP

    196608:pSvXqnGazRpON38lYaLb8g1P/ItIytGfqowfRkfhhvizcjcrTuDV6S9kV:pSvaGa1YNrW8gN/IyvioRZOUcrTuDwuU

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 37 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\SWIXY.exe
    "C:\Users\Admin\AppData\Local\Temp\SWIXY.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1612
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" https://bell-sw.com/pages/downloads/?version=java-8-lts&os=Windows&package=jre-full
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2292
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2292 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2604

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    d4ce6d8728c16c4db06a305218fedc8c

    SHA1

    449db8de27f17c562351e9d9bf077e8ba0aa67af

    SHA256

    53533e2c128a2a4d0e40f5768fdbbc5ea8718285b1ff504a0251791ccbde0e4b

    SHA512

    cc399143a03b6ff8d6b927dd19ef2d8e96a150033a165f14cae0852767a29cba70d2d4e56631fd772a2d479da0fdc583a9039770b6443f40f321e7d6ee6cac2e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    81f7c182630fc2f7d85e69972e83fd01

    SHA1

    c7dfe3ab2197ddc93c9c8e674a9a7d7d24ea2d69

    SHA256

    22189b16e1130bc61fb94c7070d0b3321b47c9c2f775b58c12b9e01a7d57434c

    SHA512

    47ce2c2653d837f25b71073d5ccea2050825298978bc1a0d53bd3ca3be3ab91187651c41fc0cb983e166dfc2b89d258f27f9774fa5f1ef191de3318bdbd542f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    7c0e1216f132d21b6055b2e3ee4e22bb

    SHA1

    e0ef6d7487feffe670eff4a5d937723afe6197d5

    SHA256

    c0c8296c43e17a681f6cc774a2699a26881475a79b9953af565cba41d6e05993

    SHA512

    270a60eb7cc98c1a083b74dffc642ad5aa40a4edd5e4ce644c2fa3c6b6e34d979f1334482d26e28f5ba5d40e8db1a7e6e27d9077da70281693810a3392937fad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    266e5abee26440492a19a4d932eceeee

    SHA1

    5c7794cde09d5f26e332177b10e8233608ee9596

    SHA256

    56b276097944a3330a217ac27ac3ee727d474609ea3be9419d66e7f9ce886662

    SHA512

    db69565a22441e720a3807c3293cad949424f5f67265519da17b5870c36d5a7773da7d9ea38a52a6eab25c763ebe10c738d41808f112d712a72ad326827233c1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    f4cb895dfe12880c6a3b4af1cd0156d2

    SHA1

    3fb48762e5943400b09acd9cf04a7eddf909eafb

    SHA256

    74280159d152cd7c0af1d0d887c3333756438bace3ca474c232ffbfa60f38f62

    SHA512

    3c8f28e5c758279724cdb67ba3f07e6913603e685b2aa4dfd7ec560f08951833cdb6eb1c9e9c36fb4dbe2adb9a6554c678e8e31e5889567fe93b231ed42c553c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    416ce0c4376f96f818fb94b823f278f7

    SHA1

    95dd170ec06547a4d236d2c43e609deecb28801c

    SHA256

    f4436b1216a6e03d2741b219f0670742a605beaee9c138a632b4c05252780bc3

    SHA512

    681971477ddf7566565005171efa58829b83434b3750533f7438c29a4f90a46f3f9bcecfc672a482557d52ac16a7381bb6d2025c73567035cc5b7e4102d1ff6b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    0fc7951a7b412357a545adf9a29f8507

    SHA1

    64f666783a5bc48a504a60f2bcab8fdbf16f18cb

    SHA256

    92218732e47815417d00b06d203933e624e8878ecff775c75ef9b17e5702e66f

    SHA512

    a10f400ae71b067e33558c06fa3ac47bf70f6d4237220f9d5713d15cc4780e2808c1ad9acc8f50a5ccfcbf3a10179d01f9a63a66e4592727c1792bf3573428bd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    cd07ea30576e003e583999a2d2209a58

    SHA1

    71705d6893840f2b80a0b81769a795eec281f996

    SHA256

    10e3b0a816f356d1aa16385cfc7f7965abe7670c8848343334c7e2f6f77244fd

    SHA512

    aa355be288fb8cbcb552260cd904d48837d1126e971c7c5bb58f97bb7ed65f7bc023bc98f727255af78ce48fdf4b89227ddb8afeda2e195bce20593c485199a2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    84a2794564d25cd52da2ae8e2c853978

    SHA1

    d38f4ec312cace8605b52696efcb4dfcd8344d56

    SHA256

    392ca064bb27c9aa3970c859064af841cba14c5b392de7acf04302504b6a69b1

    SHA512

    34dbde75c326d22fa0ec210ee63cb50c1256ac2a04b6f9a32ba0cd76f009448ad027aa3522d0e020d4afb3aa8c10f94ac1cae8f5138a1994c6e937222d6edaeb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    174bb3926c879073a12a7dda6b3bce39

    SHA1

    fc8fcbc6e4e965b4540d0b5506b1936736d0cf2c

    SHA256

    911ac745963397dfba10dd3ef8029198ec6ee5bf37b42cd3c89e181763bb5e12

    SHA512

    15e46d3a5de319215cde5f7c0c1e0bdc9a10739f4dedb2750ac3f747f75240a3c5ab7cc886d03d263421f9cba8d2f4b6fcd684818f861bc85017d08d74928ebe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    4e9a5a3c470d5709134cbbebb2a44941

    SHA1

    33008c0a213708334498a9d069208adef7a31af0

    SHA256

    644446410a14cecf5716a3e5d81252a3cf9c47c50ae64e006b3423bd4f441956

    SHA512

    51675ef65dbf95030f39dfd2de9f9f27c225dd8350db99ca6c3c179b88e5479b7f5f006cab59dc4e39f0fd56c3375b8fb744df30f697ee4f201b3a36e68b6788

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    a9ded782d5d416874974d6c6dc76a198

    SHA1

    0b319500312bdf705344b3ce7d6deacb32093d43

    SHA256

    70c0c879eb653fa05c65a69093da87399449b8d1b5e750c7e2da5dc53cc062a4

    SHA512

    6a2ff395c658408ec9093f7637c7f499f39f5a504f68291e00608c6e8a30614b80d2c4bc2743fe9eeaf69d92ac34f2493ce0f5962bee46cfeeaed14b2ec864d3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    32ae343583cd4b34e244788d35fb27f3

    SHA1

    54537559833b430f0d05ced40fec006c294a5eea

    SHA256

    ce42612667003711ca3e17a3d1dd53f837e1631e0a95b5823adc72176310d9af

    SHA512

    fb61706d25352dacaeab6132c28608dd8989b1906177035ebecfbf99394b5f8a15bc54018b23fb8e800960bd322fc743016dc337533ffd05456b93d288b4dc3a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    3ddec3888c3848a994930f128f644967

    SHA1

    9481d095c15cc154f18c20a8838012bd24324082

    SHA256

    8bae7bc058154190bfa393f6c58e8ccf06d099b98356b8a5579749a69e1edaa8

    SHA512

    c6324d4b253b2e1c9f807193ed7483037dbd8caa24a853ca3e35507ce3cedfb407538e52a6e7e70d80fae82cb82bab899a57dcac2cf05bbaae9c794e15c7972f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    9cf2331568529f2c3b27f3022adadf65

    SHA1

    3a06ed96eeac7027dd92103086a8878cc056695f

    SHA256

    3f7b86763befd8e734ffc2f6c534cf2729c7276c00cb9a548747c70d47223742

    SHA512

    2bfb0a477505a687ff1d22933c88140493b240c5820d8571e595511acfcab6b3263faa1b78d20a74303076b90fdcca317b26286f9b9abb5b8ebb7da32d4085b5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    00ce06c2757decd10d4ec523636a3f37

    SHA1

    828de7486df7144a4839a930f359a0bac1f675cf

    SHA256

    4e07685adc1f60c88abda7c0804da135205eea67263c4e5453c111971b678445

    SHA512

    7270a8ed522544f1d214cabb654c423da395736ee87bd7743985e99f179d16dea84c79b1221ec2730afd0494973b02655837644fd5374fbd5f064dafee0db512

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    6f22bee75e2207406598e9d24bf63670

    SHA1

    0cb2ef57c0159c2af21f3a006ddc14a8ead1f03f

    SHA256

    702521b3fbb1be49d4c26c08c254381068599a3fdedcbf9b8fd5c5e761c9dfe9

    SHA512

    3b0e5051690bb508fd3fb875546f62c8327883729d0a9bc8f8b8d926cb96f28a4947d7701e65b097b8ca322c7325600067867e55ed24296e2f8f31688339f2ae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    b0c12792d7eef0b426b7e5c5882a39b8

    SHA1

    2ad2a094694af1167eb12bedda8868fa84a5dc17

    SHA256

    b4cbafe6ceab9309de2a7fae5ddeb1fff8936a158c8388a0ae482c506c5b026d

    SHA512

    2a2b33cd7387793feef3de82464b8eb161a616372aecdfd55f41f98410631271ef244a40348218eb73c9565603565265006d1ae4bc50479037d581b373ab266f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    65e39845d68304993d6ed6ba45483059

    SHA1

    d67a0a3abd90cf1b794fb17457c437eba5cd3265

    SHA256

    7fe759287931e147082cacdb2373cd8014bfeb5d3a194764580aff91f2d12365

    SHA512

    9b77e3f92d3729088a7a6da63b1d072ef3b28951a9b8bdf2bab7a1a5d0b709f6636ac51d4b5f1e747d53be93659d88588de0a0ff9f0a77dd96cf7543459d739d

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H1823X4Y\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab34B8.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3DC1.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\CIYBJTDN.txt
    Filesize

    601B

    MD5

    85b9be8a398d9c134b42b495a16fa380

    SHA1

    e4544587ef6cdb7947463b07592358297717849a

    SHA256

    ff8e37ecccce46829f79c359db2e6727c90a0d47f9e6d345fbc9bb7b70843c22

    SHA512

    ddc9fe2afaa16d92894a1c1bd8ceae46371814c0af39948244ce838aacfc471d13a663a707424b7ba22709acfccccd23956d9cf7fb1678eab8163a6a898fcc0e

    Download Submit

  • memory/1612-54-0x0000000000400000-0x0000000000422000-memory.dmp

    Filesize

    136KB

    Download