Overview

overview

5

Static

static

1

RE URGENTY...ng.zip

windows7-x64

1

RE URGENTY...ng.zip

windows10-2004-x64

1

RE URGENTY...ng.msg

windows7-x64

5

RE URGENTY...ng.msg

windows10-2004-x64

3

image001.png

windows7-x64

3

image001.png

windows10-2004-x64

3

image002.png

windows7-x64

3

image002.png

windows10-2004-x64

3

image003.gif

windows7-x64

1

image003.gif

windows10-2004-x64

1

Resubmissions

07-09-2023 19:52

230907-ylr68sdg9x 5

14-08-2023 03:55

230814-eg3bvsbc9t 5

Analysis

  • max time kernel
    117s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    14-08-2023 03:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    image003.gif

  • Size

    43B

  • MD5

    325472601571f31e1bf00674c368d335

  • SHA1

    2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a

  • SHA256

    b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

  • SHA512

    717ea0ff7f3f624c268eccb244e24ec1305ab21557abb3d6f1a7e183ff68a2d28f13d1d2af926c9ef6d1fb16dd8cbe34cd98cacf79091dddc7874dcee21ecfdc

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\image003.gif
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2140
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2140 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1820

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    771c3d9208f759f2215d4ce3c1fd00d4

    SHA1

    64aac5f47fbf53e46f7d2959c19707975d0f36a7

    SHA256

    6e5d8991b328c50e841593f1b66c8d2a24f3f811df2afb2eeec075622482ea0f

    SHA512

    dfc9077fabfb2151e63953a2f32835f9d0eda17b0294121d82ef4fd6a002212f323f123f77676141597ae9a4b97535def45ac9ea36ce904ad6e4a85424cdc9a3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a19e8998bb8444dea50b0e9a1a922dcc

    SHA1

    753788af88ad647aa0667dfcb7031b5cfe9f2fb4

    SHA256

    2877a26959c8b1ca9aaa278437a3102b5c7516ae606fcc84890f2b0ae8581a0c

    SHA512

    54ee870a3086683a9955e4abb49db32726c143af66f9f56da5badce440ff93c9615364ac3ba9878213ae8a8520e2aa08b26c510974cda1a64bcab8c42a9429d3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    668fb7500fcf8760c31310cb8a17d298

    SHA1

    889b53ef194fee44078a59e1b6011f17b47b3e5f

    SHA256

    ef74a9f530ffa5766e5af138b8201466118528b715e5178f8d824ad3705f546e

    SHA512

    991e8aeb2b70e81732068e027373b9ae09e2d8b7842d69387467f3655a935ba5a954c80f098df04091c4f296f5898f96f97567059021181c9d264b33d8eec8a8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    830b322eeb4fa0cf9046e0acb6d5a5ae

    SHA1

    fc1ab2d9ebbb5e8610e45ee3c03ac52de54aace2

    SHA256

    0dd26ff3cdb7e12f896eac4e69946c4112aefa01fdabee14f58c6a75d21a9a32

    SHA512

    9ea7e7638764cc124d64858cb4301e40a1b59502872b0d44e50bd07e4db016823fb9d6c6555fe86dd526e4cf697cbd14d17480d624199f003b764bd6756b2fd5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4554e2d7aecd13d2ca1e6211bdc359ad

    SHA1

    b0a03ae8179c5337ea195976dbf3c52a8e523461

    SHA256

    38ecc3d2b075b03ec06be546f0863805097faa8627526eb5835c2e57c598cf2d

    SHA512

    55c3ace3a571f14b187fd7a5d80aacae0c553bf13560e6b04fe1f95b829f8557628d60b173326f56e9def7bdc5d772ee09b2fd782febb9a789ef5f4058626ffc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    31c81df03ec3ff7426ade82c3eec5bf6

    SHA1

    e267a414f6c97e5e7cb172edf23468d6e7b13eff

    SHA256

    67642b11f72c8af1698f5c6abb9b62d66384720c93e8f1354bee9adb57a43b06

    SHA512

    1295a31f6f7175cff1ee2df1a0f57705dd482156eed10ba0cebd30210e7221ef0d717d9f974ef5f4cfd1c09d97eaa3519cfece91d4bf452e4ba442a299e4b6ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2b19887bef344eb73282a0a0e07f973f

    SHA1

    6d592d25bff7613f9fe5419d27ae1a41de06b4cc

    SHA256

    cb7475cb4e192d40bb6f42210b5a7695f321a13331cae6837214e1627269bf81

    SHA512

    99dbc611113519ee41a6a1a196ed8b6872e7f8f84dafa8cc16437d0cf847a20f4eadd35e6a18730244a2798b4befc2d61525febc5c889afef42bbe89786c4baa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9f62a5a1e9af0883def3e5b368a17687

    SHA1

    7bf2996f60e5d4d08babee7452101be82aaa2349

    SHA256

    72427296b609c24a6c13e5da5798250ea6d6cc47f0e5d10d5b687bbe3794ef60

    SHA512

    174fc18db70f8c266f19fcc1b3bc7272a1fa378ccdcc4f10790714a1028c181a53e4c783a785bb060a8049c7dcd6ae5917581fda9074efb51efaca01ca12c9ba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c084a690b0f586ef6f704bd24a923af0

    SHA1

    41618c88a8046f0d0f389f68eef6cd2716f87c08

    SHA256

    5ddc8a0c0ae51a42dd98eb8f1cb26e65368ef41ac586b1ab046b510262ed6bc0

    SHA512

    82d187d2feaaf9dee75a93e4fcc9146f5418868b63097f17b3e17add3b76af0d8d6cbbf316b7f551637088293802be5385be9c2b132faf0c133d90da8e514d0b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d9cb8dbbaeac970529ab939d1a9f0df9

    SHA1

    0a0e0dfc137f2e096eb395bad737d08370e9cd33

    SHA256

    25c8fba0c104281977052164230ada1f6a4684a76cb95d3c540a36ace37b796e

    SHA512

    99acd058538becb98afb1411807b2a27e29c257b0f80f9e5f3160e22705331a782ba163509f15b640177305c034bc10f8be817f114da9e0f8b31982a6c88ad1a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d05934eaf074fa6bb200e8f05a35c050

    SHA1

    330ff5d6ca6c727b4c8c84fea511fe90961a0ec4

    SHA256

    1465480824c236a24fcc5e912d2669f025e0044bd0001b31f42daf4ca09aaadc

    SHA512

    d2d3a438ebdac1709cb1eab7e9944e24c1eb5bef935ac611e850e13a358ba199bed1d3e6d5535b370cb6ad58d5f4386d491d019dcb682876cecc792e517d58a5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    892b139c3fdd0b4dfcd5b8c5e2b07c72

    SHA1

    09a7c418cf9b99de34856563d29f20cf05bd935e

    SHA256

    d8605485de9fff3db5b0efd4a3c620aa812c67053248d38227872a26658a8c3c

    SHA512

    10b9f560971c3f0276b858e870f06c2fcd23b737b02619d47a7e7963ce60407c75000e77d0b74f72f1fd84f9154dd98298fde6cc8490af8e289258342052cc26

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7b57e02c373f7ca0c81a0d36ab3cadc8

    SHA1

    cd1892cd64a9eb80ce99836f4f1ef1d0e0a77a8f

    SHA256

    1e785f23a749016bb0e47ebd4170107355ae7f93bed5ab1746dc22a67f4b0043

    SHA512

    772e4b6e5dbddc21384502ce83b366484c88b9a9c73e0c81ba058871f17d6d9c4b0bc1c7a21225db32fc4de6665780490ced3a7db0f5cbb15bbf679a350d9e4e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    510f09793c599dde8628ae42ed55f461

    SHA1

    68d5c64eca903c52698d2b47c314560688acc695

    SHA256

    ecefe83973ee4235380cf76a16e043b65e8448d402c861ce30a91ebb26b2a2bd

    SHA512

    ac439908943690b0c1608b715158767a2de113a5ada019e375d85093092513ee4bfb8a73dc7aa0dd46bfb21f18d877b1af2e60ba2ff789ff980d49f21b119480

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b5de5bb2cd5ba68ebd53146d1fa68aae

    SHA1

    83829221c441ae532063125346d71eab74ea3310

    SHA256

    cabdea4c72941be63e6a15a611db09505665b5b4edf1585466f46e2cd97684f6

    SHA512

    5c0f9c2e3f3f07cf63519a2a180bc04fb3d05be28b3e2e6e0a207e65f24c6901adf97085e9e05a6fc7676e8bcf10aa43adf11ed6d20eb9b8dc25aebbdd63f90f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2b739c6b49dac4da2149b6d62518241d

    SHA1

    6dd355604e7c80845aadd5cecb408386c739fe55

    SHA256

    c6ee5bcbe82f70a0f9ca7887a9715519b7a00b8655054c3d2123dab29d193a90

    SHA512

    03b803e3fa624a4570ed4fccdc546ebe4b31048d37b720e07ccdb8d92851cd86202201d664f2328d9669b535202b43c19d8b76b7ea269e833a5845879883416d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    269964e062eea0e495e765410e68fa5a

    SHA1

    65be2f3d967f22f5d5bba5cfc854635cb2307842

    SHA256

    43cfe6914babcfe44c184d07dbc4c436ff6df1328094f8c286fab913ac20d199

    SHA512

    f9fa1b3413cdec0ada7f1951bd451598b1bac640e61538e1880c329085ab867e524c013d59c1e9efa89ce8eb25fed0d1d2725a3cef96e7c8033ea982bca270cd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab96C6.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9765.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit