Overview

overview

7

Static

static

1

Leaks.rar

windows7-x64

3

Leaks.rar

windows10-2004-x64

3

PREMIUM PH...ES.txt

windows7-x64

1

PREMIUM PH...ES.txt

windows10-2004-x64

1

Shopify Themes.zip

windows7-x64

1

Shopify Themes.zip

windows10-2004-x64

1

Shopyfy Th...me.zip

windows7-x64

1

Shopyfy Th...me.zip

windows10-2004-x64

1

Aaron - Fa...13.zip

windows7-x64

1

Aaron - Fa...13.zip

windows10-2004-x64

1

Aaron.zip

windows7-x64

1

Aaron.zip

windows10-2004-x64

1

Documentat...to.css

windows7-x64

3

Documentat...to.css

windows10-2004-x64

7

Documentat..._store

windows7-x64

3

Documentat..._store

windows10-2004-x64

3

Documentat.../1.jpg

windows7-x64

3

Documentat.../1.jpg

windows10-2004-x64

3

Documentat.../2.jpg

windows7-x64

3

Documentat.../2.jpg

windows10-2004-x64

3

Documentat.../3.jpg

windows7-x64

3

Documentat.../3.jpg

windows10-2004-x64

3

Documentat.../4.jpg

windows7-x64

3

Documentat.../4.jpg

windows10-2004-x64

3

Documentat.../5.jpg

windows7-x64

3

Documentat.../5.jpg

windows10-2004-x64

3

Documentat.../6.jpg

windows7-x64

3

Documentat.../6.jpg

windows10-2004-x64

3

Documentat...gh.gif

windows7-x64

1

Documentat...gh.gif

windows10-2004-x64

1

Documentat...ge.gif

windows7-x64

1

Documentat...ge.gif

windows10-2004-x64

1

Analysis

  • max time kernel
    136s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    20/09/2023, 19:10

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Documentation/js/prettyPhoto/images/fullscreen/huge.gif

  • Size

    6KB

  • MD5

    1fcab4f05d2356941d538a56761c6ee1

  • SHA1

    73cb72396e2cfdce51d6023994c2710df38c7986

  • SHA256

    53dc94e14c75536e878bd8efbc02b5760645d5a894927a6ee15fb6ec4c551d4d

  • SHA512

    1e00a399ea7061689e33ddf117c020fd257ecab86137c2d6bd9157707451db0680b93107e77adad2733862e4f9ab3ecb981110429a5383e04c3f8dda202ee7be

  • SSDEEP

    192:VRo8gqADBf/RhGxSydwth5V75LQfZ7EKtBchhZlnD:NgNDBfTMmHkf1/8hjlnD

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Documentation\js\prettyPhoto\images\fullscreen\huge.gif
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1964
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1964 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2132

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          0b3f628847b19e3fc305c95ce148fe20

          SHA1

          cf2b8155181f0424b05fed049c999337533a87b4

          SHA256

          a695b05281ff8610f85f4f541f26290a1a4c2745b326ec8c94ee43bf64efac8d

          SHA512

          c768b14bd288e93e44f53fa457633d5e8041190619910f9ff578e6ab855c6971b8b1899cc348a8c207d69f1c8851e877158131f21d362b6e83e26ae94f18205f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          e3131a46949f2f8956f09e0b3d220f64

          SHA1

          5c182e7904b1a7e6801bf6e8254126b6d532ed82

          SHA256

          c5266d6c62936236ed9d06d5d5bf50faaaeafe6a50932b3db61b3da64bbe04ee

          SHA512

          6f49ebefc4252df0906374f001733a0367491c169ca7130c354fd2f1d68a0625f9301c9797e9d916156dcc509eb3ca8f40e868437ac454d2c1b2ffe821423021

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          30026131b7abb032e47ab31609d0f221

          SHA1

          21a56233add5c22252552182171cebc1b32f0b9d

          SHA256

          36a85c574fa7febeb79a66060de46f139695f7e5c431f606f8555d4a8d5cf41d

          SHA512

          6334c0d0aa717bfdcc668398acfa0a35d74bf6eb37b63b5c6ec9e37b9dcc435fa0f55536fcafccc116a4af60ab4aaa94d9181ef9b57e88201b1290e2b1301e7c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          9b60b61caf9f8e1a4f30461525b1c07d

          SHA1

          77a298078453e61d6cfe64c58ba62765cba85ef5

          SHA256

          33f7ad7005b0352da67f4aafbd340cacbb89eda16a43bcd6dc1eb1ed293c3890

          SHA512

          575cf8df9d3acc974221f5353dfb53d621705df8289fe0645b0ccf616a84d9b4c08b5cfd34a08e849d177c8dbe61ab90eb3c2b5e2b9f54519e7ffc6923a78d10

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          101e73e261fe58b38a54e05ecffe445b

          SHA1

          e8caed8526634c79c79ca67177dfe1edba85c25e

          SHA256

          2081aa7865d63f36fced9679690e243027dba3a06dbb20289c6ccb3f39e9aeed

          SHA512

          62e1a86302476a4badee667362f182517029b28a1286f0bdca4bfcbe0a9c2eca485247f849a5a7289420f7a8da65ae97d68259be5aff717db562580cb4521924

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          7fcd1d67e4b1d24afb2b5fb62c946abb

          SHA1

          9a96a026cdf0babb2f6e9fc303d44e5a18dea3b8

          SHA256

          eb7080db9d2914304478306d3aa5f42f8629a2a339b2bd769958c33caf88a3c1

          SHA512

          abfe8a5cf46e26e2816c717e9f19cc0490f440c1ac0eb5d7ad6c8c2d8dc521c9978d2324068bd2fb0cb380e3855deadb0d53ff810fd49610239a4ffd8aaad804

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          6b072c1befa9e8e2584740d48381f7a2

          SHA1

          07ea42fff3e4a61c4f0ab3b0be073f2c5406b99f

          SHA256

          5801edc0697378bb01d8f496c064d88282faa10c0a3c197c2975b8f4f174be84

          SHA512

          4448034ab24834730fcacb764ce198443a8cf3a8619ec4959af52e5207a970c0fb37741d8cc95c05935bfa35fd2ee670ee375788cfda98939808ce66a17db711

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          fecd845f6625a8e6a5389d30d5a6eede

          SHA1

          f01de244ce1a7091523ce89974347902838685b0

          SHA256

          32d46db72285ab82ccce79a978a248f7a545a5da7a9b8df9702fd817146a97c8

          SHA512

          b6ff819519145ff8b79ddb9803b563ab98ac1954598a4f693fa0e4a005181d9a075ffe2896c04a61cb7280960d6a1c5d68fabf03476d1862a4045ab03159ac8f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          68eee78e505098fa888a869fe253b67f

          SHA1

          add7ee97a773029ee9484eb388faae34406f560d

          SHA256

          a295c511df23a2a07a3796539e9e7ac9b8c6e6373dcd6d3bf6f937e95cbfa27c

          SHA512

          cc244792811fdcc5a1e9df8c3552227ed4c7a32bc309c528e4dd5a11b00322677ebe038a85a0025d0a169980373a1a4257e51a5c2352bbf282505eadf78d2e7b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          322c133c04b86b6e461ed201ab7858ac

          SHA1

          e51c1ba1e87f31c1aa685116afd9dceef0a49193

          SHA256

          7dbfbd26346f42d86f5ef9cb2635483cb7d8de039168727d7183d8bd9bb02148

          SHA512

          3d313fdd400670d204bffd33f3b28a411fba0299464278cf67ffe9bea4602ae59677e32d29cd85bf7d904d0d4712837992de7d867ac19b3a2fe542420e967b53

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          bcb1856077c34ced1a90fdf33895eacb

          SHA1

          ac5f3028cf40795f47f42e03a94b4a2c6996720b

          SHA256

          24f6eed59d591f51187ab9ac39bf5d8363a20caf2849ba79937655a5fa3615d3

          SHA512

          f775c0317d3efccd877a27a4018672824cc32fbe54f010ee3dd4f18e4e0ee0527072a5bb213d2a9b33a8a4fe50341d986a3bfe75298a2d060e38c1af2082c3b5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          dd0800656bec9a47b47cd502f95f8224

          SHA1

          13b4650c1a385016aeedfd92d4cc2c82a088701b

          SHA256

          8e27117a475f9b78e5eb00904008523508a7231b55f26bad5f6baefd79b4d233

          SHA512

          5d8e4512991b6cc36a78554800aeb89f16d447cc6b2ffed5b9b74c79faca9a9f2867da2091983b4137d4b8e30333719849e367447076eb816f0b6ed1431a3820

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          8ab3d5d64e696b0fa625f9e3926f8ccf

          SHA1

          0a567ceafd412ec1da2fe81815c35506ec029fa0

          SHA256

          669e3cbcaeac951b71a79b57eb6ee0b36c2ba09ac6aaa9a65916a0eda983dc55

          SHA512

          06179096fe44b90bf461c0f293627c728b91b27a3848267567e7a5f91f18b3f5c5ad144c0b89b183f42d4ed0309e544a99f398dc1e53a489b4d3de2698a14d98

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          f66f20ce6f1a6090ac7b9bcf486db536

          SHA1

          a084289a47e033e9532e708881419810810b0d58

          SHA256

          255db26f359c9937145fe107ef17c055c951fbaba4517aa1554ec33452627406

          SHA512

          56a8410b6d43ef81a5a93a3dcb2a57f6d625c388f2f07a5c08968aedec7c1c699299f009a206167096b6a1973dc0ee989c53d724191c29dd831ce378f34d6352

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          941e648c0ba7e258ea27ff35e70e9431

          SHA1

          d4066f17612ff241375436f07b4a52b36a4e7e58

          SHA256

          f6e23b0616ff3d529056943d4d1e64257059eb797615e3b237c416f74fe6bcca

          SHA512

          dfb299abba400205dc94c88fbceb8ad431e02bb71fbd056f95960bc4e05e5dd51be8c3a2b272b1cc17175d6ddf3bf579f5ae3209b3eafd95dc1618a1bbf27ee5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          aa1359033627d53401739db49c7bfe4d

          SHA1

          1793ad32c73e2cb05323b2da3e36cd2fb2c2bda3

          SHA256

          1d195b405d39760466e2bb0d1e4a9359d15911b9f0c651de53e24170cf6aebd7

          SHA512

          4b0f359341f6688d203836055f46e17d6345b7d2309c957d4cb024610198a406bb473337367edbe92f2f88057071e260a4ed00a9789ad2e6d18b425f607e3bcd

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          2884206e1524520429f261572d190065

          SHA1

          4629e3097ca56d766c9acc8d6ed66107b4009488

          SHA256

          77c7f851456212d2278ffb2f699d283d83b8a5fa94026162e7b81b941b618b23

          SHA512

          ea0f0e36355a1222dbc7b0a30902c715a025690f138663c1ac87be1eb23271f5aae8d411138219a31401aacf748722a637affa30f3f8ab364dd637035143b4da

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          b5a7a20e4000ea37451fdd16c1a51521

          SHA1

          33a3053758d65a334710198b0a3a9d71f2479b61

          SHA256

          d7640a8ee23dd425bfb0ea3086795b704e8ecf82ef4937a8300dae62e29a350a

          SHA512

          9e4bd7d0e8b27b1a09a8487a9fc256d6aa95df95ba32c25ee06bd35d6bb92a5b7a37a4aea8e04e65473b7319325990f3dc11c44924b04081758aea81b0b21590

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab5035.tmp
          Filesize

          61KB

          MD5

          f3441b8572aae8801c04f3060b550443

          SHA1

          4ef0a35436125d6821831ef36c28ffaf196cda15

          SHA256

          6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

          SHA512

          5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar50C5.tmp
          Filesize

          163KB

          MD5

          9441737383d21192400eca82fda910ec

          SHA1

          725e0d606a4fc9ba44aa8ffde65bed15e65367e4

          SHA256

          bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

          SHA512

          7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

          Download Submit