Overview

overview

1

Static

static

1

tmp560779530.vbs

windows7-x64

1

tmp560779530.vbs

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    12-10-2023 06:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    tmp560779530.vbs

  • Size

    710B

  • MD5

    5e5a87d0034e80e6b86a64387779dc2e

  • SHA1

    109469f781a1cd257d7e8ef443ad961c6d740733

  • SHA256

    74bb36d7b564db9687d94f8038d5e8b0c951da5d7799c0c9ce8b25fef6238185

  • SHA512

    026a957405509add41171907f420ba52b68079d007be9084417adf667accdfa13e3c6af0c096e147935337648a548c9f56d95c83fb9087d4094c99ebd1f08432

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\System32\WScript.exe
    "C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\tmp560779530.vbs"
    1⤵
      PID:2232
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
      1⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2424
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2424 CREDAT:275457 /prefetch:2
        2⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2676

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      304B

      MD5

      ce1e630de619c781cc7a34049154e563

      SHA1

      11e61ea25a2d563c3a0fa6c208f836735f490ef2

      SHA256

      9083cb8aee8606121faa7ae70d8bac97a9eefd5ce573508d84972e9148907a17

      SHA512

      abc29749a482a277e03b4326b5650c03886fd3370f3764612aef3ad793edd8c0ee6e418baeff58126eeded2fbc2f7d3f9e72bbb0dc5c1376a3481083ba57c799

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      304B

      MD5

      4903d02232af2813454bdd8ca6377735

      SHA1

      16d0719ff5c6be9d442470339a1a7066cd9cf3aa

      SHA256

      a13c58bdedd3b55a6b3b8078254aa692fa0b23880b404b1439d2778c633e73dd

      SHA512

      e432953b9590b6d98be569b5fc7205239281ac15ea3d0eb8dee3c1b1c2a6ad8e1e47d73711000e7476b3727be54c4a1b8d808f415e1e62f80df1955bc37343cf

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      304B

      MD5

      60666192117b76bbd567f9cc9601a2b8

      SHA1

      0eb93f7c3cdacc622a8af4d94e5a3f1f1dd7ffd7

      SHA256

      c7209824ebdca8f910db28ff9a7a55255135a5f92f57eba5316df5270c703abe

      SHA512

      694210cc6b8e6933b2ccf8c48ec08d0bf519a1b0029f8bf647277cacb947fec1868bd5608676f0f3d1c1705d4e79ce136615e90ad981fc358450b72d93f92522

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      304B

      MD5

      221952cf1f12abd224d8ae3362d6fdac

      SHA1

      99659bda4ffc6392376ee9881f6ed1be7c922430

      SHA256

      942de63904235371ba3621c12515852b2066c7249a9547ca660c5a4ff4fcfc62

      SHA512

      428cc1bd52fbb5dbb2c416c1c7e054901b911a2c1d3e2d31d01b11fc71f59047a13ef9188514a8bbc2a732aeb30b978d44ceb6873f12d08f2d28e895cda9b0ed

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      304B

      MD5

      9eda6af9bc3bba07f9044683af54b87b

      SHA1

      c3c3335d53f8e82b8fdc04bea9bd995fcf2a66b1

      SHA256

      bd00b6037adc118bc52e9e4b378e3db70ff5f730a2708bbe1c624646a362ce58

      SHA512

      202ba27cecce9ad69aa56e52735f751b3a33d8cf8b7c9fa37902bfa736a7f46aba2c8bb24312eba564b87bec8a077d82c3b0ee54cbfaf9312433ebc7fbc34d8a

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      304B

      MD5

      deda3b0cf5a086ee0d2c0ab68563fd68

      SHA1

      975bdb8f8d34197e6a411a18eda4cac3cdbf70d5

      SHA256

      37d68c270fd5e3bb6c2c98c21ab012eeae199bc3be2dbdfb0e0490d52b8ac163

      SHA512

      9be1e56033e1b55e6e84d447bc9667187f59748fddd668608fe4cadfb7d42561d801111d74701102d371e709678b30b0e8578c7eb50ff715a8ae4cb1bfc96cdf

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      304B

      MD5

      f746aa62bc429ff811a4e63fabb0dd95

      SHA1

      87aa08385d0edcbd3ea0e2fc66184fb475ac66bb

      SHA256

      14e51043591288f5b21def0a2dcae0d35366d1f594cf7a3b2f1eb82326057d7b

      SHA512

      ed272ada90520f05b35cfd74a630123dfcb55e3e5cdbbe0b00099bd52ef780644f933ea12a34a0bea7c7092acd3aa4947257e438bdc4912e2b67de5f99bd04d7

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      304B

      MD5

      4f7c2edfee49831aee06041c651a76d7

      SHA1

      28ffe817d75f268c8261d29416231f4010fc2c5f

      SHA256

      72d930619dbdc42ce591d06065144d516182610ba7c37dd00f5a24da1972d04c

      SHA512

      8a73bc6ec421b8a8782a466cc3e508239c84e407ab6309cd224e14ed5a21d5d1f6cbec1b11b49999772d031887719ef5ad65c9408da4b0509fb7feabb42fa129

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      304B

      MD5

      8f2791b42e95b4ce3f0a35205265564f

      SHA1

      6c02bd0afbedc8f91a8eeb74645d9f386b28c4fc

      SHA256

      a3e071313a5aff49ff43322c326645ed265bbc71f5797f395ca92f2e0afa158e

      SHA512

      8337f94b649e75a1511ad9b8f2a67f42d8b8010ba0b9256b25ac72070eaebdeb12792b25cc2b7c51aed704187f6b81a6e839d5deb874676f6fcc4b64eb949d07

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      304B

      MD5

      f1dd7af77582973b2cd96174acc4985f

      SHA1

      abc743797d6d564d8f6da6d0182d658ed5c6a9df

      SHA256

      43e4aef74bcd9eb0243ccd18b79befe90d35f0b072b357304f6f159ebae7a69c

      SHA512

      ff3743ebb58b48a20fc66ebf1a156988fef8d04ddfaf19f35ef974a49ed81754e10cb4978bbfec1473e310e382bd1916f1252ffcfcb083129ab9e5c30c7006f1

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N1ZD8WV6\favicon[2].ico
      Filesize

      2KB

      MD5

      a2606f1274e1ca7769c7a713ae7c444a

      SHA1

      f5619384b322523f10b127f89675e1b29ac7db3f

      SHA256

      791525a225922b4680d5dd9cee1a3fe11596045c85569bce6449743ab30af70a

      SHA512

      b0283c2cc9192c1e63a1479e41a64c622495e8305ade63949e36a106ae1ab545bfce1a7dd18d03ae26ca1a321f14fce78aed42d3b16a8568c14234b8d54b1c69

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\CabB1C3.tmp
      Filesize

      61KB

      MD5

      f3441b8572aae8801c04f3060b550443

      SHA1

      4ef0a35436125d6821831ef36c28ffaf196cda15

      SHA256

      6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

      SHA512

      5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\TarB1D5.tmp
      Filesize

      163KB

      MD5

      9441737383d21192400eca82fda910ec

      SHA1

      725e0d606a4fc9ba44aa8ffde65bed15e65367e4

      SHA256

      bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

      SHA512

      7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

      Download Submit

    • memory/2232-25-0x0000000000420000-0x0000000000430000-memory.dmp

      Filesize

      64KB

      Download