Overview

overview

7

Static

static

7

WPS_Office...ET.apk

android-9-x86

7

JPExcel.xlsx

windows7-x64

1

JPExcel.xlsx

windows10-2004-x64

1

Sudoku.xlsx

windows7-x64

1

Sudoku.xlsx

windows10-2004-x64

1

ThExcel.xlsx

windows7-x64

1

ThExcel.xlsx

windows10-2004-x64

1

blank.doc

windows7-x64

4

blank.doc

windows10-2004-x64

1

blank.docx

windows7-x64

4

blank.docx

windows10-2004-x64

1

blank.pptx

windows7-x64

1

blank.pptx

windows10-2004-x64

1

blank.xls

windows7-x64

1

blank.xls

windows10-2004-x64

1

blank.xlsx

windows7-x64

1

blank.xlsx

windows10-2004-x64

1

default.xls

windows7-x64

1

default.xls

windows10-2004-x64

1

guide.pdf

windows7-x64

1

guide.pdf

windows10-2004-x64

1

ksMailTemplate.html

windows7-x64

1

ksMailTemplate.html

windows10-2004-x64

1

ksMailView_mixed.js

windows7-x64

1

ksMailView_mixed.js

windows10-2004-x64

1

login_bridge.html

windows7-x64

1

login_bridge.html

windows10-2004-x64

1

openplatfo...t.html

windows7-x64

1

openplatfo...t.html

windows10-2004-x64

1

secdoctemplate.doc

windows7-x64

4

secdoctemplate.doc

windows10-2004-x64

1

secdoctemplate.ppt

windows7-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    13/10/2023, 21:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    login_bridge.html

  • Size

    315B

  • MD5

    4cdabfed12acc7f9c118336c5652a2d0

  • SHA1

    93c9b9cc0c8cf53d944b67bd05fff930d806837b

  • SHA256

    9d590b25943efab14361dee200b324b1b168bcc128cb4719d051c775a5442d88

  • SHA512

    3168b209c4017200a8f9d1b224b9d75c75f3c08c1522bc11ed779e4ec5e47de332bb57ec29aaf3ded7f2d1f730a2269b91e2fdc23a25c0aa390edf3e0864c414

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\login_bridge.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2372
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2372 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2632

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    65c4f15fdb0ddfa5062c34467fc3b1ac

    SHA1

    913f318763bde67fbb198900df8c66f5d9a8f7b0

    SHA256

    79fbdf28506521335bc5872caaa36fca8996f677527283d8e8ba1a215aa3f787

    SHA512

    aa1340f57479e905c42889273ae7294d855478852e270a6491aa3a12c40b104630dee63ce83d8faa496544c6bc220802236898e6d50546134e1aa3f318c80289

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    54c4a2e7d36695a59dfadc3b6aea1660

    SHA1

    5675b4059bc201de814d1a31837af18149205af2

    SHA256

    043f0d189a97603139f64565b7125d39d5b8b3dc23f3503f74a79b2e5d75b77d

    SHA512

    1384b5570466d09702bb89c4007c5cdbb4d0e9adacb9657b42b3a868321649314a4e972e9d696476c88ca77f9e15cdd7227e23e9e48fe6ab8ea635e15a731d42

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    dedd31654ef1730dc61a824ac8ed44fa

    SHA1

    18d51c60e54ddf33b5cfb381333baa0490f0bb47

    SHA256

    f73a501db6d3818a53275ee313a05d00f2b0bfc6651ec0196adfb54b3571f771

    SHA512

    2183b4d61c6497ce989cd22b3189a25c55827b4047a762469ce7cbaa048697022d2e90afa99fefcc40e022e5d8aa70209ceb92603bf6da866bb9e9a8ea32c8dc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    22e8b19fee9e5a54cf05573931037367

    SHA1

    af4f65b8dd37e5f7faa943f6423b23af09ffe56f

    SHA256

    6acfa5932d226dddf5693e831056cd481567363a6a233851a755afd4606201e5

    SHA512

    32e6829f07c4a2ebcc087382aa66dd72d4e3e88740d45d1e382bcaae7722ab4671ebbb9a40d50cf57e20188c9bdb35c64a04e3b53534c351b213e1261a1f69b8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    39d63539981add109f251a7e161efffc

    SHA1

    8c996d4a5db506528d99b180c78e610b1ae86645

    SHA256

    8559c10fab7dbedf0fb69243e977a6d273c862278fc43ddaf0de741b5858156f

    SHA512

    b1020a8679c39e57404a193e77678079c8e20f50601e3b5c47a54bf112ec0f0b8b395270d10b910574c4d82190053d5709fecbe49d3ea97b84626fb03fbc3505

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    09c3c3f7c4d7dd191ee4c63ec6f35368

    SHA1

    76d8fa643259d75af5739fe2c9e1d5456593aa94

    SHA256

    dc7145c26d133746bfd060f2adc5b37ed59ce1d9b605ad4928b928e8a4309f9f

    SHA512

    32c6facb86c4c104429bd2c5af884566426102648c99b1b9c01f3b3bf8ff88725652b53d3ee0fcfc4430dd58b7f6978fd995815e98c7954b87b04d2cd1ab5afd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    83274a7c6d338887bf92f11905b55e0a

    SHA1

    2c081eae609464ed7c26b0ba3881f8a322b8a3fa

    SHA256

    54012791fcf71bcdb7e984633429f1f3d0711c4889ef05f9633f36a6b3b9a77c

    SHA512

    606428f4b7cad97a5e2d8966b232c6364577c6b64f726cd38936f2a6df68f6acebbf52987c31a1a614f8af3e7212f5605b2ef89528e88905a4f93a8d094fb900

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    3538b493d049588c3fde4ae91534352d

    SHA1

    65e1cba2e2fe7868914aa0185404ef122e015b02

    SHA256

    37ccec710af2347381b8dc169fcacc79ff6e0487c9b1ead5fb4426183a467e32

    SHA512

    23ba08aa4ca20877c8a8fa0e3e196d16dbde77cbb241c49d9b112df2b0786f43cb21b9ec477ee069603f62d27bb4da37de6d2c02f48fbd7d516bb095ec7a1bee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    b95673fc0773ac6cc5cc5467e1249afb

    SHA1

    932a1229f5c571d1e7fd6e943339794c405db04d

    SHA256

    b8d35c73aaaa29c56f51ea77c82633a3913d613617532a5b761063839814134c

    SHA512

    e3dac4ce91732e3637fb1f409368ffc4e43b3880a0eedcc99dfa4d85b1d190df9192d207cf161b8f2269d9990d773830cae5137dc04123a9f245c7c3c8944f27

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    e71cc5172a2e5eb78290414a09bb6399

    SHA1

    da38859d6e1c10d7ed4204f2b119cd6c6760be3d

    SHA256

    08915bc30e3adc7527133d988e4fc67c2338c43c67e61769ce60a1e98877f8d3

    SHA512

    2d7f03182868cc766825f8e66631c0a76c22dd0ce01d5c48680694d69b471d2d461da626dce5355adebdd260633700ce75ce554e2ad9081736a21e79cc123750

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    de8bbd7f8b8133463f851dd1c915491f

    SHA1

    753e5924464e6483df716c30d91f649f2f909854

    SHA256

    ffbe3311021a578256a087f3959bf9f538ad37c9f4700aa3d6e1b781ff2daf22

    SHA512

    f591734f0deea625e0b2592352c2673c16a7db98566c8679070f3c9a5f0aa1b243f6319b0883538489124e275c2c69dfe8f194fb7112d925319ce21077397474

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    cb11ebff4228ad5a53a9f58b8a8f3477

    SHA1

    e7b4eb5d00cf444b6f992ddf8bffe2c16e3b2010

    SHA256

    096af8c91dfd79d5f9137656dc32c9d29ad54dbd3d543af4dae208a7ee6813a9

    SHA512

    65b40800dcc1310803f0d9a3a59874bd39860eec4b68e2aed0bf2ea351611bf97f57bac45342e12170a159f10cc9ccd1cc3a122b0b45bef8015e29374e6a26c3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    7ef7764fb2d08e5d1c686b1fdbc5a6a0

    SHA1

    7567e376a5a2dc88ab13654720193182b482a6f0

    SHA256

    a7bfc2a84e26a8831c5510ea01159af14b652b19b63ad58fd9b277f7689e78a8

    SHA512

    7f5ac6f887247ca7498a2d5b8f05655809d8623a0ead73a7628ee274a4bef1e4242dc8b2398147e96f78992433d3f57f6b0b7cac74d53f2251e7588a3b3bc349

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    f5cc21da46e195861be771b71dc915d9

    SHA1

    944e67396036c2f101344026ce779a508a6257ee

    SHA256

    05860d5b5748a1c179abee18bc4fdcc4b2605886e3e30f93a7e69cb69db57c04

    SHA512

    5af02ab5e036914877c56099bfae6d228c47ff874ea8e9eeea9f34770d2d76ef5fb00e34241016389bbe4451f97eb282a20b3da746eb8df7b0da611555d5d6ca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    3af1eea2e54a5db4aed6c1d298d3c243

    SHA1

    abfcafd83803af89243014695dde1f6d5c544c2d

    SHA256

    d669e9a5349c498d8320df7beb5cf5d98803bd64a1a275bb5272cf9e1db19b00

    SHA512

    5f5407743d5915b91597ff8fbceb68ace181bbcc6cebe2ec5407ae295f2e4f4cddc830bf80bec768bb8de6c8ba551470c7119101c573a9feba058b83afdebd18

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    081825be61fb3f277a797b8ac6eee10d

    SHA1

    fdd6918c589aec41e9482c5475ba65f697720a05

    SHA256

    4c66d62b7cb3d9f4392529d1a04547ae874339304bd51bef61a6c9af8b3af56e

    SHA512

    87465fd9ab45416a36810c4bdefd37ed4ea73e3cd4efa1454c72d920d6b7f70043ebe7a87b1111a520eec4b5d1545c9e8422c5ac2115e81524ebc5e570186b62

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    275865f4630ef1d8b4af14eaa477ca7c

    SHA1

    a6393855717db0d25d1edc4b1133f0487257ca6b

    SHA256

    a749696ff39a303fdd49b506def68c9368c3b24a01746b597298546a51cc5a22

    SHA512

    ccd02866230768191a6f7917b9a3725349676af2c50d8e875e02e5f8d6653b282768a63773e1c53b65ca7a0ab5239b2564b909028b68b97b45cc80418976501a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA8ED.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA940.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit