Overview

overview

1

Static

static

1

app.js

windows7-x64

1

app.js

windows10-2004-x64

1

background.js

windows7-x64

1

background.js

windows10-2004-x64

1

changelog.html

windows7-x64

1

changelog.html

windows10-2004-x64

1

js/alertif...min.js

windows7-x64

1

js/alertif...min.js

windows10-2004-x64

1

js/angular...min.js

windows7-x64

1

js/angular...min.js

windows10-2004-x64

1

js/bigscre...min.js

windows7-x64

1

js/bigscre...min.js

windows10-2004-x64

1

js/bootstr...min.js

windows7-x64

1

js/bootstr...min.js

windows10-2004-x64

1

js/jquery-...min.js

windows7-x64

1

js/jquery-...min.js

windows10-2004-x64

1

js/libjass...min.js

windows7-x64

1

js/libjass...min.js

windows10-2004-x64

1

js/undersc...min.js

windows7-x64

1

js/undersc...min.js

windows10-2004-x64

1

naclh265_arm.nexe

debian-9-armhf

1

naclh265_x86_32.nexe

ubuntu-18.04-amd64

1

naclh265_x86_64.nexe

ubuntu-18.04-amd64

1

window.html

windows7-x64

1

window.html

windows10-2004-x64

1

Analysis

  • max time kernel
    14s
  • max time network
    18s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    01/11/2023, 00:33

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    changelog.html

  • Size

    1KB

  • MD5

    d037d1ecf12de230844665c2367933d8

  • SHA1

    abfec742d1b2563070ac375993da9ee530218f64

  • SHA256

    ef27fe26e1e355bc3661c764c9293928e25793e74d52f4c350fd93bc86ef3f8e

  • SHA512

    776617ef2a4d7295c13c863bf79d56002f119ad120431dbb29ed1126e831998e40675050f3b43039dbf790aeddfa764d030d0e3cd5e7252ac39eee378d0a7b47

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\changelog.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2148
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2148 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2428

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          981bcc4a8dde284db097e39c50147436

          SHA1

          7cf2b04192f58d6989acc9d9e47acde8418bc549

          SHA256

          6805facb90242be90b177f956eb8bc3b7fe282489a2367ef64c8e0814e1d7254

          SHA512

          2f107f63e5ef45c3e02939c05c1f605926786805f17217134f8bfa047c34c979fa65971589fa89f5e723b71da66ea24dd35d601f788a3186ad4fa9bea72c8582

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          7efec044b2f0ae859bccfc22dc9a5bfb

          SHA1

          de847e37e024606b93935ee7538e279fcd912825

          SHA256

          7e4fdf3ffe07a77cadf246a0f2ed6285c56c3d146171dd5f47152709864276ac

          SHA512

          3feb32bb10d7e5aac1b81ffe33470b8650edbae8a45d7d383ebb93bc4254ce96179b63c0b0074a3fbfa1831a2a33408afd19f5e52e8aa6c2df26efa8411c284c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          3d692c93d1b2e9139d30e7872acdd5ed

          SHA1

          931d1ed268352bc7df139542b61c8ae197e61e4e

          SHA256

          92526ecc2de07aa545598d999aac42964dcdef344662d6df4ed77eb22ceb2055

          SHA512

          85d32d205b8206d4bb142a14d914d40e7e59e59259346fd33d9ed5a8447235421931f39cbac1828504a930db332dc2ace01587a53af24d9453568de0f0f85d5b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          0cfaafc13b3d89b8e0e34cc811aaee5a

          SHA1

          fa4f524667b2a6230abef5695442fdcde53521c4

          SHA256

          f7e13b33d043174f747cf4e010753c97ed640e1425016a0f6e0b310602f58838

          SHA512

          abec8c03c379a664fa786e3440bf90864a6a902dce6dee04812ce3872165daa9a06057f0ef2a7133a8affd7e409c2312d768a3fe2b84936296b071e02d1d155d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          0811bdd3508f1b47a7b32c2f95a8365e

          SHA1

          c96f33b673087bc3788bd349b3e04ce5020b8fb3

          SHA256

          68b3cc2cf1b05b3f7ec43bf88e6e4ab419dff6080d4e0dcbf21e62ef30468209

          SHA512

          4356815a12269fd56e5f24bfdc11b84dbf9f6c97b91140024c73fe5798083c9e5232b18f8d3fe94d66773291ce3c6556d7a0d664cd17d92c8fe1273b3b898424

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          cd699986b6537577a93d8050e5ff9ee0

          SHA1

          14f4de97474337cbbfc2c932d8e4091b771b4442

          SHA256

          360c23a9547cbe55309da57d37b98fddfe6e4cf84fdb56c07f579977d09e1805

          SHA512

          c27942cbce43d2afad50d89afb155c8d3748e34d6447ce211e5adf5a2f8d987fc7bf354395d1c885a56bc6d1b6d736e49f963ee9818cfbd2c19d95b492b1625d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          5f29d3e2752f210705fc5b9e59205f6c

          SHA1

          0da4243f9087cbdffef544befd4326a94f2413db

          SHA256

          a666f5f6f62d06b1aa38962830fc1ab1bc5474b3d618f1ede41a9a817cba53db

          SHA512

          c482a05a4b299b1bc1df212f87c5732598ab4cffc57422cbbfa433a8e5134f0f72621d6989277bfddcff7fc32d7ae60428449fb626c37f256cd02a83e3e51b9e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          5e11f7a4c8bc92aac0a52ac240d31cf9

          SHA1

          fb209e6f5b013d85dffadcecb71242c3559d4a42

          SHA256

          c5a22932ad719935470848e6d5df60fb4a82d1f6a7975cf58c117c6d87477551

          SHA512

          c4b3dfc3bbe4c8b8c64cdc5399afab52a409ec0d7a55e60e474ba89ef19a65398abf89db82fd2c589d90dc0b481cbffcb9552a809bd6784a6cf9c2d9e313b031

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab64FD.tmp
          Filesize

          61KB

          MD5

          f3441b8572aae8801c04f3060b550443

          SHA1

          4ef0a35436125d6821831ef36c28ffaf196cda15

          SHA256

          6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

          SHA512

          5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar659C.tmp
          Filesize

          163KB

          MD5

          9441737383d21192400eca82fda910ec

          SHA1

          725e0d606a4fc9ba44aa8ffde65bed15e65367e4

          SHA256

          bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

          SHA512

          7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

          Download Submit