Overview

overview

10

Static

static

10

retaajbeauty/400.html

windows7-x64

1

retaajbeauty/400.html

windows10-2004-x64

1

retaajbeauty/401.html

windows7-x64

1

retaajbeauty/401.html

windows10-2004-x64

1

retaajbeauty/403.html

windows7-x64

1

retaajbeauty/403.html

windows10-2004-x64

1

retaajbeau...e.html

windows7-x64

1

retaajbeau...e.html

windows10-2004-x64

1

retaajbeau...der.js

windows7-x64

1

retaajbeau...der.js

windows10-2004-x64

1

retaajbeau...oad.js

windows7-x64

1

retaajbeau...oad.js

windows10-2004-x64

1

retaajbeau...ced.js

windows7-x64

1

retaajbeau...ced.js

windows10-2004-x64

1

retaajbeau...cks.js

windows7-x64

1

retaajbeau...cks.js

windows10-2004-x64

1

retaajbeau...ent.js

windows7-x64

1

retaajbeau...ent.js

windows10-2004-x64

1

retaajbeau...orm.js

windows7-x64

1

retaajbeau...orm.js

windows10-2004-x64

1

retaajbeau...ags.js

windows7-x64

1

retaajbeau...ags.js

windows10-2004-x64

1

retaajbeau...ort.js

windows7-x64

1

retaajbeau...ort.js

windows10-2004-x64

retaajbeau...rt.ps1

windows7-x64

1

retaajbeau...rt.ps1

windows10-2004-x64

1

retaajbeau...ns.ps1

windows7-x64

1

retaajbeau...ns.ps1

windows10-2004-x64

1

retaajbeau...er.ps1

windows7-x64

1

retaajbeau...er.ps1

windows10-2004-x64

1

retaajbeau...der.js

windows7-x64

1

retaajbeau...der.js

windows10-2004-x64

1

Analysis

  • max time kernel
    218s
  • max time network
    235s
  • platform
    windows7_x64
  • resource
    win7-20231025-en
  • resource tags

    arch:x64arch:x86image:win7-20231025-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 13:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    retaajbeauty/readme.html

  • Size

    7KB

  • MD5

    c290bd03cbf76b858525f07d58925680

  • SHA1

    6ae7bed6ce5db7a5a102ec4906f465f4ad901196

  • SHA256

    c8b72805546a4d2636e3b7f9c77775d6a66236df6d2948f92bfc9ca12e05c37e

  • SHA512

    521aaa368360bce5827ba0b4bf2c9762ad9d0837ea65b686cb7ece5816777cc41797a33b976663ca75eae9b3c2dd5e4b1d8c9c400219ca925d560d23d7c69c0f

  • SSDEEP

    96:4UKLApz1z/4kF5kyJpbifN8uueKQPt441tcqkKuIDdKCZUjD+9+v5tdNwGgzIZzf:6LA/TVPqmulQCwDaCdGkuCidI

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\retaajbeauty\readme.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2828
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2828 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2648

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    41ffd8f167098da48c7d2109ca33c0f7

    SHA1

    9869d681826b6e5fbaa655623247e6330b5443a4

    SHA256

    a78aa8ec42f92d18d83c44981dfac1e5bb5886893333608890a26f56123ac5fd

    SHA512

    58087f0ba6113d2c24067ce50a7c6577050f4e1752d42c760af223ca581edfd588de264702470c7ece777176d09ddbeca7c601c1235c68baac216bed453ca779

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6f3e11190d3ed022e36b393f6836f2a4

    SHA1

    8a7494c14f176ee7538daa2a67ce67dda34bffb6

    SHA256

    06279435b7374e47af50498bfddf5739efeb02145c4c8c6f096959d1aa1b226b

    SHA512

    f4f9fcaabdccefb0baaec4e8fb8d0476a50e5f0e9d3fac23d4ff2be612ec3b5d7798d939749c35f4e5defc3fda78dcb0abdf9b50aa9aa8ba64563c923a23b7a7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bee0a5da154d5c1f22173f0b386f5822

    SHA1

    9890dd440b80f24a4b26315ea55834b5a8273c3a

    SHA256

    b47c06665723dfa6bc1a043c412f66dc547ad673d02e4082ad83448580f82401

    SHA512

    cfc44224800bba9a38349ace28fd383ff09f40d1ec5baf40adc2b4295074d1cc4d690a597cafbef807e678387ed1bc300b3bfa23c0b8f80c85d6e19d3ac55b7e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6053fbb96902e756918f68e9da1e263c

    SHA1

    2ce7c7889fc17d750b4756c73828b554c8d45a38

    SHA256

    fc8dde206ba1bd0452f218b0be4a34625ffcb0576e5a590d12a09ed2c0b7bfd9

    SHA512

    911774a07a1ba79ce510b69ae4906941fdc614870e2897ba7a5b9a9d9033905b3bd6f42fe0664b995a6b0bedb6aaed952f5e30781ea13e7b095df7d1765906b0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    95e3db7322eeed9d5f390bf29cf422a7

    SHA1

    9bbc116e2844563db5e01e889253f574d38de927

    SHA256

    1f6086bdf8dc8070f2caeb6a265f4193b9231aed0f2c96f552403d2a4dc78d21

    SHA512

    526fedea062b65ef3acecdf9a0b0c20b75ac2ba4fe951e6aa8c1117252f86bd0a414ff877d700c2e5bdfa9cdd446daa59891a51db873777fce7ba624228d0512

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8dcd3aa36198bc757b590f0f0d209911

    SHA1

    11bf5c745dec878180f89e9a83cc6d9dd2b3d919

    SHA256

    0ec58a468479cb6bc1ef30e1de1f7a18339e569d31c4793206470bf9f502ff26

    SHA512

    0f67cb8b77be89cc8226b5400e13d4a2c358e17eee2b5e9c4002d398be45f3dceb80d942a3ae46d204d27de8a05646a985ce6db34423575cc366652432fc6c4e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9568daa0eb34772b132174a67ecbcee8

    SHA1

    c5584aa754d1b62a11758ce870877ab04f34c313

    SHA256

    066f3325a9c77ebadce8c2570be4f66c9a9f5e2504548a07ec8bf14d02423e8d

    SHA512

    c5d147c734ede97a9aa3df898ff395cb66ed0c0095557c2ab53f7e34b2da2f435668f745f73ba979e62799254dc2614fdaee5066d1524a9dc16f53d242928a26

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    09c734c9bad5bdef06e80e424a84a7b0

    SHA1

    437c9b33a045b0b332efdc2d279b61ba8e9ab4ca

    SHA256

    438053476057f6592390549802e306695b7fc9529606007bcf0651d575105d22

    SHA512

    de05325a9f6f0f8a1aa3e1e1b298ca67e319d50fba96b21f611325680083096b7368ceb89ff561cb3f8223c99e0d5ab5b3b4fc3ad80f8deca5372a5e1cb483f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e608d8f9603188f62ee83e19287999ca

    SHA1

    eef14f151f4dbbf40077a704cdef2998c21bdf0b

    SHA256

    c74537a0974e6f1cbb6f4025f01171c8fdd9b430cfa32db6a6b466a8d45e747f

    SHA512

    a6d60b6be735993c948f07729d34e6c7ad15f02f60918c6b2b6596cbf76e1f88b71d254131fc59e633c1fc1d3c20b8e2483a9b68d3ae5883a55516f5efadef77

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1577eeb36831a68439c45505f67a50d3

    SHA1

    784434f9491d5d38f439bcbc88294d22183ca28e

    SHA256

    c8d2a488ae890dddd8da3713969ef8ee97c638b359628cfce6ea271530bd0055

    SHA512

    b97973f22e013cc7b22eb2bd3be4218534ad4528f8414b8edbd5981ed22e7b06097af11f519eb8fdf9897405ee8396e3c90bff172eb826bed98ee86570086be4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b26d7dedbbf2ebd78079379dde1e3aa6

    SHA1

    2091253fdab33fe73ea403def03609118c81578d

    SHA256

    198950457bba6f45ecad2431fdac623fd0fc0b25fb8c50ce691927f1a86274cb

    SHA512

    7f611094e9ef52f0225e02e2f02902f6962b8014392862f8c6c03d0ebea7390793bc3875d5ad19629f81233c914223433e19bbd32674519014bf5ae78452662e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    47167c1f5feddf2af2c96d94a1484822

    SHA1

    92618de1c6a6af63fc0507895f5ff485046c1748

    SHA256

    fcb8c65bc9388ebd08ddf9abe3031b68d05ee87e4cb35fab6b6bea59cb8e77a2

    SHA512

    227433e869e0b43826082a640d03856268fd1e3468700ead2b2ebb3c46ce5057047167c57acac69f5b13487fafb378915240914d61c8ad963c8001e94274ff04

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d87384ab0fe88a3ecf18993197e4b0ff

    SHA1

    8da4858dd0b5771b0de8b1369e6755d3a3b45928

    SHA256

    828f1db813f1dd48dcebcd3ee4bb398d8a068d6027b856596fc61c13b19a865f

    SHA512

    2fb85daf82b9d9183012e0d25aad48c1af522cb3fc472775ae94dad39c54e40c675f8f121eed876c1a9f6dc715478427db1b4834b673c3d08bde77dda8a1d6e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a49ea5ae2b552c6a2fe7b56aed880408

    SHA1

    8f153b8ac772d8d00e4bda1f2f046dee0369ca3f

    SHA256

    5b2d024d6fb777f7150c7660d0f02e82d3e2e61a9c88e63b5a1a4fcdcc5a3671

    SHA512

    9dba904a75f239e57c35146c72597f79365e29b8229f97839fe511cdb5a3a3624c023558d265fe19fc4069ced0dd334b2f2bc2f3136bc86d68deab87a17295ec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a3f568f2087ad6268b082ea8fca5b39a

    SHA1

    39198d37fa329919180fda17dfea7d8f4ec985ec

    SHA256

    f4814df7bc1b4463a9bd1e3586348f0c104e671e496100fe75a1b6596314eeef

    SHA512

    cfc9eeb2418d0352336f235595514a9d4b8fc157339131e025375ce3a5ea52296a190030608080cb4bf54abadc1e0d26b598a31b1843d302b057cf81198ad29c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    50abaa30fd716bde59540b8bd5310183

    SHA1

    a3a4ecf0908e3a225558882a91039b871807594b

    SHA256

    4c4b41802cf1d87c9ef0e39d3b2b4d71136865ed9559e0f10be550e37f2200c4

    SHA512

    76aa7fde11c2d685df6af98679258dccaf2e1b0ab66b94255fdfbc2f4bc0772dd59d0f81aceeed3ba56e59043a7dcbebe106ddb9d91928abc41534c9787f7017

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a8b021963e18e5d16c6cd5639dcac93f

    SHA1

    50f264d861f13171c483428be0d6caeec59b0736

    SHA256

    175b42064223405ff5a4f7c1699ebb6201b0cf9298eaec9242efbd68bba81504

    SHA512

    3bd615545c8ebfdfed549b826d9434315a3c795bb999c43e6955c39ec1844f3c46d59857f4ef1e042a6352ff09a93dd3ea30288d3ebe6042a85b05ef3db8a223

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    275a50cb47c4bdeec438cfd85a649c22

    SHA1

    d543cf81fcce6af35dd8c035c5e175342845b3b7

    SHA256

    fba35abb2d8bb6ea37faa9c01cf8dff056604f7ff632ea182eb45851bac2de37

    SHA512

    eefc052c91bde29fcfe20f9cc3dd24eb24cf70e38ff1f32dd2b2a35a30d873619153dc1f39a8d74642109bb5a8ec6e04201fa9321421a44df5411b997423bf97

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2b81f5b35d369fadd75d12cfebcca071

    SHA1

    7c645872470a3747348c53d31aa899f05df9d002

    SHA256

    bf59adf7eb44fcf51ea9e81a5c604eb4a439c569853bfd1bb385415f54d92eaa

    SHA512

    9fe3d391d34be9d8cab5eab13d0c5a9948f1c90e9be5955853e444ec5e6803b3de9145d61c263653e242b42050187aba446c3d321899623c599186ba8161ab40

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c895424b5e6be6da6612bfbb03517395

    SHA1

    5197a719d986cab32f0d16cf0280b53adce8994a

    SHA256

    0bca00ff4a0e56ad88f7d5b26f686c31d45015f231c911542af0d63407ff7539

    SHA512

    b39b7b2574838529ee8df2eccbdf6eef4d07c5e050c8a70d8531a881b31737f9ff90bf8bef81fc5d19c6ab74e8d46ebdf5c1c63a1251f7a28e2d4f0c4be0d3af

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    55d95cd50bbe0842f15b3c1d61fcc91b

    SHA1

    7569ce3630c82aa12295116b84658ef2db41c312

    SHA256

    a7c0788031d43f4776aa57fac7999d2e6e3e8aaf6b6556a04d0cd7c670237694

    SHA512

    f712dccf2e84c4d93bf5e6927805e74bd7a18893591722424b862c20e34c96154060d0609e45567df23e98a8ea22a6906309d511f9895d6adfaf39b9175caad0

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabFD05.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar1BC.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit