Overview

overview

10

Static

static

10

mediawiki-...api.js

windows7-x64

1

mediawiki-...api.js

windows10-2004-x64

1

mediawiki-...ed.vbs

windows7-x64

1

mediawiki-...ed.vbs

windows10-2004-x64

mediawiki-...e.html

windows7-x64

1

mediawiki-...e.html

windows10-2004-x64

1

mediawiki-...n.html

windows7-x64

1

mediawiki-...n.html

windows10-2004-x64

1

mediawiki-...e.html

windows7-x64

1

mediawiki-...e.html

windows10-2004-x64

mediawiki-...Log.js

windows7-x64

1

mediawiki-...Log.js

windows10-2004-x64

1

mediawiki-...ger.js

windows7-x64

1

mediawiki-...ger.js

windows10-2004-x64

1

mediawiki-...oup.js

windows7-x64

1

mediawiki-...oup.js

windows10-2004-x64

1

mediawiki-...le.ps1

windows7-x64

1

mediawiki-...le.ps1

windows10-2004-x64

1

mediawiki-...tor.js

windows7-x64

1

mediawiki-...tor.js

windows10-2004-x64

1

mediawiki-...kup.js

windows7-x64

1

mediawiki-...kup.js

windows10-2004-x64

1

mediawiki-...or.ps1

windows7-x64

1

mediawiki-...or.ps1

windows10-2004-x64

1

mediawiki-...er.ps1

windows7-x64

1

mediawiki-...er.ps1

windows10-2004-x64

1

mediawiki-...er.ps1

windows7-x64

1

mediawiki-...er.ps1

windows10-2004-x64

1

mediawiki-...ger.js

windows7-x64

1

mediawiki-...ger.js

windows10-2004-x64

1

mediawiki-...de.ps1

windows7-x64

1

mediawiki-...de.ps1

windows10-2004-x64

1

Analysis

  • max time kernel
    93s
  • max time network
    219s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    07-11-2023 14:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    mediawiki-1.39.1/docs/uidesign/monospace.html

  • Size

    3KB

  • MD5

    d5a4f316904c98172a54b389ceea8e95

  • SHA1

    95fba10fdfc8d11b355cf64c42610621a7ed8304

  • SHA256

    df10c436635c182cfd028bf71ceee412a088ee9f58eb25fdecf77c6601fdf7d9

  • SHA512

    ac5526c3da8ea587ba04e109d962324e252c72eaee02fcc54138ac874d745047c59ed2b4a5539173b179184feba61abc0731c03c96077102436da6f50049ae1b

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\mediawiki-1.39.1\docs\uidesign\monospace.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2844
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2844 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2628

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5d988f7cc6a0c9dbf31e3d0f3f1306f4

    SHA1

    a1fff9b46833fa17bb77362fd1ba1edae5af2e78

    SHA256

    6cb4018ec9cb2dac208893e1a356d6fee5db30f78b7f97b6b3d8f32289fa080d

    SHA512

    a98f5c07fe35f17978053abec8bb22550a40962afdf348c39e7ed9a38d4d096996a887ee35a17813bf88c9f04a2038ddd0779e6627dd9c327aba6510b3f93d11

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    62349e53a347aa88844bee66b4ed39c2

    SHA1

    2855426b1b06ca1289a0d5d72eee7b7069fd5549

    SHA256

    ae436b451af6970f9ca36d9cb11ca5ab0744be9a4d11e0a9b0bd1c8229f3054a

    SHA512

    59932d24975f0a00054282745b9b8e8cc3039ca8e7e2f3f78b5d5c6ffa51c8cc267da5aa869137f94a253b7e57a0f41cac939f6415d3fbb28b1a607d2388621c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8372393980af0e68131dc4c3a077d158

    SHA1

    6bdda8fdcab2738ef56d70d5a9bd945ad35daf28

    SHA256

    a7f73da1c3f90a7bb3602676c503379703648292b19642575cd77f9b2abb6ee7

    SHA512

    12b6720c4b24bc418e5d1fad7ae9f35c88287c9c21dd84748a4ff47fb1c805035f229d55ab287e3109362cb625113508b7cdeb30f4d2b152985ec377ab20b870

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5c61b30a8c88bdaea6661e9aaa29819e

    SHA1

    e60d9ce9b84494fd483481d692295af91b533972

    SHA256

    7348c01072ba9ad2b0f96e4a0c6179c0dfe377d360a9ad3155d06c02100aff0c

    SHA512

    980749b88a4611c38a9a2eba98fecfef9d33caf95bda2e67214dc88b3d87dfb6982392c98450154f0a29abd806842361b323dc69e7243463673f47261f0bc43b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4ffcfa989dd8ea154601a43b41096f2d

    SHA1

    512400e43aa643d143d5813d809f0090d988f801

    SHA256

    64f7f4fc86c2e0684c392a6abf805fefcad55cc50fa5827c8484dc95de82c652

    SHA512

    4edd062d6d728e06fe7334bb9e0b8d00af52462845fde1c53371abeb642c0c006dd185f2f84a62a40b7af035c62f1506e8c37aebb381bc0118be5b88967f8945

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0612d62435cfe4e546a35eb8fc9de296

    SHA1

    55a9393b77aa306c70b83a0541ed8f500c8fa4c2

    SHA256

    5887086ebda1bd3aa2386c2d2f46b951fb3598e129e98274b2934a99bb75ef16

    SHA512

    59f907b35a6d6d29a032a64768c840ad945aba8a063e85874eced34267311329eba582236bcdbc7825c1086af95d60616cd38e5f4b4a607c0aeaaccf0e6c7de8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1fd45929c852f071f6f17cea2415da74

    SHA1

    c5e7cdd8cbd4c6f0b3d3f6ec3258a706293c30c4

    SHA256

    60500f124171321b9a0e4a6efb55ece47bfa2b97179fb5555d8c9807ccda9d0d

    SHA512

    89762376e6f89a9db192883f377e8b7e10b21da39e4159a0bf2d7c17c63ee941cd90aa9c96dac3817dcf279f24feef06eb7572737dd4f39a5faa0ba3d4eb3f09

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eec8cf169fab5d3df0885a0341f7978b

    SHA1

    b4498c1a1d884dd616f06989134bc5a7afe8ad35

    SHA256

    c5e2268ba6a977e042694ebaf02edd23ae64e222285859b7958fd7694293973d

    SHA512

    354bc1eca2f3fc0df1ffb08ce62b0ba3f6617154aeb8fea63f9abeee2dc6e171b282fd7b6aeec7ac42e669aa839272f7454297992458321e5648715ee740b946

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e2209e7bbdbf60180904abc7f3888b83

    SHA1

    5338d6bb6da138fff9215877cac66234000f777a

    SHA256

    f9570a444dada7ba3446007b1b1b8fca96cf539926183d0cddf5689644d10326

    SHA512

    8d053e2038faf3bf363e39da9166ef33d492e76bb4bcb59f71c98e688aaa08217dff7eccd2dff243be07168183b0d5c02b7f6378b70ca44d4dc4816dc88281b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a5982dadd9831bf842b20b0d8fdabad1

    SHA1

    68d233a9f5493cef9be230c79e0daf16f59aa19d

    SHA256

    a39d38bebad3b8195d254f927e6915c880417baba8f80731ffd2f265ebb9d868

    SHA512

    6264a34ce7027e9d07e0192c0f64108c80f0c969eb56500787e534bd7bc4cb050b8d087ab3cd85a2874b7aab786ab7f370f52bbf10d940585715916a19c4c9d4

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9B87.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD639.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit