Overview

overview

3

Static

static

3

app/admin/...jax.js

windows7-x64

1

app/admin/...jax.js

windows10-2004-x64

1

app/admin/...tem.js

windows7-x64

1

app/admin/...tem.js

windows10-2004-x64

1

app/admin/...t.html

windows7-x64

1

app/admin/...t.html

windows10-2004-x64

1

app/admin/...t.html

windows7-x64

1

app/admin/...t.html

windows10-2004-x64

1

app/admin/...s.html

windows7-x64

1

app/admin/...s.html

windows10-2004-x64

1

app/admin/...s.html

windows7-x64

1

app/admin/...s.html

windows10-2004-x64

1

app/admin/...s.html

windows7-x64

1

app/admin/...s.html

windows10-2004-x64

1

app/admin/...s.html

windows7-x64

1

app/admin/...s.html

windows10-2004-x64

1

app/admin/...s.html

windows7-x64

1

app/admin/...s.html

windows10-2004-x64

1

app/admin/...s.html

windows7-x64

1

app/admin/...s.html

windows10-2004-x64

1

app/admin/...d.html

windows7-x64

1

app/admin/...d.html

windows10-2004-x64

1

app/admin/...x.html

windows7-x64

1

app/admin/...x.html

windows10-2004-x64

1

app/admin/...t.html

windows7-x64

1

app/admin/...t.html

windows10-2004-x64

1

app/admin/...g.html

windows7-x64

1

app/admin/...g.html

windows10-2004-x64

1

app/admin/...r.html

windows7-x64

1

app/admin/...r.html

windows10-2004-x64

1

app/admin/...a.html

windows7-x64

1

app/admin/...a.html

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    205s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    07-11-2023 15:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    app/admin/view/system/data/kms.html

  • Size

    3KB

  • MD5

    ccb773a96755dc724c01fdcdf61188ce

  • SHA1

    50111bd5cb0657378b55489eed35cc75d9975a25

  • SHA256

    c3a352eb6ab497e5db4ff8c7dffe0ad72c92350732b3ac2fa03060d8f0023f40

  • SHA512

    d0aceb6bc2b1e761602527d56ae9b79716f545796f0a7017d41f1eb8effe0c4cd17947fca0af9822ccca8899d595a20989f590c2131280ed3c8767dd490ce98a

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\app\admin\view\system\data\kms.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2800
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2800 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2752

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    97d9eb65c102c4f2f30ed92b60d3f157

    SHA1

    952e59c9ee668da043d575a2786ac9464b5ae9bb

    SHA256

    391aa04141f2e4bfd6acc82c10f7d6539b0e67c79d946f0c4efd184b8d8fff50

    SHA512

    545f1c3ad9a257330c39744178949fc9cc855898ceaa7fb79933e3d9d60f99c6135ea101d82633a641a0531af2e6a7aa2f5018fcb090b6e1ac4c203ea9bd5a84

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    54b3be2482d376d31775b7b70a116d5d

    SHA1

    6fa025804e2098e352cb9ac1a0524c48538f2826

    SHA256

    ddcc7024a38daf2a97c9183c0857b8eb468a04a1b18b00267d4ea7987597e52d

    SHA512

    5198407cf236c73bbfb46948004a163b3b9a3e9732ab06c671b6ede7f07991c22f8d0de10d759984934999ba4216ef87b03d875e5a5aa67c083c3e7a76d3c6f3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    67ef5e023fd83474718a281dc7fb225f

    SHA1

    733e9188df896969d429da575b90695175d0239b

    SHA256

    536cf4e14064911e64714d640aedbd0b763ed938816e7d0e2d48f932018c17d7

    SHA512

    ce9d263b5e0641b1ab38a1d31c0db2876e25944e3e0c7ee9db6c103e44294b791109edc3dee6e69b8d68d7ac299431c780d5d7c610221774ab78c40acc3e8827

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    478c938362de5df2c98e998778e14996

    SHA1

    77f8d59821a502e666cba077c2e4e50575b1217e

    SHA256

    25e32271f4624ae8026156db22e1aeefe7f123612f5f54fd65dcbc0f3fc2b633

    SHA512

    6557c88d1f4029f9256062d51eb9d7f3620c926bfc934c6b4dbfcba5d4ab66e0ba5d964313a069ec9144fb4cebc1ef0fba28b296ecfe614d780de2e8e702e7d8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dbb6e0645c48ccabf34b4f54cb2ac92d

    SHA1

    23e2f59812d7288b00b48bf432162964722e3c9e

    SHA256

    72989f0c528b68da07df58276c7878d2780a9ca8bf0ec9e794c490506cfedcaf

    SHA512

    cb1363402ce13982f8379cced516be6f01efbca0e342578089c8d3f23b7d51d1dd303886d033b15ddd04939f7eaaa4f27e715504a288ee106c52d4c17b1bb7ec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d3eeb1ad52717f16632f0882987bfcac

    SHA1

    c05cf25c81ed265df076de9eaea2647ff5b39a7e

    SHA256

    fba736e210973bd75185c171caca76ef7e563e765d0ba82eba7c31a527393f80

    SHA512

    a798d1aecf54f349993a212dd0cd33e9af2bdf312287176c31a5f0b600643ecf3f5b291084258530351ed5969433d790f82a7d90faf4723e5cd05c0e7d3049f0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ca08d3539b4f8cfb9c9218d20704ec5b

    SHA1

    7b1666feb12d1281776b87ab1a86f494dfc8589b

    SHA256

    72e412b66a2d586bf5fa8774eeaefca1d24a9ea2740861144722d301a09d574a

    SHA512

    870f9bd4f2ae4a3da27a74d6e3d485c65963d834f2335a20927ec8ab860f3e76bb77953c0ad405fbbe83b63f4fb56d89e3ae575727229398dfcbb6e5bea8a62e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1eb0273875d0cb8c91a0107cad8e545c

    SHA1

    f84341728e2b53ee5ff74379cfb330f718b3060b

    SHA256

    749bc34dfd6592bba11a9d535a195a897a5d32e4b9573a7f45704ca117d2518a

    SHA512

    0591fb3debf0c4f071d36cfdb117eccee5c01b442ad9173387c93b0c80ee79a06841f52c803e3daa149398bddb808b271bcd61033ae627bf68ce03eba7f9b189

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a52050b6a9f80b51b1a7423c1dee0eec

    SHA1

    d9c09dbe09edba1289d29644bdb83ac55c901644

    SHA256

    0ff6a8768f349639d4ad7b41a232c74720fd2069a0448eb9bdac030cd735d1b5

    SHA512

    36356a2da782b530855fc71f742563350c1339e5b272a6c89d623c02697d067a456a0ad63343e08b7549edbb715f888f34c8c58de9d3a36da528bdb70ea06806

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    39d5af1df9be05e1ba1016a88325712d

    SHA1

    7ea7ffea4f8bfbe484c3511d31b81e8d399b1ae0

    SHA256

    36ed80ad6036731fa60b66c3976b507b0b66f69c57a54b26e1ba06c759934cc7

    SHA512

    15e2f10502351f24af8e5a8808d394d379928c7ee1bb993cedeae210027992511b34c115c96882921b47eb2b8f2d89cb3ccc2bf9235a942233dd8d7e1237aab9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8d230a88aa6134219a538f2923b46b05

    SHA1

    03ef6e83b76c27427b3f06b6f0e7f4f0387ab3b7

    SHA256

    4db789e444cc6205140be54947a55f0a73d53572fd59a1804befaa57960c2954

    SHA512

    1a64785cc20b66150e5145734f4b701159aa1bd5d8f563c7864dbce54098be6c6ad6030557f4d9d1110865787fe4f18d91934fd10e3d5b1ac17270cb1db76769

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bc60b715051ec1f57df3c4c28bc41f26

    SHA1

    a15da8d597bc31e1c827d0cfc1de3f4deb33f91f

    SHA256

    5ff29b77a3ab184438d5a4f9058518bf5e4d3ed3e755d0dfe4f45104b6c5b99e

    SHA512

    8ae002ae3550a6db7406a3f01eb3a13d24ceb2d4749c58cbbd83cb6c0ca263c4540783dc5ce7bf7549e119f5587efa6f47e7cc3b0a50ab298ab3899ead5102c7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0695b65d68ffd7b20fe309096512d1f1

    SHA1

    7b145261b746e08f4c3f0887a85f3624d5fb1e13

    SHA256

    f341defcb649d9333f3cb6e5336159df915d90ad64faee723bd03dec5b5dd910

    SHA512

    29a22d029d78bf9ce379558526ca572933c009a16f7157d7d90b02625b2a05380ae1951f8ab6b6b7b18db3115155305433b77ebcb26d317185fd0773b86ab15b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e7a7c4d5158edbe3f7b503b0b0c5c6e2

    SHA1

    9f09db4a291e47e04dc347a5c18ca25336e94e49

    SHA256

    8adb9d36f42d11ca5eeb3562da3287d2286b7d3af143bf567a92bdd34acd0755

    SHA512

    c47552c520a3d1c1211f360b16e614a1492a0c96881ce8c155347a41a7939ddad6fb2681a6e764de9b3a5e652939c549a5603070198b71649343252d0bf40de0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a2f9bcac6f40386c6fc5d34ca65c7974

    SHA1

    cfd7ee8b73d2e15cdff968839775f63d7003a3a9

    SHA256

    530caabe7e84e344f7d1139a8f42507fa77b087cba9600746c50c02674a7809f

    SHA512

    311be2ff690835a843b0e0f8e3670070ac66d9d1fdc681e8462c59eb83cfc4d1701bafd2125408694d735d6fd321e302749ea0802984dada6a1cf30b09fed1a5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e65caae6aaeaa8a1a687da30c4e75cb8

    SHA1

    04a6f25ef5b15290b63d3102fad7c74b9f8932af

    SHA256

    9ae18200f1ad87e67147024f9a122f26575bea5eaf1364cb44de9d8caf99c8fb

    SHA512

    18096970e66540689b0c65e39c93491c4796a186c1d29088c4c66ff23c1902b49b9b236f6c5f1b1efb905733090164b6d53a25018ab3dac5e84302b1702c5595

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eb19e8a4516988038e498e69e0dab7d9

    SHA1

    0888ea1289b090fb3638a0be65ddaae5bdc124c6

    SHA256

    9106f256142f10766fe6e882ac80af288959f9a58a595f226773e97ae7ef3e92

    SHA512

    686e1dc024965685f9fabf11d01531d68513a8760eca2ca11409093fa058136191e51081925532714cd6393918a538100f2fecdae6c33ddfefced2adb258998d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e7864d369733cf596457cf3d66e33255

    SHA1

    9175408e6cc72ae844cda7f5e4cac1c491fb65b1

    SHA256

    f141386a44b9b78580d6d9a1459a4ee1c4535850b2b2ea450cd6adc27ac16509

    SHA512

    995063bcd3bcf24cf32f413c633d63a19a95d1bef8a9824d29b2e235eb0244f37460f0e3e3ec689173ac8d9fbb4302725a20c2ab0004e11c5c01aea11102c043

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    981ab59722fe254f7b55c429f044ec25

    SHA1

    51cb914ef7aafa2ab46e7e8e6ce3476be9bdf71f

    SHA256

    0b5ddfbb8012ada2274cdce75388803e9ce1e9c11badc02710711a01600a8cfa

    SHA512

    3c8ca12978bf9d016359c34c3948650eca3f76a976cb6751be94b089da4c02b5cf90228b47d545705cf7230579dda2b46fe396a296cffc937d018d9eafdecc72

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    04bd29b40f33e729190ecdc6c7a746bd

    SHA1

    2311722be6ed471b22b3811215c364dffa569454

    SHA256

    c108df6c6de50af524f794c2254bec39519772cd7861980f8cb267dba415e295

    SHA512

    339ccf06577cb9122ed35f3a881e997ef0a74e03f1f8423480ff0a9ef97f94e60ffd84149b37ca9f0c07565338fb60e24c9e75c11a7d1d3d15eb2c5fb2f121e3

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC5F1.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarCFF4.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit