Overview

overview

3

Static

static

3

app/admin/...jax.js

windows7-x64

1

app/admin/...jax.js

windows10-2004-x64

1

app/admin/...tem.js

windows7-x64

1

app/admin/...tem.js

windows10-2004-x64

1

app/admin/...t.html

windows7-x64

1

app/admin/...t.html

windows10-2004-x64

1

app/admin/...t.html

windows7-x64

1

app/admin/...t.html

windows10-2004-x64

1

app/admin/...s.html

windows7-x64

1

app/admin/...s.html

windows10-2004-x64

1

app/admin/...s.html

windows7-x64

1

app/admin/...s.html

windows10-2004-x64

1

app/admin/...s.html

windows7-x64

1

app/admin/...s.html

windows10-2004-x64

1

app/admin/...s.html

windows7-x64

1

app/admin/...s.html

windows10-2004-x64

1

app/admin/...s.html

windows7-x64

1

app/admin/...s.html

windows10-2004-x64

1

app/admin/...s.html

windows7-x64

1

app/admin/...s.html

windows10-2004-x64

1

app/admin/...d.html

windows7-x64

1

app/admin/...d.html

windows10-2004-x64

1

app/admin/...x.html

windows7-x64

1

app/admin/...x.html

windows10-2004-x64

1

app/admin/...t.html

windows7-x64

1

app/admin/...t.html

windows10-2004-x64

1

app/admin/...g.html

windows7-x64

1

app/admin/...g.html

windows10-2004-x64

1

app/admin/...r.html

windows7-x64

1

app/admin/...r.html

windows10-2004-x64

1

app/admin/...a.html

windows7-x64

1

app/admin/...a.html

windows10-2004-x64

1

Analysis

  • max time kernel
    167s
  • max time network
    196s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 15:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    app/admin/view/system/pay/dg.html

  • Size

    8KB

  • MD5

    c5383bb74ac6bea557cfdfdc828b9122

  • SHA1

    6818ddb931b8f0db4a2ec231d438afcce7ecca51

  • SHA256

    e81c697ae2b623979d7dd483f473befc76b706afea566b4f3e42ec01ef027b01

  • SHA512

    387e0777e550379a697593da09ce3ac5ded3fb79b2da66c62e24035b1e204c92645f345c547f8667cca0b817e34af20c395bf0c2c8d8af986706db1ef950f44e

  • SSDEEP

    48:hneSCJl5ndG5DQeHDpEJlNnHaBLSSTTp6JlZnPYYhQI8XPYRU3e85PYwXOQ82PYE:hneSyn4RQed0n6ZSSxanqxeuB7IGHx

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\app\admin\view\system\pay\dg.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2668
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2668 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2500

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0f1147ca43b672eec144039236354edf

    SHA1

    35a3d21ee486718c482a2820e79e33ee44a52cb3

    SHA256

    2312ac2153492552f79b81a292e7352fd40f4242b5a5d17e61e5bf6dc53a96f5

    SHA512

    465a3ccb95931706f6a47df904c111753b262c663f2438693752cdf6baa7f8d6e56ca63b82a9cf9bda5deeaec3a5df5a054dc1599f437fef4cd039dcc0d6b5f0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6f5df56b5f1b71c65d592d10cc049835

    SHA1

    80721ba15e1b996c0ef47f379884165a01a41de8

    SHA256

    abca5ceddb4c252eb6cded16bf19ef6e31b3761857d5b6f93ac476c3e215ed21

    SHA512

    dc776e86e64e08039a4655d5df5160436537dded80aa0edaa71e31b81dfde3fd5146eafbdb489cc6fca3a761234a989cdbd90c997f2fb069be6b8957b88bd07f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b5c23d1ecebb3296561b8d32b28b919c

    SHA1

    a470b5344816644f820d324610fa83fc997ef391

    SHA256

    0e6e9a1175d7b48c60511ebc04ffc2f87f6175959729bb445659b57e2a11af17

    SHA512

    11b419d6ac20f033ab5c7e3ef8ebc578bf0277a261573355b11730d472b8c872be4924d4f29775f4c3140e0cb593027f928cbb16af03d810ea64b7882b1730aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a3f6bc685f723911b65bf76509a0a688

    SHA1

    a65151398146b1cd1d66d306bb28174758477f0f

    SHA256

    d7ba9d75f8a1865c820720affaee37a51a09d9ab8aeed4685f5d06358db3dd62

    SHA512

    657cc636270f194fdbe8b1e48908ff2f8625a15c17af9f6edd8f032a7f138c2ec5c2c511dafe7af5be9dc32c6d1e8d70cec763aab91b5dc2981185d827e07145

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3b73a05d9f3f332dbb2868ffad02a79d

    SHA1

    97d2f022a0177b8d4c71b376917ee162662640b5

    SHA256

    d973f9024aabd1f65d1c72f8ae1f4b9fb0577fb73c080fcb0eff93fa8e39ee61

    SHA512

    e37c1010d556513e44098c35616929853b90779de13282f2caf213f966af15781f6fba54b64ba6d2bb0d6df1a0e0acdcce3e657914068c6989ae93502418d2e5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    00fae3f4c7fd4220c8795e50318b21c7

    SHA1

    d317127e0988651942bb44ff747168e92e551fb4

    SHA256

    bedad014fe105f5ebe96313a0e7a5f96b57f2d26fb0557cf5b8e5b7d0554187d

    SHA512

    ccf8c22b9fb51356abaf3399e4ad2bb195c0e91a99f3cc9bcc13c94f7cf5508ecd45b99b3aa94781db9c93926d6f112c83bafe8006eb633dadafda382cd6f15f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    539dd6bb9b388351c784e58472118ea1

    SHA1

    b0a8ab0bc8347aa158debdf62789ceb86f44706c

    SHA256

    0eab44d239507e801f840975eae57170a95375a0661da6fbe029493f4c463f75

    SHA512

    75ec654cf9c8090907c9e9a135f2fd788e6c9d1a2708cf62bc7cc56448612a37a787b5f71604f634c0b290141139d7895444fe2f68f1275d01bf7933bc7e7ded

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    18270ce09829fb01a173ee9681e85807

    SHA1

    7eca462204b2fadaa93fbf4af8d18c95a670e0e2

    SHA256

    44fe1e33b3cbe2828f466399c5ab1fcb2ee29866f61c7827abb6fdff919eb7a2

    SHA512

    4aa72506ef9ca05a5acf9fe5f6d9444fbb53a69359b2231ab5b884c75c615b6dd0e6497b9950dc52d5e37f03e20f792c80edbb5f281e3abd9b7af75df59cd610

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab60A.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4408.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit