Overview

overview

1

Static

static

1

404.html

windows7-x64

1

404.html

windows10-2004-x64

1

Checkorder...ion.js

windows7-x64

1

Checkorder...ion.js

windows10-2004-x64

1

apisub.ps1

windows7-x64

1

apisub.ps1

windows10-2004-x64

1

confing/36...can.js

windows7-x64

1

confing/36...can.js

windows10-2004-x64

1

confing/config.js

windows7-x64

1

confing/config.js

windows10-2004-x64

1

epay/epay.html

windows7-x64

1

epay/epay.html

windows10-2004-x64

1

epay/epay/...ass.js

windows7-x64

1

epay/epay/...ass.js

windows10-2004-x64

1

epay/epay/...ass.js

windows7-x64

1

epay/epay/...ass.js

windows10-2004-x64

1

index.html

windows7-x64

1

index.html

windows10-2004-x64

1

index.html

windows7-x64

1

index.html

windows10-2004-x64

1

index/add.js

windows7-x64

1

index/add.js

windows10-2004-x64

1

index/add_pl.js

windows7-x64

1

index/add_pl.js

windows10-2004-x64

1

index/addqg.js

windows7-x64

1

index/addqg.js

windows10-2004-x64

1

index/asse...art.js

windows7-x64

1

index/asse...art.js

windows10-2004-x64

1

index/asse...ker.js

windows7-x64

1

index/asse...ker.js

windows10-2004-x64

1

index/asse...min.js

windows7-x64

1

index/asse...min.js

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    24-11-2023 04:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    epay/epay.html

  • Size

    1KB

  • MD5

    808cc9131e758f4f5425d61586145322

  • SHA1

    d6a4fa11f1c78131af18a486ca0290f7bb0cc1b2

  • SHA256

    556f0cc4f07120d3e8ce8d4c00a2e6e31a0afd3d58df6bb7474dcce29a89fa19

  • SHA512

    561710037ad1ec1f40da9dc8fe687bedffcc21c07a394cdf02f308f6eae18e329bccc1ee780063413d04ef89abf0a088153e7c8f12889f91fd76550120453020

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\epay\epay.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1276
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1276 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2224

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    af3024b69e6bab59251692267217ac1b

    SHA1

    0303f946efae4d8528b38fe1493bae4f783ffccd

    SHA256

    1e2f0868acb02bfc24cfc1bc07f00a744c14c1cb376fe5a0f4f95f6d2e93e334

    SHA512

    d495200f5c48a7820a85e5fe40de87b181dadf364233c1087ebf6ed4313ee301247debddab78bdd47688db4ec67141660023ee1ab58a6d0fbd4b045d909db274

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    75114403915e202e1d67e1dbbfff77ca

    SHA1

    8c09ca75aa1abadb6b1ff3da1ebd1ae29485ae06

    SHA256

    0ebb94dc84e13ca379635272e4d075a6a04582fc28844d81cc175af910d63bc8

    SHA512

    b6b774b07ae1e669dc6f73933142b8f9c164d251535805e2c1192cbd2f2ad4f2666a7cd1c75288d644d8bb033a0427eb041fdb3a02201e83dfab0f1bbc711446

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8eb4cb6ee468d324628e822be721e389

    SHA1

    e3bee47723bb614d99afacdcfbb04381272d5312

    SHA256

    b23238f8b6479d04e983c5153b1aa8bd80dc08f892ec6aa5d5120e6300a52ebe

    SHA512

    85233a0ed2ef2c62ce34b55c71e0e21a30c613bf365a968add2b9ae1bb346eb72209bf47fd788569dc650c6e8b852b6202d78e424b97294d1618e4e86e6ea66d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    39b9be73e349324ade96d95e780f5acf

    SHA1

    1ed2dc46c8b990d3a077539581de5900c05e1797

    SHA256

    2d1bd95c6c5d55d029c2cb1adc3db64c882192ab63b481cd512b0c1681eecc31

    SHA512

    0a76e6e2656eb3fe484147f83d65ff0738cf125bf5bfcb43dbb798e722bc25c788d5d51b3aff9b97fd5cbaa921dae9e71d9869d0911c3e408cdcdffd05fef6b6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2c23db1df17b0ae068faf2e6f36224ab

    SHA1

    43888ae014b4de2399562ccabe431a0c705aff34

    SHA256

    4a3e2bb8caa5b192aaf54d5ab4b23dee67b9df1608954e7106993da2873f3dd9

    SHA512

    3bc62f9165f69acd21b0d52932fda57aa53ba8d89ae436e98457f4ebdf94537e0d38150c5035f2ca3b35a9d60a1805404fafc400e4e70bac50be227194f49a91

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b8322d441540e98f9917b5cc1d678d6e

    SHA1

    4023b3ae5594dafdcb1d3c7f56e1fd96f5137a5d

    SHA256

    8cfdf35ca6b8d8c35873b6e5ec0075176ecfbea426f4780f8cc97e316ff28c3b

    SHA512

    b3ee9d3b3fc90d35dc76a1189a9e41f8116ac77be46cf8474afe6ce001c0c1244bc7b5c14712fee8f9c9b5ed6d4e2599f50828c632a2c4c93698eda4c4e4ca44

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d25b0f3d46975d9e6560657b1c57f688

    SHA1

    a842fc6ea7574d746453d2daaf9061bec27982aa

    SHA256

    420295e8a879d05b88406321ef29448710c908dea5ea38d7c4efac829b0af503

    SHA512

    ec6517132513734e38f1ce22450583dde0ce6ffb7e742efe112bf74f8d1b3e8b086f512d133d00ef8c6119e50dfaa114546d9527f7b2daf32d1d72abf6280450

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a9e316536b62d912b3dbe2ef55f98749

    SHA1

    06f78f858180f037affd7de856a10d358522890b

    SHA256

    67462243ac729c5689bf57052d87f9e8bf36ca5e3cd831912074ca3145f30a0f

    SHA512

    39b8168ee76a2a13c2093f091752051af698483a0d415017996e65479befad95541930f409d8b35a200ea3977226f67101612c2e5b8120606ff71710d9d799fa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d016aa15b2f964c6469847701a29b174

    SHA1

    ca72abb042f6dd4d59835a8672cee17e22223b5d

    SHA256

    82dbb97bc4b11b1bd829960b9af27fbd83435f6b581f76f71135b93a544a5660

    SHA512

    d760cac1081297cdae3b04052cce9c5031ce532049e11c8cd6b565d9e68d276242f81d57adaefe6e5d24c33b92270be2b5923af226b7d7c56a42a9b9fb9102ef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7c7727a6f3f98096cd96e900c5e54ccc

    SHA1

    c9f59b66343cd2bcd6009303509663912df17fc7

    SHA256

    372e0ed6784110def22282cbfd20eeaf32a49076d79bb4b4275089d00afaa08f

    SHA512

    3b10a9b0a60c3fd8d747d3ef58f98c502b0d553caf59fd9306f36ee47c5d5438bd6c2813f38c87724fe3e5534a7a9e653e794ac63e6c474e1dc61cfdb9535f8b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    380c1b48345f8dc99188e9eb870192b2

    SHA1

    0d06b667553a659afef0fbec2a7271804dc4aede

    SHA256

    50981af69e265fcc8e634455b7769c43f51a0f6693aa66a9323f54f16162eda2

    SHA512

    e14a0ac86c30dd5445a9623d2a2e6fc85b17ccafa4f0d23f2f5bad719df91ae48e078c61430e651338b76559b7c2e11bd495052837e1fd14a25c747f133a798c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab87AA.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar87EB.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit