Overview

overview

3

Static

static

3

0001-explo...ww.ps1

windows7-x64

1

0001-explo...ww.ps1

windows10-2004-x64

1

0001-explo...p8.htm

windows7-x64

1

0001-explo...p8.htm

windows10-2004-x64

1

0001-explo...15.htm

windows7-x64

1

0001-explo...15.htm

windows10-2004-x64

1

0001-explo...erh.sh

ubuntu-18.04-amd64

3

0001-explo...erh.sh

debian-9-armhf

3

0001-explo...erh.sh

debian-9-mips

3

0001-explo...erh.sh

debian-9-mipsel

3

0001-explo...ck.vbs

windows7-x64

1

0001-explo...ck.vbs

windows10-2004-x64

1

0001-explo...11.htm

windows7-x64

1

0001-explo...11.htm

windows10-2004-x64

1

0001-explo...ame.js

windows7-x64

1

0001-explo...ame.js

windows10-2004-x64

1

0001-explo...53.htm

windows7-x64

1

0001-explo...53.htm

windows10-2004-x64

1

0001-explo...x.html

windows7-x64

1

0001-explo...x.html

windows10-2004-x64

1

0001-explo...10.htm

windows7-x64

1

0001-explo...10.htm

windows10-2004-x64

1

0001-explo...en.htm

windows7-x64

1

0001-explo...en.htm

windows10-2004-x64

1

0001-explo...en.htm

windows7-x64

1

0001-explo...en.htm

windows10-2004-x64

1

0001-explo...20.htm

windows7-x64

1

0001-explo...20.htm

windows10-2004-x64

1

0001-explo...21.htm

windows7-x64

1

0001-explo...21.htm

windows10-2004-x64

1

0001-explo...s.html

windows7-x64

1

0001-explo...s.html

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    138s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    22/12/2023, 04:04

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    0001-exploits/bind15.htm

  • Size

    5KB

  • MD5

    a446133c2e1c21a5ae719d9a14a6e07d

  • SHA1

    4ec04193f1c01e0af6fe92eabb7e60147461c9be

  • SHA256

    c72ec0dd61841711d365e087961f01b3cc66fb2e349bb4274b3c897e6f364742

  • SHA512

    f3e7218b4f7c0e697a1d8a308e4cc29274a1b757f53cf2ca383082817814ea122b40830665478401ee7016ba68e1a12669ee15ccb8d515c19047b933d95b0dfc

  • SSDEEP

    96:/0SMSpSr6jJU5vQWfyHvURtaqS2iSgqSwUi3Q5msU2PC6S297lfSed0CIC3exZ:sSMSpSGVU54YtaqS2iSRSk4nC6S297lg

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\0001-exploits\bind15.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2964
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2964 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1348

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          6a1e43ad68cd076792da50f40708109a

          SHA1

          a50457c396d22b656a6a318fe674d727aa3ece01

          SHA256

          03fa8afe3252e10fe800d7f67afb5059f19129e3d99328898aef72f79a4c07f9

          SHA512

          7438a40e248fd87da00e30d5bc762795fea1c924433acd0081dc819b29839e74b5b5f2ba4727ba7c3f74791ea4c1c93c3209de3290649dfccc9ea9fc082b2eca

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          58f53c6a5d62d2b097b0031481083fcc

          SHA1

          adcf20b2a2c491fee1d1d12a19fa188d089f6369

          SHA256

          336778ba4d4a9b8fdde36e0e79b10aa0eb57b72fc994ee3145c0edfbd1adcb29

          SHA512

          b3ba5a8838955b3e40252477544448f4833be1eb8bc6826fadd3042d677c41a9a3890befb350b9257443d60bcbfae6f92a5353b0cf9adfff6a62838cf3237d3e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          9a7d6bc7427f4b55ee04dca9139920c7

          SHA1

          4de50ae880779b4cbf786b217b0d5547270cf1ce

          SHA256

          dd75f83034d601dafe14b6c5986afe3d705b9420f8ae2468f13e3ef3b19be9c5

          SHA512

          7fbed0335a03beddda032d59a844495ee0d42c2ae9741688c9a7ade5ee6082738a4ceb3bc96b126aae29d6d07ce35123555abf945ae85b1f8037bc99f1da625e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          057e70e019b309de51b4995df96c5443

          SHA1

          70da3a79e71bc7945da78b4bce1811ccd0caf0d7

          SHA256

          ffe0d4874e12cafd341cd64dd0453697fba1ad8f561fbeb4403374aee3e7b283

          SHA512

          65d9cf24c98f19df9780c3873e680535ac76b915586bc5ca62ed34f42a199ce866c51884b4f8519e530122bb6bcbffc1af680add89d14949bce35a2c99ab1572

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          d7da070dd494c6e809b75a652665dff3

          SHA1

          274b561523f0c824d4a5b4cd0b960e0f54f41df3

          SHA256

          3142b9bf71b2307d4c3d190b179c0522a7064960b43a704bf15d183171d0890e

          SHA512

          369b7146b6d08f009d30c975d2113d5d63e22931040d60d571dcb064cd63e5cd79179bc3aa08009aec2f43ed00e5d8a1e8286bc8eac635043f18c6afb7eaace3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          2f7c4a92f29265b8e4d5179fdf1318e6

          SHA1

          bf9a270281adbc745ef3345247a1429cfa7895d2

          SHA256

          58300dc7b099735e9e2a7e8e147bf3425dc8747ccc9c04a54d9fd9d9a15e577a

          SHA512

          0e3c81a4470be5ee5d2e7cf07dcb43b58b8d187a2767d2f435dd149aca7d3e7686309e1a3a9b33f591d8f1734e7298ba807e04fe21b4dae99171750306996839

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabB203.tmp
          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarB2C2.tmp
          Filesize

          171KB

          MD5

          9c0c641c06238516f27941aa1166d427

          SHA1

          64cd549fb8cf014fcd9312aa7a5b023847b6c977

          SHA256

          4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

          SHA512

          936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

          Download Submit