Overview

overview

7

Static

static

1

3 - Опт...ar.url

windows7-x64

1

3 - Опт...ar.url

windows10-2004-x64

1

3 - Опт...е.cmd

windows7-x64

1

3 - Опт...е.cmd

windows10-2004-x64

1

3 - Опт...е.cmd

windows7-x64

5

3 - Опт...е.cmd

windows10-2004-x64

5

3 - Опт...а.lnk

windows7-x64

3

3 - Опт...а.lnk

windows10-2004-x64

7

3 - Опт...CI.lnk

windows7-x64

3

3 - Опт...CI.lnk

windows10-2004-x64

3

3 - Опт...CI.lnk

windows7-x64

3

3 - Опт...CI.lnk

windows10-2004-x64

3

3 - Опт...11.lnk

windows7-x64

3

3 - Опт...11.lnk

windows10-2004-x64

7

3 - Опт...а.url

windows7-x64

1

3 - Опт...а.url

windows10-2004-x64

1

3 - Опт...м.url

windows7-x64

1

3 - Опт...м.url

windows10-2004-x64

1

3 - Опт...и.url

windows7-x64

1

3 - Опт...и.url

windows10-2004-x64

1

3 - Опт...б.url

windows7-x64

1

3 - Опт...б.url

windows10-2004-x64

1

3 - Опт...х.url

windows7-x64

1

3 - Опт...х.url

windows10-2004-x64

1

3 - Опт...ь.lnk

windows7-x64

3

3 - Опт...ь.lnk

windows10-2004-x64

7

3 - Опт...ы.lnk

windows7-x64

3

3 - Опт...ы.lnk

windows10-2004-x64

7

3 - Опт...я.lnk

windows7-x64

3

3 - Опт...я.lnk

windows10-2004-x64

3

3 - Опт...LC.exe

windows7-x64

1

3 - Опт...LC.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    25-12-2023 17:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3 - Оптимизация Windows/ISLC/Intelligent standby list cleaner ISLC.exe

  • Size

    425KB

  • MD5

    9df5b80da90316bc175fa63604fc4b9d

  • SHA1

    2f72b7cc000d8910236ce2032c4b680b8b23788d

  • SHA256

    6cfcaeec995db1cb66a5970f859c35fd684b0973d5efebfc9eb675a62377032b

  • SHA512

    6dc7b774b216a4b02c35de60287da00059140a1a502b22c87190e438091184849afa312026eed95447e5af2d50e7a9c501b38144e127995f440baf217113bf1c

  • SSDEEP

    6144:Wk0xVdRQ/vqkg1gEagdQHiVdRQ/vqkg1gEagdQHFVdRQ/vqkg1gEagd0iGqe5:wxV7uikFgNV7uikFgQV7uikFgte5

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3 - Оптимизация Windows\ISLC\Intelligent standby list cleaner ISLC.exe
    "C:\Users\Admin\AppData\Local\Temp\3 - Оптимизация Windows\ISLC\Intelligent standby list cleaner ISLC.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2244
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch&plcid=0x409&o1=.NETFramework,Version=v4.8&processName=Intelligent standby list cleaner ISLC.exe&platform=0009&osver=5&isServer=0&shimver=4.0.30319.0
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2072
  • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2072 CREDAT:275457 /prefetch:2
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    PID:1732

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    60d730fc429a9a42ee4d0a584eb4a2d4

    SHA1

    f61dfb4e899e373272620dde0d57d07a8b4982a6

    SHA256

    76c30a0a6c7fe100b931b730e94a132db0aa03477bea500ede799bf605d5bafd

    SHA512

    9f2a1ab30f2b61edb2f26ee752d9e1ea55da891186ff3eac455a0ac69301a1914499352e7754fa8b9909cb02ec14f2025e65c1c2d33e678fe5f7a5ab671ff605

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    06aae96c7a46092624bd15b566576a12

    SHA1

    a48a9f4e473986b09dd1e12fbdd6dd5957bc9705

    SHA256

    2e4cea5878f8db028a27646c838234c5eced54910e6a3c18b2360f8deea2b4f4

    SHA512

    209e53ad970d7e8b1c8135bcf56acd71377743df2c935458e8ca0b0b907635086ebc6625133d5d6828f493ae8655099096453f394fa494446191348d5e9b25ea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    581f6a1f77cdee6757dfb22ff03368d0

    SHA1

    8f01e2addbabb82379958f8b4b19495cb682afbb

    SHA256

    11cd5a0c7bfdc1d5850cfa5641f798482950b26a3f1569aed29d2ad1fe76c470

    SHA512

    6f2790c04002a2d7e67275a06d81e9073b4709507566ee0bad1c29cbc09bb14b1273035c4d9bc31e060a0715fb68a41228a5934d7e669a2d350e09d5d604c426

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    321acbdb2c81131e32957a67e3c1fde7

    SHA1

    0a60480ca5658038c4cc55e8168c80b3dfae70b4

    SHA256

    dfd3853f91ab0ee73b58f5e1decb4de8620f4f7ce873577d16c9feb2dceff069

    SHA512

    7368ea75be59e6a0f1429d6c7f5b15e9051132a39c97e0d7595a9a5a219bd5ef58a37b43a1bda52132b22eace9243f834aeccb3db3e4269d12ae26523ad1a228

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c35d47db231ce921b078658accd929bb

    SHA1

    66e9b0faa6d6b9ab268fdf6a7a2f29aa91358fd3

    SHA256

    ada1dfc9c0f1ee37cdd14646c10664847d41b4f33763ad9b35afd293a086d141

    SHA512

    a703b4bc4f27e2ef3667c240ff8910f6fe500f4cb0bc7a410443681b088162cb08595c0fb551637a39f5493d8b62f5ba09ef5885150435093d576e8e1fee3b11

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ea1f99f54363f7c0bb7466513bd435e4

    SHA1

    6a2146c082c6e2d2dccd5621fdf087066a9cc47c

    SHA256

    e91c53e19461a43fe1525543a62ea9cb67a5aea12c2902eca236858bef524e23

    SHA512

    ee31371b1321731c190c3ecec6068ad6ca9f73f399c602d0b752423f80056f9fcb63fa560b3ff4267ccc62f29a8ec902c8bedc6985a90fab49bc47aa9402253f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8b7854900d30268dc76356f72ca94017

    SHA1

    50f803ad0909d86513ea4111dc03a86cca1fadd3

    SHA256

    0d2bdf06f8c7d76940686a8265dc7e6e44e23294bcead3e72f56a56ebda424e3

    SHA512

    061ccaac07cb42871c64a04757b41680f88178e62a015ea859ad4e9c035531a06f41fd7ff5bdbe362f1c41768aa9d8f4b8bf9b03c384a9622272fc0290ede124

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f9f1692bd4f963b8b9c554e5e022c972

    SHA1

    9507ae2414b1ebdf02941231069de37e0cd5ba56

    SHA256

    9e5ea0e121b7bc46288eb5e2c3d9c70b68acbfbc81a94bb3ff22f9d35b76ebbe

    SHA512

    3b3ccca98367413811f69478f5e385916c393ee698ad2b42d22e33787adf938f8ae6fad5d10552a6caf14b16a0bbed7ebf0f431fcb8262992a9e0981402b7a8d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    09e67296228802dbbd02377bd0cd9486

    SHA1

    b1d59e81a6fd6d59a413f6c85ea213d7fe13f534

    SHA256

    320189d1540368a7de80451a51d3197330f5dada9cfb87cf92c3fb6880e17c0a

    SHA512

    2c7372caa67a4d3cfb4d12e5bafd48ec8983c97e328420a045da37e5249e2f3f5620c64edac6acc7c841011e0b554cf2eed3c2b64309dc05ea286851cf4f0a0e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fb44a3a9c7b65d8969e8667667dc5e5c

    SHA1

    f3008e4f065f1e97b1981cfb2eff23ebe706a8a6

    SHA256

    de690004ba657be818b0f0cfbe92643786e87ad3710b16ee0a68af93c6796f42

    SHA512

    748f53f202e89d9473d9a208880859cb39f7aab64e93c48f2c45eb9ddd07f798ab15f5be4b362f97359fde3c7f55724dd508fbe72a36c8f10545bc008404bf77

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    aa9f8c3722eb027b214b46d46de636af

    SHA1

    1a924b25400aefd19cf148e0faf0bfbabd431afe

    SHA256

    56dc45a93da0bcbafc655492a1180e5cb3ec8833a19e77a8f557d5988c2436c0

    SHA512

    f959bbfca4a03f5bf3c1c68e2d1ff076df2eec7d4100096ca610adaa3857f1039188e7e630db48b1d0495198d66e3cdc0701f688409732c0f5f96d718876008d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c315fbee0888b221e0010bf0326d6ad5

    SHA1

    3f2a7b2203671ee12e7c46664616c5aa6f0eae7b

    SHA256

    a52f2c5b18ff4323e591f6fe1288b99ad71d41b4df2cd2c051a737b69c6473d3

    SHA512

    6dbc6542e380b0f356e54ac31e97f9196e88b809cbad31e4486c9d528fcc81afa351690bec053b2cb32b80e5516d633f74280137773f6498ced462e8c0b8c484

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    30a103fd1ace6040d850ed641f40d4bd

    SHA1

    1466f985a8268f9397c91ab88f4c8e33525131b8

    SHA256

    0bb80f4fc7e3080099af2d34f042384abcfc777b3f9babc6e79d247c1ba50fcf

    SHA512

    445aaec8aec9f1038c28e3b178db6c0c984fb7bff980924f2522a7f616eac31f315645c8d13dba0acf667b9da7f3318c5425286d8d7b1f543a1b0cc56f5094df

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    1d53a13362dc84f147e196fd6fb7ea86

    SHA1

    30b6a6be6923103cb9ac1b730eea81cf0021a6df

    SHA256

    a401e4f540617e3baf592f5e92a645045356189b0609b78e78f5052507c4a44e

    SHA512

    72c8cecb8a451ddc7f0a5b525e8624e706ac286338f72a333df9123853669c16f2f09220e362c39804d80664ae9a510edafafee4dab770bf557e2a21f7ec5e58

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar7370.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit