Overview

overview

1

Static

static

1

upload/cit...se.ps1

windows7-x64

1

upload/cit...se.ps1

windows10-2004-x64

1

upload/cli...ent.js

windows7-x64

1

upload/cli...ent.js

windows10-2004-x64

1

upload/cli...ex.htm

windows7-x64

1

upload/cli...ex.htm

windows10-2004-x64

1

upload/cli...ex.htm

windows7-x64

1

upload/cli...ex.htm

windows10-2004-x64

1

upload/cli...ass.js

windows7-x64

1

upload/cli...ass.js

windows10-2004-x64

1

upload/cli...ex.htm

windows7-x64

1

upload/cli...ex.htm

windows10-2004-x64

1

upload/cli...ass.js

windows7-x64

1

upload/cli...ass.js

windows10-2004-x64

1

upload/cli...ass.js

windows7-x64

1

upload/cli...ass.js

windows10-2004-x64

1

upload/cli...app.js

windows7-x64

1

upload/cli...app.js

windows10-2004-x64

1

upload/cli...ase.js

windows7-x64

1

upload/cli...ase.js

windows10-2004-x64

1

upload/cli...che.js

windows7-x64

1

upload/cli...che.js

windows10-2004-x64

1

upload/cli...ain.js

windows7-x64

1

upload/cli...ain.js

windows10-2004-x64

1

upload/cli...end.js

windows7-x64

1

upload/cli...end.js

windows10-2004-x64

1

upload/cli...ex.htm

windows7-x64

1

upload/cli...ex.htm

windows10-2004-x64

1

upload/cli...isc.js

windows7-x64

1

upload/cli...isc.js

windows10-2004-x64

1

upload/cli...ote.js

windows7-x64

1

upload/cli...ote.js

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    156s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    29-12-2023 19:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    upload/client/model/index.htm

  • Size

    1B

  • MD5

    7215ee9c7d9dc229d2921a40e899ec5f

  • SHA1

    b858cb282617fb0956d960215c8e84d1ccf909c6

  • SHA256

    36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

  • SHA512

    f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\upload\client\model\index.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1748
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1748 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2692

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1771c16ccef7087e9c5c466cfd078024

    SHA1

    c3538d4ece184868e934c1134fdc3186ea87fadc

    SHA256

    9b2cc18cd724c1d834588640b089d1680c2a4b61427189aa460e586a2133eed2

    SHA512

    dee827707cc8edbe9fd91afd9f4fe1ef741b133720a6e047747a85f423b6e5b6f64e602086b622e22e4cba9814babfe61b65e1eaa679800d0a629f4b226ad5cc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    668620d6819e132f17bc4bf51a3e1d81

    SHA1

    260370d3b74e24d6d32d2b3280e48d61da42f43e

    SHA256

    23f911d17b43c4453fa9fd27590c5056cb6b531ed2a18815d52559c84a3c2781

    SHA512

    ea4a6e94496bb71347f76a8667e53b1801f6d4e526ce422cd4b57122fd34cd068afaa9eb8ec65bbe186ce93eab8d600dd4565c0b4eb39613664aee3bd38d0f5b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3b5e8e52f1dcaf863e059b90b1fcbba4

    SHA1

    11a284753088026cd52e8a49f5a583716a1f62c0

    SHA256

    31c182a2919fe74d9c0b7181cfda7ca898881f8f19c2ad26427c6b1079d21062

    SHA512

    90243a7d0a06e800b81ec37c6c4846b7df9c4629d834111dcde1976d6f88e2aec7219372536489b091ddefda3e7f8aea1c8399aea252351f8a0254fa6c05002b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a0e25b5759a5b93ebfa5eedac215d317

    SHA1

    881fd7cf1af8aa935b107553ed0f5413e0800365

    SHA256

    0e6eda1c8f7e2bd55ab13a04ae36a6134f524a39cd6ca8ee5b53e00a9d8696d0

    SHA512

    528bca01297d922e183df2284b457785e5b9a2fed6c2dd7fe97a65ddc2528ee7da625474310542b749034df54067b4ab1e828072a6fe5d9c93b1d12da3a99109

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0a3df76be0c8485decfaace2d64b3b6d

    SHA1

    3ec8fdeb8d7ffb231abe9a7eda4ee3d485f748d7

    SHA256

    a20c4312fc7ff3174147d1bebc54b26041b9d038fe780f2e69d9aae8ee1cda2f

    SHA512

    dda6a86020c01839295805dea02ace13814b9a29382c8303b084aac35f8779cd8b351dc43de7de201178ac6bb55d89223eead02565e1984a63d903e0b8c80c41

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    aff5069f8d433ee72f95d792356199c5

    SHA1

    ed554cb5eb21ebb914a23d3343d43f666c8b125c

    SHA256

    6e7e83f8e564f797c614fbcee3eb3cf4c7400361b30a42349790bab26852cac6

    SHA512

    b72003845238fd278115d148afe012a394ac59694a4571483b242f62d1ea7f749233a77eaccf8cf4138471a73a30277e541a76a4b1ffa438962e7b3d1d765390

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    99dfaec5268a3b6da889969a38b8a256

    SHA1

    d9e6c20a16f214f295c3148bd9a09d1343c8980f

    SHA256

    b81b2bbda1f5a863ba71314247d50579e10209eb4718547e8b253049ba5e7434

    SHA512

    701e6790473b6359a7da8dc75a719337c05820f4deb7fd8d3ad864a3c65b2229d77bb274fd77850537b72c1274ebd52c040a4f0d5f73350e53b41a7e6d49f24f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5b7375950b6aab6bc51167fd4da53c70

    SHA1

    11370245eb7511aa0991657565015eaaa14429d3

    SHA256

    2f5955cc394afd9a9b8f50ee43b443ef4f6a90fc731c94a6b8ab53452f024e32

    SHA512

    559c354b495b4e9760e325df6fa55b316e489eb7c4f2450d95b3a92a06456539c4446eecce7f9b877fa58b2bbc57065f3f5e317845f2b4d6461ad7c17a210252

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5cae719d1c98e21c772a3ba6b3c7c815

    SHA1

    e84e1bd420c3ab5cc3b80d02e185dee9d790ef37

    SHA256

    71e63bd85a9a2e555cd0433163e4cbc24b1d4842245f6c1ba19b8c6979b2a845

    SHA512

    e428aec792d98b423b64d1fae7bd8109824b4ede6cb084bfc345c46d3e069ce40a4e69b12f75f3ff30b29985a74bc60a75513f0adf2c3565ac32905a5e06ad71

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1f0a1aac4094319fb28bf204ef4a65b6

    SHA1

    c5ab0c2b16ee9765162ef812a26beea656974504

    SHA256

    dd19db7b7e1def05087bfcdb1da45c3023c24d152e937495bbb3ee9b6b8671be

    SHA512

    6cc489da77eaa6974e7a427246ba2f76b248ad702424743be9972d0ed0e0a26a0d9d88692a87a320e2a674221200ba9c8097a4a349be24c04b5ab39ffc7fc088

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ddceeb877371e0346308a3898a48da55

    SHA1

    96dc4add0a049a7b325e2fc10034a2f5bdf5f948

    SHA256

    6e39ac9dae8373ab3a96f5ef8cd9e52732b9ce515f5b725f52c479ad9ca7cdc3

    SHA512

    4f4a2406bb4247cefe13b1fe2f2686ae8c6f228e21feee997fc339e6dd6f9337a30637b1a1c50983bce32679782c03b2eeb909d4dbdf02c6058d757c7896c31c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eed20bcc32dbcc7431a9287312891e5e

    SHA1

    dcae14e987e73b42ef74d7e24eb7854c43e057a0

    SHA256

    b718bc7470a7ec862e4b995ed71ecaebb328ed69c9fa5acf16b81eef42967150

    SHA512

    d8c0cefb138f85eca105a883753f871ce437e4d47765cb71fabe4aa81bd48fe0d820afc59551abc82a07318777176fca750e6cef1ad0d27f8f336be6e898190f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f557e43fa9012b65e7c324cee9595ae4

    SHA1

    1d59586a1f12473ed380ebd4076ef014b3226b2d

    SHA256

    e113d892bc000b2ec98874758c1c7b7452f9ccf31bacda2df74f26ea4ce442b2

    SHA512

    fed050c6e72f5b9bb02c2cb867fdaa69379000cb9e0b779ae6454dfee2a31e179097359189c45f5e883617932f0639f1a5426622c1323a3cdc25d91b2ab231ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    867a0d688ed63cd8f81538357ee61866

    SHA1

    4590c237f9fb411bcc78879ec7b0cc6fec90a138

    SHA256

    09300144721d56e39ebf2695648edcf5194cbf84c5549df96fb2e6015b55a327

    SHA512

    0e9a5419f7b53bdb8d8d54cf80f0e4548bf83056db75f8a1b527e7c5e3d4e3308e8a66e15b40733b2323eb55d920c8229add195df131f33405dac0f5653ee0bd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    56d054de470b78aa40b7197149b53da3

    SHA1

    7a05e14eb01faa8d4643042af01a0c5dd8a71ddf

    SHA256

    6ff01108ac707e5cafe812e319a0c69e727e6847b166daa38e3697c56bc48fa1

    SHA512

    c5fffdef01c74284e330fc41ee9ac4de1836cfe499750939eeb2cf77c7281f594aeac84f57d7ec9b31eb5d466fcb4118a8b5eddf452ef17979f3ef58148886dc

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabAA06.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarAB24.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit