Overview

overview

3

Static

static

3

More/Audio.htm

windows7-x64

1

More/Audio.htm

windows10-2004-x64

1

More/Business.htm

windows7-x64

1

More/Business.htm

windows10-2004-x64

1

More/Desktop.htm

windows7-x64

1

More/Desktop.htm

windows10-2004-x64

1

More/Excellence.htm

windows7-x64

1

More/Excellence.htm

windows10-2004-x64

1

More/Game.htm

windows7-x64

1

More/Game.htm

windows10-2004-x64

1

More/Internet.htm

windows7-x64

1

More/Internet.htm

windows10-2004-x64

1

More/Multimedia.htm

windows7-x64

1

More/Multimedia.htm

windows10-2004-x64

1

More/NewLive.htm

windows7-x64

1

More/NewLive.htm

windows10-2004-x64

1

More/Utilities.htm

windows7-x64

1

More/Utilities.htm

windows10-2004-x64

1

More/WebDeveloper.htm

windows7-x64

1

More/WebDeveloper.htm

windows10-2004-x64

1

More/allfixer.htm

windows7-x64

1

More/allfixer.htm

windows10-2004-x64

1

More/avifixer.htm

windows7-x64

1

More/avifixer.htm

windows10-2004-x64

1

More/image...1.html

windows7-x64

1

More/image...1.html

windows10-2004-x64

1

More/more.htm

windows7-x64

1

More/more.htm

windows10-2004-x64

1

d3d8thk.dll

windows7-x64

1

d3d8thk.dll

windows10-2004-x64

1

keygen.exe

windows7-x64

1

keygen.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    30-12-2023 22:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    More/more.htm

  • Size

    6KB

  • MD5

    c4eccc522b8a82d3b58301e9326fb62c

  • SHA1

    ee8e6d2d3793673d344d8e88189e1553ed78a6d4

  • SHA256

    a8d6d45fb11ec7185ad17813bf1a7190164455fdd9f27805b1a393089a39bf2c

  • SHA512

    ef06f99617c2f66249b42ef67dce6cbdff77f4bd3d3ee934aa83e36a69305bc4557bcb4cbf628616cc4233907ac043484811d7b711b6136d364f59f7877c7a85

  • SSDEEP

    48:bpIE8S2+bS9/L+ZotqjldAzhQabMgokeXCAmu3xTcx9MoGH+RYxIVW9MkBAlDryZ:IShShIkeXCupC1W+yHIEd8ul/8uqAhv

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\More\more.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2552
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2552 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1812

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    913210376b1315168edef9a2a5417847

    SHA1

    9129b48bbafe74fc5ff24f0bc338b751bb0c0e2f

    SHA256

    7cc733856c136a80a5dc16d82f104f4b14cb70b5d0e3594064cb4d49cd0e4571

    SHA512

    d1b536a956d11e7a3b7675057241ab3b244cbba2ded8cd0f8293ce04e1218ded3054f0b686ddb3a0514619893fcb092c0218d0348a507bb4381647f8476f5f8d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b4a504ecbef9b91dd0bcd54c1a8fa167

    SHA1

    310750c28e38100597fd0b64411231e8bff7ae2a

    SHA256

    e7e8c90a8a6146e2dee0456771dca631f17d94810e6d76414f87ff5f9d3c8183

    SHA512

    e488f44dfc26b58d220739587b434908fcbd45783421a6df355bee842d66d7a5674783087b1011875e43b2c99aa89edefc7a84cbf4332a1120ebf4912f95f245

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a4a0b802e4ea50faae439b815772e30d

    SHA1

    09df38516271ef6d227edd8b63433af37fccde19

    SHA256

    700aa50f260e184028dee3ad5ee721c43309b80e785f6256e0f1975ff74371b3

    SHA512

    1de1d718896dfa1930ea2c760801115cdc350e6ac2584a0f2e81f9e938590eedf821915e407ec072257146409849a73b9780f4e9a4372a225f620c3a540c304b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    af6d9ae69a6bff66894a60246a6758a3

    SHA1

    488e8fed8d7a764e98411a263bff06a0749442f2

    SHA256

    7970a749c08f2347e89860e42bea3f0a5e1725ee8ac4b22a5231245c3f026db5

    SHA512

    c1a07a5546d78b63560c18d6a54b2432da4a75e8ff26bf45fad6dce0dded34ac4c3c58acdba320b0101a29dd1e5970d80a28016d348415c6ceca9b65222568f7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    96939f62612bc54c7f424f63d0077539

    SHA1

    0fc12a0fd4fd44828ffb617938fed472163b2b47

    SHA256

    ef0029f147169aa61bbd79932850eb6010e6eb4a7f9fbeadd0ba68f5d8cf7dbd

    SHA512

    d6fd00a895b91d7b2b331b96d76d28ad2d64c9654b01c51a34d4b5bd8ad038221906d4b3840488e159d0362efe038abb4d7af60a5fd7d1123a0f5a7091b82b82

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6c746a52ba46c3540a8516c26931c03a

    SHA1

    2f34f9b9f6d2125e91c34c67d840f2272d4b889f

    SHA256

    4116c590377b2dbf1bd22b1d222d42497e50d5c223db59bf75991dcb65d2f044

    SHA512

    b9a43115e4a00465c00467994aeacbdd01b42d7d6bd1ff77a4c0cbe0e019508e05c419a7f7e94ed8a7790256c59e9f1ec04f336f1d51fc2a254f1017606e920d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2677.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2745.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit