Overview

overview

10

Static

static

10

CHANGELOG.ps1

windows7-x64

1

CHANGELOG.ps1

windows10-2004-x64

1

administra...x.html

windows7-x64

1

administra...x.html

windows10-2004-x64

1

administra...x.html

windows7-x64

1

administra...x.html

windows10-2004-x64

1

administra...ml.ps1

windows7-x64

1

administra...ml.ps1

windows10-2004-x64

1

administra...x.html

windows7-x64

1

administra...x.html

windows10-2004-x64

1

administra...x.html

windows7-x64

1

administra...x.html

windows10-2004-x64

1

administra...er.ps1

windows7-x64

1

administra...er.ps1

windows10-2004-x64

1

administra...x.html

windows7-x64

1

administra...x.html

windows10-2004-x64

1

administra...ent.js

windows7-x64

1

administra...ent.js

windows10-2004-x64

1

administra...x.html

windows7-x64

1

administra...x.html

windows10-2004-x64

1

administra...er.ps1

windows7-x64

1

administra...er.ps1

windows10-2004-x64

1

administra...x.html

windows7-x64

1

administra...x.html

windows10-2004-x64

1

administra...x.html

windows7-x64

1

administra...x.html

windows10-2004-x64

1

administra...ner.js

windows7-x64

1

administra...ner.js

windows10-2004-x64

1

administra...ent.js

windows7-x64

1

administra...ent.js

windows10-2004-x64

1

administra...x.html

windows7-x64

1

administra...x.html

windows10-2004-x64

1

Analysis

  • max time kernel
    71s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    30/12/2023, 22:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    administrator/components/com_admin/tmpl/index.html

  • Size

    44B

  • MD5

    1c7b413c3fa39d0fed40556d2658ac73

  • SHA1

    246f84103dc96f58f99c85e3a3149e4cae406a7e

  • SHA256

    0f774764181a1d850141bf64393228b7acdb6261844f0165a78839f549d7bcce

  • SHA512

    e05cd49cfa61dc4dc506c23151fd31558085a68544310c63b09386b5b6fd87e3d014e311596cc4f34da1cb9db0abcd9c5fa866c19e74c84718d941b7c5055a1a

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\administrator\components\com_admin\tmpl\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2300
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2300 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1972

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    314e36c5fbe75282f7ed16ad88fdc1df

    SHA1

    b3d4f916b1564dbf5ee134bd2ed1f290747a3518

    SHA256

    82a220ba141e5bf18d6c66d996cf41a1ce27f735440c7038d6f7757b022d5ac2

    SHA512

    0b0a073b0718b0bd63416b2c3cede60012c2dd35dd4009965cffad63ea015f7bb4013e068feee39dab45ffd50d3d2921689c900836b8baa5ae870c1df2091a39

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2a7ea1dde0afcaf53c1b265030b6925a

    SHA1

    e93149c16022f14841048e3baa2b92b88d91611c

    SHA256

    bcae0efb1bb66c1c7d25f6a68da7b75ba4fca209f04ad97fde8fb7aacf2fd568

    SHA512

    20a7114779db02a728b7a489e300e0435ad0de12c85c0b8e388fc11bc9cf3850e1e40494f13a5ca6bf7141636f210b6d3d4976ce5fb8e1be2296c600bad924e4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d51124a03d5403de8a8ef8d55afc5342

    SHA1

    a47008baa725d90d5cd873d58c60e092799caa30

    SHA256

    a344c0207d32e97a66aea0529ce4ba516d11c43160e70dec70cf53021ec7290f

    SHA512

    f8a919147a14337b145278a2f9106dac595a56f451ee8ec2c4db3a4f6518c3680964ebf2c48ffc53f67ffcdcc4d5f4eccad66b4a38758ab5eebbee7901b7c999

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    484d12414a433cad3dcd5b3c675f6714

    SHA1

    0b4ee930b5c42a542bf8a0b401efcbc1d5ca9a60

    SHA256

    22a3ed64be7f104f25045dbce38fd466890bc58264cdfdc219d05d17eff3cd84

    SHA512

    fff14feec6cee4f0ff2e45e93f517849b3be6c08d6ae9d6657e895679b75c49c00503fca70e04feb2df1e314e905223768069b251dc30e879a6f3058c11a4ce6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e7345701824161270da206a783974e64

    SHA1

    6b86302caa3c46180c4b3b87cce9895e5ec7ed32

    SHA256

    4457797b4f83eb18f12d3c0f56859054d945d9e295f5937aea0d068293e6320f

    SHA512

    49e16e155b95e1eb906256c50de66125c32f5409cb17fd1ae47f9214ade3aea9a90dd2e42420012961182e04a5a4b9494eb6e79438abbd4e9dafa14f6593a7fe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    47ce2cb8c66490eff453590f4579aa3c

    SHA1

    5dd1a34eab37a90b0bd88637373fb196c7dffce1

    SHA256

    3708b15cff09316378dcce112c2c39f1e8764a15538933179275425517520aea

    SHA512

    9eda0f4d49e41ce63a816c53488062aafc3ec776a8ae5d772dd6a31b74263504599206f30436bdac49ac6d925a898010da483dff238c9bad464b1304162daaae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3cf108d67a67b16ee4ab9e2a28dfc79d

    SHA1

    254e3c589742a288b7a5e4c113c480ab5285ec7c

    SHA256

    43f6eb7ae9f1e985554b44d87519675400f2309192e4cc7027e81444b54fc4aa

    SHA512

    985e384ad3ad38c1471905439f0dad044928e6dc5c3b34073e2e6bd637834a07ee9abbe7f183ae61540939be7052df5bbf2f929889adae25634e22a0410b9ec3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7187abf9179b7131ad7d108089c97d90

    SHA1

    79452f257bb83d9021142749ae0915b562219a8b

    SHA256

    443a1c177ba0cc006a083d7b5e2a8a639da9e33edfe44309d67c9db5530a2dd6

    SHA512

    6b0a5c783b588a5a4c10e63e500a5006fc8830e5e5ed54a66be3e67138841fd8e89efaec10841c29221e06663f472cb62aa3d499abf4b0fc6506a12ad720f2f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e958a1c6052766ea7f30e57d0b8e0731

    SHA1

    43ac0290cffcdb161b1d6d44afbcfde7ae90ae15

    SHA256

    817fe537cf005766a742be1972a877e871749814aea002227a7b12808c9c0fe0

    SHA512

    476531df27366bb032ec26675672e5d6ec7070ff2c250f2f4fef64bf8a795c00504807298594b84555d1bb19aff307305951518efd5d3a272f3c070d7fcd8a5a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a57b10626cdd14cf3892f7249ce5be2e

    SHA1

    23a863b93179e0632d4925a5c736338a93d0cd17

    SHA256

    8a194603e39a122916a6e4445a44e89662860f6d6353b335f4a1e910d01000a2

    SHA512

    4e6f19f44c10c69e6d85c7f6f785749b3b942638b1323c05b36e151f3b70553b29eca93ee79f5d6d9dddd9c0d6714b3835c6d5d993834c69e8bf22b0b58cb7b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4d190ce0f56dc37f8281f9af9ff9aa87

    SHA1

    d67c595a0d9ba0fbb2e02c3b5dbe6fdbdcaaf6bc

    SHA256

    149316681276caf0ca1bd581ae6e4d527ed75aee7e9b1e46e2163f3abb6c6458

    SHA512

    c8dd1a349ce0c75747de2c40c15233da9e517a22b04ef690eaa965320b2a25cd487de2e00069c4acaf850a8600274041fd66cff34c48dcee9099b2277dff260d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8f7490a8d4e4a8916b1f031670a1cb45

    SHA1

    33d86c0cf8e407557bd1d38c82f46d62c2d0875c

    SHA256

    f950eb73b119989aeaa2694578cb38601e68045691906b05814c54e9761a63ef

    SHA512

    a09c913b4c97d1e82a4f890a1ffd6ba41c4f364d993b6ec92605a663b60a39b43ead1d313be7cff3f7e49709cebac49f995489e8be48bd86299aaeb053b7b411

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b3dcbc72d7ab40a32b9f3d63b849985b

    SHA1

    05bbbcfbfbdb82aa51c4cb82d9f3ef77a04b434f

    SHA256

    b9421a05db03a96662a39636ac2cf19d157ec33d7ab43055375d62fb3648b295

    SHA512

    8cc8425e232f62a5b92ec837d125e19a1c195fee1ded761b75d2166c788a637444e2a844c9712a8d5470cfd13aa9a5d05044d3fceda2d5a2fb02bd414f5ba2f3

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2B86.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2C54.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit