Overview

overview

9

Static

static

3

Code Virtu...lp.chm

windows7-x64

1

Code Virtu...lp.chm

windows10-2004-x64

1

Examples/A...le.exe

windows7-x64

1

Examples/A...le.exe

windows10-2004-x64

1

Examples/A...32.dll

windows7-x64

1

Examples/A...32.dll

windows10-2004-x64

1

Examples/A...le.exe

windows7-x64

1

Examples/A...le.exe

windows10-2004-x64

1

Examples/A...e2.exe

windows7-x64

1

Examples/A...e2.exe

windows10-2004-x64

1

Examples/C...ct2.js

windows7-x64

1

Examples/C...ct2.js

windows10-2004-x64

1

Examples/C...e.html

windows7-x64

1

Examples/C...e.html

windows10-2004-x64

1

Examples/C...e.html

windows7-x64

1

Examples/C...e.html

windows10-2004-x64

1

Include/C/...on.pdf

windows7-x64

1

Include/C/...on.pdf

windows10-2004-x64

1

Lib/Device...DK.sys

windows7-x64

1

Lib/Device...DK.sys

windows10-2004-x64

1

Lib/Device...DK.sys

windows7-x64

1

Lib/Device...DK.sys

windows10-2004-x64

1

Lib/Virtua...32.dll

windows7-x64

1

Lib/Virtua...32.dll

windows10-2004-x64

1

Lib/Virtua...64.dll

windows7-x64

1

Lib/Virtua...64.dll

windows10-2004-x64

1

StealthMod...on.pdf

windows7-x64

StealthMod...on.pdf

windows10-2004-x64

1

Virtualizer.exe

windows7-x64

9

Virtualizer.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    117s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    30/12/2023, 03:16

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Examples/C/VC (via ASM module)/vc_example.html

  • Size

    1KB

  • MD5

    97ea28334d67d71e4a96b56d76fe0d15

  • SHA1

    caffb42a57d09d6b8246c583f0d76004fd003d86

  • SHA256

    9965e660e07492e5c45bc7c52b981d1d65f6341a415979742418f5f699c1e771

  • SHA512

    0f2c0e693dd4e83e3c0bd2b68f6015a878f77b87dd0c84da836416b74e4284e8787c19b5d361732ab0d45c2b9c924746d73dba1493d1722b93731db6229120a3

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\Examples\C\VC (via ASM module)\vc_example.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2436
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2436 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1980

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          d1f83dbc66e7c3c7fb441f9871aab440

          SHA1

          d7ac438fa5ab2068a8f156190276c8a90a43d00d

          SHA256

          06c86e9b7b73e229d2f255bddbc914539632a02505abc0d0db667ceacabbc936

          SHA512

          80cc120413bae1bafb7c99c48bbaf96d1783895bded486f25028da7e0bec3b23c3cfdcb1ce37fbdb9aa79521e4233c171941c56cf5b139259ef855a387da866a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          bf2f6d7a069fdb94abf8a513797d09e7

          SHA1

          ca6792c69d54ba8743f3d9ec8331aeefe91f8b7c

          SHA256

          dd2c5857fc9f96a90e425f2f9b37dd1ca5a766862c0cc80173ca26db775321a3

          SHA512

          40327b67e8356ec96a4a80f856f0a24e071f64afa06957d6f95979f150aa98b1dec5ece2c095a5c29a067f25d92181f59844d6ee23d4a995dc04d5e93a321396

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          1b134d280946e36abfb51bfeae09e58d

          SHA1

          df5ca023551eee8ce55f7e0887def77d11c8dbef

          SHA256

          b0b0f52863d4294bde6f65adf8dd0bb403545f98d426332195276573c9a0ddc4

          SHA512

          2eebc264ac7f5abf2fd31e573b66079cfcb39936c3ca25467b82d54e661a19471a78914f156428112717bfad28cef7090a10b29596be3528a2296ab2473704a0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          36becc27fbc1214c72fad54b23b8e581

          SHA1

          6b7e68ff4f5ba333e3e541f53a841e3e3441d6b1

          SHA256

          ce115d2574c53f99ace55b38a2452d2c4a3964873c94b55128f328928939e6ff

          SHA512

          506524702f0c07e34d89b51550333d7d9b7e7cad00c9cca3e51c92d35eddda843e2cfe66760107aceebacf9c007ce9b0e97b19ca939d4de15f379f5c098e8052

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          ec56fb83a6aa9cd4dc8a742f8adaa1de

          SHA1

          7970d062aa4089238953608ae60b2ea3429d34df

          SHA256

          129cdb81f9f8a45bbd6ae3c750d94cc669a52af0507e5c41a6abe94bd186adaa

          SHA512

          894d394c333622153eb04fb356b8e2c2824dcc104ea0fc54fa13e84ce267b8d6a216fd54990b1529a9691142a15eeadd63a91beedb347d4fdb8016f6b5935bfc

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          b26d046b914aaa928aa4a398d27c6688

          SHA1

          44253812bedcfb4d5d13e04b940627051c7c8bf5

          SHA256

          99f54b09e972a1b7edd2070be92b0f02a2acd32fb5ef997c78f2c38b86521a0e

          SHA512

          2f2ffb1bc389bbb2ef2bec1511f9008391ebf2833d049cce54c08f8ad10f227cfa66272f3f7d3b0b8bfd3784958fce3f6c84a55b328206d85ac45e6c1eab8ede

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          017b73dff21c5e6adff902761859a5b5

          SHA1

          af55c4b4fef422f115125d285ceada323c1132ba

          SHA256

          0bdc2b00e766bd9bb26f9c0b6ddd0bf207466daae0ffad7da0f9d1cf8658c57b

          SHA512

          280659aa42461231f387d5025a4ddd277e0229613b79a3a3b0240c6de7209bb59c1f1695475e4753f279b8d54c7714749a2758295ea09e71959d4ece7b7ac039

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          70772f148f79237588a134e695e50d7a

          SHA1

          8a72262fadcdab29b630d77378b0751c2cb858ea

          SHA256

          f84ecac68b8b0e4815ffe40979873550327c85e6853a3c32021663e2bd784a71

          SHA512

          55a125de83c4921aa0c0b239055bc729a4b0bca1c1f56b96d5ea83bdae3dcd1413490563c55bf746d4392427e9bdac11d0621d231b7e30bef0404fe2a43e78b6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          1a0d5e266d5360171e62a2d91b1b7476

          SHA1

          dcc4f4c7c58320406e23a214b82d58575c4449e5

          SHA256

          7f304bc39779bf5c017d6b0b8297aa1a8caae38e4f3e764ed7fd338c2ba20148

          SHA512

          b659455a4c603b3032101e9afca5201eec41038c0f4c196979f727d6e452292026d2d8e5f149670fbcd39d802ba70f4bed482265c69896f560c4521157c02e6b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          2703013106cfd0f13e5df25699775fc4

          SHA1

          04f124e6aa3bd1b76b43d00227c63c6c6d0cfc0c

          SHA256

          90fc8d5e63b52d103af2433fe94b42985afe5c905c476c85fc206eab80d78a2c

          SHA512

          996d9f801c48859c0d9a5865da09c26c98c0549a757791524b0886c1feb224371901ee66da78599863579424ee660a907b629074d662b9adb2667afa9324ef06

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          9949238c55698032b54b2b80de05729d

          SHA1

          de271ba7ecc6631248c04073c6434fcc9d93a0c0

          SHA256

          a59ba324c713930c2bfca059fa3a2cebf02d6ad20d06d89fbeaea5f3103578e8

          SHA512

          3afaaa795ea9e7371c82b9ad12d5275698424f61cd236126a99f8d8ac7a063adab688038423bb3cd1a02e1a109c94b1518afef0536880e21e7bbffe9b22205a4

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          ee746c4cf7bd502d085dd8ddb4fed927

          SHA1

          ad4723f3dc2b60b570143b1dc033b6a37dcde56d

          SHA256

          f449134cf7466794eb9430f098e309af4a0bf39798dc210339893af5dff47f63

          SHA512

          32de4b6f5e61d9c395b50c104be2d1c66e7301de3225a0364c5cee7844dba80c982b01f21f0c1a0a97be748020f4714566524111ee09983afd72194161aa7896

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          a002273fa3184d0ee947f02e37909333

          SHA1

          5ab234cc1564060b5ba3ccf0b8ee6e2243db9e90

          SHA256

          b74b8f622e1f598ddc282d3d6b9dfd2bf1aad79cf9bb95c6895edf35772f0f0d

          SHA512

          2761ac5ed7dfdd88fc959f73ea2559b05d5fe1d2c016b8d399427fe878f44075146564b79444bfc1f370eb11f818288d48275f8e91f84fe06726d80c3f8ab5f7

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabBEDF.tmp
          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarCC98.tmp
          Filesize

          171KB

          MD5

          9c0c641c06238516f27941aa1166d427

          SHA1

          64cd549fb8cf014fcd9312aa7a5b023847b6c977

          SHA256

          4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

          SHA512

          936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

          Download Submit