Overview

overview

9

Static

static

3

Code Virtu...lp.chm

windows7-x64

1

Code Virtu...lp.chm

windows10-2004-x64

1

Examples/A...le.exe

windows7-x64

1

Examples/A...le.exe

windows10-2004-x64

1

Examples/A...32.dll

windows7-x64

1

Examples/A...32.dll

windows10-2004-x64

1

Examples/A...le.exe

windows7-x64

1

Examples/A...le.exe

windows10-2004-x64

1

Examples/A...e2.exe

windows7-x64

1

Examples/A...e2.exe

windows10-2004-x64

1

Examples/C...ct2.js

windows7-x64

1

Examples/C...ct2.js

windows10-2004-x64

1

Examples/C...e.html

windows7-x64

1

Examples/C...e.html

windows10-2004-x64

1

Examples/C...e.html

windows7-x64

1

Examples/C...e.html

windows10-2004-x64

1

Include/C/...on.pdf

windows7-x64

1

Include/C/...on.pdf

windows10-2004-x64

1

Lib/Device...DK.sys

windows7-x64

1

Lib/Device...DK.sys

windows10-2004-x64

1

Lib/Device...DK.sys

windows7-x64

1

Lib/Device...DK.sys

windows10-2004-x64

1

Lib/Virtua...32.dll

windows7-x64

1

Lib/Virtua...32.dll

windows10-2004-x64

1

Lib/Virtua...64.dll

windows7-x64

1

Lib/Virtua...64.dll

windows10-2004-x64

1

StealthMod...on.pdf

windows7-x64

StealthMod...on.pdf

windows10-2004-x64

1

Virtualizer.exe

windows7-x64

9

Virtualizer.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    122s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    30-12-2023 03:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Examples/C/VC/vc_example.html

  • Size

    1KB

  • MD5

    97ea28334d67d71e4a96b56d76fe0d15

  • SHA1

    caffb42a57d09d6b8246c583f0d76004fd003d86

  • SHA256

    9965e660e07492e5c45bc7c52b981d1d65f6341a415979742418f5f699c1e771

  • SHA512

    0f2c0e693dd4e83e3c0bd2b68f6015a878f77b87dd0c84da836416b74e4284e8787c19b5d361732ab0d45c2b9c924746d73dba1493d1722b93731db6229120a3

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Examples\C\VC\vc_example.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2940
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2940 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2764

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    a145df1babb8062cdef90e039dfc5a19

    SHA1

    01871a1e009404287b55e4b376c1c32c6360924f

    SHA256

    01a005b9cf2d7bce203dffa20be872f0c1f7030dc4be3aad6bcac7576cb5d353

    SHA512

    f9fb8ba6539b3ca5519bc01797d31bb36ac2e3252aa1845cb1457c102a37943e24953516113f3fbf75f6426e5b165cc02e1ea9da77f1090093d28226d234f214

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    458c95cb955ebdb5ba81ff82e1596a77

    SHA1

    e1db3af307098374e51d5456f8a3a9e8b7f9cf4c

    SHA256

    9e6066f636023a867c6c0f2df49335fb3f85ad37bb998e4d480c276db8e5b349

    SHA512

    b6b02406ab48a4b1afc6765dc3ce3e0b1c96e5c29d9156d7ead5ab72c76e075c9ef4985e58d2bf28d2079393c48cf97b8ce42330c4834389e2707df9579d353b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a6e6c480f15b2d402a2504143f0402ae

    SHA1

    65341da9db51f4dc0d65c536eec6de5c2a555a27

    SHA256

    303ef7ceb23cfc579d5b48a2b13f58fb37b3895fb6a0c02a01899ae5acc4499e

    SHA512

    918119e20484a937acf30aa9b4424fa69cfb29c485bcd3e2866bc75e24f5fe32c67545fa732b81bb24264926514d0b1ec29f4e968b7dae91b5fc47eaefb30962

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    32c1e293f0c6326b7e83418cda31ddf8

    SHA1

    7afb98cdfe0ccf363739e8e25cc6d50a91c993e2

    SHA256

    90e46d7686bbabe93bad91732db00011ecf6ec7098523195b361aec64007bc53

    SHA512

    2f269ba7ed72725caac61037f2bc3f1c1085caee63c03592c4748c3928a2b7553b8205054408053ec635c745120c626fdd403e6160cdbdc91274b2d3c09c4fa8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    4ee3aebd6847c55636946d0c0a527604

    SHA1

    e4a05dc0588257f5d426d4f2d3e663facae20ea9

    SHA256

    793c473c469567a4a0e99962d032b2ebac572ae3767807a00719fc32094a9dfb

    SHA512

    8c5155e5c9ebcf66c2649b4e559ea307d272582db213d1d57d0b582ff96080be2a4ce08f768a3b13449cc44e88839b06038ee61cc0d698bab3a1a02f5193b1c2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2A61.tmp
    Filesize

    45KB

    MD5

    cae17bc9c5d74e0e1142b20a7889efdb

    SHA1

    cfea5f7d29a7dad0a1a25daf18a0cd4cb79cac86

    SHA256

    4d74c7d252b593f92d04a5538ff5688a4ec720ab664ac723512fbcfa3f5ab691

    SHA512

    42ba66aa767f8a15ce38f9e72990fe41e4fb2d7266e4334be0bcb7db7ac7eb38e7f3b424bb4fc5583197257e9fefc11ab19285f0881a054f338463fefb483dfd

    Download Submit