Overview

overview

3

Static

static

3

alixixi.co...息.js

windows7-x64

1

alixixi.co...息.js

windows10-2004-x64

1

alixixi.co...at.exe

windows7-x64

1

alixixi.co...at.exe

windows10-2004-x64

1

alixixi.co...ar.exe

windows7-x64

1

alixixi.co...ar.exe

windows10-2004-x64

1

conn.vbs

windows7-x64

1

conn.vbs

windows10-2004-x64

1

dele.vbs

windows7-x64

1

dele.vbs

windows10-2004-x64

1

deleuser.htm

windows7-x64

1

deleuser.htm

windows10-2004-x64

1

edit.vbs

windows7-x64

1

edit.vbs

windows10-2004-x64

1

index.htm

windows7-x64

1

index.htm

windows10-2004-x64

1

login.vbs

windows7-x64

1

login.vbs

windows10-2004-x64

1

login.htm

windows7-x64

1

login.htm

windows10-2004-x64

1

logout.asp

windows7-x64

3

logout.asp

windows10-2004-x64

3

password.htm

windows7-x64

1

password.htm

windows10-2004-x64

1

px.vbs

windows7-x64

1

px.vbs

windows10-2004-x64

1

reload.htm

windows7-x64

1

reload.htm

windows10-2004-x64

1

update.html

windows7-x64

1

update.html

windows10-2004-x64

1

alixixi.co...es.dll

windows7-x64

1

alixixi.co...es.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    30/12/2023, 07:41

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    update.html

  • Size

    3KB

  • MD5

    f01653b37862135176916efde3287cbf

  • SHA1

    6d0e55f7415fd5306086a604cd4242b78c0ba189

  • SHA256

    9c7cb268680890b8beed4bbe33cf8354d783e0ae63cf4abd89a6309f1a230024

  • SHA512

    cbc2ae19b1ab39ce7171477afdd643ab2d847ff3587a059748b54ca25b6dcb8a056ca87f6a71bcdaec15936c5a03017e5fad4ac830fead898119bd8845a1f672

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\update.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2112
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2112 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2728

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    aeac298e0d2db83d1aa22b6888219ab2

    SHA1

    f1c5823635619cfba3dc8667bb0d2934ff8f6b8e

    SHA256

    b7ced74c048c9eb083585709ef4f1fa9c321973b48e65a9a2ffb4b6e4da02123

    SHA512

    e596fa90855ad17b217531895e5430ef0a3ce05072e976d6fb86e835ab2257fca8927655f0ba85c34d10765613e8fae8a28cf770df7c9d536d9c5bdcb9f8859b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ae291cc3289b1a99f0634e46485f7b5f

    SHA1

    e90982074b9540e95c0ad069c4fce5800fdaf4d0

    SHA256

    07d2ae9c0fe9b75249a911ac8d171c871a04e9c6610f54de7e990e7061f26a9b

    SHA512

    0f6ec290ba536269453ee6489a1ea52f9f903c6ac7bfcb67b325917200bf2de70549e8d13f420f92d8a2355f56643e9254318147c47b64b53f37489f63791516

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    80b4313760d19e9161b982b46b3f09ba

    SHA1

    1299ebaf8ae6a79862d7e1bcb970d7471ffa4d99

    SHA256

    cbe6edfadb09a71516155329997a542a0d03073b4c8ab52093d098ff023d46df

    SHA512

    7868678115f45d6cee5baf2e7c9ff76a67d07d4d174bac5f2b9f23fcfd9a75e4d7c69f2b845ca4e24dfaf9e521749927f51723ad216757d9a4662b6889adec27

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a023df0575d66934b543a27c429744c7

    SHA1

    07f6eefca6c91cb0454e24f230da984c61e2a4f2

    SHA256

    95639f0cb7b406bf84727203fda2886f5965e4465d439e04e8b4d31c10a37cc7

    SHA512

    a27c0e62c8f1a73f37e65fd79981a5de44d9dcd4b0efb02ece17ad26bae5179f0301588fb1e457d8ac24ae56527003e67c37daa6607e16afd40a91ff6aa8f80f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8f0a71bac7c02e5f847bea5ac3f51a44

    SHA1

    607f0a01a34988928ab04bbb1f9c095c8f76d26b

    SHA256

    601b9f175ee2fd8dd0891ea024a947daa71cf2e704ac0a7fff5464b53f89de49

    SHA512

    7438bbebe175ae8f33b12c2c0cfe32a0cdfb7e245c631567764e70da22bf271648c4dc3fa532b1192ab957f7dc0836a2cfd5dcaffe96a755c4caa57c0b8bfc87

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c60c85ce7925bad389d232c41a6f8687

    SHA1

    b0c79a3e6b8f33e59726552b72082780823e4c49

    SHA256

    e77cf44b16973ce5b88d67bb187782e84648e9037768943348457ca361c571de

    SHA512

    c6fe411b29c1fe23436e3d30ae14d67401b0dac322e49057ff1970fc7e3f7fa80ad5d8994e507e54c474fedab50daaeb6b37ea123c2ee501ac788e966d5b8ed7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    62e88d802cf65fe76c6102302de19ee7

    SHA1

    c52dda11af47efcfc9ec7e679d6048d1e52635f3

    SHA256

    f1bf8ff7f170360cb7a0b54625af6836ea44e1085b7ff7f3b3236d938b4ee3a2

    SHA512

    f5e677a25cf114d439f32082141372eb76cb9aa9539142fdeaac97edcacb2794388500910ffc744097900f803f0cc7586d3b156655773801857ccde425d05bae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7036baef2327a8700531d89c50955531

    SHA1

    a326224b7f1d7bd03d4a36c23401e196c9e1780c

    SHA256

    d5ba215fc6b59c72c7c0fef582d245827dc4309da2f5b22422bac554ebd42120

    SHA512

    a3f66cf28881a21016b0a963b426cd1931dd6bb8d1603388d38a1cb377cf536681e3bf8690adb29150521a31d426168d50540ec75e258a2e8316b4151eba07c1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ad9edada9314e40d6c4c6f578f3a55d0

    SHA1

    abe3e8b8baf7aaf98b3dbdba22ed089711997cdc

    SHA256

    2dcd93607763717a5b0dc5e4daf2736d27e99fa0d22309fc262fa97738f9398b

    SHA512

    4b1a9d0095cb1ed851c631ea1db2e7c6d0ef444ff3dc88ddd7289551843e520f0192b2f0f22c1de230050b7014e9a54688fac4a243f6eabe8ec7f2ffb1c0f80b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f6655ce5adb529358f7e42f449fe6612

    SHA1

    618d02142510c2441f18813e74c1caca451e86ed

    SHA256

    c4ab9f69e9cec367ffe37ac500343472e1badc3f3a26571ffc56a6c5048feda2

    SHA512

    f0bc022654df0f29d33c14eede3249b0ac86e430bb564e14992f5bddf07085940cd66a8ad838dc08f14768641d4deebdb8698ce94bf0d6616df7ae24b07b64a1

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabEBD6.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF740.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit