Overview

overview

1

Static

static

1

admin/frm_...ify.js

windows7-x64

1

admin/frm_...ify.js

windows10-2004-x64

1

admin/frm_...ify.js

windows7-x64

1

admin/frm_...ify.js

windows10-2004-x64

1

admin/scr_...ed.ps1

windows7-x64

1

admin/scr_...ed.ps1

windows10-2004-x64

1

admin/scr_...rt.ps1

windows7-x64

1

admin/scr_...rt.ps1

windows10-2004-x64

1

admin/scr_...fy.ps1

windows7-x64

1

admin/scr_...fy.ps1

windows10-2004-x64

1

admin/scr_...inc.js

windows7-x64

1

admin/scr_...inc.js

windows10-2004-x64

1

admin/scr_...nc.ps1

windows7-x64

1

admin/scr_...nc.ps1

windows10-2004-x64

1

admin/scr_...ig.vbs

windows7-x64

1

admin/scr_...ig.vbs

windows10-2004-x64

1

admin/tabs.inc.js

windows7-x64

1

admin/tabs.inc.js

windows10-2004-x64

1

admin/xml_...ove.js

windows7-x64

1

admin/xml_...ove.js

windows10-2004-x64

1

admin/xml_...os.ps1

windows7-x64

1

admin/xml_...os.ps1

windows10-2004-x64

1

admin/新�...��.url

windows7-x64

1

admin/新�...��.url

windows10-2004-x64

1

api/index.html

windows7-x64

1

api/index.html

windows10-2004-x64

1

api/json_directory.js

windows7-x64

1

api/json_directory.js

windows10-2004-x64

1

api/json_icon.js

windows7-x64

1

api/json_icon.js

windows10-2004-x64

1

api/scr_sa...et.ps1

windows7-x64

1

api/scr_sa...et.ps1

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    30/12/2023, 10:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    api/index.html

  • Size

    1KB

  • MD5

    f5977d1c65204a628f02b785c0526c9b

  • SHA1

    3d2a9b9b3dd0f1496f3705f4a90171333101fefe

  • SHA256

    90fa771cb6e5605cbc7a27e1207d168ce1b46cfa1a2b158b9c500ccf06369467

  • SHA512

    96d9c1c440ef41f0bde32bf8b3d9d1dfb7d2a99426d02949613c51bd28339f8d304902bac663dfb613b3e34a920d44ed3c90bd2db131c8a89b6413a33eb5b223

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\api\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3008
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3008 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2328

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fdb132ec9b41f07db79c9f8e17b7ed91

    SHA1

    b1392f137b849fda7848888a6dde7d5cb850539a

    SHA256

    d4bafd1075b4c28d977487a5a01141c5d6fc33c4afc8fe281b1768cee1799edb

    SHA512

    9938db420d376633aea7b3f8b73abad6bfb1575fe1a77c38d33dade9d37fccc9453630fe2b117286d8f28b52ac5a8bc63c45aa02ec046d6015f25cea11e91eb6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b2e4fe7be9b978c00f71df23bf22e939

    SHA1

    0d702fbe3c93f4dfa5884fe87a0b2acc148208e2

    SHA256

    e1dd037b6d892f676dd6e8eb91ed2babdadbde5fd0a53a3fb287014e7389aff1

    SHA512

    edcc4bc9754a42a987d05aa47ca9200b8cefe4838d0873dc9eecd331840ce733921ea16a68c611f8ce5a4d5888e463c32c48271935c5e063c4e470d811cff716

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    26f09f125240d4aa2cfa920ab3de15d0

    SHA1

    b3c6ab24587f1ad1bc0b7ce34adf1eb0cccd4283

    SHA256

    76eb5309d3fea800a5c66b5565a64182c6422cac79c432b6e4716ff60e8a317a

    SHA512

    6a6230ad1dd28d8d2b620674f53cf5a3d1861a4dd8a46ae3d3efd6a3fb328a59d7e4a321ac9550322e1b3441724fd6a66c327c62d95a5b71eda81bf39774e7da

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    120aac00da1ad128a333500680c8e2e7

    SHA1

    0fbe2b4394b1b8c9d46c953399d54a6c68d6b091

    SHA256

    9d42c2fe8f295e281913d1799df416184e32e541161e392f62ae05190342e029

    SHA512

    4fb5dab91ca3488148dfc1d1e63f8e9639e9791444f88b3cad0d0ec8fe14cedf0975d5820cfe74453ce8767d766359de87668c05cf3358f240e66d8f9b375b92

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d25cb0164fec72245a103fcebda66ef6

    SHA1

    10769c1ef42860e033d4e8c4115504dd19b846d7

    SHA256

    bead1cf4db70902704949a4eeec0ab141ec7d4041d88f1c6efbd44f0775413cd

    SHA512

    4d9662aa2bdd5b142520d1595dd420df5e595131b7e91ee54dc551629d02add1bfb468a2b2613a11a36a1c682bd935063dc25b98823100d874267a91a1549f9f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4db931b8bd256c0a69c13667f9595134

    SHA1

    b6a597100e74ff955f505e07490f67747113b40d

    SHA256

    5ffb5d9f513e18b5a50b89107e5059bc490b65ca3be0236df35802bc84aa3995

    SHA512

    61f149c0889ab243e3cb9915d934e031c9dddd00eb1102c402a46792550c1d16ee09ceeb00b8d05322f0a1aaae2e1b3feb85a9eff1f466937ff276c921e38177

    Download Submit