Overview

overview

1

Static

static

1

irs/bank.js

windows7-x64

1

irs/bank.js

windows10-2004-x64

1

irs/card.js

windows7-x64

1

irs/card.js

windows10-2004-x64

1

irs/confirm.js

windows7-x64

1

irs/confirm.js

windows10-2004-x64

1

irs/index.js

windows7-x64

1

irs/index.js

windows10-2004-x64

1

irs/js/boo...min.js

windows7-x64

1

irs/js/boo...min.js

windows10-2004-x64

1

irs/js/jqu...min.js

windows7-x64

1

irs/js/jqu...min.js

windows10-2004-x64

1

irs/js/jquery.min.js

windows7-x64

1

irs/js/jquery.min.js

windows10-2004-x64

1

irs/test.html

windows7-x64

1

irs/test.html

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    136s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    31-12-2023 00:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    irs/test.html

  • Size

    23KB

  • MD5

    f8968b5cec271891dfec168f814a0ed7

  • SHA1

    b31cd27358e4fe531ee61836b41a943e9c9e2ccf

  • SHA256

    2833d9fb8fa07e55dd18b5b22af852f793dcfafc9c645d40b0ca0f42cef5f556

  • SHA512

    52e72de8202587fea152098d68cbbb10faeefc05bbd943ab898d5dac361d6560e0f95642af19a024e6e589a7c77f2e3cf594b9e37a2c4148ada62b90e583202f

  • SSDEEP

    384:HOu2pjOlLciTa9CH5CK+kSp3NeB5+hTBvyR9kwhCYJbTg1e71LJw0Gmic:HYgL1eK63Ne7aytwvy

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 6 IoCs
    adwarespyware
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\irs\test.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4428
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4428 CREDAT:17410 /prefetch:2
      2⤵
        PID:3652

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
      Filesize

      4KB

      MD5

      1bfe591a4fe3d91b03cdf26eaacd8f89

      SHA1

      719c37c320f518ac168c86723724891950911cea

      SHA256

      9cf94355051bf0f4a45724ca20d1cc02f76371b963ab7d1e38bd8997737b13d8

      SHA512

      02f88da4b610678c31664609bcfa9d61db8d0b0617649981af948f670f41a6207b4ec19fecce7385a24e0c609cbbf3f2b79a8acaf09a03c2c432cc4dce75e9db

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\VersionManager\verBE8D.tmp
      Filesize

      15KB

      MD5

      1a545d0052b581fbb2ab4c52133846bc

      SHA1

      62f3266a9b9925cd6d98658b92adec673cbe3dd3

      SHA256

      557472aeaebf4c1c800b9df14c190f66d62cbabb011300dbedde2dcddd27a6c1

      SHA512

      bd326d111589d87cd6d019378ec725ac9ac7ad4c36f22453941f7d52f90b747ede4783a83dfff6cae1b3bb46690ad49cffa77f2afda019b22863ac485b406e8d

      Download Submit