Overview

overview

1

Static

static

1

FREE-GBK/a...iew.js

windows7-x64

1

FREE-GBK/a...iew.js

windows10-2004-x64

1

FREE-GBK/a...min.js

windows7-x64

1

FREE-GBK/a...min.js

windows10-2004-x64

1

FREE-GBK/a...bak.js

windows7-x64

1

FREE-GBK/a...bak.js

windows10-2004-x64

1

FREE-GBK/a...src.js

windows7-x64

1

FREE-GBK/a...src.js

windows10-2004-x64

1

FREE-GBK/a...h.html

windows7-x64

1

FREE-GBK/a...h.html

windows10-2004-x64

1

FREE-GBK/a...c.html

windows7-x64

1

FREE-GBK/a...c.html

windows10-2004-x64

1

FREE-GBK/f...1.html

windows7-x64

1

FREE-GBK/f...1.html

windows10-2004-x64

1

FREE-GBK/f...0.html

windows7-x64

1

FREE-GBK/f...0.html

windows10-2004-x64

1

FREE-GBK/f...1.html

windows7-x64

1

FREE-GBK/f...1.html

windows10-2004-x64

1

FREE-GBK/f...3.html

windows7-x64

1

FREE-GBK/f...3.html

windows10-2004-x64

1

FREE-GBK/f...4.html

windows7-x64

1

FREE-GBK/f...4.html

windows10-2004-x64

1

FREE-GBK/f...6.html

windows7-x64

1

FREE-GBK/f...6.html

windows10-2004-x64

1

FREE-GBK/f...7.html

windows7-x64

1

FREE-GBK/f...7.html

windows10-2004-x64

1

FREE-GBK/f...8.html

windows7-x64

1

FREE-GBK/f...8.html

windows10-2004-x64

1

FREE-GBK/f...9.html

windows7-x64

1

FREE-GBK/f...9.html

windows10-2004-x64

1

FREE-GBK/f...ex.htm

windows7-x64

1

FREE-GBK/f...ex.htm

windows10-2004-x64

1

Analysis

  • max time kernel
    0s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    31-12-2023 01:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    FREE-GBK/forms/html/8/8.html

  • Size

    4KB

  • MD5

    5ce5d1b4a49a83a6308f2ea9849f836c

  • SHA1

    1e907167c3f1b5609ecb99b5817132236321a1a6

  • SHA256

    ef4a6030a8491d81c212dbe838cc7bab77069581da7f6a47a504469cfc4a8d8a

  • SHA512

    f9929024b47cd73768912a0b286942b701c5f07bbc54deed53a539f6ee8d184c16429469800651aed933197b9498cb190849cdf3170cab5630fa1e59f771ad52

  • SSDEEP

    96:zxF+M6/GvG1G5GCG+NrSn/L/UD5dnmjeH5XoxT:3+dOaKl5NeCnan

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 18 IoCs
    adwarespyware
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\FREE-GBK\forms\html\8\8.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1732
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1732 CREDAT:275457 /prefetch:2
      2⤵
        PID:1976

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      747404d1c7f128967f6582eaaa5658ea

      SHA1

      1f9733a7e7ebb4e20cdfbef7dded4e20744012e8

      SHA256

      4569034724f129a306dd6d90c61130cdda5e8eb7fadb4519d90d48904be858ed

      SHA512

      29137374e3ef40f2c98b6d600cc40f858342ce2181f3bf7ed6c8911332418c05152098fc600522627fb5cd016a44bad0afaef18d78d5a6d0762c9e1f75719f98

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      4a0c263e037b7fc47f92e08f53afb01e

      SHA1

      03dd995fdaf43726bc4480b72a815a0ec09c998e

      SHA256

      880d6d5351d032b80dcfc9e0f51b1e48b3da1ecb78d3e744408778eb82b34b0d

      SHA512

      b7b59e816ffa60787ebf9df68fb9ddcd8ba5be104be4bf7aa8428df29762097ffc96e836650ce2a31f2fec460fdbb44b1644055a1e65ce954e774f516dec2a73

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      cbe2133bfcda9d0df13ac312f990d3fb

      SHA1

      97b3f9e3b3b8b26928985d7b4cc60828eb64c829

      SHA256

      c45d74ea71333a7dbdadfbf566ff287c00e1c23ee5df1d765e166d3eed7cfcc2

      SHA512

      82a502bfa2312906cbc5bbb66f91099cedc6cdd6ffa1c883ab060fea8d74b36c60e274ee412be88fadf9eb78b0807067eefa76d04f1c7b99ade70dd6ffe59d99

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\Cab67DA.tmp
      MD5

      d41d8cd98f00b204e9800998ecf8427e

      SHA1

      da39a3ee5e6b4b0d3255bfef95601890afd80709

      SHA256

      e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

      SHA512

      cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\Tar67ED.tmp
      Filesize

      42KB

      MD5

      9d9846d571f3ad42e950d88caeabdcff

      SHA1

      caf96fc989a3891f108ddadccc0ae8ca9ae15fc1

      SHA256

      60e284741d9a8c0bcbc312be5ecdfabf086dac792effcd3bb81229b3666fbd97

      SHA512

      f4dc8f89a78c6e7674e254d48ccd6df758379ffed190f0cf29be8139b0712dea05c5c5fbe8497eb5fa59f692fb489df873136a3744cccdbe13f64ff00db8378f

      Download Submit