Overview

overview

1

Static

static

1

youthblog/...nge.js

windows7-x64

1

youthblog/...nge.js

windows10-2004-x64

1

youthblog/...ot.htm

windows7-x64

1

youthblog/...ot.htm

windows10-2004-x64

1

youthblog/...nt.htm

windows7-x64

1

youthblog/...nt.htm

windows10-2004-x64

1

youthblog/...ks.htm

windows7-x64

1

youthblog/...ks.htm

windows10-2004-x64

1

youthblog/...op.htm

windows7-x64

1

youthblog/...op.htm

windows10-2004-x64

1

youthblog/...ad.vbs

windows7-x64

1

youthblog/...ad.vbs

windows10-2004-x64

1

youthblog/...in.vbs

windows7-x64

1

youthblog/...in.vbs

windows10-2004-x64

1

youthblog/...wd.vbs

windows7-x64

1

youthblog/...wd.vbs

windows10-2004-x64

1

youthblog/...ar.vbs

windows7-x64

1

youthblog/...ar.vbs

windows10-2004-x64

1

youthblog/...nt.vbs

windows7-x64

1

youthblog/...nt.vbs

windows10-2004-x64

1

youthblog/...se.vbs

windows7-x64

1

youthblog/...se.vbs

windows10-2004-x64

1

youthblog/...te.vbs

windows7-x64

1

youthblog/...te.vbs

windows10-2004-x64

1

youthblog/...le.vbs

windows7-x64

1

youthblog/...le.vbs

windows10-2004-x64

1

youthblog/...te.vbs

windows7-x64

1

youthblog/...te.vbs

windows10-2004-x64

1

youthblog/...dex.js

windows7-x64

1

youthblog/...dex.js

windows10-2004-x64

1

youthblog/...ip.vbs

windows7-x64

1

youthblog/...ip.vbs

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    31-12-2023 02:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    youthblog/ad/ad_userbot.htm

  • Size

    1B

  • MD5

    7215ee9c7d9dc229d2921a40e899ec5f

  • SHA1

    b858cb282617fb0956d960215c8e84d1ccf909c6

  • SHA256

    36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

  • SHA512

    f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\youthblog\ad\ad_userbot.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1696
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1696 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2876

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    199eabccef0591b925bf11738be25335

    SHA1

    9589e7c746b98d2321dda4c87785bdaa8c3a0483

    SHA256

    f28fb7ce0996505a4579c8f70d4516edbffddfe57f4db738f7d187b3cfaa7003

    SHA512

    674bfbd4f10fdba6ca9ba6b00980e50a123254fe6deb32df1401e02ba744d186e52293f4ac5a3a35ce43ea747762f40d751a58e3fc8675de74590f52d04f7859

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d1cf544bdc970652d2ba4c3fdef8922d

    SHA1

    e869452e08db577ce3e41b5b9a3c0e203e8a46da

    SHA256

    2651cc675b2fca5c4865f4cdb9ecc2d7b0f2a01c213442607221aa14fc000796

    SHA512

    0d4b111bb3d9e915c94e9a5a0cded311b07f882af4b09e6a0d8a1dc231fcb68cbbe2ee333d2e381f82404e077546d1210dc9a6c95476a1c76e3ba09046a77912

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    100246eae54a1f54a1c910548e21a9a2

    SHA1

    550a9f5d34ce7ab163b18b4d99b9d889310e175d

    SHA256

    283b7065485f4304acdb50f537c996748fc22648b808f3a01d57bf313ab54052

    SHA512

    076c0dc8aa85fbe3f2b4a66e3793902090f73993c9f101b2fd93ef4ce50c3414ea861d41447a13cb4c1608faba8c508a3ad69a49ff3c5e43bfd3e34cabf898b2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    baf1148f26995205ed4b2de60e8cc17b

    SHA1

    608ec5c88726111a466bcc32c6e3c0000602a6e6

    SHA256

    9dbc83bfef710b286e9adef747c130128621dfb07292b0e5b59dabcec0f82596

    SHA512

    eb3e33da15450fa260f3402a1a9d1b92efef4925d97db52d7be58edbbc8ecbb3876f93caa921688dc662de07f1050ea2ef01b50593445e17c43c414626197363

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2d70aa0af34786531ac2c8f19cf4448f

    SHA1

    baa671aa161affd5223a5737c527bfaf6b12c211

    SHA256

    4e673f85468102a4218afa39dfc1c6e26b829da17965e16f11db3a18cf3e4bdf

    SHA512

    5098a7136a96ad18c0650423895224ee9338323de173c62a9f3e491dfb31644d2b1232b188fae6837698efd7b7a0e07c1ab3ec166c4e125f47df70f4f38059fa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0a37158b2afcccce87f6aef0c5ae23b1

    SHA1

    4ef64ccf5b1a280c3f5cdd527b4da3e9e9437e37

    SHA256

    24fd637db874ab835364c03a5343f38bb4b8002cc2a45ba9e987eb01bb00c634

    SHA512

    f09471f6ce69d4bbae8d7b817e148daf81b30aea4985b0143312143af5c8afc9ec6555c045c06092681559edb3535ce6f4818b2b9ddccfbd3285304713786286

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    355d1fdf8727612a703baf19a34bfa56

    SHA1

    36bec4eb3cc991da1a00cbecb88d85840da8c289

    SHA256

    d615567c48a99ee9a0d5972ed248fa1d97de80262887c9e8ce1a49a9aca35fae

    SHA512

    4fe41bbbf28a232abe07474b3b7803b6782caeab01519a637ff8e39200cb278029ab1f0bd5ee7c401ad3436aa16d517b7de3949e63bca55e7dd8a60f397245ac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8ca5116436445cc2a592127e37ac765c

    SHA1

    4a59369fe8f9a9958e1177c007d7b922fc34acf5

    SHA256

    f832e7282cbfd1bca375e1de07d1aa2baea3d9ee9ef92e158b246f1ae3843618

    SHA512

    e1fe9129985e7cfb28c48c12b171187a734ba657a8106fd0577f0c30add4e961f5bfa46d6ccd2b4b219118fe76805069fc052aeebaabe758ac21662a1ff67395

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    783ab615c8f0e695f81c7711c27f2fd6

    SHA1

    2a9c4117f9aebd2bc94f110f83538bb8f5060f01

    SHA256

    159d22a29edbf7e9c5db4a0610e9418741aab7cfc3d45dcbf10544d994d1194c

    SHA512

    3efa793bbe2c2b475e4294c5d6367f0b011602d4f954c1a0511039a8c111132daf31ff18ec5121d53d391b54f11901a90447f1f5db1d352a9b0044fc970444c8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    63ef9642728b3513ea9b728530e34b8c

    SHA1

    66fd023a9a00ece50d1bedd9e5476c8d7f64f93d

    SHA256

    e26800fa07a1db83fba9e876d37f4ea490df0a484b747ff56aac522ddb8c2a31

    SHA512

    332c93e461d7b371a4c4f6ef90d669eff3094b24925c7777e974eae967f5d9fde66e9ff2db08419a83da79363167ee0d3bc92721d7abb0c61b5ad899cef986f8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4f9645c57ff6acb9cbe2da3feb4798e1

    SHA1

    8673fe2e2ccf699e1f9159d8ae8b8911efba27a4

    SHA256

    31da6d571ef0f6d217505c4d348d9753dfd1746d4cde6da77ebf58f210168770

    SHA512

    5871ebbb84cbddf0858b823a55bd2c63f715d5998d06df3fc6a2e15d9b7f1599ae197da08c831f19b770f2320e5357b27cb666a45a66bec7662cbed645400117

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f0330c561606b06f4ece467a1f0d98ef

    SHA1

    5813c7f3927a3536218c94b9717b3577bf61c4d6

    SHA256

    c6aa1576309fb727dff7d525ab0d82f795b5a23173a53cb6db225ae1e74beda2

    SHA512

    1af36ce011c360dfec7797168baeb8f9efa3dfc4766a44928718be80e818e3b8be21d933593a38fc3a440e9c706ad6a1abd6da250e1ca3d73749dc9f13298bdb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2855c6e93fdc00cabfd7e125bf6d9755

    SHA1

    2f5ee01464016cd6480ed42cf2366e7de9c77fe2

    SHA256

    746ba43fbf440f0ed4a52ee28003decaf7899d870c3e650fd3aefd379dfb0143

    SHA512

    aa815427b8177043c105d25ee556b52954d1171378554d902f8672a3499319b1a8370f14e18092d9486b8586d6fdb5b0d9742c0fd9b957c4f10f0732fba2da0b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1d1b1cbe86be47996cdeb51dab3ce619

    SHA1

    cfd9c15e93faf72a30367f9783253193bfaa071b

    SHA256

    c9182e1ccaa23d8d0fa98093686954404ba4746eaf499bdc7ad2b1342bf84908

    SHA512

    b0b1359ad8d9630669079cf833045a3b14b45f445d3fe3374abc488ab52e863aaf03e43d3aaf41e46881c1447577773d69ad4445b5b33b96f4fad4571bb822e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e8beeaca0c208cd02c6785dcfc9de2d8

    SHA1

    7687031f5727801dd413ac2fa79a6885e5ff0871

    SHA256

    6a6651ec9a1e8937fdd325578fd90d25fa50463b439b30c74aaa99918f29d477

    SHA512

    a4ec7966ca79e81e15531af5b754b81f845da7b384cbc0a4a4ceb5631c50a59921a5865faa041c3c925749c20e38ad92eeb082f37ffd07152d1786be4765603c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA813.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA8B4.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit