Overview

overview

1

Static

static

1

weile/admin/addhyz.js

windows7-x64

1

weile/admin/addhyz.js

windows10-2004-x64

1

weile/admin/addlr.js

windows7-x64

1

weile/admin/addlr.js

windows10-2004-x64

1

weile/admin/addly.js

windows7-x64

1

weile/admin/addly.js

windows10-2004-x64

1

weile/admi...e.html

windows7-x64

1

weile/admi...e.html

windows10-2004-x64

1

weile/admi...tml.js

windows7-x64

1

weile/admi...tml.js

windows10-2004-x64

1

weile/admi...nt.htm

windows7-x64

1

weile/admi...nt.htm

windows10-2004-x64

1

weile/admi...ect.js

windows7-x64

1

weile/admi...ect.js

windows10-2004-x64

1

weile/admi...unc.js

windows7-x64

1

weile/admi...unc.js

windows10-2004-x64

1

weile/admi...ect.js

windows7-x64

1

weile/admi...ect.js

windows10-2004-x64

1

weile/admi...ons.js

windows7-x64

1

weile/admi...ons.js

windows10-2004-x64

1

weile/admin/gd.js

windows7-x64

1

weile/admin/gd.js

windows10-2004-x64

1

weile/admin/help.htm

windows7-x64

1

weile/admin/help.htm

windows10-2004-x64

1

weile/admin/help1.htm

windows7-x64

1

weile/admin/help1.htm

windows10-2004-x64

1

weile/admin/help2.htm

windows7-x64

1

weile/admin/help2.htm

windows10-2004-x64

1

weile/admi...min.js

windows7-x64

1

weile/admi...min.js

windows10-2004-x64

1

weile/admi...dit.js

windows7-x64

1

weile/admi...dit.js

windows10-2004-x64

1

Analysis

  • max time kernel
    141s
  • max time network
    138s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    01-01-2024 18:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    weile/admin/help2.htm

  • Size

    1KB

  • MD5

    cf50144721f09a879d3c91cd206b670b

  • SHA1

    dafa53402b6e4ea1fc7b692d31c939af85a1269f

  • SHA256

    098a1a0d230ca037d425842b1beccc298b82718f02dd0a7bdd4a190894c1cfa2

  • SHA512

    9095d22f89fac2d34ba90133f12df91b3c998439ec1c4424f28c108c6a5a32c0c6ac5634213472f111e2cabb89d5c45c08dd87d9c9fbfdaafcd77feadc025f09

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\weile\admin\help2.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2324
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2324 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:1160

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    576912d4b7b77af2b520553d94cdc032

    SHA1

    35fbf4f8b8bd9ae1ace3960941be50ed99ae4782

    SHA256

    91bea8a00f831b18193f983645420270d8d02864ae19b95f484f9873c7f32d33

    SHA512

    11c92a887e66f0f16e77084f9cdac14587f959e870220dcb28c30297f8e49175790413b3ac78846e0839f9d14c006db166633f64addc8bef0093fd81ff2e4c5d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    28d195ad939e7b5b1194ccf68715a42d

    SHA1

    eceebc70ee986b6b4480e5350c8e545708d01eb8

    SHA256

    dbc31843d883ec5b34e87a68d0a418c059d37725b5b10fb8df893d642fbe7170

    SHA512

    69b618525cafacf7daa481130c73aa7de470769f82f8097a1a9e4e40e9bf48f5eec7b35ce2c779e5877bbfe034b65990929519a362a91e84941617ced911fe4b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1e7a5369d3756358b8f6bb826580f045

    SHA1

    caeb7d9149a69e90a605acd4c9ea034dc9d4fcd3

    SHA256

    a0943f79ddc33949c73a6db706dc54b8740a2d10d55c7218be0b0f096fe8b618

    SHA512

    48f1a9878800fc5ff989291ff6efd564f63ad82c86833e753a597a2cb12cc41c0b1e5602dc463a5c7251da21dce86cfc7de8b26fcb472f0cb34bf5d420ba1750

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0b1c5f9373eac6dc6f1c0fd69f12baf7

    SHA1

    82d264df952bde16b043bed05724488df0864ac3

    SHA256

    aa544b439f5a8bc44fa836a35abf7464d7b09a999c836813439a38958d199946

    SHA512

    dcb0872841cf509249a7f135429409b6d0696dede7519c70156c1061541227e7ecb78a5fd3f5c7a8cea817f58d1c0280b36f5ace88d33a548773b23b1face35a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0786d3b8d1825d2dac76f37705d1077c

    SHA1

    20080d2e53005c35863a68e6d20b592916f4726e

    SHA256

    5ed4f05f44b4e2f153ad40fa577829aa8b445c22a2adcb18cb72b90091cc4c05

    SHA512

    b81306983b1609453980f25b0364520ecb4b066c72c32eaab0a673b388d1ccbe6f007145150ca14d40dce01c5efd7adb72b0c59abf47907b2fd317a891a63ba2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a484f16517bd3828691c83e8278866e7

    SHA1

    f6bfe60ff2efd625016a01dd645a580e692a8f9e

    SHA256

    00bac61c13a77a08363c1b86ca770b552582ef237cde6548a300f62fb08c3461

    SHA512

    577e611354cde46bb3b3a22cc7081665c3bf10d9df060b574b4914ba384c9c609ac5bc800f4787d0db2bbc630149eda92f7cc04edccc70dfcea37dbe14ad0082

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    638c08e1753a8376aa88bd84b6d6361b

    SHA1

    84e448788fae2154504a3d5b5c7793a28ad4a572

    SHA256

    3e75b9a7629eafe89ef6be6c0550c97fe9cd91c845c8ad69528397389dd76853

    SHA512

    c44a16670fd6db1edfcca5007fd52f04f111625a806b40ef7abeb56b04b2e3d127b6bbf4da18e63b0e839881f162b6e23686d3efdd6bef60acf3aecd3bc0a685

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c2d4150a4d36fd903b768a2f3b8ded69

    SHA1

    197496b9b213d5df89ad947770387710707e3e25

    SHA256

    ae1a8f0f4beef5ce14b73381e72fe496b78ecf4044194af3cde492cdcc4ec149

    SHA512

    c2ef7b7c9b586fb2c96d889b841dccfe8097db78271fdfb91c05ec60862859eb4765312ae604d465203a475ed6347c2c27dc6eba541760533ca66b4173b81693

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c4d11609c392590612b542ee17a054f6

    SHA1

    13ca152469ead4b38b9eef75bbf9531acf263bde

    SHA256

    6f351abe56f284110d950235256b8de38cc4b27e0fd9f5672612640a716be21b

    SHA512

    c875ad604196694c7b3f5d3dd231c83cdf943897e96f99dae21233cc287bcc66d7b18d40a3d5d251013e568d5bf0c0d4e1694478c57e667feab198d3653e2179

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fd271f2eb0e70dbfb2ceb6e4c1881d66

    SHA1

    137860ae7687d63566bb1a691a9dc8e65b0b5edf

    SHA256

    0ada9a4b5a219e62fe6897abeba99c689dd031e28232f4bcfe2de58b627cc2ce

    SHA512

    6bc4e413ad112e477ade93ecfa407ef90cb5902f839f60fc1b522b510ce2fba74126c1d8a956b85d2f442ac31cc416dba089cb7381de27cd4f1ebd942ea455a8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    26d635cb122a57bc403d98a2dd93891c

    SHA1

    6b405cd7c4e94c0d8ca88dba268b7e33794cd208

    SHA256

    d9fde8f0c465f54d5bb318bc160d307ecef051d631df437e62e0568757e5d146

    SHA512

    b1dcae1a6864a346262590bd56600d1b509e1636845e591b6abc8fb049f700cd1147e704d534cfb86526539ec90c8128e071453123318ac30c3e6aaf07a42a50

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    02fdde059a21fed2e37c28bc08218511

    SHA1

    5d322438be47f3579296c473d9254ee4a398ac59

    SHA256

    74d41b52a25c5129406c6fc370b17f8869cafa697692d137488006f278f98869

    SHA512

    2f61723edac5ff8ee0028de9d2810e6d06ba48913d8b6d43dc52e82d64756272cc1b29d40173014b6d4157021c033b6294fc33628828acab232ee2563c056cf8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    545a63f507568dbfe06749d155a5073e

    SHA1

    1eec091effe58859bb27a5e8826767e1e7a34a8a

    SHA256

    8d158ba3846c0f27665a3823c649641ffe3f740192ce936c7ff1d306e032d4cc

    SHA512

    5293115b4061ed1e105105b24696fb4cda1d37b6f48de25f7100c4f78ec487b317f575f472db98265aab7c7e20e1f981d325dd65ba57f928c0d597aca1b1e809

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2CCD.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2D7C.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit