Overview

overview

1

Static

static

1

weile/admin/addhyz.js

windows7-x64

1

weile/admin/addhyz.js

windows10-2004-x64

1

weile/admin/addlr.js

windows7-x64

1

weile/admin/addlr.js

windows10-2004-x64

1

weile/admin/addly.js

windows7-x64

1

weile/admin/addly.js

windows10-2004-x64

1

weile/admi...e.html

windows7-x64

1

weile/admi...e.html

windows10-2004-x64

1

weile/admi...tml.js

windows7-x64

1

weile/admi...tml.js

windows10-2004-x64

1

weile/admi...nt.htm

windows7-x64

1

weile/admi...nt.htm

windows10-2004-x64

1

weile/admi...ect.js

windows7-x64

1

weile/admi...ect.js

windows10-2004-x64

1

weile/admi...unc.js

windows7-x64

1

weile/admi...unc.js

windows10-2004-x64

1

weile/admi...ect.js

windows7-x64

1

weile/admi...ect.js

windows10-2004-x64

1

weile/admi...ons.js

windows7-x64

1

weile/admi...ons.js

windows10-2004-x64

1

weile/admin/gd.js

windows7-x64

1

weile/admin/gd.js

windows10-2004-x64

1

weile/admin/help.htm

windows7-x64

1

weile/admin/help.htm

windows10-2004-x64

1

weile/admin/help1.htm

windows7-x64

1

weile/admin/help1.htm

windows10-2004-x64

1

weile/admin/help2.htm

windows7-x64

1

weile/admin/help2.htm

windows10-2004-x64

1

weile/admi...min.js

windows7-x64

1

weile/admi...min.js

windows10-2004-x64

1

weile/admi...dit.js

windows7-x64

1

weile/admi...dit.js

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    159s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    01/01/2024, 18:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    weile/admin/edit/blankpage.html

  • Size

    10KB

  • MD5

    ff92d12b1fc2976f783cd1b48c084eb5

  • SHA1

    eccc38c5fb315f9c16cfaa7a9153f0dc0031aa69

  • SHA256

    74e7bc0b0cd583ebe3cf36c60462d5d759d30dda3691e81cf258acf1ce1e34ec

  • SHA512

    9b0daae0b689f556ad117f271c3bf49c53e1e8a6caa9c891c40f7243b9e5a569b2f93795fbb05520551291f57745e8db0e0dcc3bce57a1a941d732463c86ccaf

  • SSDEEP

    96:mz/u9fuhSKFO2qK6BNk3ddO3dd0Jz9BHddBT/lT6FqSlddBA3ddyCdd40eU+nQf4:mz/sZKFTqM4oRL1q5p1quaQQQC1qUC

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\weile\admin\edit\blankpage.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2060
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2060 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2796

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    90e13b5437362c702511600008493383

    SHA1

    e38cdd4fb8346ddba804b353c083ffb805e839be

    SHA256

    d9b9dcea1862f672c4f9391379123252f354e40d812fb76da1bf5aadd7b5b74c

    SHA512

    d2b52a79ac29eea2b2c354f40e995e3651c88152a07c7dd84158719f143afb14ab3f00fd62493b4a5e51edfffd3181b6295eb510635eacaeaa102331881058fa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fe6af7695b02676c8c1819d7d43162ef

    SHA1

    7b412996cb12ea07c9844d53672dfe160c0975cc

    SHA256

    7bba3bca6378de0deac73a7d1d21e97cfd62f3de803edc57d7a9eef8e94d6f42

    SHA512

    9bb53305fc3f3bac62dd45db45f643ba5b9fc2f0c461efd04ba8854b974e9c09083c0483c6bf6aaf6d6b89a4b9b7c6b7ce861abad6b3a2ee451ee47f01f36f41

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0a7f445c6d8fccf8a815a39b9316f9b0

    SHA1

    06eee67456c1555a86870fc9ec5d654e58934add

    SHA256

    6211b27bc425d9f8becf48b7132fc73728af68abf3ef4b303274fe07a125b8fa

    SHA512

    5f710c32aad207596a3b5b60fbe31b40c7d3873eadcef27ddeab2a66c944b262a453fdbb1e3254eaeff1b9675ed2531c95d179a1d903cc2a171998cbb5640f5f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    18a09312191e98ad63fa2dafbe910686

    SHA1

    69f6ff3fd89231be49b8df1a18d08945bbfe3007

    SHA256

    8c9040a1bb45c9c2ab94e9552bcb5402ccc717de3c4b0787f1b99841924b99d3

    SHA512

    59f779a8734feea2c377bf32bc21f6360c4449d2ac2740640b53c32805029cf1fd07fa79ecf9e3b04577db6dfc5056b35ef376f7a54e537a4641157b9164a3f0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0b0409e374c62a745ea7fa7ea0bacb84

    SHA1

    0960a3a6cba5f3cceabd7574be9e245bbf23d943

    SHA256

    49caa446f04875a50ba3ccc25bbaf80d5f5941c4212339e48747cfd01d241edd

    SHA512

    e665dbd3686ac17973e077b2fe710dabe10a49009721d50e96559df19a183c53b31767b13df1823a52922dee58cbc54239901ec9364f121c0a0e7f74932d2b53

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cfc372349b7fbfe85a18a9f2082afe7d

    SHA1

    0c8568509adc57607ee64a455f599a35d8678581

    SHA256

    f38862ba239713faaea900b3e597e2a1aa3fdfae1c6901513f168f2be18c713b

    SHA512

    e1f2ec0b152073f7def41b3a7807f510e3fc1128f04469efac1003a3b3599385cd2e32b84354ca729828789268c9c804735f7b6520503de3eb5e76bc5064b796

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c3f967e301ac3ac38b08dc213ee53b60

    SHA1

    87ac258f6bcbbd0f940b66a79a728cfff0e28c29

    SHA256

    e85e3fe614f0747e949d3dec5bd3454e415c36ff70079a20b7d825c61a8b8151

    SHA512

    e0e07e0dedd58dca66de213bfa1165df9200737ff98e8c158d2f4d0ea0fed7d4e629a09e3ccae070a5ad2856d813e4fd7acb6372e7f7c04ee095dfe98ef4ec08

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    945d233935a9fff58b7a8fc7a54ce3d7

    SHA1

    0e316920afebf9923fdda086152fa3e0ed735a37

    SHA256

    51f8df8567e592ee2db683cc496847b3702dc6e0bcc1dcb670fb545a44f86084

    SHA512

    c0fa367fea9592994e952836bc5a0c188046dc390d4b049a3622ce1162fa37c7955f77eebb136ad3110d8687f4e115d71ed4698062c89cc40a82b1392b645475

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7f713c7d16e38fd18fa778d6b46fd5d6

    SHA1

    5c27d4f82c0d15f791b9b5c9914831c3d3c8b741

    SHA256

    b168c973d6a871322b2c5809888b49986bebe55cb4e5c8a8a1487275fad1cc87

    SHA512

    9ff646b93a7844479dd57b23b063fd52970287898251364a6c919e90d3c9cdf6c26495a67c58ea679f8d92167bbe563f5243f16c8d399a8a6bf4a3922f1fb936

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d3a60e9e7cd9f72f80793e65618d0d9d

    SHA1

    e30f65703594b6a3a4fa9d8bedcd86a74fb9b2f0

    SHA256

    5fe3cea405e497197bff38aaff1e4309b4b9233c8d10dff1fc7e8cd35b242beb

    SHA512

    6a5869825c82ac031a5f0d5d942bfcf36c6c9c91b8bbad1ddeb37e9a46c0527a9eb3a40a53af8302f41ab5321587f88429b7ef592a35aa1f7bebbd47dde9a4ee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    432cc4c68df5aaa18fadddd3f388fdba

    SHA1

    6a7c8011341b99afd978858fbd10c93da0ab99f5

    SHA256

    d4f87096054a5efb601c047c8929914914bbf87577f414d56a7f140760f4a75b

    SHA512

    40fec5bc98f3c5a17e4d099293c09b20912dd5c85de650c2a83795ee6722ae100e4bb64afa530928ea90c617df3b8acaf0698aef92341e777e287839d9e612ce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    29133d71509fc9506ef72ae5bdf76edc

    SHA1

    34682cc49cda16c5be592bda7ccb5e52d837336f

    SHA256

    8d8ad5c6ff01b26570fc4fa7e0495809744904c17550253bb4453a9661d54ab2

    SHA512

    58c30df2403ceb00f372467cf5c8c1b77fea3824a4619c409441d45e316a56104c3992abc8a02d4024be3fec661497ab0e8ce1a62b226e5559d00c49e4bafdc4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    868324ff7eb33162047133db97410544

    SHA1

    aac2b3f009dde260cc308c5545a9325dfa7cf488

    SHA256

    412634eea9df2e14a74512fe188d62c5ca0352bb8e710925a33f428e88534ddc

    SHA512

    cddb6fd6acd86f8b4be76f64c2f9e0f705eb47cf42292bdbbe2ef2c4f9fa531a07245dc37900a879145b66b1f088e3e7f17483b0c1558559bea860394139045f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7b1834d02aad8660a8c4e8a271306b68

    SHA1

    d5a9613443a520261a35709fb43a55991985df4b

    SHA256

    cb0d08a3419e1ea5b642302f6954b2286f43fa158c01e54319f6aadd90edadba

    SHA512

    e4b3744c06ca79d743d7dcbe55ec7b485fe363c2fe12b1830b211797b117b4d776320861e595376c40de9ade3663477294a6b5320db77d7ff62253177cf8325c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c3b25a013478d114bf8c27faa2bffd04

    SHA1

    29fa91e9ace46ac9a4668c2c4b158d2a3e0a2247

    SHA256

    c5e1498c742c472f5eb4aefd4cd91c04bea641c501773b30d400dbcc5c9af648

    SHA512

    8a7942ab1be61a10e43b93f4227baa1d9879d7bb03186935ff32bdab2580dde2779b415c0492121a108238c6f8f228ba48f0409f3ce5d27873260707d4406784

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c142ddb47ad6f7564caf0ea4b53a8017

    SHA1

    2dc5ad83dbe2f2f16cfc260276efdfcf433ec21b

    SHA256

    dedc6ef3c51f2258c7f937977dd8323e8e702c672281a1ea01ed719a2fe11795

    SHA512

    e98d2d631d8ed613fb48f1ff6f714ed5fd1b94d9204eaf638d631ddd80d73e4a21366fc69490e672033e78e813c35c026cb6772506c1460cbfae3cebe558b66e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF9BB.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar822.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit