Overview

overview

1

Static

static

1

atarone13/...orm.js

windows7-x64

1

atarone13/...orm.js

windows10-2004-x64

1

atarone13/ap-pages.js

windows7-x64

1

atarone13/ap-pages.js

windows10-2004-x64

1

atarone13/ap-save.ps1

windows7-x64

1

atarone13/ap-save.ps1

windows10-2004-x64

1

atarone13/atarone.js

windows7-x64

1

atarone13/atarone.js

windows10-2004-x64

1

atarone13/...e.html

windows7-x64

1

atarone13/...e.html

windows10-2004-x64

1

atarone13/...n.html

windows7-x64

1

atarone13/...n.html

windows10-2004-x64

1

atarone13/...w.html

windows7-x64

1

atarone13/...w.html

windows10-2004-x64

1

atarone13/...w.html

windows7-x64

1

atarone13/...w.html

windows10-2004-x64

1

atarone13/index.js

windows7-x64

1

atarone13/index.js

windows10-2004-x64

1

atarone13/install.js

windows7-x64

1

atarone13/install.js

windows10-2004-x64

1

atarone13/jquery.js

windows7-x64

1

atarone13/jquery.js

windows10-2004-x64

1

atarone13/...e.html

windows7-x64

1

atarone13/...e.html

windows10-2004-x64

1

atarone13/...age.js

windows7-x64

1

atarone13/...age.js

windows10-2004-x64

1

atarone13/...s.html

windows7-x64

1

atarone13/...s.html

windows10-2004-x64

1

atarone13/...c.html

windows7-x64

1

atarone13/...c.html

windows10-2004-x64

1

atarone13/...t.html

windows7-x64

1

atarone13/...t.html

windows10-2004-x64

1

Analysis

  • max time kernel
    2s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    02/01/2024, 15:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    atarone13/help_msg_delete.html

  • Size

    267B

  • MD5

    c76d8e21c389e044ac7280cf981d70f5

  • SHA1

    a44653ab4632f856fb1c3b0f40b96666f5c84e16

  • SHA256

    2c2d23044ba95031c4cec3dd56350f5cf1f1d6b8ba7b4e6e44eb8da7e51b0567

  • SHA512

    14e4aa9d00f8f640f2c2946dbb3ec50f2473e3acd8ad6f1c0ffc80ed87d48a67ed9a36b485daa547f5bb1c1191d75694022b43f0871d3d009ad6aa2af546fd74

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 24 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\atarone13\help_msg_delete.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2192
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2192 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2720

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    61d32ca952dd556d2ab3ab18fcaa34a9

    SHA1

    4f31e438a4028fb93034185bd57837e3ed815d92

    SHA256

    cfd223affd44874ac38e67954c89e18008d8f07c54dcc14e3c193f7881b22c1a

    SHA512

    1624ac5c07f39f66b65ed6da1485e58e816e2740fe8f471939fcc3ec4337918b3611afc9b2211b896a3540ae49a5d5fa82da1d848206557dd99aca22cd07da3d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5ac22a4952694b3f13f8ffb77effd1c9

    SHA1

    64ee96d653b2e0b820531c6aa9ce001792c8d86f

    SHA256

    4cc6ef77e6342abda024ee2eaeb9fca66d91063f82f18bb327f9c8cd62f095b6

    SHA512

    4b9e5dd96586a4b2d9fdd8d26ff2225ed3a9006be842b87b8b4f099c62f67d16ca7c87a641c66485590342e58191d4e80c8d0f549f2975df0ee82cc04f0129e2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    87fc94995b501b409ce12eb8f468ba20

    SHA1

    0262211d99c9efb242c7dd77b1042801bbc2a7e2

    SHA256

    d71edd804e7768d77073f6fd56690a4b170f402c158caa9b5cf467489c9e34ad

    SHA512

    d3a0cd51581164462ed7a9ddbf017a1f9a5a54b5907c259d9dc916bb5cc4c32c22f25afa5c3803bb774ad095d41668f40ece76b8a5e092f22daf173bb126041f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    26b3e39d02520867a74de918516c4f68

    SHA1

    c8aa6dbd9a4d8975a3d33d692bfb8722c36ea087

    SHA256

    3e3247a7df6099d1e31d965f5be099b77f0262f10691dc4e53fe24c727021eb5

    SHA512

    00bbfff6fe8e493264999f7ea7baee8c3604f1ad497d05c32d99208b0fe612962b83cbd69f2951cab738e821b893a0b1541f7e895b5f91c05db15658cbb8abdb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1352a4a21bd9d4503b581dadfabbb836

    SHA1

    0c367afcc7f64df972607c62de3c679f05935a90

    SHA256

    e5ac03b4a1a9406e4a138d430a9c98ebdbf2c608601d651270e2427e7be548ce

    SHA512

    b694e29541bfd1d6656b9cde9e40ae66bebc483080e1fe0008bf758be9add1132fd065c02ca436088530596c5655dd865586d66cee315127011ed661897f2af5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bdb652b0edb8f8dc1bd30b5645df4ac4

    SHA1

    fdca0de4261c82f9479d5ffc6b05658c34d9983a

    SHA256

    bd85f3177e19c1c08289bab7287ad691f11a2b0014c6c291cd3bd3ee23d95983

    SHA512

    6e3b480c500ea7c898d8606454127358048776e7cc9c95ccbff2224e9ae79d4359d7e59524356ae8b8f3d25944f729d124ebbcf795c98bdb843bd00ba2be84a3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    469821f6f9105e75d3807ab5a7d56be2

    SHA1

    43df9fb11008946a7fc6d7ea364e74c6c6c4b24e

    SHA256

    9097720b382f35c33c0e8a4066628469450f2fba63dfabfc010ec463b461e359

    SHA512

    8a59c6bc7413266a090abf333d1baeaa30ea34929edc94fee491a20919c33d07e2fbe665487ebd52931dd702287a229b4bbc8be377174a7bf49251ff5edbeda8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5930999c29ea8661f9af8a86b86fbff9

    SHA1

    dd3e9e7d17dfa0300c9e20b05b8fb9e943d55022

    SHA256

    6292a4a3d562652a3a4e8c2c6f7cb4f6dbcaeb3a829a3141bd40fb6565f28776

    SHA512

    adeec387359c3b1393ea456890851948b4002eded8715445f25c1f1274ebc144647f34e670c49d17a49af2ddb636a3196aca2d45c0dd2b18ddd408acbf52feeb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5bda0ca38d0b6acb177751ac6d45cdbf

    SHA1

    38dd9d7bc9cb31b20945f2e55ff0f983219d4794

    SHA256

    d4809d8243254fb54708002346ca1e14e2994ec74e7510978e3f61f485dde564

    SHA512

    a76798c1dfb27de5abc4e006aa233162f46d405a227b7275d0fcc5f6ffd42da57f1a2e8f1fcf86db10eca1ed53a400f91678969d4ae764323c5c275b02eaf94f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabBA0F.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarBA21.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit