Overview

overview

7

Static

static

3

VisionExte...al.exe

windows7-x64

7

VisionExte...al.exe

windows10-2004-x64

7

VisionExte...e.html

windows7-x64

1

VisionExte...e.html

windows10-2004-x64

1

VisionExte...t.html

windows7-x64

1

VisionExte...t.html

windows10-2004-x64

1

VisionExte...gin.js

windows7-x64

1

VisionExte...gin.js

windows10-2004-x64

1

VisionExte...ain.js

windows7-x64

1

VisionExte...ain.js

windows10-2004-x64

1

VisionExte...ss.bat

windows7-x64

1

VisionExte...ss.bat

windows10-2004-x64

1

VisionExte...en.bat

windows7-x64

1

VisionExte...en.bat

windows10-2004-x64

1

PIO/Vision...al.exe

windows7-x64

7

PIO/Vision...al.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    66s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    06/01/2024, 19:42

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    VisionExternalCrck/PIO/home.html

  • Size

    26KB

  • MD5

    cd91bb681e57855da043e87ce3acfdbe

  • SHA1

    0dd1edfeaf528b2733b0b6d280eca8cbdec05dcf

  • SHA256

    f277350bf2464339dada6f15e2b70a5542fd2b97a292263e9613d961a6a7c625

  • SHA512

    af6252d1ad067fc81eb71ebeb03873ce98595a4b7178e17bbbaae3009c2a75680c59077fa7419efe26bbd0bcc6a1084da006c574b1b991618575a7ff46e6a564

  • SSDEEP

    384:y/+QZ7PxSxrQFJwuSxmQZ9DHF7HtOfQZ7:yPTJrOL

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\VisionExternalCrck\PIO\home.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:860
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:860 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1272

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          9095a1ce32f4604c6b9da52b18276801

          SHA1

          d99b3d40db99b79854e2e972007b4d5804b06167

          SHA256

          b138f2899a06d362c926db532ad8dc42d43c1792cddf52300481cdfef0ab3d3f

          SHA512

          55a697db4d8672ed85a122bb46a6f5383964ae7c01af1c7dbfa31febbe43b81091f31794094652bfa4059938eb21bbc1c3f34bb4d88375aee2ff888982621a2b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          1d730b26d9d90866103d5109ef27743d

          SHA1

          c3d0c1368c60cd1f177d9a785833405201d94a6c

          SHA256

          4c7e13e9b13a7bb1842a391cebd5fe1afb18e4b63e1abc6dceb931ff8e6d8dee

          SHA512

          25e1df27eed203ee473c9fbb52f266ebad63206d53b60d7d17fed3182ac752d50fbc660d6a1c471505f93df78ebc51ac093ee4ced2f17d21fea3809d0ba065f8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          0f2930d1376c76ee1d898ebdc45f79bf

          SHA1

          e1b40d801be77d47a6e91b2a1659d2d238dcb516

          SHA256

          018db9cafe5a8f8d429853cc0fa58218433f81379899224962eab05402fba3c9

          SHA512

          f5a47e87c54a0186a254f5b7ef706d77aa88d7d475a5c614bbc13b0cc22902967b0115c5a5188d97c95631f6ccba98c61a65f4d8fabe0e26ccb472390dff7d57

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          db191a99ae8aeaf2d2e1f0e9093aae9c

          SHA1

          3c657bde861d0257319d370fa942326f7da23aa6

          SHA256

          4743110042cd603410f265c7dc9e6f090f9828b6276c8ffa87f9eb485ee05967

          SHA512

          25fce496fd39c19c6de160c8aae56f9f382337dc1d3462f6364975c72a713dd59ba1cae8da5f62889fc7d53ac8f117f3b80f28f3b3c70e32c4327ec0a5eb33d4

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          2839d07e27ccfec34b0f3acba5147d1e

          SHA1

          bdaf56f819bf5783cb7217ffdfb55ba448517ee7

          SHA256

          c37b63a6688911dacf553ed8653b9f3305fd64c00f8e9aa7a16585cc0ff24b3c

          SHA512

          012bca8884c95048715397a0f4dc1286c521e4602df41743908f65749ae970482316e7ea835a417a19884480a9b279058c616fe1e85ad7dd811f13d7ef3745c9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          cf9f17584886295c60219c365eede4a4

          SHA1

          82fc8a944410bbcacb97220642d0251af51b570d

          SHA256

          ca128fbcfe4e1c4afc728abe82916abcdb51a9bd2d50d272690c8cc9a04f6778

          SHA512

          e7413260ae62397869500c5fac83593e67b1dc9ac9cec256e81710cac8e634e2752da52ebb9922daa7fe616d176345c725ddb5ffcf150ec7809993ae3bc4f7bd

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          66ffb4d0df1e889139852d03310bf770

          SHA1

          ac175f2eba5e38849c3ea3baa3620e56cfc1f266

          SHA256

          373c4ecc327e523dbf5cb5113a9c5117f5972b6f35f9cb77425688b8474756da

          SHA512

          23c62302927e45549a67dac4a598aafe66c7eaaac29f6232b297c6645c8a8312dec6d5f05f4285d997b555f14534f9435cccea7a059d8846e3a7c3efe1b5d85c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          95cd6d078c6781641da5fe23b028a112

          SHA1

          0fd64fcc81cc9322e28d2e0277c86e58db488462

          SHA256

          bbf404079dcc86361ef6a55ece47121abee55b4ccb8788144ca844c4a481c6dd

          SHA512

          cef8bfb3eac26a44ec32733e84640b21578adf85f0b54f7e04492481bbaa4be2e707166a6f739a3b4526b28db671bad898daf73c5b9958f26b276fc4f2c69b25

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab2914.tmp
          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar2B0B.tmp
          Filesize

          171KB

          MD5

          9c0c641c06238516f27941aa1166d427

          SHA1

          64cd549fb8cf014fcd9312aa7a5b023847b6c977

          SHA256

          4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

          SHA512

          936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

          Download Submit