Overview

overview

10

Static

static

10

Octo Banki...et.zip

windows7-x64

1

Octo Banki...et.zip

windows10-2004-x64

1

www/server...kie.js

windows7-x64

1

www/server...kie.js

windows10-2004-x64

1

www/server...ery.js

windows7-x64

1

www/server...ery.js

windows10-2004-x64

1

www/server...vnc.js

windows7-x64

1

www/server...vnc.js

windows10-2004-x64

1

www/server...p.html

windows7-x64

1

www/server...p.html

windows10-2004-x64

1

www/server...u.html

windows7-x64

1

www/server...u.html

windows10-2004-x64

1

www/server...s.html

windows7-x64

1

www/server...s.html

windows10-2004-x64

1

www/server...o.html

windows7-x64

1

www/server...o.html

windows10-2004-x64

1

www/server...w.html

windows7-x64

1

www/server...w.html

windows10-2004-x64

1

www/server...s.html

windows7-x64

1

www/server...s.html

windows10-2004-x64

1

www/server...m.html

windows7-x64

1

www/server...m.html

windows10-2004-x64

1

www/server...s.html

windows7-x64

1

www/server...s.html

windows10-2004-x64

1

www/server...s.html

windows7-x64

1

www/server...s.html

windows10-2004-x64

1

www/server...r.html

windows7-x64

1

www/server...r.html

windows10-2004-x64

1

www/server...r.html

windows7-x64

1

www/server...r.html

windows10-2004-x64

1

www/server...s.html

windows7-x64

1

www/server...s.html

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    156s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    07-01-2024 04:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    www/server_www/rootMD50MA/panelcGFuZWxleG9kdXNvY3Rv/tpls/_vnc_help.html

  • Size

    911B

  • MD5

    a31f84e1832b175afef045bcc6263fc3

  • SHA1

    39acaa62912a0a8d1dbe337a0d697a804608ff46

  • SHA256

    c4359224e99f8fb61e3162b1343a3b2cd3be4e5756a7b911a83f6598933a98e3

  • SHA512

    301dd41c3196be64dad70ca2f5348d8fc1c0e001044939e8b2cd5706146c3f64eb70abd7abc44196ac69d782581bc1ae9fd82e7b0ac310e3f8ccf2f430fc1fc8

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\www\server_www\rootMD50MA\panelcGFuZWxleG9kdXNvY3Rv\tpls\_vnc_help.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2988
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2988 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1728

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f3d58210a01f176dd4bc6a3b6e539b80

    SHA1

    3831d737f381131b2ecc7e348f3f624e7c2e96c6

    SHA256

    3c9d42bf2c0befa961f7e4b85fbfa10af2c6f3dfeaed696e06acf99892c29341

    SHA512

    57e8081e0d36c29ff3e63f5e8178b3061155dde681820be00c580a8dd5352297eeabe245cec4d8e588ec51a952da7bc8d2900d669e87dd5f641fdb0dfe91f11e

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    74baa28c2c682b38cd41ce85554e2130

    SHA1

    2a9bc9a96a0bb9efd4bb1e61f862b4e20f1ece85

    SHA256

    79cd09c799eb4ca64f240d7614c09887dadaf02ee717268c572b31b6da60a60a

    SHA512

    e957228bcb31545d911ac3e30726fa0c4ac828e1de250c2c411ea0a84b1fbbc052de67e87a6bb63fe13efd903dd8ae47521f7800488bd48729b96c6c97d1a4f0

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d2d7c5d9aada9d9fbeecc3bdb2faa874

    SHA1

    524634900dfe2760250165b16096f57aecb0b6ba

    SHA256

    0a00c7244d768eac30240fc9f9304ef9473e97f96951adedcc17aa2801df5c43

    SHA512

    ec226d347de720b18da91b838e9c5286c18907d7bb7fde527690a3f1bed87d63c7e47c374306ee7006ec907f8c1c9933ff61946ef718bca4bb39c7f79b14c028

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    58de8fb039ef2ee9e987efc0a22184bb

    SHA1

    be812212afa79a5dd51fbe8d3b80bc3ec75a3677

    SHA256

    959867a17f656e825f8356009eb993ff379a80ecd751d6858a737a553a1c4f85

    SHA512

    882a69475c0a831631002bb29d245ffa6115b1afff76c017117c9475b175f9a43098bfdaa2638f1fa823f2957e09ca7a4427a48eecde9a6a8628f294e3266e42

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b983bb415600b23efa2bc72097f7eb64

    SHA1

    46ad13ad66f301ca5656d3890183ac0f186eebcb

    SHA256

    5b0aa87493b532fad40cf1b3c5aa11ad006a6a473daee20554e32779d2ce189b

    SHA512

    02a4da02e3c96c435c9ac7ad4189f4b0cda3d79b304e2e6c494edfd2ee5206aae1f0b295f4515fbd1310f36976542c0b872ff5f10e40d68e95bef34f289bf2f2

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3f369ead0127b66e1e4eca8685487926

    SHA1

    42c5d2fabcada416baf4851e418c75ca5bcbc174

    SHA256

    4c737f09ff5a16da594f247d70e8311038e4a12c132fe8a44e27a6ca27bfc35d

    SHA512

    9d99ced0a2fce932b7ad53a405cb8ee42e504425bc8af3387b4934b19e08bd7c33c127d72d3119655e2d9608d2691a0c569fe8cb35eea10f6ea560b9ac32d439

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f3679e6de5740af09a6c7936fe57b784

    SHA1

    9af4ff6bc40c565edecc346b0c1451c84db89b42

    SHA256

    f0bad86e972d98e963258f6399e8c521b0411a8bb816488087149b75f379e6be

    SHA512

    1a13d1dc450d9967db2e38631f50922b6255023226a586f99788d677efe0b772934e6b40c0b4bde43b91c23b6a3434f1e0ceaf15d30570ed499faf08dc317fe9

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5619dd8d6dabbf0e22dbe87e92b958db

    SHA1

    0dcadff8c2d335fe6d6c008f9ae37d26e519e063

    SHA256

    b78ef99178a1f011e80a5082414b85aee9079b69644bc27d8db2d5a6c11f91e6

    SHA512

    7ed7b7ced926e9c0b28d36b9af13c273f75bf78dfb7113001aff3b6fb15368e10c4bf2375f37fa79c0418a0487b01b71c1352a3765c5f33c86d92cd15d4e1438

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Cab92B1.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Tar936F.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit