Overview

overview

10

Static

static

10

163.5.169....r2.hta

windows7-x64

3

163.5.169....r2.hta

windows10-2004-x64

8

163.5.169....r2.pdf

windows7-x64

1

163.5.169....r2.pdf

windows10-2004-x64

1

163.5.169....r3.hta

windows7-x64

3

163.5.169....r3.hta

windows10-2004-x64

10

163.5.169....r3.pdf

windows7-x64

1

163.5.169....r3.pdf

windows10-2004-x64

1

163.5.169....r4.hta

windows7-x64

3

163.5.169....r4.hta

windows10-2004-x64

7

163.5.169....r4.pdf

windows7-x64

1

163.5.169....r4.pdf

windows10-2004-x64

1

163.5.169....r5.hta

windows7-x64

3

163.5.169....r5.hta

windows10-2004-x64

10

163.5.169....r5.pdf

windows7-x64

1

163.5.169....r5.pdf

windows10-2004-x64

1

163.5.169....r2.hta

windows7-x64

3

163.5.169....r2.hta

windows10-2004-x64

7

163.5.169....er.hta

windows7-x64

3

163.5.169....er.hta

windows10-2004-x64

8

163.5.169....r2.hta

windows7-x64

3

163.5.169....r2.hta

windows10-2004-x64

1

163.5.169....ry.gif

windows7-x64

1

163.5.169....ry.gif

windows10-2004-x64

1

163.5.169....nk.gif

windows7-x64

1

163.5.169....nk.gif

windows10-2004-x64

1

163.5.169.28/cmd.exe

windows7-x64

163.5.169.28/cmd.exe

windows10-2004-x64

1

163.5.169.28/cmt.exe

windows7-x64

1

163.5.169.28/cmt.exe

windows10-2004-x64

1

163.5.169.28/fd1.exe

windows7-x64

10

163.5.169.28/fd1.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    121s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    10-01-2024 21:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    163.5.169.28/blank.gif

  • Size

    148B

  • MD5

    19517fb39a31be6b8d7ccf53ad84908f

  • SHA1

    ebbcfdc6acc99f7aac3bf7fe72bc55f07f03f7e9

  • SHA256

    3cb0e54babf019703fe671a32fcc3947aab9079ec2871cf0f9639245cc12d878

  • SHA512

    be752ff4c7aa3ab46fdbd93555a17e422e7c8b8661f40f899f51ec9393b510dcb2e66436a4f2c78a42af77dd95e01a3438c88cfaa3e0b02694c1912d5294ee16

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\163.5.169.28\blank.gif
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1472
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1472 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2060

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a778cdf8a52f51e67718ed4070296b3d

    SHA1

    de592cab485015c3f5d41c0a609b8d20139ae423

    SHA256

    1e999eeeec400e8e175f9a2072fa2f5a5681e81ebac6c9d93b37922aeb48b6a0

    SHA512

    c4fdbe91aec58f01d85e14279c5ac19edc370fc9e179f3b7e9f9ce5a00cdaa82a5f2017fdb90c917918063fcaecba7825300f6017dd978472cb7d6a0a1f15437

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3ba53a6a47c9294f1080edaf55a1d8c5

    SHA1

    5d8f0213ed8c50284a34066ace0181e1927c2da8

    SHA256

    e4a081b4fb03965c3a20a8c686c2e82164b5c775ff09e35eed03e693e46adbaa

    SHA512

    71c7abe26ca908b991f02b2bf175f96284e7096ae9be462ea997f8dcf9933a5bb3c42c953d7b3c18ce1ac3b225889439ee0ead9697887e313530d22e40460e9a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c67b90e2918fa24f749c30cf3bb6ff76

    SHA1

    606dca6b5d4eead686e721a748c3866fbc7cc228

    SHA256

    f55bf1a5f315d0cfef66cdcc844cc5421d497d9ce3ca7577e2718fb10acfa291

    SHA512

    fcf991a0241eaf154c43db07a1f969cdde3b75537f4dd838be5a0d68a035205241aeb3018824d27197001fd98730124f9485c2cc1667d20947d3441642832164

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6e3fec544583174263c08d57a7984946

    SHA1

    c5e148ac650f3b9c3a0683de52ec33f85c93002b

    SHA256

    2b7cc0950367c7963dc25dff99a7f9c0372fee3ec8bf5560f70ad2136bc1aeb9

    SHA512

    4e9ce05b623a1dd817c9dc13d841e0d7896f64fa86f286fd32fbab14e3e395a9324efa27ec4dce6e97304cdbabe83979b5dad0fb0618d21ad6a5bd1e32a1c80d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6a146690ac46739f88c4793d57590c97

    SHA1

    dd293c800b40f4cd2f17499ade7f16ff3b7ab28c

    SHA256

    7ebf01593ab62ea1beef7b1842237b932ddab2f91f7bdccd2ea05f441836c86d

    SHA512

    415b2981a381e07b7b5a28ef228ad1e35461f9cc7b4713666e3f9c627f5808cb94c3e3351ff478614a204c32723beb4a1d08d5b2c1bf85668db45f5c5c33c29b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    438b8f77782dc6d41b7dba618d4dd37b

    SHA1

    4ef2c80c178a70909c1028167b0ea26210792289

    SHA256

    c33585877ae633c0db6fe645b8755033dea920b3f5421b81ed3c4a987de8fa7a

    SHA512

    0b06271e087a9fb161fb260a3f95923903b1d9a8bd2314bd4768706f7120942a6f1e6c17124e872421cd2921308b08882e0b1254386bc074a763b34039d599ed

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    26eeffa6c901fa21fb911e9421f0ed3b

    SHA1

    805b26c0e17978baad2f7ce9f1c75b967cb90677

    SHA256

    4074e654414197c0274e69352dcdb66473551101e758a1e6b0e7226a5ac9e22b

    SHA512

    676fa359665b9f47096301cfb8b9f5675e0e0c76320b656873f162c453f92087db8d7aefac435f1723f357a8a429dd197e04395506e8985ed778a1def0879e0f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    71f82d29051bbf753798debdac6233cb

    SHA1

    3e24ad46d888c48dcacbdc474a3db5fba4fc7c99

    SHA256

    2d78b97664e709f153fbc80294c1cd2a86409bba7442d709436dff5026241d1f

    SHA512

    c83310c0a76f0111173e18e7daa8b6a94a09cea5b709879fa451275f5f40e49c61e8c0b1f1b53b559720f4b9ae9e1f92753c3e1d6b60a5043f8656eb28c64cc2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eb097b65f6dc926d668adf6e3069479e

    SHA1

    7e8ccb07f24ed573536b9f1526d595abd33c08bc

    SHA256

    c5f0ffff9eb3e7d3f74f94dc4e1d0f9a77f30458b9776aa0238b3e0badfd3a02

    SHA512

    29654d4f185ac1f89b892dae42d4191b70f1a8722561a302200ae0569f9f64eaef9e542e4dfc2dbf18d698ad662efc1f27c5631b0454c2c208f469c2c095a216

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0f510f0e513bdd3c708693aef43f4142

    SHA1

    9dd204723780288852965ce37e33dba4d114d5f2

    SHA256

    b2a547154759cca831ce023c2ca90b4f03efbfa13d67e0fc784ef9eb7f0fd808

    SHA512

    e0031a43cd55af9feb53f7498047e9e7e8770204f8e48fd5d18692b6dd9db8dbb39770d3d8c1e1f5cfefa182350507c561755b1dbf81b29fb707ebdc91bff8bb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f1de7a29f20d31520b6eb9b3783e4043

    SHA1

    73d0f26cfab03fe43fd5dfc5716afd8a5500a653

    SHA256

    7d448777498263842a62102ce2e323374eca4e4b0d468703e8742d02c49039a4

    SHA512

    8de0abfb9077d2730da4857fc7b6e6d5896dc9622ae2f6e0bef87f567f44517db82e8177a7942e3d22164cf110af40ba5172bd3fbe700e9af0a7ec1b4ebd3c91

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    596ae87552593e18c6a886196739e899

    SHA1

    a88e1e6eefa75c7ad19a5085878e80a93d4cb876

    SHA256

    e320c3ab06b081f55a803ff4e69fca0c794ff48c5c758b968722ebee3174503e

    SHA512

    9235dd00ce40cb13c046e977c7257189b86b06ebf4e8db3cb39f8cb47a65137394ae310422cf006264c48d2258be2d54c67ab2c2b2084dba4e3224031c50770d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1668cfa63088bc0970f9a96a0932748a

    SHA1

    8d9160dc4bcb84cebe4a36dcd20fcbe4a8ded508

    SHA256

    165c3e332c1d5789c0ae7c7d3208a6b9ea86464a67ec0a41324a52aceda5cd29

    SHA512

    a881cf0037300e1f475ccb98a735034f3c7ea1e9e2803aed8cf3f3131e128271e21fc79e91fd3783f228070c248809f56a5679c4cb4991b9dc9b25185122ab13

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD607.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD771.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit