Overview

overview

7

Static

static

7

546d615dea...25.exe

windows7-x64

7

546d615dea...25.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ll.dll

windows7-x64

3

$PLUGINSDI...ll.dll

windows10-2004-x64

3

AD/ad1.html

windows7-x64

1

AD/ad1.html

windows10-2004-x64

1

AD/ad10.html

windows7-x64

1

AD/ad10.html

windows10-2004-x64

1

AD/ad2.html

windows7-x64

1

AD/ad2.html

windows10-2004-x64

1

AD/ad3.html

windows7-x64

1

AD/ad3.html

windows10-2004-x64

1

AD/ad4.html

windows7-x64

1

AD/ad4.html

windows10-2004-x64

1

AD/ad5.html

windows7-x64

1

AD/ad5.html

windows10-2004-x64

1

AD/ad6.html

windows7-x64

1

AD/ad6.html

windows10-2004-x64

1

AD/ad7.html

windows7-x64

1

AD/ad7.html

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    11/01/2024, 19:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    AD/ad10.html

  • Size

    1KB

  • MD5

    e7e2a181c6264ec02550eca0f0a46a9e

  • SHA1

    0156ec87552e25f1aac7045396ce7fb1a97bcb99

  • SHA256

    df86f4d7380dbe657f5ae4d5401194ec191096cb068b95ab94a330227a6613ee

  • SHA512

    066416596f81aedf9caada40e05b01330cb46456b6670b8b20da5220d73084147adcaf48b4dc84f5c7eec3041080f158ffb6de30326325d81b83032a6b5ad3a8

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\AD\ad10.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2836
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2836 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2756

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    75c85d97b9c4f1c6edfade98d7c55f8c

    SHA1

    d53096cee04ff5dbc7bc1d9eb25bb4a181396cfa

    SHA256

    570f9578ff1e728b48e6162fd767847cd3d37d9e9835b49cad710e9352a79bc9

    SHA512

    a67e434aac4f3235b033ea2726fd4f38babc2f01dc1725e9d86cf264f3acbdf0d2496e613fead847f59fe3459df0826afd8d39c55a2a948f3dc0db67d92cfbcc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f8c524b6cb15de4063e35ccd3021ee2e

    SHA1

    e86e5eb095532bc2ceea58b0c1e4f3fbd31ac9ed

    SHA256

    069f5fef439d005e6a1cf8214b48ec731f25833e0a8de730fb82902dc2a1d407

    SHA512

    955df4f3b17356c30534c3346be0b3560045ec12df516e724110ccac3152bcb16e7f876d44641bd6fcd80aef79b7addd53060f26ebc6f6811b9cf794ee88641c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ebbceacb0b8537027e0d39e3fcff8e57

    SHA1

    2bcd6a38a8c8c5c23d674fbf521d15c6e45ff3fd

    SHA256

    8d1489e7af4be92137cfb583ffbdc527a06dcb8e21eb857c23a23f504b9f6c4f

    SHA512

    41f52df862dcd607998b02268977112457994c5aa0b17897d5f19147b1d9d509a4b3cee29cd2e10f9951473921176276fecbb017233cf9491b3afbe8a18eca9e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c047dee95c42bd2d8e06f86edb1273dd

    SHA1

    69f9840216c0d2c83fba18c85e010c5d1e47d602

    SHA256

    f0d83721dbd23e97f2f7accb97eaec4e1fe9a97998db03894353df9965e9ef11

    SHA512

    c6846b4d3e493936c0735b74686293c27b7915411bb3fb49038482b687e28eec74e9d2be85c3e9c0085652661e139d44e25098787c9b8617687adc2a2f9c8803

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3f028abe101e1e0de09f41fa701503dd

    SHA1

    da285a6abed2663f98e94e3fc4f77caea2a69029

    SHA256

    d0fd799813b23cd3e7256999982080672ab3964150100aec8302506fd016fae2

    SHA512

    9ffb5b658434a07e9932b82638716f3b8e4736ca26526672eb75c6eefe869dd138bbf72ed159ba43a64904782cf6e9af329c575807d463c3b859673d3c5332ac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ea6c5f6d5dda34abb3200ab1885c9bbc

    SHA1

    749ec8cb31085b25f0912630916463b7e0473090

    SHA256

    8ed6181df86573952788c51565cbf3bbf28440c633bc263ec27e46fd4131e53d

    SHA512

    5fee6dd85cf4c9c1ada4379f4a0ddf705e939a8e119ddc61b610ad5c81cd0fb6e77181b4159f1cb3b1b20d6a4ed5ae9848b1e0ddcadff0bbfeb3237027f92321

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    64ebf86794148ca2d231ace150901535

    SHA1

    8fce5ec0519573ef808c24eb683a63e4d563f521

    SHA256

    12ea15966ec74affe07e2c6bd7e546cd9562851a7693f394c0381a2adf488826

    SHA512

    a73ed42727f9eb0e1548628ff3166a73653134284e48f17f2f13bbee0b04f4e3086e6060ca99af99948eb6960af4eff99c617f206a083d144a6e282a3974da65

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fe28490cbdb8b3afc6261ad06278e865

    SHA1

    3637ac32c419846b29cba306d97193aaf98c37e5

    SHA256

    baa036c98702049f54b179aa9e74fc8b09fd82c80ee8f666cf806603aa2fe2c7

    SHA512

    809e1595d0213e95dceef841af177a3a7f821f72012830c032b3e68a00e6aca72d49da0384a8649757a3be44722a3dddf5f6870d2e43770c030b477b61bb3603

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c2942be31d827c42894dc2a94a101407

    SHA1

    8eec402f033a7ce1ead43ea67516bb28cc02ec13

    SHA256

    5c16c34daea2b5a306aab4b82d0a44cb89aa1fcbf7f076bbe29c021afcb7d205

    SHA512

    e23b366eefca3953665449acda48c16f9bdc10f5e63e86e22b979e6322dc48e1465d7a449f55455691849e6bec5b73f47fbeade9283159d60d460ea06b93f025

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f4934f9244d2f7ad37c7128e9d877b9e

    SHA1

    15e87a16f4ac19bb5952e7f464a2aa52a49ad8e1

    SHA256

    dc3fd7ad65bff797ae954d9dfe5ed68a8079fed18143e7fce301abd48ff7bc97

    SHA512

    6ce2e0f6c2210b57bd3d02df300c046eb18b2184220f65cfbc2de04b5707b042cb52917e1b6a6c88517264917a974dccb845bda0c242b4e281dcd27693b4ff28

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b171abff659cc18d2b85816592455b58

    SHA1

    7c6df920d36098b3e398c02dfa564c4435bd6467

    SHA256

    8f6ac4a395a33ac7f54e8464d87b2380833be42a931b456cc4b64d2bfd0238ae

    SHA512

    dc3103e32506d2e137b025b220094b3442bfe4c0cba2841df86d8c248b3c32dd7bdf2ac7cffba550bd364ce44f8f9e244a1e6fecd58e32978e32865b5698eccf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9757a5e6e10110aa869d49effd0a990a

    SHA1

    014ad22ecf45edfd05cec829b9af35670b4b124e

    SHA256

    a865f0e70547559fee25a783902dab455d1dcba46188155c659c1c2ec38a4088

    SHA512

    4691791fa7c83dc6990a9ec741a47f20e42b4bb27a5415ff85d3b55b27e965f5d51f8675435e0a6df20ab77a8d6aff99b2208f7bd260b9ae721ddf60915e1428

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7be52148282ccc701fd41022bcd20e23

    SHA1

    d5a8176ef08d4820d04e8da8ab4bc5b6e0d0aa96

    SHA256

    e83c4f976e2b727003780904d49d671d037ea491b62b52157c09e78cf602434a

    SHA512

    dcb7c1f1fafce196e9612e12fba25677471c2e0341c34166d6284a981ffdb0de529ee898e6c8a54407f988e51c009e394cc15407550a617223303e5f3fab36cb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e5d34a3f19f9a4aaf32a4fad603079b0

    SHA1

    0250178a30dffca4958c41bbad6a92fcf197c3b4

    SHA256

    d09c30a9bb9cee00620d5ec18275ffa5a87146ecc2c3e39c461bf46202696b0e

    SHA512

    32a7e4d93c254cf34d2bf89aa85e66428a34f810f89303df0c548bcb5e0a76da3f11fb7c8e81068541ac22499678d46d0c67b8b1268a0fe53c48211b1c92d2fb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7ed2754d847d9b034cd0bce918620c3c

    SHA1

    84ddb3ebd61ed7bf548e6d8abd11b2172368bc3a

    SHA256

    349b2d5b0bf5efe34308efa127b0b9ba5ab18bd075d897d6c176b52a34247910

    SHA512

    f376cdcb4fb55b5201628d633e3df3dc1999f633a23071dad3f7ba7f661f6529bcd4bac77c497e062fdb6a91e2eefaaa09ceaa0016651b99e0af238a9f7c038f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9628.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9737.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit