Overview

overview

1

Static

static

1

Darkness.l...X.html

windows7-x64

1

Darkness.l...X.html

windows10-2004-x64

1

Darkness.l...sc.vbs

windows7-x64

1

Darkness.l...sc.vbs

windows10-2004-x64

1

Analysis

  • max time kernel
    126s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    12/01/2024, 01:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Darkness.last.mod/Agent_X.html

  • Size

    6KB

  • MD5

    efac5f4b81bd852573c25172c8f064fb

  • SHA1

    d24ae2a39733ef06431399c768c54cae7232c2d3

  • SHA256

    e193f03f109b2079b0d3ecc9a05a24b9b4e4c9d9eadc4d7c20c5a623ab463467

  • SHA512

    30d1c43f6a6bfc1f68f1689242f9e67efeb7ed623ec18c41563d7e4494f4a58c7ff13e9e8ef8da80bafeaf8163a0ff0bbc2f55f16bb385ebdb4583ed3266435c

  • SSDEEP

    96:sV4FEM6Y2/CNgyCGUF0zL9knkOQVWJdDJkI4JUdPIsizxNpcqHctReL3OHlzTFC1:sV9RGCqqkc7zHu

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Darkness.last.mod\Agent_X.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1968
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1968 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2740

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    406cf6020b064a40f16bf3153e821c6a

    SHA1

    aa4212b113be37a79d38ddc3a6d2df7ec9c4a8e8

    SHA256

    2c46c0a3a01d791e34040ed25df48d6e2ff2800006c0ceff9b09bb5463cf4f24

    SHA512

    0521f8cd2b1d836c58205551efb037b4783abd9ff94f9586cbdbb9ddc3d1aa9c77652c7f4cec7c5800ad8f801cd7e44e780ecb91bde7a905d1ed8a7d197c7404

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8fa9b3dc762f50749bd3fbaec22c6beb

    SHA1

    845f540df43d4f19da0f19acc1a8641ea6c93c88

    SHA256

    a39286628fd5c2af04e7bf5cdae12556187c9b069c027dfacaa747d49e2e7f91

    SHA512

    123d1c141ec298b12f14a8346a6b759b3799de922024d7e641a1b2151ebe11ea572bdfb8b0421d1f8c0dded017dcbdb2a3bc6ce28f2949705bfe0caa4ac042ae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ce7adf392760a72f12ff55a0b2d287ae

    SHA1

    ccb369633a9f2a7644706a770094ea0011772763

    SHA256

    a136de517f54a0d22e9641f44289bec04d7cfee5609c01aa0cbf031dffe617eb

    SHA512

    9f401ac49ce67197b8fcafa4f8e269f3e581182586461319ca2d209aa786c7bbfed94c1b9b9432b55c445edbacf286f1d28a96d642bf1417f4039376420ead30

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6f65711bbcd22647bd38b195f48b0d56

    SHA1

    c05ed83db51c47c4f259196ef4d9aacbbe44d6e5

    SHA256

    9529a5ed3ba5de3176a2917515e9c9868aa080501598d7f85cd919ac669a2265

    SHA512

    717809b05d3e0ba843697b21708e761533175133ec60d71b9c26b8ce7f8c94e0cd2b36d05b8a0f385d39f7fc204be3c146dff39fc9237b532ab7795db7f097bc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6a155078b95b9d6b7e7c565bf46e80d9

    SHA1

    f1295f6315861a5383036cbaa45d1e6cf9bbde7c

    SHA256

    4c831e3675b35cc32bbbf91e52d2a49d580eb93f510b25e60a45db535f6b4770

    SHA512

    477a717edd2d488fbc2e2fc59508b0f39924ea5ef234e233e98ec1165bde57e2d393f8dab326758959b80451dd2df61b0d04df9d66661f06f1e84fb660dd08e2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5f34f2e8787906b439b37c4a18e3938c

    SHA1

    dfcf1a3cdc773f898f28040a3967f00eb0fac4a4

    SHA256

    1fa8db61cfaf0c1bfbf51d5bb5be658dab9dc97661d3ef1a4ec2ab327f4b1d87

    SHA512

    6cc9a03d9a92815665e61ba49c0a29131e4cb7204d35242f99e12b7ef39bb7e5ca16e67499e6d9fb666ff61fbabfd99356ae6cda15491cf4b229b8a3fd124770

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    39d78aec4d24cab8483dbeb76008645e

    SHA1

    57b62445399e5e12771fdbe4ffee0b43b8eeb7be

    SHA256

    6915c443fda1a667cca7ed5c50e669d8ee73e81576c4af3529b4604e131d381d

    SHA512

    63971e75c09f308e9bda05450ce85d6bc9b7c71377fbebc579898ce291e613840d8ba5ff2da0c9076477db38f0dca05fa11a5a10481714244f614dde1834d2ec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7487639842f735af56cb9ea575fdc086

    SHA1

    2e396acf3185e78a6d3468c7a3a0142b7e57e03d

    SHA256

    5b06f8d1901a689c6334a301819a6ebd4965e5ea9a65ac31709c7d5959b7be21

    SHA512

    dfc2e35583febb940e510f1872942995de33cd1a89201e6fdc3df23e3f48f1733e27c02c07530c853f53203f2d1ea12b7ec786eb2105a937614885ea020475b7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f9d15240e3bbedbdedfe037db2f043f6

    SHA1

    b59f242d7f389d6003b5c2ed68c83464ade8aa54

    SHA256

    c2acdc1bc85f06ffc1fc51fba222d6e82ae3c29d474a589ac3d6b99fc016ff89

    SHA512

    1da2694cd1adc192c8f2cf9d8a9818b04741f2c733fb2238b05a513f0b12e96e530ab57d0b78d24700295473435e058ad3aaf8e72134349c3b806c14ec821679

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8271464146a3a5cb14f8c536ac070dcc

    SHA1

    27354af64fa58212ce3d24b926367e7adbd62327

    SHA256

    260a1cae9f2d7257efdad8986b2e8e2f6f095ff9b83ce8e21879c1ae51edfe38

    SHA512

    0d07b20af8589742b849c75da03f54b266b7e1dd13573b3334e187dba207091c3889d8753b4f0702c1b8283e98e59c4261c0b98ba85d7ff1b5d3f2026d5e079f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    83d42d356c53ea0d74104e0cb1732004

    SHA1

    ea200b53ce8e3cef4a29918dc42de1d656299dc3

    SHA256

    2eb5860b84eb257cc97f4443f2b1b545efe61704485a3d187df7d1213c56552b

    SHA512

    75fdc46cbcda5bdef072bba906fb4a1b266202e664846e655d15c07aa976c806de7ec71eb2ff67942f83a047fd5376dacd2c31588d1673d6b2a7a40a0a2f1293

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8BCD.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA422.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit