Overview

overview

1

Static

static

1

ffs_mysql ...ose.js

windows7-x64

1

ffs_mysql ...ose.js

windows10-2004-x64

1

ffs_mysql ...png.js

windows7-x64

1

ffs_mysql ...png.js

windows10-2004-x64

1

ffs_mysql ...e.html

windows7-x64

1

ffs_mysql ...e.html

windows10-2004-x64

1

ffs_mysql ...t.html

windows7-x64

1

ffs_mysql ...t.html

windows10-2004-x64

1

ffs_mysql ...f.html

windows7-x64

1

ffs_mysql ...f.html

windows10-2004-x64

1

ffs_mysql ...g.html

windows7-x64

1

ffs_mysql ...g.html

windows10-2004-x64

1

ffs_mysql ...h.html

windows7-x64

1

ffs_mysql ...h.html

windows10-2004-x64

1

ffs_mysql ...x.html

windows7-x64

1

ffs_mysql ...x.html

windows10-2004-x64

1

ffs_mysql ...e.html

windows7-x64

1

ffs_mysql ...e.html

windows10-2004-x64

1

ffs_mysql ...h.html

windows7-x64

1

ffs_mysql ...h.html

windows10-2004-x64

1

ffs_mysql ...t.html

windows7-x64

1

ffs_mysql ...t.html

windows10-2004-x64

1

ffs_mysql ...r.html

windows7-x64

1

ffs_mysql ...r.html

windows10-2004-x64

1

ffs_mysql ...o.html

windows7-x64

1

ffs_mysql ...o.html

windows10-2004-x64

1

ffs_mysql ...x.html

windows7-x64

1

ffs_mysql ...x.html

windows10-2004-x64

1

ffs_mysql ...l.html

windows7-x64

1

ffs_mysql ...l.html

windows10-2004-x64

1

ffs_mysql ...g.html

windows7-x64

1

ffs_mysql ...g.html

windows10-2004-x64

1

Analysis

  • max time kernel
    68s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    14/01/2024, 00:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ffs_mysql v4.4/html/note.html

  • Size

    820B

  • MD5

    a26649f0e8e8d8077a5fe4140b99046b

  • SHA1

    6acec62562a63e771040d3775bee70c61f4341e9

  • SHA256

    374353418a5875437d5e872593ea69d7352183293fa24834377fa531403afe30

  • SHA512

    74db0d27ce53090167db93b9b95c56c44d34cbe958485e0a399bb469d95ce16194913d3862cb3dbd96f9a3c7d3b9c46388b01e540cd3c2efce4901b4eb86c01e

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\ffs_mysql v4.4\html\note.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1256
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1256 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2684

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0d04152308a80548dbd107d5aeef4963

    SHA1

    cb3cdaffbac2acf967294d829d1bcae3ba89260a

    SHA256

    eaf4a224fdfa9d3de942608f0939f6c588622c3ae986ccf281c56b6d559e9979

    SHA512

    cf8062ac2c7307500c0cf744d1857dd73a9331d5d364c0492b6a9acc93aad3075d6c4e57532ac39e9817f73edb63e596e6dbce98046174d2aa765e7d79b18a69

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f1e57169918faa922dd29bd762c9a3bd

    SHA1

    6302af44bbfa8dd3b13e53ddd7ba4747a30081c5

    SHA256

    dacee419ff9297d5be9dcbdfd1a1c99ba42273baf74fefa283e8fc5a2879ab24

    SHA512

    70b91c22666e6e505d5f473ec123385692b7cdccb8f03b5310843b7577b48f6ad2ee54b44af11c4e5df6a29d032080abd8e5b3defd9917dc63f3bfec733ff5ec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e9126b7de84641cd558b41daffacc151

    SHA1

    096eca895d945b345c378dcf3ab3ddafd8352ad2

    SHA256

    a6d5927a7290e7b36ce0683c904fb6f354c7e2cc17dd8a120b3f26f72b85ffa8

    SHA512

    85c19a3de4eeacc71e8c5a1907a4d6132c466da0bbc2a6e672787042eaaf64ea2192d19e2ed9a7373bfc0da0778ab8da0fc7af7c7954a45c63da956bdb2132d7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    abf00bf352bfb6b719f25e57fdb0d158

    SHA1

    cc1b56c5ed868e475be20907ce4086d7c75f2ec1

    SHA256

    e284a6071bf5ffec85a9db4e88de5b54c973e045b5c7a33d9906e53e513c0433

    SHA512

    1531b5066b57f8016eaaf4df528e7139e0f734aa007a2d53177772caa328974dbdb218078a459f4e9ae42a031a5b9b73b814728a2e2a2daa8dfc356dbf7d8a22

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    638ce207d9be6c8a3a2621caf277e0c3

    SHA1

    32110ec3089c2a96e1d51672d50c2f64bf2942b7

    SHA256

    84b14b639415029ded4781b6114be0377070ebf1995e825b9e80257623784623

    SHA512

    eb3a557ca15c60faea39f15c0c9ebc0b803ceeb303665de95f1ad1e47b45988b2b7766286a5bff4f1c8d505ce298ca609d3e7f010c7899e178fc8f936651a2aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2efbb3b839c85e4ef19a89b6f3f15129

    SHA1

    6ab530e0462fc60e08f7c3f73c532ae42ae0812d

    SHA256

    53b4a84eecc1d815068004aad8d227bc41bfb4e6f4bb0c063014773e5dd25c5d

    SHA512

    65ca20c84248b7fa38a56940f9e6af3af1a69bcf7c9d083cd595011b81d244303bd0cb6d69a5058f9db51d6116036a6adce997a3f607bece1af2272ff12e2e41

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5f25722f170fb57d479c4b4aa744e8f8

    SHA1

    e55ee1c435ab1c3647b14e13fe0e7a1a31b4e299

    SHA256

    66c40153a8a55563e6d8312945dbcbefaa7ee4769909fc7156854f87f157fa04

    SHA512

    51e24c3f40ee94459ce75c4442d7d24c1d4832eabcf3d4af5a8c5ea542f26677a77ca6178175d5f1bfdf8670f9acee95a7c5663da4b0bd32faf4e482b8960e44

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0907ed2aff885edc4ecbb5a7ba44b98c

    SHA1

    9da8871121c7e88b8856878c41a356b3c957ab24

    SHA256

    7dc6a21f97bee9edfabd6afc0a11aa10825e2c61ff739e45dfb550d7b77962e9

    SHA512

    98041f0cdbbea9c3e1a6ec41db891cc9c4effa6fde0a59583a6c629b6b8fd74e9b8b782b27b269a97cd0e4f989f912c9615d102301a129f393c41f4afef94620

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2a8567b5e71bb6bd3c30e3187a3a5d8e

    SHA1

    e7fa92054f70afe3dc865d4ab802fa9e825396ec

    SHA256

    130b81ffd1b31a420127da16fe2718bfa7f496880389884b32b42cb67902d91f

    SHA512

    3a4d2eaad9ce82cfb56fbb6355eb9b639826d258ca660363026690701bb19bc4f6c0b87a2ad98b27f7518cee14d2218a582742fadb2815a1e972047d670d0974

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9ad90c378f6743a0ae22b1f619e4d25f

    SHA1

    7719bfc832797aff01fc5eb6369461c253b64316

    SHA256

    69412a4b384a85aa5e5aa2eab76455a655f1780bfb52d57d3c42adeb2bb1c9ec

    SHA512

    cfe79de1d7cfd55332933477bd4a0bf8770a2e076dab65f08ed1238651c1015eea68b118a8f9dbcc8ec248499a60df9be476ed874e654b88bccb528a083bb34f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    132159ba8a10e5ee5b6165978a75bc3a

    SHA1

    5672582315b0928a02fd371ae0a4010023f34346

    SHA256

    6faf09de1ad6190d0d0fed9c9d07f13552704ebab62066a001476b23aff46019

    SHA512

    05b9fae3029cc4aae80a94603a5b5df0dea5dd5b4a574e46097b6c01d63396c599d02c536e9befd9ded559e4f632699ce00971245f8fb39441d5b757ac09c597

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7589ead1423a8de417d0a7c139729680

    SHA1

    1185c8fb4f3d2fd81989871b3ac62fb1b51dc58d

    SHA256

    95b724899f86ed66eaffbe4809d87747b8a473b5ee020c6ac91bd823a2f4015c

    SHA512

    abe47afe9fe0c73e424d269a7e9d783ddae1da1778e2ee5d0a0d6e4fac81b13658ac1698e6fff3eebe8d9339030b9c7ddba65deb35beca6221a80d07ecd0d03f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6886.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6954.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit