Overview

overview

7

Static

static

7

SecuriteIn...61.exe

windows7-x64

7

SecuriteIn...61.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Tasksched help.html

windows7-x64

1

Tasksched help.html

windows10-2004-x64

1

endprocess.exe

windows7-x64

7

endprocess.exe

windows10-2004-x64

7

endprocess.html

windows7-x64

1

endprocess.html

windows10-2004-x64

1

qemail.exe

windows7-x64

7

qemail.exe

windows10-2004-x64

7

tasksched.exe

windows7-x64

1

tasksched.exe

windows10-2004-x64

1

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    19/01/2024, 06:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Tasksched help.html

  • Size

    7KB

  • MD5

    7eef23cdf36b637d93f0581114539376

  • SHA1

    335532c8756bf8a79bce8bef674f42f3488aba99

  • SHA256

    32c3ef83fb0387d8646453de02e60d0572c8001c038d6b2d96ef6936d51bf4e9

  • SHA512

    954a298289b0622465b57e83b1a228717d0641071ee10c0f9aea75094977e05d0867578b4b63d0bac4e19960d3cb00f0f75ebd01c7cde450621dc808c248789a

  • SSDEEP

    96:ClyXDUDjCaKRMmpVcPzKlSrLsAv5DJq71Z+cqFXMUtcOPGizvO:CItXRrpVcPkAvSxp/On6

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\Tasksched help.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2256
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2256 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2056

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d1896022dd55e71fc128f51b19641561

    SHA1

    4e43b3f9d4a53102604943955c93b69e63d0e586

    SHA256

    d823877b1870671fc940d63795250760de7808554016c652ee2389f34e514a75

    SHA512

    e51a2a65d15b21bc45a79fee6cd22808048d55f7ca6e99d2cb89f57b4287b27efab182aa2ff2be1ec740b229c43c9ed714c20cd15757f03807cbe49fd1a6a37c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b720ef7a43bee8d4b9ade4b419c0b927

    SHA1

    544e745a89ab4f11994592982890d201904b1b5c

    SHA256

    98a723c82c08736428b6eec3746bb720cfb0ef9a696720f492c95d2772d2b6e6

    SHA512

    aa7cc5df695f93a62a73484e992f31920b64cbc67537e9b6f0f7bbbd34379f184db71a03dc751bd0ba211dc5f5626ceaa09116965e6077feac5615780f4f576c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9322f6cfe05378bcbc9d96b9a901bfe8

    SHA1

    bd56131dc2c999f20208e5fe014df4e583912c7c

    SHA256

    0e9cc8ad3a8581fcc5878e286dbf4e7b4370bf345514bdf03cb3c51bf9b1b4e3

    SHA512

    fd03572a4276b8f93cd0aeed9ce92376fba890b741e42e598c03cab531833ede057e1cbf1a4dda49affb852528a6da8c5a40e226f2989ac1dea77d4cc425ed0a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8347c15e40472511c7275c1f4c610ec4

    SHA1

    807b5674547ec8ef71b68ea35851673a3ce0f981

    SHA256

    24d3f807dfda72afb81b1839522514686244b068e43f7c45c7892818e046e664

    SHA512

    d7d9bd01f94e23bc044009dd6560a7835097598a5d06d5f4867848268668f65263336575bfe5e499a4e67c73233369337efd56187cc945be45873ddec9747d6f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    66ef1c9de456fb27035d4e14a8d53f4b

    SHA1

    3124fae721aa95ae60495bf6d2f6ee6e7e0cb56e

    SHA256

    6905379155fe6efeba8286db580b24c2e8a8b8b9bcf3eb21c1e64285cfc43326

    SHA512

    9f61209605272426a795fc75397fd61ab5351dbd9269fc3175c68b54decb5c00aec79d2ae402abbc0ebff080a5df5ad948f90bf1fb6b478379073e41ae0f91b0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6fdcfcf86b8b150a3b2b7c98a846040b

    SHA1

    6ec482fd1cd6eff4d439ef8508c988a61550fd5d

    SHA256

    4a81a004de26b51cc26957370acb5a0da3656bbc912f3ce333728a39fb0c3652

    SHA512

    c2a0a2a4c54e2e476cc09e98cf0c4e5dcdac1bb3a1dc4201ead60b1755fe16a6120002432a9d699605b932b63f85b83c2a28a32a929b4a8b548f4c89b02fecfe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fb203a169cad43e6cbd83b29f9d0513a

    SHA1

    b5203c9ccfa7857b3a7718570c99bee7e5c13ddf

    SHA256

    08e311a08604575ff3e90724c929deaec4653333441b8240781e47bb27567a6c

    SHA512

    73df29355c4fccb9d7d27c51094e4afd067a96f79ff5d83f11be30590cba641c48e24c1774ecea73f9bd72c2fa99d3b80c99729a482ba166da4704dd06c7611e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    30984dd9fcc3c9f90c552170c34b01f6

    SHA1

    464401fafa2c0144e62a8477f1cf05c47da992c7

    SHA256

    653553d9e7ed4f17661a0582dc49dc1ad619dfe648298f54f89f10c6f0f6d47a

    SHA512

    fa2a75ac3a8ab251ab150cd29df718f3f058c73b64ca4c8a1dc91fa34973a5b425f30e049a9e2af4cdba5e927041052632ecf5825f9fba76e65b8a0b83470f4a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b1cc7cf9f1371e796a2ad99da6f317c5

    SHA1

    03462b111ffc2759a3f7d9ffc06e0d6424e910f7

    SHA256

    925144ddd091295f2318d924ea06c4d2a8a4e6e6e79f75e4f4fd630b2d776f2b

    SHA512

    621c4ca0c0956b68d2b7af3666fa809c5f8ffb2a1b7ebbc4fa7a1da7bcfe7897dd91860b99e652cacf46344663850f78484b0858da1ac8349cdc4f28f454e9ec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0e750fe7886c1bd824969ff6cf8fa482

    SHA1

    4cad5ea421fca5ec258f93444ec6b3e73a8094f1

    SHA256

    fd02dee789370003e4cd9509aae8e174cac19c6d1d7c4f6244ccd519a1d8522e

    SHA512

    df2dc03960f4aac25544ab915062f61636300b9d85532909ef59681d79d8a24e24d9cb7307a5089fafa115b3e947e288d4e6ccb67d12eae5f756e73d57214ea9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0ff85397542126b02ff2ccb7ce9e699c

    SHA1

    69c4bec6eb90231d836056979cf558d1e409688f

    SHA256

    ec916e3580f08c7a85adeba78216e989210b1b8f109c9ec9013c5407f936c5e5

    SHA512

    3259df35c973070768c1b19a06f4c8fffbb8616bad8c0fb6c3e4c4d233fc1a5508097ee8180349e4fd92f4c9a738874d2f7b2e019f1287d6c92fe6dbca3d86e7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b012372f2ac4fb00cf7b6d69c418debd

    SHA1

    06927863d345b022a580634bd109ece2f097d52b

    SHA256

    86fce691b3275b59d9c71ad2e5c912b67fb8afd2ea087bac42088e59b65c9f63

    SHA512

    80fdcee22862c85cad356602475620590d00f8ea00515fb4f5d891de697dba7e375f3fcbcd8e7d6ea98e752ad1f343ff283433158515c80d200672c8078d7dc3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b879cb3f125b2831d2829c796b15a01f

    SHA1

    506af15f5d96838e4812b43cbace5b4d704039f2

    SHA256

    737567014f71961382dfedabfe8fd047fc9a0ac11fcc68d56737bd7a028b3418

    SHA512

    869952c023f167ce30951e48f8c177334d22fa1605ec14b7f5460820929ffc8915d51abaf0413614dbac7cfb11e72dfca1170982f533132808aba259875ffbe6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2ac564b5b3ccd14ed6e0b8ebcadf0f72

    SHA1

    6e732de869fa1e1b6255629b69dd005e29216e58

    SHA256

    0fa39f2b1e816a2bdcb0d51ff98314499075155c0b9ac025ad420d5dc49f02df

    SHA512

    af7a8b3267a3ba41ffab88b4549e21c7a2be2d9c4c20e0714f53041f862aa21015ec796f2455fa4334f6161a76cd8e357ff74552ab0415c8be5f47b840f94091

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    df26f3e46e91ab159cc038d3c14b3ab5

    SHA1

    23ef42bac50b4e2501135e617984c979db1c5667

    SHA256

    42b40d70540cc8a78a7733e01d8ddd389efb8eb1e51a7ef695f9ce51f08fc933

    SHA512

    3a055bd6dc94e51a385e64fbe682a41596b655fbd26834d18d4dc4e1551972820fb4f813ae7ef97e49ea579cd18679dac775f97f2bd22f6513d242359e577315

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2e68b25940ca68f4ee256a8f7f2039d3

    SHA1

    f82d4c27ac69180dd41a19b6bf23a8b4c5e56de4

    SHA256

    3c0e602f808eb5d690aa1a7cb33edf860cb2c8e9f84c89d8157338239ee042ad

    SHA512

    3fbd7eb36ccc7e5fbba131fd21e252bb51774891647fa8f576c2c493fc0742e90fd5b3785d2c3087a3ceafe4df3e32b855262877cc0a21f86c4092409e317e2c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5774b9514feea3d713ea1a4310c8f2f4

    SHA1

    321fb92297b0604a507be7df6c99ae0a23d6a3ab

    SHA256

    d7c4151e4f5054ed91e5d8fde074b4617e68b51cd30f31475d6a2b78a5bef844

    SHA512

    7673279f90ed204941c2e8d800dffaa766978e808f9fdd3ac9dc59bf9548eac0006c6acfd2939536216b2becf40f6166b34cea9cd666a0e7e2bbd014bc0581ea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f08c9bbcc6fe086ebd34e233c8b6f9cb

    SHA1

    4adf6750ae8b1195649f261e2823992fa1b4718e

    SHA256

    12cedab8b4ab81061a8995d564acd4d9ccf9f70c704194054c9f9ace4eb39b8d

    SHA512

    536ec33c374f3c8bfbc2baf6a89540093b4cc75ebc0eee94c49c3c737f3b17b0732dfb329e19d645d29529a37680145984365067954b57d77705c84ac544ce5f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    050f1e5a8e67e39c94f9b7ea99f7dde2

    SHA1

    624e0420d7b1df64941f4e73eaadc45f5b4380fd

    SHA256

    9e84d05c3917e8f96d9e67580076441ff512a682b9ad9e85307ba85350b1291f

    SHA512

    aced845befc508dcd8a0e3e2dd658ffd69d9b0e31f16e4819d91583df435ee48cdc9405a19a5e15e9374966941230db50ced5a54a2564185dd4a60c3ca00a39e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5286.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5306.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit