Overview

overview

1

Static

static

1

extra/eauthy/authy.js

windows7-x64

1

extra/eauthy/authy.js

windows10-2004-x64

1

extra/eaut...hyx.js

windows7-x64

1

extra/eaut...hyx.js

windows10-2004-x64

1

extra/eaut...ode.js

windows7-x64

1

extra/eaut...ode.js

windows10-2004-x64

1

extra/eaut...dex.js

windows7-x64

1

extra/eaut...dex.js

windows10-2004-x64

1

extra/eaut...x.html

windows7-x64

1

extra/eaut...x.html

windows10-2004-x64

1

extra/prel...cha.js

windows7-x64

1

extra/prel...cha.js

windows10-2004-x64

1

extra/prel...ook.js

windows7-x64

1

extra/prel...ook.js

windows10-2004-x64

1

extra/prel...kv2.js

windows7-x64

1

extra/prel...kv2.js

windows10-2004-x64

1

index.html

windows7-x64

1

index.html

windows10-2004-x64

1

pages/0116...gin.js

windows7-x64

1

pages/0116...gin.js

windows10-2004-x64

1

pages/0116...t.html

windows7-x64

1

pages/0116...t.html

windows10-2004-x64

1

pages/0a54...gin.js

windows7-x64

1

pages/0a54...gin.js

windows10-2004-x64

1

pages/0a54...t.html

windows7-x64

1

pages/0a54...t.html

windows10-2004-x64

1

pages/1ebd...min.js

windows7-x64

1

pages/1ebd...min.js

windows10-2004-x64

1

pages/1ebd...ain.js

windows7-x64

1

pages/1ebd...ain.js

windows10-2004-x64

1

pages/1ebd...gin.js

windows7-x64

1

pages/1ebd...gin.js

windows10-2004-x64

1

Analysis

  • max time kernel
    136s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    24-01-2024 13:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    pages/0a5467d5ce/m/mxl/m365.cloud.microsoft.html

  • Size

    200KB

  • MD5

    f7599415d118a1d75aa328c3e2ff2a5f

  • SHA1

    33feba861be4c791186a0cbd5d9bfd7f55825469

  • SHA256

    ebd5cd2871aea7b814c57808baf5ae958f6bd5d10bff35f3cafbc18c13c009ef

  • SHA512

    dd5839d692862a0599504de73329851d326c22ff198e39450eac4290d02ff9e46ba53bafa322390539858c59111638c0b4e40b6fa99debfea456d6026c93a6d2

  • SSDEEP

    3072:ncDxUX2li00ajPBL00nPqFbrO8sK5k27uXyvfoDL1:cDx9lib6/grO8y27uuoV

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\pages\0a5467d5ce\m\mxl\m365.cloud.microsoft.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3052
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3052 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2280

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c85a54463b4516c80fb156861bd90788

    SHA1

    9cc5e2ab1e364d44f75274de61b07248d956bf2c

    SHA256

    8447e4755c40390a56768bcdde473dec559f09492b5ece81181599d9cfc529f0

    SHA512

    6f007d748ec8b1409921f633548cee0317597fc0c51ed3a15b8840f0223028cc2820208c104788f909e21397d967d6201f55bc7d8fe952db7d3d9ed38eef75cc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    66501fff92953a12ffdee418294f95cc

    SHA1

    0e67d6284c2f180496715fc2af7a9a00e46d48b0

    SHA256

    637d0431a97e56faef6179556cdf21ce8a9c8f2b474818683bdec707895fb511

    SHA512

    d4a9bbad027b47f6814c21cae57318758bb5db23c3adfc252219bdbc29b2878e3ae01716ae1c9bb01bc5b01fa2ca1ff38afd2c5d466e261744ec2aaea13d823f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7ab5d38893d411e83f134ee1105cbc97

    SHA1

    79906b57b433d0d1a3137d25083c3dc39f4f0410

    SHA256

    e4826f170ba953bffad45a03c19b29e67bdc5451da1069d881a1c50982efc8e2

    SHA512

    679a9732908af33704bfd06e75af4b6d60582ca9b3acd03cbf468fa92a5339e77c1e7177c8a969cfba3f69be7f021927da0f922ac5833196b5eb66733420da88

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    409445cf846f9b6b6da683a62423c134

    SHA1

    d6d980812dc144cd6c6738dfb7c43e61128cc650

    SHA256

    00c8aab937f8ed3e0459521cc03f39f8a40413e87322983d7015c5c975987698

    SHA512

    f384b1f4757f3b22dfdd5baf58e9ffdd0959355f6e1b3c3dfdf443757fcb2f6b36f94d2a41cdb33a27a67cb30d3ebb1af59c3c1a76a3dfa0ea865abf9e424a0f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a69cf882aabe3dfeef2709991047d1e4

    SHA1

    331e3f4afa94231a5200e7984bb139873b26c0f0

    SHA256

    970c422d2afcd2ff4ac0fcd572a531bfbbd7ba46763183298ed4438cb9a7e5e7

    SHA512

    a4240df6ea0f1bce16f7898908bdfcd2967fa7da0c9775246d03b850146720ccfe6b1bed86deafb64853d6d6533df40cfa5d33f7ed9b21ac8839a727d0cb4e9a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    55557657f10b0fdf2a1fd45bb9c539e9

    SHA1

    85ba0917fbf78b5962627a2211c1c15d5aac1499

    SHA256

    b2ab48546cf3db9334f037fb6ec490a71b53aded3f10f9bb2312a40689f4bfbf

    SHA512

    bf3f21b1ab30bc284093caef2382ec2fa672de6eb829f270ee865690c483ba523282b36374422ccdb64a4b202ba25c47f1df6bb83bd74f5b68e3f4c2bae2f4ad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b7aab2d1c567f018f99b502e96a9f39d

    SHA1

    e1a3253b5acf81ec58962e9e6672c8e5b95cb4c1

    SHA256

    c70373ea19a490f5415afd5c474227a07fdd70f75b1d66464dfd026fc7fef340

    SHA512

    d252a4849fed0e63d48f953357feabad75b9a1c84f0401ea730611862fb018d7e247b3e55d7cafbf3c1d044fa64587981efeb4bfad541107eb49f67a783ec244

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b583f9af95281cc86630c6503569a80f

    SHA1

    dbb98f366f391a9790ad9646958f8d67afc2fd26

    SHA256

    8ec9649263e7e17b3b78e17c56c84a97f8ebf9b1021ab81816e91fe55cc12411

    SHA512

    0b2de5e9c049b002e18d931eebb2f174260b05a07eefdb4275c80152d964aedba47a977df73344e56ee6833fdadc2423b2c5ad0b5b2c978de8e0d05d079fac00

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1614fc517243055f28fade12fd32c5d9

    SHA1

    28c572555b8f8aea3e427742f32dfa9d7337a401

    SHA256

    be11cbdaa61af14f74d34c74b6fef5934badb82db2c74a227ba00b91130702e1

    SHA512

    13e4037b5085857db705e4ced0602d028981c700fff3d2843f00c60ae08e86f38901e5c58feb328c3201143b601adfcd50839d874fcc9b0b152f28b5d48541e9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    874d50006ad5e67d99aad4a52668e7ce

    SHA1

    f94e250b744f2b5fe2cf6fa5fb38e8cb7ae81afe

    SHA256

    9549ed93205b42d6160755b3e5cc749b62334c3a449f595aa5ede5f03647729b

    SHA512

    3f93fcb56f68c2cd323504ece5d62125aa613b4b42fa25e294c1faf393ebca98872d9e4137eb5cebd8e12847f77784c00840e4d82d754a38d3b5d989a63fa751

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cb8235e0809285a62a73220d34fb336e

    SHA1

    0da6d234d6271b8402e0a973294daa0449ac83cc

    SHA256

    cf887f28d5dd2ff6b501090b49767eab1e9e9fd1eea24b0237ad12f25f0180f9

    SHA512

    f465751a1c3446331186eac3dacdbaa29c1774481032fc54f8015b093f27bda37f81cb02f2cc5e7db73e452ab5167ec8025e5e814651cd1b754e62a65bf21a6d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ac6fcd8c4f7aeef93b372a65a5c723ac

    SHA1

    e3c9b754b4a7661efb76868158a7e4061fb7e1ac

    SHA256

    1ad8b5ff611715e778583cd900c3d3873d31bc315bbf9adeb5ba20ffd5a777dd

    SHA512

    81ca6b4398570c601b4435ba92ce286746cd3d1a8f92a2d2b97b8bc2bb62da18eea1f6a8727abf9b1845bb9502b423c28664924118c2efd177ac737b9a208801

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    db27084e94fdb815527ac89f51478e8d

    SHA1

    0517868c0e3f56f13da697101809f00ca1c3065b

    SHA256

    477539b5e8a6f4da7e0b6dccca1cbbc7041fff277950d0795ee909b211685b81

    SHA512

    d6442aa5e6578f5420bdcfec16366ad76857bf4675d07bc5f92630f3cfc4b12c3bc9852ab670c4847a5b19bac97a863d1b5658165a60f49096de3f82417d7229

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3aa3c9ead202fc969e367d3620748809

    SHA1

    f80085849e1d09d9ae9756cc37e7cb0f71895c63

    SHA256

    f40739b735f4d9721ef46b1340ad5c500839c856bed2c778c8947f3592c28637

    SHA512

    c408ab53d2215e9d9be88ffff87fbc9b2406aaaea947e056e56505e259796036343c99ef7ed735ca8ebe2a6bd17d6953bd1aed9ab1402f01acbe614a28112fc3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7dcedd269b39993a1117a3102a55d2ef

    SHA1

    f1ca3d797a7770ed10de87c55692eb7100e8372b

    SHA256

    a21b7d48fa13f1172dba4121cbcb6125a520dd306a02309676295596a381d007

    SHA512

    0de0d0d5b4c64bf0e5ca19ea79b9a83e159cf9afc845018a45da8758992c976a8a2e50f3d16463ca8bd94aef2137b478f26c2c8c594f6a3aa65e0f3a351b6820

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b882acb5ffc994a9f591c27db6875f2a

    SHA1

    88107d65fff1e2b02070fceaa29f8210ed468882

    SHA256

    1a6638631739f44f8d0fd1473718b76a511065f0cec4245b03473c0ca6569136

    SHA512

    97011b2f153a5bc5d126b6c53060da7e110f0b4248d90c883b837117b05db32b4da5b6d289d3245b7d255383311a4e7ff5d7564ff22d7484302738514e1321a9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cf3532796f7022b38901b8e371eda3d9

    SHA1

    f9dd8b692a865382e5c595ac0efed69954c54932

    SHA256

    96e280551bb2edfa8c652a405c39ceb69541812f7f4ca8a3af07f4efe4c67119

    SHA512

    6d0e74061a9301b4ceccea7be0496bc982990930133518770ba2535e12d145e013e3f0566f846693b0cfef9ace157d7b985994c319cc26c3924f88b1b32546b6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e2e3d7065a946cf6fcf744ccc5869d01

    SHA1

    1adf215d3118bbb0e546e7662de94b03779b3ce7

    SHA256

    3d6e32b83aebe736b22c540dd35ccc5857609886aef37ac7954387235fbfe9c9

    SHA512

    61fc4aa108a1e27aa4c1f0f4796336236b07f37498e9c009afc36ac287c506ee9cc50b47ca3cf4ce4ce4f1c020004ab261fbc6b4f1eb81e29bd901bf513d3a6a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab94C3.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9572.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit