Overview

overview

10

Static

static

3

74ec3e31d5...85.exe

windows7-x64

7

74ec3e31d5...85.exe

windows10-2004-x64

10

$PLUGINSDI...s.html

windows7-x64

1

$PLUGINSDI...s.html

windows10-2004-x64

10

$PLUGINSDI...n.html

windows7-x64

1

$PLUGINSDI...n.html

windows10-2004-x64

10

$PLUGINSDI...l.html

windows7-x64

1

$PLUGINSDI...l.html

windows10-2004-x64

10

$PLUGINSDI...Ex.dll

windows7-x64

3

$PLUGINSDI...Ex.dll

windows10-2004-x64

10

$PLUGINSDI...es.dll

windows7-x64

3

$PLUGINSDI...es.dll

windows10-2004-x64

10

$PLUGINSDI...ss.dll

windows7-x64

1

$PLUGINSDI...ss.dll

windows10-2004-x64

10

$PLUGINSDI...r.html

windows7-x64

1

$PLUGINSDI...r.html

windows10-2004-x64

10

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

10

$PLUGINSDI...sh.dll

windows7-x64

3

$PLUGINSDI...sh.dll

windows10-2004-x64

10

$PLUGINSDI...ui.dll

windows7-x64

3

$PLUGINSDI...ui.dll

windows10-2004-x64

10

Analysis

  • max time kernel
    133s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    25-01-2024 16:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $PLUGINSDIR/Confirmation.html

  • Size

    2KB

  • MD5

    fb242ca8761f6537ef7f27832320f0db

  • SHA1

    b64089afcfa9d204b68dffeff763106dc39856fe

  • SHA256

    848b5e85010342a8f020cfb4f84c22ed7c28379742380c2b269bad3429ee5bef

  • SHA512

    aa45516e083d0499ae721d6a2224803da4f7c773106f6812d839f88a2739856074fb3eb00f255e8a3bb7b7ab503978c4ec2b6171b476a153804bc965e1f45d8f

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\Confirmation.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2392
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2392 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2764

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    147b34259d4e074bfd6aaa63f8d54550

    SHA1

    76decee5a81c5588201b1567ffba03424ac4e827

    SHA256

    d694411b124aeaf9e36419bc8828377af7b536c2aeccb45fe2925ca39b72d240

    SHA512

    0f1dd365a79b7595cab3da15f6d1597fda62c62cd992dd4e63722f1548211f07cc33a4a8e3f0b9b6d292426f9da0bef6774f7a810184ddd6813d4d1f422cf6b2

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a3711b8ef82bd6fc129d9eb941752e0f

    SHA1

    57016395ba4eed86e3ae53578992d46267bcaed6

    SHA256

    6eefa5ad89e567dcb449c89ad7bfd92bc58189006ff34f8952fbe81f38ccf798

    SHA512

    d48c7cfc05b9e618ad62fac5f0ca148bfc28fb764235159ec61eaa36ba1df00eba2239ad26b132405ed3b504ac768914823b2550650aa7f7e569dd3a4e8ef88f

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c81e540d23dc4a64b63f26117e3c6bb1

    SHA1

    5998802a43734562729e52aae3eb1260b9964e28

    SHA256

    b8250cb0954496fe95fbf76146525ca3768ae61041128deef82e1c324958d12c

    SHA512

    d04167f6a293d7a894c6e5d1f4a62722d560eea90aeb8ac093064037dd7c1f6c83947efd5a3ccf4fe7486f9bce973f0be2a9ac705a57d97d4dd40870c2394c0d

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e5fc4000c6130d003754c7441f26b7f8

    SHA1

    bce084a8e1985ee7ffd0d63071a477b346cf0383

    SHA256

    45ad518633ebdb513bb30fdd0c2a361bda6a66f9422d9725b1b433626741f8ed

    SHA512

    4e3401c4aaf35851572813754a252cf253578ec2bf32d6541be4b92e1b6f33188b4056351ffe665a53286f13197e6ab838543b87a0b8e3668aaaa7e8d8524949

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ddba772eca19aadbbee339dd651f8de5

    SHA1

    6f5faa96391ab119bc0a0d48f8977b1c3003c4a8

    SHA256

    fa5306868972f3a9a856d5769ac5568a64fcf23f5ddd139f9b7ba84b8ccbd757

    SHA512

    058f8e5860db13182981daaa676eb51e0d94d01ae9cd1da9e89f2ce80db7819acda245d39827e95d231c4e8f402353b0a4b41b7eb69e149ea38eff6805ba4613

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1a9837fc843830a01391ead49ec76f46

    SHA1

    375e57fff6abdec4d50e1fae64e8436cd7370940

    SHA256

    63c33fe324327f084fa8a1a2bd2bf0df60c642ea4fc2ad6eabd3cfd129fb4b5e

    SHA512

    a24c45b7a8a448e9521e1269683ca73ea1634ce3191e13b673cefab1067f2e4bb42f9a4d6f7dc821c6f426fc356fbe32648e93a4b61ad8fd9dd63ca7fc452a43

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    762eafa71e54e4c07f25e1594137a210

    SHA1

    44b9859600f3e1674198733938a9d5dd2122f635

    SHA256

    db122cfb79a797b177bd22fc7da89b2b27489dbf76d30db6c594a9db7c4c9ac6

    SHA512

    0e6c820ea9acc73a18cfcbf41f8bbb92da11285900073101a2601e2155fb8c7771a0466d8e7516a93f6de7cd0b66e1292fcfc0a10b676ad379a6db7f4f989eae

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    824e666ec629c8ce565863e795f78fbc

    SHA1

    d5eeddfd3fb2e246b4e945be9992373643b25a2d

    SHA256

    de88f2aced682db0262670396e45d99e6e62555636e0b5c1b30df5d4ce2b7de2

    SHA512

    edc0d47b066930850c5a786e4aae90a353b2bc55f21699a02ce6e14fd440a60a7b422f5da844b751fb60aa02a157561df5c59ed371916b156cecbe810eac53cb

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4e391f35e45324431d908ba45587c77f

    SHA1

    d0ed3462632faefc4f15eadb1d759d648d7f8360

    SHA256

    e182281d84b723c24fc4810d317128731f8b393f2907244200e348c5dc77f82a

    SHA512

    47e6a91a35946bbe49fc030bb7130b809e0d44fdeee5203620377d46381250e815904906a7449392b2497c3e3018c838971a6c2b3954de22ab1ed664e9a44f29

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6c87fcb96da995657cbdb22b02a15263

    SHA1

    aceaad8acd058cd1116ba7d2a5c320d3f038b07c

    SHA256

    46ec1101e9d586ae94b46244e8f6af4c50317ae6725dbaa1a5df0ce44715642c

    SHA512

    82578f3f39dd292eac644b0dedfd40cb51d883e3700e368f39b8e1704365deb290e5a98030ceee10f405f6f036c96b856ff23651727b90e5a38d519a6b2432c3

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    db875392d27ce5905e4b105ee6f543f5

    SHA1

    edcd9065ff01c8bd7f75f3efe0b324a4ead6a8d5

    SHA256

    baf90c0127e620cb14b9b0e22c2321a1348778457787bf6ee804199f34263f4e

    SHA512

    13705cb8d0480706c2005f726b170c7412cf8b19fabeefc47b7bb5ad2e4a787655e65516ddfc7a798cd6de11b7e6c9493e31e6bdb0e2a117e259b4d5901b3e76

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8cc6deb6bb5d7402943abd2d04d452cd

    SHA1

    f86054f9b4cc133161137379b19a2c3f99f57fd5

    SHA256

    d610e254f5e803b5f581748ae9e4e7608cb3f6e8cd919df113c49fd49ddc1046

    SHA512

    b9f590756cbeb69fc9590caa0d6621f51f076c64b49554d6577e7bbc69b3527011d4503708fdd962826d69e59ffcf1a4a340dc59e6ce0603fd795d98dffac428

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    88b54453a8c906417d527db29bab2521

    SHA1

    61ffd41376246e2e582892e21296813f9f11832e

    SHA256

    98947e57590b380c5883a0d0aef243b39efe1fe944d44ae65f3f8ef3fb5d82b5

    SHA512

    2304c86e117d048ce6f6f7b28167a3f065d2002812baf0adb5beac8e39a799a81e2083a36e432098a223adfafb0d3f4241d1b70d431b348d91a9e8428e19fa4e

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dc952f8af181c3034f389bacb0a2d737

    SHA1

    37a68a99ead59a1578d50a7eda58d109a6544e4c

    SHA256

    0f822bc778edd5c04900a8c4060babde0a684cd57e93663f25a908bdda09a789

    SHA512

    04e7a09ab5e3221cf588478bfa4986799f8e0e22437966186d21de99b5c431a06a4c44acf4d57e7e9c491f0ebe48003175d597c6a156e0e4c6a048c18091c1ce

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5688fe6e09fa0ac880076b75efc82d0e

    SHA1

    88fa6c37af13c0de28fe2a8fbf8d9fa1f46c176f

    SHA256

    fea3a0584b61902b2f5a8e0cfbcd86cb564d01e4a0d67fec8e707d01a8d86929

    SHA512

    31181227a9f65f7a6111af637d655c0b6229eb8c0e9deffe209483bd09ca76c64c1aadea331fba261c4947d9d509f26efca3623aaec318df22248cdc3026c015

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    730e2c1067754207b2823b0b7f68acfe

    SHA1

    7563ef42ea528d1f811cf7f5878de8c66b8f7f27

    SHA256

    a58c8c838c9b22da01167c1b6bb2dc415157c6c90a6b56182071e26b6f60ea7c

    SHA512

    c5e75b2de6c6adb3373b752ee3d77964fc40c2e74a9ae6ee1f944e392535764dc7681726ff34ee2c4c14090e39facffa859a0b162ca4e70e0afb9de7140f81bf

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Cab280D.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Tar28AC.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit