Overview

overview

7

Static

static

3

8f24ef1371...e7.exe

windows7-x64

1

8f24ef1371...e7.exe

windows10-2004-x64

1

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

client/error.htm

windows7-x64

1

client/error.htm

windows10-2004-x64

1

client/index.html

windows7-x64

1

client/index.html

windows10-2004-x64

1

client/index1.html

windows7-x64

1

client/index1.html

windows10-2004-x64

1

client/index2.html

windows7-x64

1

client/index2.html

windows10-2004-x64

1

client/ok.htm

windows7-x64

1

client/ok.htm

windows10-2004-x64

1

client/view/list.exe

windows7-x64

1

client/view/list.exe

windows10-2004-x64

1

mpvod.exe

windows7-x64

7

mpvod.exe

windows10-2004-x64

7

readme.htm

windows7-x64

1

readme.htm

windows10-2004-x64

1

register.htm

windows7-x64

1

register.htm

windows10-2004-x64

1

repaire.exe

windows7-x64

1

repaire.exe

windows10-2004-x64

1

skinhelp.htm

windows7-x64

1

skinhelp.htm

windows10-2004-x64

1

vodclient.exe

windows7-x64

1

vodclient.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    04/02/2024, 12:24

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    client/index.html

  • Size

    271B

  • MD5

    b113d51a1fcc17304cc2a5fa307edd32

  • SHA1

    58c0aa84ead06da2322b21d627b23f491b47b646

  • SHA256

    88b78976841551d3b26eb7acd41f44abcbdf3b5190ca8ccde82736e027569d6a

  • SHA512

    41c584f35110eb4517681aed05fd3c3099de26200f152b2d3651c54b0649e984f56b6e58e6d7864494497ed38f0141bd200f182ad3bda1514b7fb5c586e6cd07

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\client\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2972
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2972 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3020

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          61f3cbec9c3926bab6f9ab08d5a46054

          SHA1

          8dc4940da4a20db54f25039b8ba2f93c9c0c253b

          SHA256

          e100533be23d2115600e40cde6dd1c29126e4ddc8315e0b3212af96e6b324063

          SHA512

          48e16a9e153dc72a4eb20895ef2705f96995c4368c91c03b2346a2b8117ce22ef622030c06aa4d94ba03c4a69a765237345abde475c7c25cd86f13c79f8b28ed

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          f32ec9c71f3e631e41fd34e309e16679

          SHA1

          edaa7948d53a12cf5beb7ee45487819e2c157a0b

          SHA256

          fd44b9d555f105e5c2cda8f044f0602a14b1ad09d88c6732c8b6b7a52c44fcfd

          SHA512

          b1e1d6ae4542ef0c6a8639f504d76b894f194f14c95db9a7134ba6c02ea86a90982fea2aa576aab4d738b0d03458bf2a2906682d5b507172a8e38b95c310f80c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          b3f1feb6471d3d0799322498b542390c

          SHA1

          1015d2f5a31b2dafa1d3c87e59bcf6e5b5fe599c

          SHA256

          260c794978b4907ddc77adf453589b95d763f1dd3379e3cc45579fe63f417da0

          SHA512

          af1d00d6859e8c93e85ddad7b72f1c9a21f01f37474114590911111fffefecea32ed3b4d2509f7ea51252489b3c8fb047bbe5657c7bbc42d188c3667c2232e16

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          efa1f5a42b25a74b15a9b015f52286d9

          SHA1

          94a22c8ecb0312e5d5165ac1c20ff43320b3ccae

          SHA256

          279ceb0335ca133b9fa5a4cab99cc63f063e39b59d11bcbcc883035bf773822f

          SHA512

          0c6c82758c85b2046bbdc171459fe8f9610d20441ce7002ffdd88cc198e4b5dc771b06ed66a54919fb1a548a0be0bcce995d46d7ccf31ca752c81e5b57080dec

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          92110388a90b3b0da7552971bbc32821

          SHA1

          6481ae34b4d1813caeb7e2b9449bf15aa2e9e230

          SHA256

          aa5e474677840c79d451e1718f14a51a000c2ffdb59a525cf37c79b8801496e3

          SHA512

          1399ac2b50d2ec4f2358edcd56d40514b0efd1122847ae1465e75ac81e79475dcf6c7d54e55671c650501a2d018aa080976e1d7593d0b6e7531fa172df27584f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          930b07a86dc32a6324b7f47ea880146c

          SHA1

          16c8c131b14ef45a0ecb1f1aba2adccc1541a801

          SHA256

          a0ff19d7d14619c6f64ccccd9d50f52c016b79e79aaafc5b5445ad34d2e5ecdb

          SHA512

          493689dfb799f14805d71fd9f8b1e0099092204c2a30a44b0bd6c6c444a1798d0bcc0df48f9fc199eda990eac782e15bc8b3e563d32e4b9cf1ad927c7e01bfda

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          6dc2a33113e78057562cfe8b74d3dd12

          SHA1

          5d89fc929a2ba9bcbe01453833dd7369f14c8b4b

          SHA256

          08a6a1eb1a8a717fea047ba72245bbbec8ea6d3045fc2456c27c2a28720f18a2

          SHA512

          81527896630e84044f0584bac31b3539115007a99e04ecec8f11603523eccfb86c707fae47cf1c9c1e4b24f8a1f1a8c6194b1418d25a7b71382a964f3b372d57

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          b16ee79a490eeee2a83fd34ced9b8c0f

          SHA1

          4d086bff3353f97a0ff34d70933f4b7d31588616

          SHA256

          b2b4bc32e8aa6d4cce44f14853cdab8de6d43398be7571609fc68c9325e26860

          SHA512

          081b7d25b269b1a13d8bb867e1c11a5b034e2dedcc9e8fbb858acbb0fbaf05fce660713eccfabc44030f6ef90b78c0fbdf18bd512e270353e057f987657aad12

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          69e35a3e66253b600917ff4d3992af77

          SHA1

          9c7bb76c28818043d371365af77044a79e8479df

          SHA256

          82a96dded9a6667c1d230e0ab3f993ea35522b764bd4e9cad1a273a266a475e1

          SHA512

          6c9f4423933d13b402c262e547a83396694266ec039122d749a073a2098736d8d645e18c86bdbe97ce0e1f2ef1c6fcf28b9f1cd153fbad958bddf7361dc4f7b5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          ee81f37a7049988be2e5f22892d61451

          SHA1

          b6aac0fe56c5c46713e39f6eefaf9569a0691693

          SHA256

          7ccfca05ebfe7b3d8f870e8bd223f88e902aceb6951d00f4d8548ce0bd1eb9ab

          SHA512

          ba615521f40291145e65078dd2cef05ff772ddf7bd77a579f68a083c550cd371e700c5cd115e21bd667e1613e078d75154f937962b4719db93c9389a44d16eb6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          1acccfa1c5e0f1148a9b24b2b1b4ea74

          SHA1

          f39ea88e5a8e6dca206bb5cedc4d00319f9e51d3

          SHA256

          e1ae0095658393d4c945be20853d570baf696030fdae6c9b5e40b8e25de55ec4

          SHA512

          c02087ea9c982888a308bce65ee805f01f47207e445cb9c8cbc4c463889fbea5e3c9e5aeeadbdff29fd402522173afcc703c5a7df71f56bb31ad427a289db7d4

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          f91afad035a85106fee900f53d6acf57

          SHA1

          d7a5ef9540325d085afd09a62323885f6bd9ef1a

          SHA256

          ff0df7b0c7ed1c7d1c4f402b95208971737c13f800ce890289e8659f361e1cf7

          SHA512

          db6be0e699ad38914eada2480e1f1d3af09e476bbaf879d400ff9d33d8e88c499cfcbac6baeb5344ecce6eb1d8abf393f98a4b2962d92eb291dc63b41080820f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          2136b3d872eee684c96adf9b1f3fe978

          SHA1

          21dbbf078458bf78cdc5a5692f582af42a891ee8

          SHA256

          3b225b8bba752eb8d82e18e64f97aff45489a3c2bf6e27d39e2d5e02a3a6fb62

          SHA512

          56c8c4c9e1ed2fda4a8c271ca87aefc07e26eff580585bf49252522074a41abb50b8a8c51bcdeec71d23e6fe274b59f80642d7063a4d7abc0d8481060efe54bd

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          2c719bde149d3494f5720af3f6ddb72b

          SHA1

          5f864d12acdb5d84d822365d3a2cb31e5e796c77

          SHA256

          cf26e8470d25591ffc310e2ea1aca41a6197f02ad28442c9f675b46e1e3c6d15

          SHA512

          5294e1462ce70c43bc6ddfc2b0f8dc733e7a47dd13b4c2dbeb08657b2e3ae739e21c58a5046afe6bae27f3920db8ce4bf30ec5afdd45719bc9da623773288baf

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          0db129f1d67fc8ad5121616e0746199e

          SHA1

          c4e6390bbe44c7e200800029f860c38c5312fb56

          SHA256

          703faa3b71487327603462ad97b5a23dc69abc0f5f5e4b2a03b69789075e1f80

          SHA512

          dcc8c790154f725b25ac32510090ac0b51c6355190253afb2076a302a4aeb7167082c9445d29809d6736238f75fb4c6d74862a6ced47504fb525ae9c17efcb0b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          518c5e5c139f350d59e58254740ab74f

          SHA1

          754ade65c99a3894587234f5e8c7fc69aed9ed90

          SHA256

          ad428d21e473de03620f0442d54511cc8d3a4cdf23f802f11651f6fad94971ec

          SHA512

          eff40da8a3d3730eae1c950eca58d76b6c12b3d346f0b5a2651b04f14c6ad3a50c1e0d05f32f85dac81d28f56c501fe4adad19226a724676bf2d8bb75732d32e

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab785D.tmp
          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar78FD.tmp
          Filesize

          171KB

          MD5

          9c0c641c06238516f27941aa1166d427

          SHA1

          64cd549fb8cf014fcd9312aa7a5b023847b6c977

          SHA256

          4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

          SHA512

          936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

          Download Submit