Overview

overview

3

Static

static

3

Pixiv-Ngin...��.exe

windows7-x64

1

Pixiv-Ngin...��.exe

windows10-2004-x64

1

Pixiv-Ngin...��.bat

windows7-x64

1

Pixiv-Ngin...��.bat

windows10-2004-x64

1

Pixiv-Ngin...�.html

windows7-x64

1

Pixiv-Ngin...�.html

windows10-2004-x64

1

Pixiv-Ngin...le.dll

windows7-x64

1

Pixiv-Ngin...le.dll

windows10-2004-x64

1

Pixiv-Ngin...inx.pl

ubuntu-18.04-amd64

1

Pixiv-Ngin...inx.pl

debian-9-armhf

1

Pixiv-Ngin...inx.pl

debian-9-mips

1

Pixiv-Ngin...inx.pl

debian-9-mipsel

1

Pixiv-Ngin...inx.pl

ubuntu-18.04-amd64

1

Pixiv-Ngin...inx.pl

debian-9-armhf

1

Pixiv-Ngin...inx.pl

debian-9-mips

1

Pixiv-Ngin...inx.pl

debian-9-mipsel

1

Pixiv-Ngin...x.html

windows7-x64

1

Pixiv-Ngin...x.html

windows10-2004-x64

1

Pixiv-Ngin...x.html

windows7-x64

1

Pixiv-Ngin...x.html

windows10-2004-x64

1

Pixiv-Ngin...nx.exe

windows7-x64

1

Pixiv-Ngin...nx.exe

windows10-2004-x64

1

Pixiv-Ngin...��.bat

windows7-x64

1

Pixiv-Ngin...��.bat

windows10-2004-x64

1

Pixiv-Ngin...��.bat

windows7-x64

1

Pixiv-Ngin...��.bat

windows10-2004-x64

1

Pixiv-Ngin...��.bat

windows7-x64

1

Pixiv-Ngin...��.bat

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    05-02-2024 20:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Pixiv-Nginx-main/html/50x.html

  • Size

    494B

  • MD5

    f3b9f713c4d6f3355e25fb2be47d6ad1

  • SHA1

    95de71d58b37f9f74bede0e91bc381d6059fc2d7

  • SHA256

    d11dc22c73306cd84bc9869302b02dc8604d596185203a74dd0042c5d2fdd3be

  • SHA512

    81ba7e03de8cadf118bb00fd36166c80413e090172878d8ca2c122e3c675893c15ed9312f501f97a37d053423b423695377acd68fa4440b3f3b1f0cb109c29e8

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Pixiv-Nginx-main\html\50x.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2912
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2912 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2708

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    68b0e33e0869bbafb00636133d8ce3d8

    SHA1

    2c6c7e31449d524e82700e27620a0f412c4d3036

    SHA256

    591d6ef899f41462816a2f1df57b6c7660376afa4a04c961afd9293882ea1765

    SHA512

    d6986f98f81b22490f309651f9e852ad0cc78bdd22361b98156118a3b8d69389ce516575235e04e7c07343498ffb41a45a2492e5cccb4ce5c596183b85af32b6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0cacf954eaeb72f153df91aec1d7b925

    SHA1

    066fde2c29b2e95cb688808c7bb32183a9d677e4

    SHA256

    8cb55975f331554552fd88016a716e95e520a50ff26bb048122b3ef0d4472851

    SHA512

    1c84830b0d904e5af42c30551788d3c5e7e585a80a794104a0662913f876542ac5af6a29bd580245f2ed41a554243e6b8713b40fa26d4b08058e9ebe9822460a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4ac7ed0038371e42f7c867b3c5cf46fa

    SHA1

    f9425f9265ef0e654850abe675ed66da8e534ad9

    SHA256

    fccbd9c759b922b24775a16f1a33f0503128944026956d91e242a13b5ff37d3e

    SHA512

    88186d751fbbd0df334ac39deed7d30bdf99aea5279d848da87ef803a60ae34a3ef51638bf9de5a1445bad1039224475bdcc43c1eedc52dc3515d91097361ca9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    91b19247b2582770cd64ffad67ff7a64

    SHA1

    2673b3d9a3eb1735b9d2333596fd7b3e18c598c4

    SHA256

    1246bd082f7ab7136031a2d688753a4ba116b0455e8925e210fc326c899f8ae3

    SHA512

    20f77a99fe95bd71c05e01a8f7beb9221d322a8b82c2550366602429c1c85d31fbb235bdd9ce8e6cb5782c13e2eaf640ee4ffdd9b6a1c247994e7738676721b2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    59455ee481c809133ce4796cd9ecc871

    SHA1

    b0732664cfbbea70c31c0692818aff09a21e02be

    SHA256

    b14e010c7036db9bd6d56d6a303b22c920afa112ca5a98117eabcfd5043afe5f

    SHA512

    f80d4df94d771774e631e7dddc1f1b4edeacd67d3dfb6d69ef8548f20dd2e7160fc6c450a1c928ac5f512dd72f1d19e25672c8b82ec3ae084d1659408700f3ca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9ba1b5278f74233ec92bcea1880732e3

    SHA1

    041eb9dcec50b78d6c45dfbe3e7a2f1fb72a643c

    SHA256

    fc3dc25f1da908308cccd934c2460cbe7bd0a4e6ad448b3af983359846bfe217

    SHA512

    01e3336e1690b7e32f01587957339da0491f7a1f52aa3027a2d1c2881877a2f477f6a020a5d83b67505fc714a189a8fe99da1ddff4661025895053176eb5ca44

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7b95a3cd936f7d9ed90ab00a18f90605

    SHA1

    3a4272fe3f13a3b5ab081db9b02c5b80d3702e8c

    SHA256

    000c55b70a759bc6ae487ed38ceb5cca5760d24e48b3c50afe72e66006997453

    SHA512

    6c3cc2d98e09ed9482ee69457879b65c4060c9a4f1ef0c621b15f950721ce6d6f5056c9125106a58df0806d9dec255b0e265ad6532d4b4ef2ce9b577f79859f2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7920aa8a1303d69c90960532362f5cf8

    SHA1

    020ee525fa147cf98820192d63d322abc2f13122

    SHA256

    c30abd86d1243524d40357a66e6f1aad36d90eef792e22d46420009a6d8bfee0

    SHA512

    ac27cc4f7e7eb9ea5b3ef4d91455fbf004d92cf8a5b9be69028a348126e4fe5847ac24d62c73816b722cf0e205913801fb873ebe5ef98c6c489368dafafe3616

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    249545ba1f912b6f1bb4c6368275a4af

    SHA1

    c4a10ab782cddf5278cd8a198ba61267a1b1cd9c

    SHA256

    e4062beba1078a17f66fe850036c7cbdfa75bf200e2c88cfdb156a48a26ced6a

    SHA512

    b5dfa7331f1c91afb469678bb819ba033173480e757a3b190919d5793be1f548818fa331243109d73be3ca990c4e14a30c34a0f980590d06478ff4e370ebc987

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    49bfe60b041ec19f35f8378d3dd582c3

    SHA1

    dfb2a88d689f76b7db9c55cb165418b4addc3232

    SHA256

    3eaee96ae41743a116515205efe5b80d645829d71e50798a268f08289ef3f2f3

    SHA512

    b5138a287a0255e87f0b07ffc87f0a3181b30d76af3089f12906ac6fbee422bdc193a94adf6e95c97ebf9c8c388a2562389a04b56b39dc73e592176799f3d837

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    27dd09d278f716cfcae1f71c0e1abf4d

    SHA1

    409e471232903bc0bf8c7d7a2a445c27ab81b024

    SHA256

    05e98923f768c942de776611fbc4ceae70f6ed86282697d3061267446f2598da

    SHA512

    d87663365734da35025a655f18201610bcfe2a6db9bec2df57a0be8cb3bb19f166156b26f41ca5e4fe32c5288d59a36853f5b89ca299afd48656f12dae9e858a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b1e13c0a3c0ad6d1932b85351173138d

    SHA1

    1c70ada2c8585a0ec407521162d510a17a0a68b3

    SHA256

    2a4b68a18b99589de143bf68383d2466408d1905da29790175d529359cc9a590

    SHA512

    20dd8ac7f28a851639df02e42eef23d14af208c08b4303a1835ebe3248c8cdc177bd23eb93d83c18f940cc7b515e77cd3386c0e0dee86f45f8e534f2ec428dbf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5d1f0f39785f9c2b110e56fb2c1b631c

    SHA1

    dee09a645602090c3e8d3e747123152cf068884e

    SHA256

    b8eaa6a768fb6222f1c1c79ff91b1db2ba905e6ebda0be46dcec4a38e87477a0

    SHA512

    c697ccf6eacc3636d50e2c84535a7bff3218166fab3366cb04fe3947ece8ef616664a08593ca7e3a550eb9b0c81fe6692bdffb01900448cf21a7953d93e65292

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d09ab69fbd13bbd10a6c3a16ba8bc2f3

    SHA1

    b648b453fd6816b8bc2b42a0ea9a2d9c7dca8a44

    SHA256

    0ccdb59d20b339f9f6700417df70135b32045012a6def28982adeecddf888fff

    SHA512

    54a4e2a87c607e1777572b216a1090fc090703d8affd2edfb6a47357a23dd4397b209643943b511cf36e7d5cc481fc7df5235da126dea37a5d137169d2351c14

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2158.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar21F8.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit