Overview

overview

4

Static

static

3

139433242/...nuF.js

windows7-x64

1

139433242/...nuF.js

windows10-2004-x64

1

139433242/...ns.rtf

windows7-x64

4

139433242/...ns.rtf

windows10-2004-x64

1

139433242/...xt.rtf

windows7-x64

4

139433242/...xt.rtf

windows10-2004-x64

1

139433242/...orm.js

windows7-x64

1

139433242/...orm.js

windows10-2004-x64

1

139433242/...ll.dll

windows7-x64

1

139433242/...ll.dll

windows10-2004-x64

1

139433242/...orm.js

windows7-x64

1

139433242/...orm.js

windows10-2004-x64

1

139433242/...es.rtf

windows7-x64

4

139433242/...es.rtf

windows10-2004-x64

1

139433242/...ng.htm

windows7-x64

1

139433242/...ng.htm

windows10-2004-x64

1

139433242/...ow.htm

windows7-x64

1

139433242/...ow.htm

windows10-2004-x64

1

139433242/...st.htm

windows7-x64

1

139433242/...st.htm

windows10-2004-x64

1

139433242/...ib.htm

windows7-x64

1

139433242/...ib.htm

windows10-2004-x64

1

139433242/...m1.htm

windows7-x64

1

139433242/...m1.htm

windows10-2004-x64

1

139433242/...rm.vbs

windows7-x64

1

139433242/...rm.vbs

windows10-2004-x64

1

139433242/...ny.xls

windows7-x64

1

139433242/...ny.xls

windows10-2004-x64

1

139433242/...e2.pdf

windows7-x64

1

139433242/...e2.pdf

windows10-2004-x64

1

139433242/...orm.js

windows7-x64

1

139433242/...orm.js

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    14/02/2024, 14:01

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    139433242/12/XForm1/Xform1.htm

  • Size

    332B

  • MD5

    f0905443d4939be60431186ebd1b6344

  • SHA1

    ce7bf1616d2a92fe9086fbe8df5b52e04fb819a1

  • SHA256

    f24d6ab32c6145e31af7c36ccec58cf79932380891af7cfe858ac3e9599f81ed

  • SHA512

    3883c9168906d9dd9ea1cdc22e33c3575ee0d6cc3f6b30a61ce18f27311bace4cfa7284257425a388bf6e2122d9069dbba760a3f1e21c79d2381f7e575c9e5c4

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\139433242\12\XForm1\Xform1.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2472
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2472 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2828

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          31f7096b96b7028c42f4e5a8a1067690

          SHA1

          c2811617bea8c2f7fc4e754367f342b135314a3d

          SHA256

          2f5dfc2957756b8d16a6ebb8fc5bb07651751245265404facdbe40f9b5ae88df

          SHA512

          ca22916462db99e141560c2c5a8ac6a10541d9ce7f7b6fd60583ca58108f1edd3f36ca29c3d04e04e145ebce4ce4fdcf58b74b8a93fdb8d922df4c9f5a9176ce

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          cd01e492282e431787261ea8433cc371

          SHA1

          2ddbaa1be64dccb46aee05bac95fe2ed405db5d0

          SHA256

          96e036037eea7da88bba6c5798f2ff5c0285260282806818ebd7d40ebeb3955a

          SHA512

          91ddee47c5e3a380e9a95a1f1f90f68a4138961c10ae08642a3934d9a804ac2d256f542b95ff38e73204d64f08054a828282d0bf5375690f6896cb5afbbcee00

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          2b1931b4171b72d73f1365b028914aba

          SHA1

          1bb1e54d68d8a0e1b559adaf744736d1579aeb6f

          SHA256

          a62e692f58981f5699a708d2673cb908c8ef3f478c1ba445f3c4af34036da51b

          SHA512

          5c122ed80d26b013334a4aa74346b82227f5a29ced67db90bc0650c2bb2440d31296714a4ad944fd17773874606ea1f5000a0e442d8759e816f4ba0436d66e28

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          5300013d9289a85c902d4649640d2ce0

          SHA1

          c0524e83d520b457e0a443fcbcc91289193d5818

          SHA256

          d5ddd98b5aa16265be7ecfe51a510b0e57cf7a229ec3253e9422f57aaed2a5c0

          SHA512

          b6a2fc8d2da248826718d332194adaed0b6d0ba4d036580cf226c7c80886328f027e2f1981b8b52b44440c14eb751f60ac8d122bfcb83e35a1ab9b1a64087f1d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          f32a118153efe3d85b0e789a6987c7cb

          SHA1

          ae611bb6ef3d3ade77ce08d921fe83d85232717d

          SHA256

          b69dd27604c063af1dcb7a9d176c870eaad1faa7eb8d50e69cf9bd0ed6fbee2d

          SHA512

          51f8ba13f141f697806cd6b43083a88ad6f32c7a1b43891224728b2f149355c12caa9635373dffedd432b4ec7e82f5c060324e6985c743cecac939cf9209e557

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          60ce8fe6750d1f9cb9bf30d232c922d3

          SHA1

          9001df0074aeb5a67e248efd0f11e39923693ea7

          SHA256

          27ea1389e4cf6aa0e0c8d1624c9688c28e3cc66ebb6f7e051a1e8a0fb85fe024

          SHA512

          c326388a0156bc6fcf71aa990f99929308b12c6b39d10560c7df7aa2aa098fb710e231dbacb148c193fe723b41634db6eba86a8ace1f4a5576193ce2960a8fd6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          1efe9afe3176fac69a94d9b6f1620b8f

          SHA1

          273c7ab169a7b3d7eb7ada5f39526548c993a3d9

          SHA256

          2af243706100803279b4061c25895f409b772b5e717bd1c9b91fd105785ac983

          SHA512

          986869717e14785e830a11a040d1ffa9d884dc891ec4674adeb02e7de18d66e3a03de43125a1e04ffa4b2012de293f87aed9b6a97f1bcf0d67d73b6023d2c30d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          e5cc00f2edc50c3fd5dd73b7a768c844

          SHA1

          d5ea3cd714acec6f3148aba809c11e9aba3e3ab8

          SHA256

          a805f9937bd81965a761778b13185e634739205b4c60f229f199fae4e5ff8a0d

          SHA512

          fcb104e6229d533a17a80d2ea928d330c30cb258da7e75c4e98843a7b2c07672812095a33e33fbe15464f95809823a3fa75f83c075aa97035699966b3febce5b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          1c4c859489cf1bf31da8f8fb679dfb78

          SHA1

          7c1bd66413561c5197b57b13d6a527a6c8b41f21

          SHA256

          5b5c18e4c08728fbba91bb765d00a2dbb1c030d8d9c3626d388b6ca76e1e2003

          SHA512

          2a453627509addb52c3d8764700160e5b9087d55b893fdfcb554edbf70c26537c970ea5b5ed7470d864958280a66cd0098cf7221de5747af81563204c2b0678b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          8ef7484ca6091cc83f13cc4bc6f47624

          SHA1

          3a388805b5910459caecb538007fdd9fafc66804

          SHA256

          eca53912ab27837aac0c7dfe2283031d475a541124cfdfdc406b917e11bc7093

          SHA512

          76af522479c145fa58b8178654f7b8d66cbe9c24002e74562359ffe499d3c3ad432b8057d364d1101ecba39d932a2526b7d742881cacb70389e73844a2fd29df

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          b0903e54f209fcdad7eb479a48b82fd4

          SHA1

          02d04d0ce657f9085d965183c07a9ad1be664b38

          SHA256

          be1c92ffe4e31164c32d4ff38a569640bf14382958536c0b2840551c124b64ae

          SHA512

          d4a365453ceedafc7a6cba6c2b0059d4201c709b4fae3ad435483c3f9ca1aec30a167cb015b83e460b118cf2b796279fb403375352bac66c64e185bd5c42b5f2

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          a2bf839fc0653236995095a51d84c7fa

          SHA1

          7b61552f3ba61c27e3e7ebd000beef9c90328b42

          SHA256

          ace8fe6f953f962f96bc0373716d1197efb898bd46d86fb33185b897fa27c3d2

          SHA512

          a69371d07b3e659faf1b2619bdaca21fc19d0b237979899c740ffdbea8a4deb1c1886c953cead48bbc85a28c737dcd4dadeb8ec9a92c408f86bccd8f386410f7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          f27ce78a5f2326f0154896e70ed9451a

          SHA1

          f37a07d643bf52070bf3fc0279e333853313f5e6

          SHA256

          bec7533e784511ca7d3a4b2876cb066d4e785056b5c797c29cb4e3cf3659af25

          SHA512

          05b0dd79a70190d5e3e388a04204d29822368ca6fcafccd3cfa73c2073688e1c2beb869ba17bf9de31180ebf9f765cdf4162db9de17f62040fb16e36e1509746

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          bc8957078ede5aaf5b89c743de19d257

          SHA1

          47c156206e2bff1242ef49b21bb4d693912b6ce5

          SHA256

          1e4d8184353f05fe26a5005fda27c71255540f0478b420ac7ca9e878498b2019

          SHA512

          5d6bfd1a504e9104bbff89f0d00ef13a4b720c527d6c5120cb46c01659889ce9bd1290fbbf6897e7ac70a5c0c8261839fdc7e86473e4b39d6a2b5db562cdb97e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          c474ae529c28f4a481d856e866053b21

          SHA1

          d7b19f9cdf2c64628f23ae3b1ad3ac796e79156e

          SHA256

          2507e8667296edadd27a89af6f9424c88a6278abea34da00f38e49e64bca4656

          SHA512

          f3bf1f09a547152503260d79dd3355a0f5618272d343cf8b283c0d307ef10937dd2f32c6f7e805ab167cfc57d775da70c7509755298b9be9963a017c31528500

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          39c453a30b24c05f522561dab460b7e9

          SHA1

          13074bf6ea08e2c574c1f46155184a28190b09e2

          SHA256

          909a146223dbee98bf8af008c49e364265181876396bb8d45cab2a279d498f71

          SHA512

          baa1ccb36a5d913f761b717d56e7ce605e506f890d2364c61ea862a493e3ca997f73748df4daf1c687620205a9c4a62d0f75b2eb824b3d651f832923f4ea00ea

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          2f899e2d807bb084cba32c8d546f89d5

          SHA1

          36cddd60842e8d2c4f9638a6f3c6386a8f83a8e7

          SHA256

          f664e3cf047bd5410e29dcabe882847fc7b232126c68cfc1153cc56abdbc1ef9

          SHA512

          969556b79dee16b6ffbe5cbae3de578cf36a2b098b240577b6d5155bf337441d7d990c4aca9b3a32bb6965b7fb39ee67314dac05df08b984772f0d212360df16

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          f4fb219c842a4cca224ce9d07325df56

          SHA1

          ea1073ab183b10667c7b542c87b4447794ef99b5

          SHA256

          a9bccdc11eb9376945fb187f564d8eacacb34573607ce502d4415cb32211874e

          SHA512

          ca717cedd720db8ef8db2e18d6efd4bdfc54c2fd6530ca4028fee4f8f87b7bc7c845c7c5c3cdbd0db3c7380b29da9c3eea4423726b91d4aeef1a2d4e616b2508

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          89bd14e650796234cbbd94ef1748b0f0

          SHA1

          d45db49fced65955b134b987e1297a4da083f16b

          SHA256

          972335f4637edf59e524d654e117aad8070db7b79e9d2309d52f0fb7a12d149d

          SHA512

          3716d647cd6112afc2cbabff5d8361a2474c015db12440b3ce827f22b857b119d864f0f06001e06833849befe152e3e2d762f9d8ae90a2d857990397c2568311

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab8F18.tmp
          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar9015.tmp
          Filesize

          171KB

          MD5

          9c0c641c06238516f27941aa1166d427

          SHA1

          64cd549fb8cf014fcd9312aa7a5b023847b6c977

          SHA256

          4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

          SHA512

          936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

          Download Submit