Overview

overview

7

Static

static

1

a0e6316e5c...ee.vbs

windows7-x64

3

a0e6316e5c...ee.vbs

windows10-2004-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    187s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    24/02/2024, 04:03

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    a0e6316e5ca85dcaa4d57cf6d5c153ee.vbs

  • Size

    2KB

  • MD5

    a0e6316e5ca85dcaa4d57cf6d5c153ee

  • SHA1

    ebd66f86df6c6f4d3dbfb471ea8edd3697d71adf

  • SHA256

    0df5a71599ea747c760d746645c1fa28d5e0b3347574deefd518c8eb62f3d2b0

  • SHA512

    beea7824bac37686555783765dab0aaa4900028dbc8c6b45cd877a16a79ffcf1e5cb38888753b2c9c738d94e464ce9782356354eeb5e1fcc06ac7fa72293e802

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 13 IoCs

Processes

  • C:\Windows\System32\WScript.exe
    "C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\a0e6316e5ca85dcaa4d57cf6d5c153ee.vbs"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2720
    • C:\Windows\System32\WScript.exe
      "C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\62543570533861360safe.vbs"
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:2784
      • C:\Program Files\Internet Explorer\iexplore.exe
        "C:\Program Files\Internet Explorer\iexplore.exe" http://www.xsp5.info/index4.htm
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:2452
        • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
          "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2452 CREDAT:275457 /prefetch:2
          4⤵
          • Modifies Internet Explorer settings
          • Suspicious use of SetWindowsHookEx
          PID:1060
      • C:\Windows\System32\WScript.exe
        "C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\ggooog123.vbs"
        3⤵
          PID:2804

    Network

          MITRE ATT&CK Enterprise v15

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            344B

            MD5

            b815b09ef763b0cd94239bc319a98ae4

            SHA1

            afd6d3d43572e5c87acb40a9182eca81b93e5a37

            SHA256

            c005d8ee78a10b5fa01682ea51d1565dc9762f7be45c1485f9612b645035f32d

            SHA512

            4e93f3f72ea7150c8ab9179b524381183e4edfef6f0c1e5263e5e2fcdb3dd3bc99fa088e38f90992c2cf2c2230b9ed3279de804b309ae6ad80a4893245833414

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            344B

            MD5

            b8cd0f1e4fc608cfecfdaee2ee2d3ba0

            SHA1

            9bb2ddee37adfc12d21b27146473d91c447174bf

            SHA256

            fa2a6cd85a14902312b834d2285a6e585428af468d29519cabc91d19778466f7

            SHA512

            fe17cc4b0e4549e579a3d19f6edefbfb0084672c6561c6da22b8eae46f6524e2a18eded7df0669a94747dd1846ff1c176cbd95f5c58748e04fe2054db95bc001

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            344B

            MD5

            7304e3548a2b14c96f2b86e9019fbc34

            SHA1

            134ad19e3ef6371cc1d00c9791f6ad62a8c90340

            SHA256

            88d01fc49ec1a4b2e1bd637a5f528ba4341b62f325c95a08ca0c731e17081513

            SHA512

            0906ac4728be6869e0b28d6120182fbe65ad619995b1f8cdf2919f3f31849ebbe38bc72aa14d7ad1d74df46fd46bc6bc9ce75d3e43760c04b6415b42f641d287

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            344B

            MD5

            1b5d1e1c1904b1978881a4a40487d121

            SHA1

            b23f947d2d05cf15eac2b5e16fe1b9991cd8595d

            SHA256

            d81e4402c95603539f6fcd3af78c076448fddb82b4533d14c80378a84af44341

            SHA512

            7d16f075d2a1c97c6d66030b275ce679344b4edeaf6af27e5c89c11409f31a0cb9e6a5875c5f847ee75508c3fd3ee65538ef845c8d938ad938648a58dbb30ae0

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            344B

            MD5

            472066964e3a457e306514b0c86c0121

            SHA1

            8f72aacce8ac3e55dfc9ff0705c9c3e32bbc3791

            SHA256

            e7dce4c3c8ab799e42b15b088da69d9be82a43d2c7e4f517165ce95d6e6cfcb7

            SHA512

            73d0961ab73335cfa94e0ab5d0738355930768e2c62a36ab0b6343631a9f53a3a2a1f6b1e979a2bd5dd0cf140dcdc3b2c663932f2bd6028e8c9ec00da95721f2

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            344B

            MD5

            1be776a11a8dbd60ce57e5631494a1a4

            SHA1

            66a796982e6ec09c149ec04be71dbfa344f36e75

            SHA256

            df2a086c8e575a71271bb0f9074a6bd4547301f43f18c20348ef547b7bc86833

            SHA512

            126916aa21bb2f61ddbcd6b702a78d8ac6dae55127bda4b6cc0db38370ca28a1ff5c0dd261525e12a5484eb791a584199d1f620dd9c99568d9958c0dabf28816

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            344B

            MD5

            1c343861151e2e739f9c0c177d2da14d

            SHA1

            1ff34c439061abcd83dafcfc08694c118b6327cc

            SHA256

            b03d8ca524b8f4e60251d37a254a2a65d8c314467025e0d584294d55e5ce3877

            SHA512

            caaf9b41ef20de475035af16519435055f9dbbe2f48dfb6b8c0f1fc02b07fc6a577d3056267ae3c5a511d506e71d96ef3881fa5c8c7fce711493860a18fc770b

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            344B

            MD5

            47188d54e58806a5e197e0b474ceeca0

            SHA1

            2d15de6a803a9d6e13eeb96797f93c7e4f10796b

            SHA256

            4d1b8770f0d12b94769c9ea501d19ee6931e43de91c3aa39ec0cf2b8814f07ee

            SHA512

            4ea9935197c61af7d8aae4a21f81a559c2e28370d4139f835ee90fc42bc90c43a862e59783937842f0017adf556721453ae3b4f9e3e1c87e0e6f378171ece6bb

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            344B

            MD5

            1798a5e455e2f23454e07ddf3811e953

            SHA1

            b7aad331100c4ab337b7faf6ef749f06b75a9ef0

            SHA256

            519739a2447074e04ec55c33996eeb08ac5f116548b24dbb55897fff656b9651

            SHA512

            3f8d23c652e8a23f69438eb292de62a705196312860abe886c2cc867cf9bb4c73f0b9964a0e89eb4ef4b796a7342977a5640434604078de36c0d8402297eb526

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            344B

            MD5

            905d6af0df0bc537fa64ff0fc81f5ea4

            SHA1

            add274a3234051f3eef68d6b2202468ba6aadd73

            SHA256

            b75be4a544db853e9437edea03545a28b710d647b078876a3191255bad7e1187

            SHA512

            55c9dcb9b0d3b542299248c4689b753584ae71b67823f8df3f4f77ce2e7926495ecf2e6422d240da5820bd2648e6eed488a5992c2cb30291883ebb4de0b47807

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            344B

            MD5

            d02f1ad51c0b549bed7cc5ca367aea82

            SHA1

            1e989dde9c2ec7b203633e5beb0e2bcf80a5abe3

            SHA256

            582a72f646ca0b8f8c11a6b9147521dc4cb1b6a152f4bdcea31cd1bb77e1bfaf

            SHA512

            b74e68c37c1dfa9b1f8fefa146fa20e8bae812d0dc03b406953215cadabc4dc72cbde3d9256db8dc78f8eed2b89ff49435319b79422be12181f42c4cfba18038

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            344B

            MD5

            d43fe624caf575b906e4afc2587f44b8

            SHA1

            8db1e6aca49b7e79924c05a434a3ba608e4e1645

            SHA256

            b6bacd2c6ad2a14b75f0e2dbc1616dd0a2bb327753ef710467041058924c08bb

            SHA512

            639546db45740de7e82fc9046db58ba18db23d848c0fd8f07e5d4f3962a06162c7dd0f93c963babf4fc9cce681368f7acaa15a3d67ea8e54254135b7099fec13

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            344B

            MD5

            d30c03537f8474d82bf18f598195537f

            SHA1

            331237728486e22ca3079c80865fe4743ed8b835

            SHA256

            f7138d79a98a5b7c9b859ccd4880be6d31953ba210298981339560d59be3b2e5

            SHA512

            266e53f495d275b8123447142d9a1904fb5cc158f48db49d01bb1b19937845ac6fbe235b3cd1a986e5b75da9fa6c959d34336a7249b68278b5a1139d35038ef0

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            344B

            MD5

            ab641ba89864680bb45017ebbd05f85f

            SHA1

            d0e16ffe7290b58dab580d8424e988dfca39e38c

            SHA256

            31d9f8472ced85616b0a7a2cd2dd7728bc661913838f945e9ec4349f9e192bba

            SHA512

            4c4c3be01cb5a4b3074df8bfb64b313710e07aef831451d72bb7a8e9088e01cad71231701208adc4d22776b3279a7105962bc3b3dd744caffd23a806ec03d293

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            344B

            MD5

            85c3f48ebaa2eba156bc27b88284635e

            SHA1

            04e48235f84b5122d2aa72a9ddeef7fc9377a058

            SHA256

            08307469132596878d4ed8aea9cbe69c94cfdefa1b14894329b7eb25a07e7ccb

            SHA512

            f0b7eb357c56e7cd5e1f9df18609998ecad8d20ddf4bd61843292d4989c923051823c714fcfe2c9f230519288481c7db6f1e191fff9dc6a000798a2a4601d541

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            344B

            MD5

            3e9df58c50f6d4105dae84ce7a9335bc

            SHA1

            63056ffe6ff8bf17de46839acca16155e70d81a7

            SHA256

            31db60ce15fffc9d9e636b4abdbc26c90a1387210230e1a7935ec1b8d70920dc

            SHA512

            af437543891345ed7a60dc6c8c4cb7f3f31986d64ce5e333ce54cfbc580331bc8ccf13ee5b6ab3116f02252dd592863743568d7e686aafd909f3a0339707d9ba

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            344B

            MD5

            7c5c9afdcd9bc5b53335d2a1e7f61969

            SHA1

            17b54e20cc88833f4576e79af1738ac73dc83d9f

            SHA256

            ad3568a13c5ef73047263ed16449858c197f2b9628484264b8edff97d0a71953

            SHA512

            ac4458780996b9d8fef05684b87258f6cc7628ae1c52ffb04b4a18c172ce3d4b8faf77c5d5db642b315fe4c936db73b5828844e8948b8f7969a2f4db035776a5

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            344B

            MD5

            c6530c98cd09652d5659ffb714b1f0f6

            SHA1

            b60b72e8abe19fd3f7954439ff2600e10f76fa63

            SHA256

            8d867e908b0eb78c8906ddc5ababee6f032a7a2892dc52a376adfe98b9b03e4a

            SHA512

            0c2885099bd4d6e672f5fed663664b09da84a0901ddfb957c49115e170039c02d7f0eb62e0111884dfcae9510766f5943f1f698bfd95fa4f53cf42a3182df570

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            344B

            MD5

            66744d3c67d08d3a33f2704732d4838b

            SHA1

            ddecd6d60e5f058b1fe32a21e2ee84d55d25b8db

            SHA256

            8d377125d461a016e24e5825f5460fa2ca173f9117836913e277582181525466

            SHA512

            f24e0c4486cf9b29ae03b415851d22933f4b7561cfc0b9f8a22d11d24e4e269301604f3db1c310c313a0155fc01f3a243282090c481813c1c7bfb6478707bde2

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            344B

            MD5

            2ecf8d83842a3113925af0f741369709

            SHA1

            400eeafbbd2ff3afdbb1735df02143b35824cadb

            SHA256

            d805d920d9041166f5ee5606ff5c1e375754cb246da6c93cef69081b9bbdcc35

            SHA512

            2b8ae76ddd20c550681e798dad986f22d77230e92a7ec4d0a8b16429b3324b4893f6b65e62ae736dfb850762ab32e1e395e23ec2a447f4544020aff8fe0319bd

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\62543570533861360safe.vbs
            Filesize

            679B

            MD5

            c7304e73227f339428798d05486f92d1

            SHA1

            5510456d963c861151ca23cb211274df6244ee33

            SHA256

            56e14dffaf2dbafa41ea52118dfe740a372f6a092e861f1fca4e957dc04f9433

            SHA512

            426b22d838f32e72d40b108423040fafb93e32ab958f35b9d2abbcd7d44b7b31e481d24227e6dca2e549228437216d963fc4ce140fd6d362ecd9c0f06acb22f4

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\CabD413.tmp
            Filesize

            65KB

            MD5

            ac05d27423a85adc1622c714f2cb6184

            SHA1

            b0fe2b1abddb97837ea0195be70ab2ff14d43198

            SHA256

            c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

            SHA512

            6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\TarDE73.tmp
            Filesize

            171KB

            MD5

            9c0c641c06238516f27941aa1166d427

            SHA1

            64cd549fb8cf014fcd9312aa7a5b023847b6c977

            SHA256

            4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

            SHA512

            936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

            Download Submit