Overview

overview

7

Static

static

1

engitech.rar

windows7-x64

3

engitech.rar

windows10-2004-x64

7

Engitech v...PL.txt

windows7-x64

1

Engitech v...PL.txt

windows10-2004-x64

1

Engitech v...se.txt

windows7-x64

1

Engitech v...se.txt

windows10-2004-x64

1

Engitech v...er.dat

windows7-x64

1

Engitech v...er.dat

windows10-2004-x64

1

Engitech v...nt.xml

windows7-x64

1

Engitech v...nt.xml

windows10-2004-x64

1

Engitech v...-1.zip

windows7-x64

1

Engitech v...-1.zip

windows10-2004-x64

1

Engitech v...-4.zip

windows7-x64

1

Engitech v...-4.zip

windows10-2004-x64

1

Engitech v...ts.wie

windows7-x64

1

Engitech v...ts.wie

windows10-2004-x64

1

Engitech v...ld.zip

windows7-x64

1

Engitech v...ld.zip

windows10-2004-x64

1

Engitech v...ch.zip

windows7-x64

1

Engitech v...ch.zip

windows10-2004-x64

1

engitech/a...io.ps1

windows7-x64

1

engitech/a...io.ps1

windows10-2004-x64

1

engitech/i...ipt.js

windows7-x64

1

engitech/i...ipt.js

windows10-2004-x64

1

engitech/i...lic.js

windows7-x64

1

engitech/i...lic.js

windows10-2004-x64

1

engitech/i...get.js

windows7-x64

1

engitech/i...get.js

windows10-2004-x64

1

engitech/i...ts.ps1

windows7-x64

1

engitech/i...ts.ps1

windows10-2004-x64

1

engitech/i...on.ps1

windows7-x64

1

engitech/i...on.ps1

windows10-2004-x64

1

Analysis

  • max time kernel
    136s
  • max time network
    156s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    24/02/2024, 12:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Engitech v1.3 - IT Solutions & Services WordPress Theme/data-export/demo-content.xml

  • Size

    4.4MB

  • MD5

    75820224d94c79e244246b8a0db58cd4

  • SHA1

    9fe0f92001e6d1e780de73cf757a0b3f02d433fa

  • SHA256

    6dbead72d45b12d65a21db37d5e9dfb23dbfd4912c57b719d282b8c23088ff65

  • SHA512

    230f40b0deb084c1cd59caec8e3bef3607e5144ca5a1a4440ec03d044555581ec74a0642ac7e00b4f4400af98965e71ed7ebd86ed200b39a5acd97f13379723d

  • SSDEEP

    98304:lnuN4QpH+hiUrTAzEOkNAnWckVzWN8dqaZNwvaa+zDyZgLeIQHexo:S

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 12 IoCs

Processes

  • C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLED.EXE
    "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLED.EXE" /verb open "C:\Users\Admin\AppData\Local\Temp\Engitech v1.3 - IT Solutions & Services WordPress Theme\data-export\demo-content.xml"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2256
    • C:\Program Files (x86)\Internet Explorer\iexplore.exe
      "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:2736
      • C:\Program Files\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:2900
        • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
          "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2900 CREDAT:275457 /prefetch:2
          4⤵
          • Modifies Internet Explorer settings
          • Suspicious use of SetWindowsHookEx
          PID:2080

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5eafb24e1777030790adba4dad309f9a

    SHA1

    120ecb779ddc00ee98eb66ba9710af5dd64397fc

    SHA256

    92c4796ca80eaf03738f1212843ae8eb61b1d0b727e2891870b2a1b99c25bd34

    SHA512

    0ad2456544809b47fb8fd1b857dfb6fd07928408fc551c3caff95e380756a6ddfa25afcd0276fdad8132b6d7c3d5045b4278d3479684f93acf5dfc59e5b50657

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5ff19a86fab0afb9b279b9fdcbab6ae2

    SHA1

    3a1a3572c68c69aa81b43485701a8e0ce326af32

    SHA256

    995d5128db90529c5afb78fc5bcecaa18c9c65f42ded94e8430a1444ba6b8b12

    SHA512

    acd624cb2fb03d7dfb5f36a383d93043e521a4d5e56dd02eeb329e4b71fe392aded3b26c9b341e66086bffbacd69048fbebc7082ee8468d6c717f2ad79cffb6e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    14d914635da12742ce695d33d0c11a77

    SHA1

    5cd9060745566ba9e61803e7770cedd2cbbe1fcb

    SHA256

    3c51992b6e3ae28765efc8410963e94b4603698b2ecda9b6bb374b810923587e

    SHA512

    93bceddf4341aa93437045bb8aaa4fd3f67876cbc8e4884c40aa98562a84bc77619ac4aac4e71b62bd5fdb28afd28f91dcb86f467b88977eb1d63ad43408347c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6eb1bade68b5f815d2b371939f06db79

    SHA1

    faa95549b5558e32e9c1aae75b1930061f1361ba

    SHA256

    22dac750569543cb9dcb33993ef8d152b12f7797a67695544b4e3ecff0e97001

    SHA512

    74cd4b8c7af648f367ffb56b34f26c4dc3f10be725c75ccacf2e0a4506f2c44db9f45238f0431096ee7d4d777f068651470f031c60e7e5965bc78ee8d9b9f40b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    07da37597be9273c24676bb674c3f42b

    SHA1

    513e6febd5f121937f4d234d1a481af7b449e15d

    SHA256

    d84c73d4bdc82e4222262e34f338807ec4c419649bc91dcf3769d8d6c62081a9

    SHA512

    2f575ed957f3a158a606216e08a2ba6ab6b16a654c255a06e9aafa5112b7397b0a5cfacf365b8f1dd9870cc72311b9bc4aaf187678b37b1ffc02b45353092441

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    544eebfc3695b02e041b3b53f5cc052e

    SHA1

    468c805e27b766af17274ae495eb7afc46c0da60

    SHA256

    d4e31c2a0f8b97e0d4b76c342531d43316d6a105db9621b1c5cf86fc3f26e546

    SHA512

    8aaf53a820cd7220acd367fdb8aef4933ae814f99ae1dfea500fd892325a0031549fdd7f128f4d8f3dfeda8f46745718477c78eb2b126f6588c3a2250a5de7ca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    332901e05fe18820651d1de3eca7d537

    SHA1

    679019454a2c56358aa345bafa053f2d871d888f

    SHA256

    170265bd2f97d0a5a2d7f301584d8b2380f0e0c35c3c55b3d46e4d69043a11cf

    SHA512

    c1d20b5059023794aa258ba3b7714adbe344b2e1ac2e6d6ba998164e02c6035719e21a845620c6c7314e399c1ab87567d82653ee7f8f60d298be178889b27e6e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d2e669ff723c89988070256fa317c5ec

    SHA1

    c7e61077cdbb1cbc97eb5c7a7017b3c7d7257bc4

    SHA256

    79eca39c9725fe9e6b6686110602323f8322dcc52410395d2967f54102edd988

    SHA512

    356b0a9c5e51cc312c90d50b8132d4d23a88d700036f6715c03e4910aa74b0a324f219d08631b808dd14791925cecde48bc4042e2b158a4678a4a421431d765c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6e80b2bf13fa9e865582556224b05c6b

    SHA1

    dbc35d2cb2ddbaecb93ec1f324d36e40523de0c5

    SHA256

    f52d666d8b5653e63a6f9a6d00053e0598eadda487f856f21f8a1e60a03b7c0f

    SHA512

    f8312e1acc36a8b6bd4b897cd5cd68df107f823c31fe9662ef454d6c56b22cc1727044737b4f97eada7508c0efc2dfc0fae0fe1509d6e3ddd9e323339e9706fd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    079335b6e0a468e1f1a8961fd0ab5148

    SHA1

    50d83bd9f8b0815ff19f86a14fe2c1f420305dd5

    SHA256

    ccac181c64805ed6876796705d83c566949ad08d4b5813dbe43898e89ed216aa

    SHA512

    76211390d79137efe0b7edbba4d59f3e6de3f9a1fa52dbd844f328968d87e04c75d7a59d34a5d037c1c9d5e8f75aac3eb6e31815add457012dd5778cffc8fc2a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    177a9c60c517b337a7abcc9b7e8b05a8

    SHA1

    97788a85f6de116ae88ea8f4730b1f2eb75e1636

    SHA256

    dd75e1c7a627508cf7591c56b06ca4b89dc756baaab8234c7aa2355c1edac70b

    SHA512

    e9286a64831e3926e4d1d1c0b0a3b1866c0b015bb2f250ef4ba70ca09e6d4b77448c827c98f83e3575d48662930b22c45c8a15967d51b9c05c86a09ecea25d11

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    465c165899329d5897f8791504ad66dc

    SHA1

    9467a43df27e7a2ad3d25715953511b2a574ef27

    SHA256

    e081004b0dd81ccb26d44d019666f91fbfc314822da9a6b3852ee8242e3ba474

    SHA512

    b3a57bd6fcf4bf46e2858f6462da57a7d9ea1c41a4e9a4818f93da03c286fc973d41d5063af3df242ef0d18f900fac73720d83767b6f86cef581dcacb0b95c5e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eac4a20d6cd6de646bff2a4863e7a276

    SHA1

    e3b8addff444c107db6bee3c9e7dd728c5282b08

    SHA256

    8316a707b1e08f0f90744eeb0b745cb724d83953a390a2dd0109595d1458f1c9

    SHA512

    842d12bbb5fc82cc85373b8dd0e0fdd808ad9123da18df237dc9510ec1ff5237773a1734a765459f2fa16410ca9276c5f291355d0a057017550464025c728673

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    aa6c965a4607e2cb192533ac7349e6f5

    SHA1

    9eb69980584a5f0536a3e952606b3c5fb5a48482

    SHA256

    22f48870df0e84b4306b707e8f1161dc2682db6b1b6fc935074905947d15f4c0

    SHA512

    c09b3e249dc6b354f6b7e8397f023f5ff40d82236b0746a293deb6805ce43372c84df6d3f9d529d143dd6d5119780a4f942447526ff17f16c001a777209845fd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9abf302898c1987ec4b482e3b261608b

    SHA1

    3f07176f14e0e56d258b77ceca05ebe7cc430156

    SHA256

    5105b812fe37cb4082ac9a8109388f06f2b82054366b5910d70b069f15538c17

    SHA512

    5e4fba2c72c571167ecb453d506e3ea55dbda3d9726fe2a1d47cbb600aaf81880020b44d4ff01ee57e6cccf96e912b2555d225a7d70ccf4f340c29879a418aac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    abbd6f4dbaeaa87fd52ac4cf7281de19

    SHA1

    5bcb1e3a1ac686f4eaa413a0c0a2e07ba5b8c5f1

    SHA256

    173d787efeab3f51be6266ace002b923ffc0bfbb7162b4e0121d9cee6a6f4a58

    SHA512

    042743c7ff36b5e40704e4ce615accfd686d38f823a59b231abf54d89692448a6d9900a31b691a45a5828040b1e973724aee6b2411884d2a289a5f121c8745c4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f7010d8b3dfcbfa481a71309d4c0c01c

    SHA1

    8aec0c6d22c2caca5f48adae83d37a7a9cd4205f

    SHA256

    ef03427c33c740b066b3a805d4d5414f07d27118716090a2e017821720e2e2b5

    SHA512

    622eeb3bb6341937995e951262a5094a8cdf32ccf355445cb7e5417030f3111a3877330427da05e5d9acba99762a7237cb36d29c799509be1e617620caedb2f8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cee0fb2fc2ee2cce0bd9df925c6ec003

    SHA1

    45fbb2d9d2a6c06d29dafc9023d346593269cb25

    SHA256

    c5dafb04ead2d4a91bb79c0942b2973bb970a199a40ba5657084ae9dee1c0c7a

    SHA512

    c547643a2314f980d1de441ab5b7be72e68e61b39972ade4ab984554f4231a459c105b22908f1d1fd038bf4deebf0c859049c596a760aef64c8d08dc94f86ff7

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC7B4.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC8B2.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit