Overview

overview

7

Static

static

7

bb57b54bec...17.exe

windows7-x64

7

bb57b54bec...17.exe

windows10-2004-x64

7

$PLUGINSDI...er.dll

windows7-x64

1

$PLUGINSDI...er.dll

windows10-2004-x64

1

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...le.exe

windows7-x64

7

$PLUGINSDI...le.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

MainInstaller.exe

windows7-x64

7

MainInstaller.exe

windows10-2004-x64

7

PingMe.exe

windows7-x64

1

PingMe.exe

windows10-2004-x64

1

Setup.exe

windows7-x64

7

Setup.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...oc.dll

windows7-x64

7

$PLUGINSDI...oc.dll

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ss.dll

windows7-x64

3

$PLUGINSDI...ss.dll

windows10-2004-x64

3

2YourFace_Util.dll

windows7-x64

1

2YourFace_Util.dll

windows10-2004-x64

3

AddInstall.js

windows7-x64

1

AddInstall.js

windows10-2004-x64

1

background.html

windows7-x64

1

background.html

windows10-2004-x64

1

Analysis

  • max time kernel
    139s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    08-03-2024 13:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    background.html

  • Size

    1KB

  • MD5

    765526318b49b078d35a1a736bb96eb5

  • SHA1

    6dff92a26b1e1194f32ba3f55765d6f2c705ef29

  • SHA256

    b14df17e9b5eda2f908d1a50d37bb287d4c7a42f9732d397323685bfce1ca2c3

  • SHA512

    a948e1be69de00552772d81cecc62cb260e9deaa8821935abb94194a5a4f5f547e47c65dfe2fe156008aaf69064cbb08bf3a874003e31c4cd0a5c580ba1a8e75

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\background.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2208
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2208 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3028

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    49473477a276b5fcdba12a880d2e38ae

    SHA1

    feb7c4e80828c6cea8ea14e7cd5170b2e7045ff6

    SHA256

    d021b06d46cb082a2654f728f9f699087b541201b8feb502d271dc3d2f6a8f27

    SHA512

    823b89d3ca26b181a71608d371a6a5d23e9b3d139a352cf4f38568d410e069921e47441711e146657902c1f8f4a89064cd62dfa0f3f24a91cbe19e35d9b803b4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3fdf472e7c6c2cb83b524ac97117b671

    SHA1

    cab65fc90296e0a4ff22e4a9ed2682c596ffdfab

    SHA256

    90602b9c53c4bc34187cc2a2b1c0b95e91cbb60ee68228dc40fb6d9a3cea2dd4

    SHA512

    2f3139fda937050519aa0dceef386f0bc8579d4a17b5a8240a24583ca0465875b77620f7182ebf4491e2e29e324051a791e55ff6e4b80a32a5b210a361c16cbc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    84552d53a368bed3ff1a30f84ede8362

    SHA1

    c85c53f01bd682362d6b3914797b90ca3b5335ed

    SHA256

    e9236f07e4507ff43ce0de76a5a8c187969ae3b0f8398414e0b84875f86132bc

    SHA512

    c897d88859a8338c3ccbe8bd3c0f704a8c47a8569d89732dea7f46a26710ca0b738ca8d4a391b6642baac2452e953d97828f6c501c8c24f2d9ca8ff8952ad615

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fefe04c71a1960ac1e9cc9e8625eaa0c

    SHA1

    86b5e04c76647e0712723c0fb8d884a3a2f7dad9

    SHA256

    48110e3e3187e9aad101d1c4ff92840c7df5b86afe010aec6430a75c38ad93b6

    SHA512

    9a67ebbfb7a8d199f6e1c940c2c42f5265116461c49250b4afe0bd50126214111b8cd99d283677ed0f753f30852debc19467fdbae384aedbe2a836d3b8faca9a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9a48aa194f81d603029cdfe8d9209902

    SHA1

    bca090dde42d165699481b324f744032535a2f92

    SHA256

    d568e83eb0b826ac13ad62688e089648df3a8eb7df6391f2cf7bd6a5e6ac5572

    SHA512

    ec9c2f79bbf8942796230d2909047d530aae3469c6fb4f27db3614bf0db61416c6f1ce87d50b88f213d2ba936710653874d7e8bb618819fa79c04781eb7a5288

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    aeea05d30a352ea1f60e8ded721cf270

    SHA1

    a88e80f27e75319638ca9ee698735bd24485b397

    SHA256

    f3b2235b767dec34f0f8e5f8cb05a2e1e60e722375a0655a88e01ada4343563d

    SHA512

    bd473707516ab372ee2e4495e68ef12c5726164946ea7ab3b8f35e98871dc1ddc1b589fe8cfc3a4bd73d903c9c98d915a6f0d4ab81c79e2f3adf3ef98635e4d1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f9fe93eaf112be19c82822c28247f192

    SHA1

    c5eca1c27cbed35f6b37b31cbfac55f47073ae98

    SHA256

    9d52bbde3a811fba82e03276915580b8574330a034f2d139bcaf6dbc9b58d2d4

    SHA512

    5e8c67ec9f88230da91d15b4435cf4d2dde83823c174454e62dc018464be49676895903c648f5786f247b11ba8341675e8e7e1bd90534e2e7ffae88bf131e559

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    30b5e2f95800936f33dd31a6b7536cba

    SHA1

    8953ea71c4a8dcbb08dfe33d5b694da1834d2c85

    SHA256

    b6d95fa3a46f57564ce26f98e0b653454daf8c6f586ab47d7d0a04d1f3ac3c44

    SHA512

    2b6075247de9a74120d964ecd9838dc41b535ac16bda7bf3594ff4eb8acf975b5b1c4f4d0a1ff7fb49421129089c164176d8249a06ad8752f0ff94163426826f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    699bd3e5113523cea00d2c3fe712c852

    SHA1

    3ba5fb1318a7187791a6c2d6e7908868b3737310

    SHA256

    add18c5c57450d355d23abb83f057ca658fb21b44add70fae2cf6137b61613ec

    SHA512

    fd7e223d6a81d799fc43e99655e370e9db4848bb3abe4c3600784fdf1df5201166621f21e40241c45ab52abeebdbd5ce5495379a4b2d4eebd4091708f258d841

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    740f88b30f849be969958c67c919475d

    SHA1

    b9bfa72886e7cfb44d5a15ee7595d032bba787ba

    SHA256

    6753c1d038aa6b7bdeabd9d4491cf0d22d66748eae32f651b62c0ab2abba936f

    SHA512

    0eeae749eedc356581d9b7c5105a164cee5c22e9861ae267f4c753bed21823f1d1f0b1125835daf9ff66fbc3c01ecb33e6a6f0ae0183ed9c4c7ff57fbe801331

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cb2e89a72abcc722dee6d9c2bfe1d019

    SHA1

    751511cb89492cb84821abb3b693113ca1ec8e51

    SHA256

    5dedeae6d5a90d34411ee31d82dcc9ccfaca0dc00f857dde21c39f9a5e47aaab

    SHA512

    6abbbb7b9eab859fb6e91f82ba8935eb122738bceae4f739498750dcc89c5ca1f17d22b71e9e7b84c291104cade90652aacbea7abae5749b1fed6cb23a48b0db

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab1DDE.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar1F7B.tmp
    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

    Download Submit