Overview

overview

4

Static

static

1

UploadFile...14.doc

windows7-x64

4

UploadFile...14.doc

windows10-2004-x64

1

UploadFile...41.doc

windows7-x64

4

UploadFile...41.doc

windows10-2004-x64

1

UploadFile...42.doc

windows7-x64

4

UploadFile...42.doc

windows10-2004-x64

1

areweb/Adv...ol.vbs

windows7-x64

1

areweb/Adv...ol.vbs

windows10-2004-x64

1

areweb/Adv...dt.vbs

windows7-x64

1

areweb/Adv...dt.vbs

windows10-2004-x64

1

areweb/Art...Box.js

windows7-x64

1

areweb/Art...Box.js

windows10-2004-x64

1

areweb/Art...ple.js

windows7-x64

1

areweb/Art...ple.js

windows10-2004-x64

1

areweb/Art...ut.htm

windows7-x64

1

areweb/Art...ut.htm

windows10-2004-x64

1

areweb/Art...log.js

windows7-x64

1

areweb/Art...log.js

windows10-2004-x64

1

areweb/Art...lp.htm

windows7-x64

1

areweb/Art...lp.htm

windows10-2004-x64

1

areweb/Art...in.htm

windows7-x64

1

areweb/Art...in.htm

windows10-2004-x64

1

areweb/Art...op.htm

windows7-x64

1

areweb/Art...op.htm

windows10-2004-x64

1

areweb/Art...de.vbs

windows7-x64

1

areweb/Art...de.vbs

windows10-2004-x64

1

areweb/Art...tor.js

windows7-x64

1

areweb/Art...tor.js

windows10-2004-x64

1

areweb/Art...up.asp

windows7-x64

3

areweb/Art...up.asp

windows10-2004-x64

3

areweb/Art...ig.vbs

windows7-x64

1

areweb/Art...ig.vbs

windows10-2004-x64

1

Analysis

  • max time kernel
    146s
  • max time network
    154s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    11/03/2024, 13:54

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    areweb/ArtHtmlBox/Dialog/help.htm

  • Size

    517B

  • MD5

    30b0b68c477039e80c0a8883d165ce06

  • SHA1

    8a7c39d80f006ab9b740963686a0161faa640a26

  • SHA256

    f7ba2c42056c28cd331c1525cb890e24b58dc62230750c1fa9a83aac4823a98c

  • SHA512

    793622cd079774a74b3d3a3ee654110bde36e3d80c471fa81ee7c8dd0754139a92d6a5c1b054dfff7d46441b0020e7563dc5f6ebe9c3e2aefb808749b5caaf06

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\areweb\ArtHtmlBox\Dialog\help.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2116
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2116 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2600

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
          Filesize

          67KB

          MD5

          753df6889fd7410a2e9fe333da83a429

          SHA1

          3c425f16e8267186061dd48ac1c77c122962456e

          SHA256

          b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

          SHA512

          9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          ecda444b1309af1facfbe62df4d5b58b

          SHA1

          7c463e7c959a5afd5a489c1600b2494cbfa80655

          SHA256

          d32e328e1357e657129fca6f804bd8706db0b36ee580b21b33d66ad9b6a35e12

          SHA512

          130062e3df538c065ad6de90c93b42dd52504a47ea29b3c97f7329c83a533afb1959763d0d2da246ac5eb553730d1567f24943da1d5e83acb8a5fcb37c4ac970

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          773fb5b1a09457fcffac6cce90127863

          SHA1

          85b8fd875785d41a1ee5d2487c699f867882aae0

          SHA256

          8468edac43217c773e4a267c99bc1a72b97aac62d002d157459706d7028cdac2

          SHA512

          43859989dc588b8e017d3417e419bb7323a67b4df70d9689a5e06211369da0b39a981216ae704111843a462dfd4bde74a52df71bc9bcb80cfd8f77cefa679c8a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          3b1fb2e8899da9de0c2a77c620ec155d

          SHA1

          f6c56a99d47218300d83de36f4bae2f765fa45db

          SHA256

          dcb734bbda9a886f34374a7f17f554be87cd56b6e57234f73c7536f1f2d44a1a

          SHA512

          21f26e973b28cdb76ff9a29471b82855149ba687709fc4be078fbe461ce0b661adeb5b833f4af516a3c280795f31f0068a795d118f153d7d00718926a3f955bf

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          e5e68990e007fc3949886625a59048dd

          SHA1

          e36956e56b69d0cb41dbab3b9ed0af9ea93aeff7

          SHA256

          2f0f239b4c6430b86797f4c08034f85c724eb2e2f2d7feac88f639d42796bb80

          SHA512

          0c2024a1923394399ccd26cbbbb240cd15bd82efe36c62a290b245e5e2defb8041ce5ce78f886c8e67dcbe5879b6da49200fadecdcd98e038aef235651eef5ec

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          2de024bdd5bdb2727f5237aeaafafffb

          SHA1

          c23c47d360a0e7fa45b8378236e45b66aafee8ad

          SHA256

          ad68ff50ba8765c96cb8bbabbe298f639b7d5a95011b8a82e237c2a76c1c69d4

          SHA512

          66ec44e6e714656b3ac527d04fbf9e82b5d3b33a5b01bb96e8e8f29662ac92624ffcacb536849e506107db4fcdbb6f5d975a5a49e5997d50f23d27e0e247f23b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          affed7632a726a12221baf963ec525be

          SHA1

          70d899171f4d6a727618e6846ecc5fb146f5f168

          SHA256

          5d691d0bc7f70d02ff92e9b2c3528bc1e5266a999db82faaf7a3704e88c63097

          SHA512

          30184256e92cbe0b56d773c380fe502b73928851096eefe04b5a1b8884c20b2e17c341a5aac59ac02b884b8ede10c95f4dc9b2046a6b93cf51fbb1ec931b881e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          f9b2e3c05013f3daec0dc34cab7e79af

          SHA1

          71b7d5cfe40ea45758e19b1d1c5134c9001d233d

          SHA256

          4666627a73e98a295f71b1ff0079dcb0a3dc4c1855383c514f8ae425e61f79a2

          SHA512

          360d4b82e4dc4c0c1c4bde2361b49f8cf72e794157d30da5193885adb051bfe591ed14a582bb8c227445c61710333b1b9b1849a85d236ad10019147b4aa0815a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          e4aa25f1ccc7efe4d99cd0215b4a782c

          SHA1

          31e9da220fad056453dea296dfbb3a450205b6de

          SHA256

          790e724bced977a18dc61ab16c304e61331db644a7fcff825f2b5e67da7e5c7c

          SHA512

          7bd7ec5f7a03d064ee8ed5e30e63129b77b927e7562b60d245345047cd119808135800ceecb0dfe6d8116759e2ab1bcd3185d140a1c091a6cf534c86cd4d82b4

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          b5bf73d93e20ab2135ebb82ccab24e3f

          SHA1

          9ee6a44631696de1d8b979212acbf19d901bb0dd

          SHA256

          28daf3a771a7d6d384b7071b2f65fbeca483404d2ff02209704b2e9c56fd89e2

          SHA512

          def3c79f709cf386b8197568c29cb34f6c5bb54be456df1dcce3933bf39285b6e9cff7fb6648b87c27ea506318b91bc892e4f55c73d3b4b4c1638f4067a68a00

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabAFB3.tmp
          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarB47B.tmp
          Filesize

          175KB

          MD5

          dd73cead4b93366cf3465c8cd32e2796

          SHA1

          74546226dfe9ceb8184651e920d1dbfb432b314e

          SHA256

          a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

          SHA512

          ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

          Download Submit