Overview

overview

4

Static

static

1

UploadFile...14.doc

windows7-x64

4

UploadFile...14.doc

windows10-2004-x64

1

UploadFile...41.doc

windows7-x64

4

UploadFile...41.doc

windows10-2004-x64

1

UploadFile...42.doc

windows7-x64

4

UploadFile...42.doc

windows10-2004-x64

1

areweb/Adv...ol.vbs

windows7-x64

1

areweb/Adv...ol.vbs

windows10-2004-x64

1

areweb/Adv...dt.vbs

windows7-x64

1

areweb/Adv...dt.vbs

windows10-2004-x64

1

areweb/Art...Box.js

windows7-x64

1

areweb/Art...Box.js

windows10-2004-x64

1

areweb/Art...ple.js

windows7-x64

1

areweb/Art...ple.js

windows10-2004-x64

1

areweb/Art...ut.htm

windows7-x64

1

areweb/Art...ut.htm

windows10-2004-x64

1

areweb/Art...log.js

windows7-x64

1

areweb/Art...log.js

windows10-2004-x64

1

areweb/Art...lp.htm

windows7-x64

1

areweb/Art...lp.htm

windows10-2004-x64

1

areweb/Art...in.htm

windows7-x64

1

areweb/Art...in.htm

windows10-2004-x64

1

areweb/Art...op.htm

windows7-x64

1

areweb/Art...op.htm

windows10-2004-x64

1

areweb/Art...de.vbs

windows7-x64

1

areweb/Art...de.vbs

windows10-2004-x64

1

areweb/Art...tor.js

windows7-x64

1

areweb/Art...tor.js

windows10-2004-x64

1

areweb/Art...up.asp

windows7-x64

3

areweb/Art...up.asp

windows10-2004-x64

3

areweb/Art...ig.vbs

windows7-x64

1

areweb/Art...ig.vbs

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    11-03-2024 13:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    areweb/ArtHtmlBox/Dialog/help/top.htm

  • Size

    1KB

  • MD5

    5333d33ad520f363cb1030b168b25bc6

  • SHA1

    c9c6af8f0a4755de45e7b93f9b8116f56a049ce4

  • SHA256

    4d739c86305e5d989187ecfe6b5e6674fec8937eb5b6dfdc0680247d428759e1

  • SHA512

    81b12c7d591ee7c6b5f52cf4bca578a912f688423935be0b368fe51358e18b2259cb60089d925e41649c13331eaa03f9e5c2a52aca1de69ef7de16eddb628f2f

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\areweb\ArtHtmlBox\Dialog\help\top.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2692
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2692 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2552

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6842d10b87e96bd6006c0504acca42f1

    SHA1

    03170c3b1a211a366ef60eaa58f56bab9bb9ce09

    SHA256

    267013fb538fea0ca86582eba0b67a01f2c58b2be3739018a8e3035706b7d1c4

    SHA512

    e4c2b2374a76f03263ecb8fea6838522fae2e403c56776629a7d863ac2603044ef8ad55bb474c40b8a7c1de31b2037897521057223ef0c1b7fb82aa115f1d3ad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    61ea9ac3eaf45941938b0ffa3c19208c

    SHA1

    7ad0d423495c78b125d3603ad24742d05d7db003

    SHA256

    7ff904acfcde5c86ec7dbc59b938727911a595529d5c078b04bd1fdb257d9242

    SHA512

    9455e9537f4faedce2943b228f4517c17d73653e77b83407f5a331cd990b5b0838fb47a04f6ae1bcc73f734d34f8711bf66b437dcc34539794230bd0c3f5625a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    af6f2a6dbffb1a533dc111ce7ad10929

    SHA1

    53e3433658a0b85bdcbf5264daacd0f35d0616bb

    SHA256

    ffea4cc38229dc84458c9491c4bc4ccfea5ceada2b3706a981fd8b19b06514f3

    SHA512

    e375b9943c61a99d801dd61bc4b77747f2fc67d1fad81a737c7cb01949677df5e55c825c452235552e8ca76e97092408c3f6b8989042b2baa4ccfb4d1e8ed043

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8ee85d28bed28ca55a142cf9d0a2571c

    SHA1

    67f687549d691851a1a421356314f0a9759b9a28

    SHA256

    878e733b324d0abafd5d4ba24dc211f6a9e360fed9ac635fdae21507ad2b5a93

    SHA512

    42c0aa5ab94ea7bcca940af9b2e13fcb749e786ba322094cb0ca743d2327299a7578820c46a92d9642606a50beb7a9905217e6d046f7bca6dce27b9f8e0fe9f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0557a61b459ccc7f6ae7c7cc16dff045

    SHA1

    905708c8bc73c9018efc78ea6f1b8a60e0da540b

    SHA256

    91fcdd25b7be5838df136d2db5976c707192208b3ced42a5cfbeeaaa961d8d40

    SHA512

    ccb1b0fcb280fe98752873574dcc8de846728404d16decb6dedf0ed100d717abc400f52732e0c6527b0595faf937d87f60981fad0af14c4530a7d949ffa55cbb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    94f543e0b2563afa4fea125a9439a765

    SHA1

    8487ed251c3e4852d78ea9408431fe77da8e09c4

    SHA256

    2e26560adbb8043e43de70c68aa5252e11714f645df7cfb318f38ae058eba218

    SHA512

    b9e63e2790fbf0ed6f37f421b3cdce2bf9a89d93f49e7e3f5c7a164258e0c429da650871b0f87ee6ce4bf8691e141d479bd2952a192b12c93edf57317fe7e763

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    932ebe8c2cf20606e1b02baf1a7bbff5

    SHA1

    5c275b39dd6b77f8dddab6ef2dca6458cba0040f

    SHA256

    7e880bd53d2fe5870a3e4fb1934933de7beda81198e09832bd46b6082a08775f

    SHA512

    d0c2614b35ac18d1eb911bc8d98629b9e9c5eab6a73e7ed7b33bb2c8199962e4d1d10e284a8c47d5bd26093f76a61022f7e157b150cac94e9ca5c3f3c1add388

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8dbd61f7bdbddc6650a3d27f133da3be

    SHA1

    c80bbca39e9d21c2b90393cc68784f41d54255b1

    SHA256

    0b7c05db5ca1b8b681489fc1364f241f1b8368fa9ba933eff7990030ebd0f9d8

    SHA512

    dab5f7a0cbd54023601e8512b63d8fbe53e9f563594aceb1d5e8c9e04df12837436b47df0c9ad688f3ec180480c2c6e98c6575a97a71e6be984e71f680d77799

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5fcbcc6315c892124357a9300288a8f5

    SHA1

    4dafe347053c60431807bac3cc9eba885aad2aa0

    SHA256

    f6d45bf5d470c7085c16306a0ce45ca5443c1f0b54d4e54579f110416ab9447b

    SHA512

    b9c0642d5bae6e0da722723fa313477e01456260603be3413aa31959e9ddfe9dd0c2f250353f5acf695f86ecb22f8e024410dfce57d578f49289bfac161af2fa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    11be59bc48435ba2f9634941ce71ef32

    SHA1

    a751329eba45566139a8b92224b6c26beb12077d

    SHA256

    2b01ab78d7f564ab206537ea6cf2cea04d372d3594895580be44dc395677d450

    SHA512

    fa5b07b7eca5fd80b9a29480ccfe393fbc0cb642b95448d049754232fc90103ca4a06b5f38b04888157aacd159d16345703f4b3013924a8a715265685cd6f9c8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a2f2883f631df46e4a5a20542fb9d652

    SHA1

    77d475f4df7d73b2048f86a39a6f199c3e96f518

    SHA256

    a6267b5dd69f062d02fc69975d52ec6cb1d3ba338b87d5afb2c898b4b743a562

    SHA512

    32ecc35fea814d700a091fee883ffa43dcf666cab08f353484cbb6db204fc98e597c92888016bc7b2311ea9779c71c4c7cf6f6039f7b76dc60df00befa961543

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cba92559d6b2c9a06a427ea73dcd41ef

    SHA1

    8cb0973a989ddac4fbc501b92bad5ecb5ce0cbbb

    SHA256

    3d2a3bc810e8dc944969206091b7f1657e57d6f38cdf8418cbb0a45fa2c26c72

    SHA512

    1db4fc7c40a22f0d2d036a9712ff2c75c8624c254b3b56c42151ff7565133837268e88198f2836f5b761b608dc1e26929f7c9ca5f1ef98b8fb57f439a0f7ec6c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    998c9cf729b1454c4468dab6bbdb7cca

    SHA1

    4a96666db2a14de18dafca41f1a1bb3c5fbc5001

    SHA256

    e501074b208943cf4fb19eaab82d7b567f089b468de952817221555b76c7996d

    SHA512

    942f8093ddc224d63aba3ce8ac20bfab01ac06a04b6797fde161f59cea99ebc08e165ded057b87731ab0e3a521e39575593f5901087e7f7161f366421d6a671e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab85C6.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar88AA.tmp
    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

    Download Submit