Overview

overview

4

Static

static

3

tesseract-...05.exe

windows7-x64

4

tesseract-...05.exe

windows10-2004-x64

4

$PLUGINSDIR/INetC.dll

windows7-x64

3

$PLUGINSDIR/INetC.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

ambiguous_...1.html

windows7-x64

1

ambiguous_...1.html

windows10-2004-x64

1

ambiguous_words.exe

windows7-x64

1

ambiguous_words.exe

windows10-2004-x64

1

classifier...1.html

windows7-x64

1

classifier...1.html

windows10-2004-x64

1

classifier_tester.exe

windows7-x64

1

classifier_tester.exe

windows10-2004-x64

1

cntraining.1.html

windows7-x64

1

cntraining.1.html

windows10-2004-x64

1

cntraining.exe

windows7-x64

1

cntraining.exe

windows10-2004-x64

1

combine_la...1.html

windows7-x64

1

combine_la...1.html

windows10-2004-x64

1

combine_la...el.exe

windows7-x64

1

combine_la...el.exe

windows10-2004-x64

1

combine_te...1.html

windows7-x64

1

combine_te...1.html

windows10-2004-x64

1

Analysis

  • max time kernel
    201s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    12-03-2024 22:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ambiguous_words.1.html

  • Size

    17KB

  • MD5

    3c69a7bbe48f30c7829185c9cb053153

  • SHA1

    505c4f7b9107c001edb47f218d8b82097664a88b

  • SHA256

    cf7b48a7e5c3688de899d9e9654bd31e11a1a3c1bb8853a7cef19b934155eac5

  • SHA512

    8456fa1763683e223dc96f6ab55f173b0d3ce6862ab4a5bba7671f61108a20b7a84209d105a8a90903adc8186b3113657d5ba96946bbc4cd4311bf1f3b446fed

  • SSDEEP

    192:b25icth7o14c2mgjzapG9hAKFg7Ce+xgrXQto8npJ+u3S1VwMKhMsY01EppM9a7z:mic/7NlHRV3nP73SXoFn1EppMkm9mSjS

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ambiguous_words.1.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2852
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2852 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2888

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fd16f3a0a958a30f12114495ac43ab96

    SHA1

    70d216b7be4f349478dea6e5800741191f92aaa7

    SHA256

    be2dac797ce3247c4e5609a597906878c10c1fb8b9b08638be713a22ee68b66b

    SHA512

    80d8fc199974391bdb618cbca0b236908054fd88bb24f90d822df98fc3b6d488ad13289e1003d2f5c07bd3a7f14cec210b52c82bb6a62eb0e7b412e5bf3cfdae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f28abd08bf7ceba6b7f6a056ae670861

    SHA1

    8630445c1c810e6c9f5f0db7417019b237177dca

    SHA256

    cbc3247bc805ae2dc117490c480d9c5272a6db60f14a0a591f2aecbc344333b3

    SHA512

    e0ff9173aa5c7964cff9ba4e9ceb09892676b233bb2c4d3d3714a4b16bfc1b572944af8bdab2c29b40ecf008aa6007cf9b7aca5295b7a9f6bd5a40abb10e7ced

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b7ded6ce0734add1f38e5a7e41e0ea68

    SHA1

    19646d7c57b20df526c2cb4f016a5fe75cf875e7

    SHA256

    141ca1f75ab04c48d8d6a79abbd631a16132718973483148aaeb13b1bc197d9b

    SHA512

    b9d9dad63316a7f002b54f7b47fc07579f05307d370e00c78d0b4cd4b99767dcb5e492118c2a5156d8de1cb5252721b24f785f05815f8319a85e3bee7dff0aad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9518f124b30df818108527eee9c93f73

    SHA1

    a0cfc119a141aa3bc353e12a704e2ac7a2d14170

    SHA256

    2f77ae76b5f07bcd13e0f1d29cf557ef9f7b24d4f9567001f18420d91eb7306f

    SHA512

    d7d1fe528f34ec2918bc564cc4c1a9eeeb86e92716822bc23107e3b1fb3e4a9e58a7d600b964efe320209094412fd56764e136ec04d3cfcacb08ccbab57eb036

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2a5f464f055d875b65dbf02ee3c179a6

    SHA1

    e5ca873b828bfa1541eef7c4d94af8d06e5be842

    SHA256

    ebcfd2742a1280f0962781b968975fe50323bfded20199b33aa385cf9115999f

    SHA512

    617335ab051702978e4207324f5fe53bacbfa7bc01d9b2fe5de486c3ab07cabf4a95d0610dff088f366aeb7b89824c798575605e6317219653e3a56e38937878

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    88f52da8f45bb01f51554a5adc1787bc

    SHA1

    2acf383e5d973302af11751201258a5f850b1028

    SHA256

    0cae33d494e7524ba69a7a5962948dedee1ed90fb073bfab7dca7efabe86bf46

    SHA512

    6ee00813e87e8972bda4c3c4da018ebd45557934ba51df92a65bc741162276228eee2253d8772bf2987c983bedd4fa1690254e3402129ed2aaef5afead06296b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    faec4bbd525370423dfa313e98995fc7

    SHA1

    b890d92f5990a33a88ca0a63e913b88dc80e56c6

    SHA256

    3fbd9914e1055b3c1e71c5122816dd00b47fca70fb48e44528847fbd51cf42da

    SHA512

    cab306658ef12926c8e5ab6daab83dfdb5a9d3985a47101cd35625ba3fe88e0d74ce01ca90dd759df0d2ac8f8ecbf09a51895e33cb72f8554fdb934a69e5f2ca

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9476.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA204.tmp
    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

    Download Submit