Overview

overview

1

Static

static

1

Common/com...ion.js

windows7-x64

1

Common/com...ion.js

windows10-2004-x64

1

Common/extend.ps1

windows7-x64

1

Common/extend.ps1

windows10-2004-x64

1

Lib/cache.class.js

windows7-x64

1

Lib/cache.class.js

windows10-2004-x64

1

Lib/cache/...che.js

windows7-x64

1

Lib/cache/...che.js

windows10-2004-x64

1

Lib/db_mysql.class.js

windows7-x64

1

Lib/db_mysql.class.js

windows10-2004-x64

1

Lib/get.class.js

windows7-x64

1

Lib/get.class.js

windows10-2004-x64

1

Public/oth...ent.js

windows7-x64

1

Public/oth...ent.js

windows10-2004-x64

1

Public/oth...ex.htm

windows7-x64

1

Public/oth...ex.htm

windows10-2004-x64

1

Public/oth...ex.htm

windows7-x64

1

Public/oth...ex.htm

windows10-2004-x64

1

Public/oth...ass.js

windows7-x64

1

Public/oth...ass.js

windows10-2004-x64

1

Public/oth...ex.htm

windows7-x64

1

Public/oth...ex.htm

windows10-2004-x64

1

Public/oth...ass.js

windows7-x64

1

Public/oth...ass.js

windows10-2004-x64

1

Public/oth...ass.js

windows7-x64

1

Public/oth...ass.js

windows10-2004-x64

1

Public/oth...app.js

windows7-x64

1

Public/oth...app.js

windows10-2004-x64

1

Public/oth...ase.js

windows7-x64

1

Public/oth...ase.js

windows10-2004-x64

1

Public/oth...che.js

windows7-x64

1

Public/oth...che.js

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    19-03-2024 07:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Public/other/client/index.htm

  • Size

    1B

  • MD5

    7215ee9c7d9dc229d2921a40e899ec5f

  • SHA1

    b858cb282617fb0956d960215c8e84d1ccf909c6

  • SHA256

    36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

  • SHA512

    f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Public\other\client\index.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2280
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2280 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2016

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b9e133f63e34b0851f4872648ae61e43

    SHA1

    232171c677fee3f281430fec91a3a6fa59c33a4f

    SHA256

    5977c993d23ad9211a67a0a7179d58151df2a1ccb590a01ed42003d0a512ee1e

    SHA512

    2c1287eea56ba6319552b220dfaa556ed1a343bc59d6dfa448c681dd9447cd2a337e7c274c9d704f79bfd7633fc9f9a1ac959d3f2b977e0cdaac1a8f416a8f6f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    420a521661adf9c16d7ba338efd04447

    SHA1

    47c9777d4c53942d78451b4ced3ecd581c4570ac

    SHA256

    966c03f6bca47b966025286eecbfda123619b62c8fff6047ed81430bd7bba383

    SHA512

    54948424e486e3df2fbca1af74f5731454d1aadf434b907f7220832f3cf484dc3c40ea546493b8d087ee05a3f064ab32d698a5480ccb0bdac3d2ae691ffd54e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9c82eae6b3343a50badf8993c5efa391

    SHA1

    52ac743e1c90b85d1dfa437c1ce4f5df27f221cb

    SHA256

    3ed867702666b2ff3732732daf96fa25d29db60e79d4415e3751bde2fe19595c

    SHA512

    460f4138073b7384d96d312defed8ccda057056d555367115a901ddf9bbf9095b46ab25271b81417fefacd4186dcb7eb352eae1e8caae1f46e3aa3f0bf302781

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f88f763c39f3f7eb3134f6b4c5d545d5

    SHA1

    2cad19dd77203364f0b710af67307a831f1a5ee3

    SHA256

    32d83accb40c62e327f1ad4a3eae1ae3540ece34f510e806d894ec5a419b9142

    SHA512

    7cf6f550976d533139bcd7b2c555e283a652db1eb8cced0f520200adaac2e89207dc188cee658b4a8587f976a3090978be807dbb5ca148bed6d3432ed77cf0be

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    94eb39f0a2794341f915600329976321

    SHA1

    df806c9aeb7aa3fd2f295e2c664c0a126248ee85

    SHA256

    208ffb3da2dcd522d5b7d7d7b1fde7fdf2961ab0d60b22dfd776db767421ef8c

    SHA512

    8c1ceb88f0e698da0edea73a2c73d1094916ccbd9bc7bc64a9d63c87c4863efb09bb8cd7536082bf5e4ff2bfd2032e95a169acc5c61791c1fbe0165b93e36140

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f5760fbb5e3cc1673c7e3bc2a1019054

    SHA1

    f7d96d6463fad0273e41eaf64c01decbdcd1dbd3

    SHA256

    ddf543e681c1fb3d3577e617cda40ac4f7e546153b2e412da86d3efbafa31c19

    SHA512

    f4544cff377067a47b6bf075883634c4baca84361c33906303417a4fec8d689eab5097fc31876558c22e9497a4ce8a5a32bf70190f9ca6994d8d0be47ba05596

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b473f90c306b4d30aa805b2c1eb9ec08

    SHA1

    0dd4e66cbc04231bfa804c6142929653918b46c6

    SHA256

    b6030eb1e924a807ad2ec32af0f009cb2587c35217cfa51388e75f5c44d59cd6

    SHA512

    3bf466205ed54ba8fa91a50c9f94c08a1d665d9df4d10b3ead8e52125f52ce18e70c6e7377f756929b0823076926fc69e6cc7b7369baf52a72dd4ab6b51f589f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e14f778faacacb4e990fb59625c35abb

    SHA1

    32cc823227b4158ed3a2e6ebb02ff117c12f7625

    SHA256

    ddff36eee3798b2f932d184f20bc3f8b3446cbef44f2fa59b3d726513037cb72

    SHA512

    4c9eedd87c48671d8f306d361b5bf92b37ebcc04ca9ad0870429f1f5c3734ea3a3cdd24ba74d9611824d46218ed0b1292e2657245a9d7b3f90fc50f997ea5f8a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c04d67bae8213800aa36515fce639354

    SHA1

    59d2f0ad413dc719bb931a440213539363dfe0ee

    SHA256

    1b1c20664630c3e370cfb5101d88500c7afbb8ae3005d738749f160b6d703b64

    SHA512

    e3e73107b9d683c85ec15d01cda5003b403d350085b014b843bfbabea3ffc5da74034c45891a22967c9e594967aef8c7fba87763095f758a38bb58907d3ecbaa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab7207.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab7361.tmp
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar7395.tmp
    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

    Download Submit