Overview

overview

1

Static

static

1

Common/com...ion.js

windows7-x64

1

Common/com...ion.js

windows10-2004-x64

1

Common/extend.ps1

windows7-x64

1

Common/extend.ps1

windows10-2004-x64

1

Lib/cache.class.js

windows7-x64

1

Lib/cache.class.js

windows10-2004-x64

1

Lib/cache/...che.js

windows7-x64

1

Lib/cache/...che.js

windows10-2004-x64

1

Lib/db_mysql.class.js

windows7-x64

1

Lib/db_mysql.class.js

windows10-2004-x64

1

Lib/get.class.js

windows7-x64

1

Lib/get.class.js

windows10-2004-x64

1

Public/oth...ent.js

windows7-x64

1

Public/oth...ent.js

windows10-2004-x64

1

Public/oth...ex.htm

windows7-x64

1

Public/oth...ex.htm

windows10-2004-x64

1

Public/oth...ex.htm

windows7-x64

1

Public/oth...ex.htm

windows10-2004-x64

1

Public/oth...ass.js

windows7-x64

1

Public/oth...ass.js

windows10-2004-x64

1

Public/oth...ex.htm

windows7-x64

1

Public/oth...ex.htm

windows10-2004-x64

1

Public/oth...ass.js

windows7-x64

1

Public/oth...ass.js

windows10-2004-x64

1

Public/oth...ass.js

windows7-x64

1

Public/oth...ass.js

windows10-2004-x64

1

Public/oth...app.js

windows7-x64

1

Public/oth...app.js

windows10-2004-x64

1

Public/oth...ase.js

windows7-x64

1

Public/oth...ase.js

windows10-2004-x64

1

Public/oth...che.js

windows7-x64

1

Public/oth...che.js

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    19-03-2024 07:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Public/other/client/lib/index.htm

  • Size

    1B

  • MD5

    7215ee9c7d9dc229d2921a40e899ec5f

  • SHA1

    b858cb282617fb0956d960215c8e84d1ccf909c6

  • SHA256

    36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

  • SHA512

    f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Public\other\client\lib\index.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2428
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2428 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2100

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    9c4c88c035359a8a3160c30a36e2aa1a

    SHA1

    b24335a033e403362a44ee71cd46716e67d703cc

    SHA256

    17c43522e53615f3a450e48f2fce23b603d55d62258a2bb326688ade7ffb1106

    SHA512

    bf429c0e307535dcb143d68289b271996c40f630ba0b51ee64baef5de7c21f86bad98fb4a86306594668ad23de5e0a1609796516ded75aec94e74b1df06fe333

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    41a5970c3121b367735654b4bd92c639

    SHA1

    4351848d8de23455776e91ecaf4cc98bdaafb50a

    SHA256

    13ac15047c12e2bc14a7c24f2650159bdc0b7a14c5de9740db9796c07e0b90b0

    SHA512

    99ebdd3d9aba90f219975845e057367c9abc1fa6e8bffe7424c570984bdaab1ee3e7eb17dbff93f7bcbc659a17b60df1698b1b9b5a07136ab9e97e5c171a9fd7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    ea851806e4b77e8ba530e90787c234b1

    SHA1

    5b187a303298153e121fc5211bbd3e82f91b37f6

    SHA256

    773af3c134c37748dfc70741db41291efab22cc833a4633f74cc72814d01ae40

    SHA512

    8ae2764b79c13fa67ea3407b172c78f032fd8301a2d54428460c13eb9e4847c321bb998a7d505aff34285725c651f0a18df0180dfd0542f495a88af75831764e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    ad2c745a84c4fba8d02fe458a776e565

    SHA1

    bc8d932bb96fd48765e1ffb1b3c8e2551b1ef553

    SHA256

    375614ae0414890061801e1ac1524fb1d81f7c9b9e2fb50a0e5234aba9005a96

    SHA512

    bd7ff88b8d98b0fe4a5ec7a727578c1de70c287636a5d42c18963d1c3ecc7d921519bce5a648f310510c004869c55e3011a5e8a00959b636a957366fed0cce6a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    fc329825d3122b053cd1bfb06fd27102

    SHA1

    04d4514c03a7ab1b546287381e1e8fcbadf7e366

    SHA256

    86c58f6bacdfb8d4b0007319ec6a3d1f92927ebf0ace7d05ab8265a6dfa5afa8

    SHA512

    e4a7367e5a98f21a8bf1341ada6e95676a44b748c5be5f5c8922b847b9891b543258fcf63105ab3b3055012e406dc235ca640eb6b382a8e7fe0aeda6676d8147

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    095ce7982b47558c6e7f5945125bffe1

    SHA1

    2a5377fde0df49ef376397d924566c96349d1de0

    SHA256

    47decc0bf37028b5ef88f6bbc4cc21788bbdbb029ddb74478c65d6b23a5b28a4

    SHA512

    bef8423e1b54eb33354b4937a97b9d27fb1b38a9c9a623ffff02a404184be13b2c3dc3d01730c2921c22581f65f84a671151945767aa38ada8bfc82e36c72981

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    5f6172706ed17f2d0ba0360f3217a372

    SHA1

    a8535dfaa46578d9e0ce8103f92523224c991672

    SHA256

    243f67da88ea73f6412cb7e1d9f96a012202fd49914e569eef9ec4fa26233c93

    SHA512

    2c1bf7007b634d41e279c85d81a01b7c51cfb65c32b7c0333d7ea8ef1de4fc0b8130ad89a963bb8af41a2a03730778689cdf492dca8ae5723d848bdcdee58b66

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    259fbed499aa076ba79300d15a872976

    SHA1

    8b417204fa739319a18432021115dbb4c19a8838

    SHA256

    9da35eb548c5e0afa5fed6d96f6a0573299a1ef9c76b7a46524ac32c60e2b4c3

    SHA512

    cf7f1605569e2c6d5d6d0ba80588afbe62adc99c660ccc7516029b43e3aaaf91b1c4b677ba12002d30128819478e78fab5fe599fb749943867edf044d8273ce4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    2a4b7048ae5b1b6608d80c9be5b8ca72

    SHA1

    9b317c1e28ebbf3c3c77efc72c40ca8d86eafcdb

    SHA256

    f22941e756c862ff750011404a0078b2418b202d6d94ab46675033721bf9f707

    SHA512

    e04f027feabd41453765e46df971cfef1eb73d49230cf1446e2da68408a213a6c1a232be93f29c3f90a67837554497dff7a9e7c1714c229cb0a56abbb36b31c9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    c65a2e9f034f12e5bbf5c3ff923cd2f2

    SHA1

    fb9c2bd2e0edd69f7e7eb779af08d6485fb78696

    SHA256

    5ff3234eedd3c87c4aa5ae7bde5eebe6f1f367257cf1c58eb0c790e848be1b28

    SHA512

    608f29a77a96ce1b84d37e901eea6652c8944fc0a42528e971b9d78ac844aa4002edd7166f500149446c77a32e1c53462760477eaed0cde569f21d6eee5d7350

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    bb2b49d52e5eb34ab185e624cc48eb8a

    SHA1

    c68c08b9a605d778149f7aac40692406fb23952c

    SHA256

    cf043953655336ccc41fd4d48a022aa622a4c1d99c3050e2744e65b3022d6dfa

    SHA512

    9c013a4ebe4e1ea51a234bffa4cd590f392146fa7d038034c6dd61be7f90c2cf9c5b1423fedbac39a0f77baf13d7abb9796c5cf44bbf27217291d4205c526801

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    355be96570d4f5af0def3295f25c049b

    SHA1

    bea1b65f7b1587b91c6687376ceb1e29daf0b2c1

    SHA256

    81d84dec834407e00eacd7cdf1dc0d75fd9d2b6257bf5ffca362dd9bb56ac410

    SHA512

    ea633dac8c0948bc58a840e4371022e8fce0f801b4b15833716a0f58d80d775944511bc6b46d9db059c6860bb8b628dacac6da21a6febc6b73946493acaaa355

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    67e1352a78a712bdf0177549dd5ae4b2

    SHA1

    cf9e88ffc0c8fd2dde604b0ae853f09fba6337cb

    SHA256

    1f470231ec9963212cc610b5649920d4290b417632593dc3509f8603e5c118f4

    SHA512

    37f2fcf6ec7e339a483548e576e20eed9e1866d35559787d529ce21eed7794baf21c6c3141244aeb1eaf542fda3e707ccfd43184abe6a7e66c7ed925381252b6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar28DB.tmp
    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

    Download Submit