Overview

overview

8

Static

static

3

IDM/!)ж.bat

windows7-x64

8

IDM/!)ж.bat

windows10-2004-x64

8

IDM/!)̻.bat

windows7-x64

8

IDM/!)̻.bat

windows10-2004-x64

8

background.js

windows7-x64

1

background.js

windows10-2004-x64

1

captured.html

windows7-x64

1

captured.html

windows10-2004-x64

1

captured.js

windows7-x64

1

captured.js

windows10-2004-x64

1

content.js

windows7-x64

1

content.js

windows10-2004-x64

1

document.js

windows7-x64

1

document.js

windows10-2004-x64

1

welcome.html

windows7-x64

1

welcome.html

windows10-2004-x64

1

welcome.js

windows7-x64

1

welcome.js

windows10-2004-x64

1

IDM/IDMFType64.dll

windows7-x64

1

IDM/IDMFType64.dll

windows10-2004-x64

1

background.js

windows7-x64

1

background.js

windows10-2004-x64

1

captured.html

windows7-x64

1

captured.html

windows10-2004-x64

1

captured.js

windows7-x64

1

captured.js

windows10-2004-x64

1

content.js

windows7-x64

1

content.js

windows10-2004-x64

1

document.js

windows7-x64

1

document.js

windows10-2004-x64

1

welcome.html

windows7-x64

1

welcome.html

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    147s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    25-03-2024 16:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    welcome.html

  • Size

    3KB

  • MD5

    dfcfd01cd1323e88e3c96c5249193f0e

  • SHA1

    7d9969970846c9831d4e158c75db86b56fdb1c89

  • SHA256

    871857877cf47972d457bd74ccab05da31cc58c9eb0471a6e15b97b7d68b8a25

  • SHA512

    cc101c59af5251287c8597db89dbbb90c5323d247bbd4d76b88c2219804d0a77edc180193ac0a13fe9de8a601a1855fccf03cb2b055a6ac902307cf59386c5ad

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\welcome.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:920
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:920 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2832

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    af75d39a11bdb636165710f3e1087a30

    SHA1

    4d5dfaaa0be84501eafdb927920566d02075ae93

    SHA256

    2d6081a8fc07058a385d01f7a31b8ea433dd56f4e854b9eb17539aef7e7fc6ba

    SHA512

    909b9fa91bab96d5a8ff6056c786d678ceaf80130f18a9fa0a2e1b89bd32532dec180432979d5eea65d3d4b26129442fb99d5e31a08b7a0a7d28970b326e0b17

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5fd38c8bdf3eb864eb6495e06b9b8b9d

    SHA1

    4df9f1c29cf6dce2461a1c7a49e34e3bca1407c4

    SHA256

    368ab4293fb08bce178a8bcf4f505e7c0e637ca873263ede0eb479c666b0c4d0

    SHA512

    2995b80cbaa09a3819f35176f3dde424f3f0f69d78cd6923b5c21abe4d705bfcfc47aa469614f74873ad2dd2c1badce90ae5a0022a7309222bb82d4946540157

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    da345573960beb590ba5b73eeeca0d8c

    SHA1

    763eab500f3ff0bdeb8ac5091f4a5ed87de07591

    SHA256

    1261482413a0e9ef783000d2f5dc1df6428c5ca63da308b39923ebd09bbc5f28

    SHA512

    ced7660934b3c883659a5ea7bdda5b5b54173231988aaf848b371c1f2f0bbd05060cc51e228e8955e44e472b00777dbb948dab359dbb4d8d5be7e0f47b3866ac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b2487385621c6e298d1e3ceaf1c9016e

    SHA1

    93360257cd859491eba9eff9edc4e5adcc045185

    SHA256

    36f4b41de4d8682293ea3c5d09a92185f1fd4da57cb16089847858ecfa76f1c3

    SHA512

    41c8c94162553214ced69166c69b4d54e44ef5496971af8879e7ffa54687c7b391504445d93d579e7f88a864dac8aa9f5d9190a4f557dc8de21de48100039873

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    696e879df096ea00192bd40f0eac27e0

    SHA1

    9aeef7238ee9ff6a3ead5b8b1f4462e52e4b0884

    SHA256

    3e0524f2554bdc75e7b519eac84bf16af208daf8b21e846f6bf656d8dee46f1d

    SHA512

    4fbdb02f0346ad41e9c466d98688b05e4339ad9f09470406f7432c3cbc2f1012862a6530d1dca6ef407c25182804077f101a76715c94fe6769eb477479cc59eb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cd3e81daf4dba9d01f6d4018f6cd4bd5

    SHA1

    2c194aa8e630c2b2de1e4942beb6d3563d74a504

    SHA256

    9d6505018310856d63ff792341c82dae5c3ecaa79114e0000cd3a3478918b907

    SHA512

    c84707b159f9496c91dd3c7fe4ce52dffc562a69c4597c8cb08c4bdfe30b4814d1a74b2b8c48da70da706b09f80393013805893866ca2086aea728ccb3218ae2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d7f37122db8a39050b8bd85dbfd187a1

    SHA1

    cf4f6c69d1e0552d6c520649b45f7086f6fcf993

    SHA256

    99391924143420a5d3a7dc405c28bfe71589ee9b1c068276d98bed74a9b09dff

    SHA512

    751551a70a683af703213d9d79fe2930f331cd0e2ce411cc495601278606c1de795a9ec6ff81e5ef192e476970652e05b39e2a11e869dc777ae5b6135dbfd5c7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    50a7b395ef7026cd9d6f8bb6cd22d15a

    SHA1

    3cbe2850f4b74f2c038568d9b6a4b10840b1cb41

    SHA256

    df1a21e0dd3b2c0936d5c993f55ed8c2631c086121c06b825f7f694084e3982b

    SHA512

    13d9cb141e467cbdf7801c2fcdea8a86795f88107a8f6b6bc4607eebe6fc49c873d9a45179c5f094aaa345bff9c5fcb2e56d0df9a7f0dba4945e620a1bf5079d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    18812524c9d7ff17cc4bea4deb58bbe1

    SHA1

    a679c2ffb62b4227cf67e9b2f05b1fb92df934ff

    SHA256

    308e0c1a2c671e591cc98104b840604b8c808ff41d8e8c5e0e56f3b6eec6df5d

    SHA512

    b7792e5b44a4f7380b6fd92aaa93890d9bb589e9e22d81beb78c9b976f4a768f56d2f135154bf9e437847225a935931fb655a5d07fa377dbab701ac222ce31be

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c968dd4718c92105efcb327b3287ede6

    SHA1

    fa68a0114a1c4db59613ad04d7b61375f1a0c82d

    SHA256

    b26225b927431b9020bfe59d8d4c88242230709ba6ff709365eaab7a79d01ed7

    SHA512

    7b1152546e68b4c9a172d9485f6205be2c78c1447646acadf407ba508b193ea3eb1964be44f203738df671c48680e94f6faf46e7e415cfbd5a00f3545584577a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    490fe6bde2bf50a8e5a9e2cfd8e05afe

    SHA1

    216ee05e28f14a4e25a22232badeffa5c3f2fc8d

    SHA256

    bc011ced921fd3667ed809653329c38cb003eaa56acda1aa5b646e2a06bc72ff

    SHA512

    1cb62e001b7c2fb0537726461ffa6d1c1e4c94f07ac315aa793871aea349d1a20ec991014030d14dded9bf9a097d94adb813b8808e18ce26f1831823408e31cb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    46f738d905a0768f5b1a9e1107b449ba

    SHA1

    916bd21ef34b6cc217af8517688132559723cfd6

    SHA256

    198a623da5ba58fbc02aa50d0b1c7653fe9f021662756804a0a6e713ff9e146d

    SHA512

    5098b72d77ea2f38e09d5cc3c9d3af2dcb1e0630f63258c3d1e56c902107c45496b48856956ccd3f3ef9cf8f2fa9ea2e91962477e7692e0ad31de7eb3ab52143

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    02ab7a7a20875904492a794da0da06eb

    SHA1

    d0b72d7ef5e0c07cd7637d6b0d625f88f4f56869

    SHA256

    1b472c744799b6aa8eb5bcf7ae98da058527b5f7539ab11b9d3ecebbedd05587

    SHA512

    cc558c7f1ece24b45bf24eb7ade57b2a82b7fd7b964c69b46e88d5c7a6a7c1138a5bf29a878adf6c9ee53fd914f3752d55572c7345a9c9906b4ae173a9f49748

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b5fc481387c1e29f9602d65b3bdcf9bc

    SHA1

    82b4b346720dfcc3923f17508d1aa2ba13012101

    SHA256

    b0127fd4d7a6c11051fae296c7300ac689ab60653861d3866fcb2f1d652ea6f7

    SHA512

    328019ff8530d261719405b0cfe8ef50e763964b2116f00e1fdf264e277317a522807e932880090753324f0b188a75a39e0d66eaa0f0e7bb3cc84890ff87604b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8a458ab896a68d09657fb4c588fdc171

    SHA1

    a26553b3e5e5ffdc57a4ab0d75e5e192d4807ea7

    SHA256

    fc12ee20f700ec6d0f38e244b817cf91fb574191cce0963c30d84f47c4d575be

    SHA512

    16634e8cf99fc4a42caa410049ecd74452b4da6116ed4c4749d576e456f51e462a82aceaf15591272dc39fd96821b5f162086e65482c3be36611d8768c9085b2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    20440daef47e5782306abac0da72d94d

    SHA1

    c15699f146bc6d5ccc5c2c19bc95f2dab145a7a6

    SHA256

    082ba3d3bf9a05e83459708d3073e51a83cfd7d3e4e7a959a52c4d892988da2c

    SHA512

    784aa3101f267d659ce91712bcc5d981c9ad0d4271b3156bfd3f23bb389dd0037f0d411c4f5d85d9eb5dff4e3dc6a935967335d6819a8e747768ea3116ce10ce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b2ce7f809679c015c79d653a9b147832

    SHA1

    21b4e0270752f1b4799c2e4e45b15bf618ae972c

    SHA256

    855f924fe5247d6710f902bd53880c420a3e00f2cbb9bd95d8242fa0041ff6c2

    SHA512

    61b075f277bb61dbefd728d7f755bc1855754b77d3ae541c9c68809e5d3a49654e06df520b9212d0d6885ce8a10232c792e0c725e159faa11c17481d4f8ae4fe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c6ee71ad997de5c789ea5cd85dd8dcb0

    SHA1

    bba26c92c0a68fffa7722b54dabb47de2016209f

    SHA256

    58d3d703190a3d14ec86336cdcb7482df438a5d12ccd421d8187189d15967c43

    SHA512

    0da546e4d623cb545858151c6cb63bc9932829bf2a827db30267cbf74072609781767ffcdbee4bacc34f695497ef8f7887af8c58c2a6a63212e0806ce78f8ef0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8af4851e2f589c699180050ec8b50bf3

    SHA1

    2fb34d69816dcd39e8fe3c4f6dbfed35b891aac8

    SHA256

    45ba8101978325f0136d3d1c5467633322acf64cf5fc44877a0b09f5135e2bf0

    SHA512

    dd4a01f049bae521c3604f69415bfa6cb7fc6f895244cf9f39dd53900934ffdf84eedef6f650cbdd68b7a9b7c150503cda3d69d2848bd77a4245ee93ac5db187

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6D35.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6F32.tmp
    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

    Download Submit