Overview

overview

3

Static

static

1

ad.asp

windows7-x64

3

ad.asp

windows10-2004-x64

3

add.vbs

windows7-x64

1

add.vbs

windows10-2004-x64

1

add_bclass.asp

windows7-x64

3

add_bclass.asp

windows10-2004-x64

3

add_bclass_save.asp

windows7-x64

3

add_bclass_save.asp

windows10-2004-x64

3

add_sclass.asp

windows7-x64

3

add_sclass.asp

windows10-2004-x64

3

add_sclass_save.asp

windows7-x64

3

add_sclass_save.asp

windows10-2004-x64

3

admin.vbs

windows7-x64

1

admin.vbs

windows10-2004-x64

1

ajax_select.vbs

windows7-x64

1

ajax_select.vbs

windows10-2004-x64

1

axingweb_z....0.asp

windows7-x64

3

axingweb_z....0.asp

windows10-2004-x64

3

by.asp

windows7-x64

3

by.asp

windows10-2004-x64

3

class.asp

windows7-x64

3

class.asp

windows10-2004-x64

3

class_co.vbs

windows7-x64

1

class_co.vbs

windows10-2004-x64

1

class_more.vbs

windows7-x64

1

class_more.vbs

windows10-2004-x64

1

class_url.vbs

windows7-x64

1

class_url.vbs

windows10-2004-x64

1

class_url.htm

windows7-x64

1

class_url.htm

windows10-2004-x64

1

dig.vbs

windows7-x64

1

dig.vbs

windows10-2004-x64

1

Analysis

  • max time kernel
    137s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20240319-en
  • resource tags

    arch:x64arch:x86image:win7-20240319-enlocale:en-usos:windows7-x64system
  • submitted
    25-03-2024 18:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    class_url.htm

  • Size

    2B

  • MD5

    81051bcc2cf1bedf378224b0a93e2877

  • SHA1

    ba8ab5a0280b953aa97435ff8946cbcbb2755a27

  • SHA256

    7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6

  • SHA512

    1b302a2f1e624a5fb5ad94ddc4e5f8bfd74d26fa37512d0e5face303d8c40eee0d0ffa3649f5da43f439914d128166cb6c4774a7caa3b174d7535451eb697b5d

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\class_url.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2112
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2112 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2208

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    65ba3a8af57f109d4caa05bcb1379fc6

    SHA1

    46bad937945bc6cdca0d45512aeabd157bbedb90

    SHA256

    2793497c3db327edb6008bc3f19f065b5efe62e0c345d2aeef95a8bdeab327cd

    SHA512

    a44c787b83da380692b51ce60bf3e215c4da9303a412255bcce6de9aa3dd2c9d4cb1057d728be8e6bba5a50e20de11bb6e2e31ea0e4e857b98380142124d8273

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a9c8f21f3115d0feed2081c13c33f475

    SHA1

    e50f81ae9031f4357e043b019a66cbf5fce3f00b

    SHA256

    aec6eb919fdd997d2723ab6457f02c906730f1708f40bc43b7240b40575ccbdc

    SHA512

    b92de6aa2692a7f771bd838d288b6781833d1b11da6befa6ef8a3dc55608550bdd65bdc940ac3d9e90421042481108a13e0c802a5ee714128c2a698028b23a09

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b4ae8bc9a35a4799ab95f75d808e5475

    SHA1

    80d6748b5c0d098f87434120f63672840664d822

    SHA256

    4568d1d7a95f9e9d0f9856df0c9babd24cb0439b6060e471c59740f53d00ceb0

    SHA512

    734efa4350e89be861b91a81e3b2b1d36958bc7a06e17b01b46e77a6658b3623de8403202da1dbaf54bf8c36d342722f328d9e6ea817763bb98f6de2ebe35614

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6f53df2cc2f95d69201a36863a7afd18

    SHA1

    7e5411f95b63a188471a30a3cef7a34678c449bf

    SHA256

    c824654083f2627d2a51b5e979549ae6b2a6eaa121a59bbaee9c17940d68de78

    SHA512

    2c4ee7697c75fdc28ebcba7053d6d6c6892419f628cc36cac7c5f8b835fd559601f47520255e9ed3faa70b8ec0daaaf987666fb89cbc4bc2bb27710e1225c4dc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    02acb3b33c7a8766fb3c96acaff051cb

    SHA1

    9bf1e57efac3f162aedbee5c2069c85609d78cc0

    SHA256

    17b2d33c466d9fb8d3325e295c4d9b5a572dbb297719762592b3777dde9e954a

    SHA512

    09da75654370ada2a3225e24e43fa123178dd2bbeb03201b08fc6d156849122f0fe90ed54962486840a6730187beffef8577e8779d24c14dce50424ab350ccfd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ffa0e1ddbadf54db56badf681bdfc06f

    SHA1

    0dac8cc552ec8fa2e2e437ec0ba30c138ad4c2bb

    SHA256

    7df5759232cb24babc228f840744c331bef2707f887b8ac845003ce69cc91f43

    SHA512

    9a86378fd0678f2e42e7dbb4be7dde9fb6b71765ff978ee4ed596f08bec3b4b66926901b1b73f4b5a6992e519d1c208cdcd1d00dc0890101e19f0af6dec8bac0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7b82bc6cdecb14980025fb14b3eb7855

    SHA1

    fe0d0b2c84367d4f8d3573329c27a5343daac28b

    SHA256

    cce1b90d7a45e3ca8488b763ea6b4a66d37f8bce9640177439ced532e736f2a0

    SHA512

    28c5028c251379a1675ff51de9a661a8022ef32212616327c8387403cbc3e8e8afea01daa3f32b92ef309148eab4d9cb575cfee5ca958f61135c7774e78f0710

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    863b952564fc51e46dae2ac49f45127d

    SHA1

    4d786ce6c44782d8d4ac67cb3d90fe0bdde4d0e0

    SHA256

    cf4d0f1a306aa1502b15f081d6c58de76c0a12555e264fcdfab4d6209038909f

    SHA512

    ad121bce62e08358050be897bbc01a3ee7d1bcc13d1826761d5a7ee09f5d48d6bdc92ea3c1837e57889ef651572ec45a79dfabd2ef486b73a977805fe4c9dbb4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    198bc7085678c8f3434e0d90c8cddf30

    SHA1

    43d1843b621de2fd9a1b12d8ceb98908116c69fb

    SHA256

    ac2796b200e23f5d0244edbe0ec713cac896dc1c776f64d1f44b837d10237745

    SHA512

    8bc36a672e78f854a0aef25414629e3f81288f4b10c7b8938d67eb9ebad3c7363d753ecc32f6525d573abb2dd7459509b51ffba8dce5cc9ab7c41162f3f748d2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    80588fa51068ad43d70f8776bbcc3f10

    SHA1

    8bf21e819d623043b3023da4c1c69bd897a87d0d

    SHA256

    16836c9f460f4ca623944f9bd8dcb6753f83cd9675e145c52f557eafeaee0f2a

    SHA512

    b274cdd9993f0cc2bfad6f4c6bd6a646e2eeb5fda95fc60cac28d49971d583f2da5f0776190d77c00f5bc430ef0107887a1b4e47f55e4e2955e031a057c5cd66

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6bc7b8e43612edfbe91f06eef5b86a97

    SHA1

    f45ca3f64d7060074aaa038be9efab11c4abbbf8

    SHA256

    d7858c206705cf6447d35a034493ce0e30c3aa25d8d51b614d70b32eac99d021

    SHA512

    34196a4360df67e061181a85602fdc9d7fc9e0c6aa6c0d966c1560ffc488e423c5151fa01b27e1ac917fd456884cac52df96783ae3d515cd0d137f20d57e97ed

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2b0897cc581a9f66d0d6329420d149d3

    SHA1

    ca1366b221c67a2fa66b9ccd70e460a8f1db0342

    SHA256

    e69b9f2416a4acf017f9295ef6b85813d8377f674d6cc14142f3740393b48b25

    SHA512

    faebb1318d391472afe328ec28632fd4c00961cb4150599cab8208e87439ac72eaf7baf42a9848529f1ec1044d11b4ab19339ce0186a8f410c4b34625cfab2cf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    68cda33899efd8d94df8f818f004a434

    SHA1

    56053a303a6e7f25d558ee5519f3367e7b236639

    SHA256

    e8f30672e98241323eb87b48ef036789579e8a0ded631eb0878b32a07fffabd2

    SHA512

    72cb8ccdf059a28008eda65d9e9b3b2ac6b0c388b90d3ff7d8e3b35261e1084b85405faba1cd6e9c67cd809e9ffc5cb80e22089ae56e6ea7f747ba0eb59301cf

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6865.tmp
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar69C1.tmp
    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

    Download Submit