Overview

overview

7

Static

static

7

BotNets/Sm...er.exe

windows7-x64

7

BotNets/Sm...er.exe

windows10-2004-x64

7

BotNets/Sm...er.exe

windows7-x64

1

BotNets/Sm...er.exe

windows10-2004-x64

1

BotNets/Sm...x.html

windows7-x64

1

BotNets/Sm...x.html

windows10-2004-x64

1

BotNets/Sm...x.html

windows7-x64

1

BotNets/Sm...x.html

windows10-2004-x64

1

BotNets/Sm...x.html

windows7-x64

1

BotNets/Sm...x.html

windows10-2004-x64

1

BotNets/Sm...x.html

windows7-x64

1

BotNets/Sm...x.html

windows10-2004-x64

1

BotNets/Sm...oip.js

windows7-x64

1

BotNets/Sm...oip.js

windows10-2004-x64

1

BotNets/Sm...x.html

windows7-x64

1

BotNets/Sm...x.html

windows10-2004-x64

1

BotNets/Sm...x.html

windows7-x64

1

BotNets/Sm...x.html

windows10-2004-x64

1

BotNets/Sm...x.html

windows7-x64

1

BotNets/Sm...x.html

windows10-2004-x64

1

BotNets/Sm...x.html

windows7-x64

1

BotNets/Sm...x.html

windows10-2004-x64

1

BotNets/Sm...er.exe

windows7-x64

7

BotNets/Sm...er.exe

windows10-2004-x64

7

BotNets/Th...de.pdf

windows7-x64

1

BotNets/Th...de.pdf

windows10-2004-x64

1

BotNets/Wa...al.url

windows7-x64

1

BotNets/Wa...al.url

windows10-2004-x64

1

BotNets/Wa...be.exe

windows7-x64

1

BotNets/Wa...be.exe

windows10-2004-x64

1

BotNets/Wa...be.exe

windows7-x64

1

BotNets/Wa...be.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    1798s
  • max time network
    1819s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    04-04-2024 17:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    BotNets/SmokeBot/admin/inc/index.html

  • Size

    91B

  • MD5

    3c79360ae83ecfdf909a16cbe606b951

  • SHA1

    7dac957f1b426d257d11c8ffad85c4ba2faec511

  • SHA256

    da1f9d3c8cdee13dda98734237fabc708a983ef5e70dc9a6312bab87ff99aa61

  • SHA512

    31a55456f48c3fb787f0f4410004777e3468fc5cde4c2c2e2d4159e2a1b68e6c03fef5a74e70e106d93e8b737508c34858ba5e0b5cb39d7a5dd234d06f455c55

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\BotNets\SmokeBot\admin\inc\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2084
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2084 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1684

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    da48eda0828cde227766c468ba8e32f0

    SHA1

    3e6d2890e37a023a1ff605285d3be99131b34473

    SHA256

    501f2893d92b1c12391732ded4e782d3838d2d1ea48b5570c177d3809d5c3fd9

    SHA512

    6cc11764047f4e0bea0bc20bab2bf03f324a30a736e60e6110b5e4515a36cf3bcaa3b2e20825249f6a1b7520936007b6d593d15aa6f7b114d2dd640125bc4d3b

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2582ab407862ecdf5e7200207eac7ab2

    SHA1

    31b6aeed09200bcb616e399fa15aa6d5367e184c

    SHA256

    3d7f51ef2861b7caacd9fff8265bea9042dbf08aaf7d0f112b1976c69e80a200

    SHA512

    419f71cc7f175cb7634c46c2f83299597585b85b1e6f2926dae7734bd363fdaad1353858e06f36cec8d7ccb0517ed02f148784731e3ef0e5f868735b317e88fe

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    be9c72c7a5a01203692af03e9d38fb60

    SHA1

    37805e4a153b8152360094b644544bce0872e104

    SHA256

    3cb72c661e0b331021da3e6d4c8c15400887ad34d2d8cec7cf116fb3b8bd4b6b

    SHA512

    13c63b5c1ac2380bff97f946602043cbb4248a17e38c47ea0db3dd0bc88ecfc03189f31efc49bb27d42deafa11c88074b8a1b4876c511c1f0333dd4ea8588f27

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eb88d88507db21d20e74a7071c1debea

    SHA1

    68c74cfe256484237f4262a7f8ed9570cbfc096a

    SHA256

    b523a3513ea8ff83e4a1b318ab755eddd7ab866746206de885a31ad75e981fe2

    SHA512

    d7d23a7a6eba922809bc6c3c489483af8b0a2677f23788f5108b8376d4ef8afe0671ac3fb3d2349ecfa8a9c92c35065f29203e270ce963a7a239f911c317d699

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2f3ae421b1c71f97338d503358e74321

    SHA1

    6746cb53800f3f4e365ffdac3231f9aada3b640c

    SHA256

    56d2f9a5ca968caf58294e79eaa616ee67c0252bc9b61fd40e12b3590aedbd2b

    SHA512

    51ea1ce64b95614db38def576f13a02cff7ac269c5fc27570506d770573e38f37b0b6f1e306795fea9daf359e56c87f6cf3dad47e5483b0c1a04c8ca640a9b5d

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    94c44952a68cc93ebaf95b86d62a3966

    SHA1

    566dfca4027ef88012fd9f758db3013ae6fa595d

    SHA256

    d42a95cba603748d3aedc1746d238afdeba81b30ab1908547eaa9b12f27f3cd3

    SHA512

    677970245a1f4f70a2c72db52da0adeb6eb7cc60e921d2f20e97c538f0574f3785d2d328a177b1eaa84df2a8805cdd96663e32177da9b5c18193343496fb98a3

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9123898326f8d231e5b3f373d9096028

    SHA1

    d71405765fc75ac8fc2edd568bb97641a2254536

    SHA256

    9374ab76527b5d6447fb711a7ab2c92124114ad63004702956d9320df33304f6

    SHA512

    bfcb3021a933f5953a928fbd86c13ba6fbe9644d81acc75288d8907f3ddf00fdcb0dbea499cab68f98c29a1b5bfeb54b86c525b1dbfb731982d40e16a4d8b6ad

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    df732ab1a64cf0563d60ae62920d57a4

    SHA1

    383128a72d50bd74311b3275039b1aee53efbadc

    SHA256

    5a11a3562e483df1244fdd7ef40c694c5955986974363b4bfa4a3d2797ac6c7e

    SHA512

    f5fdee84f32e338d35df8d3e11b46fba69d1c781407096dfe87b2d6954a09106cf8dc6f5f832bf4665e1cf7637e7c97511a6d9dc30ea5877a68665b7002080c0

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4be64095fb518fd63ec5876fa0f12401

    SHA1

    564a70402e45268bfb81b174c2bf1afd6108cc57

    SHA256

    072c7c213fbbc124f1f648bc02aeff439e503fcccb9848c0f30cfb858de6cf48

    SHA512

    7a4aedcc342a52443699da7ebb10f4ff749fdd98e23b6eeea0ac34acbba960c1500409249ad83ced2d178900e085be0d81a5b00e39f281612e2c8db2cbd4c271

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6c1aee0d38177f8b0666618d0e20eb43

    SHA1

    40f848731ed1fe07be6046dc16c6e9e7a4e9da13

    SHA256

    82fee4df6b59cd496d56eb0ef1f4ec3f307edee88e67839473bd64094a064283

    SHA512

    84d8c76589e5f60b3e57316a4b47852ac1bdd5b98c6ddfe50062fe4fc03ca722fa6a12a17bdc9df2aeaf70f846be17bd7aaeebd83c4f1cd218c9b50cf6f7b4a5

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2111864339d301803a060fc6268bf9a3

    SHA1

    687764f1e85c0485b485887d607c75a490065506

    SHA256

    0f1bdf4d5dfb2590807857d53e32610ade597d91075a3a691dae7fd6dd2e32fc

    SHA512

    fe5946b2f70f005bf0d7e377c0f3cc8bda3e9500b09889d47046d56d5c97ef84cb6d3111db08aaa70213ffb2b1a3e6b0dd39e6b285c937ebe31aa012ef5ed81f

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9fecc15879f985f9fafee1290002f495

    SHA1

    49e441920cbd1d0e70674bb982574cb183e2bd5e

    SHA256

    f3dc0ad27bd240c0c058436639d8707a34bf4eb0864a7666a8c424ced7dcbd1b

    SHA512

    d24e866e31852f06b3512676d1ba9a375c317106c88fad3fb8531c977730b1e9b07a0b14eae33b7869f8b9439f10ca2c530fb30f6fe5d486a77c23f71fc52169

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7742312720299645dfc88be8bd5ec19a

    SHA1

    c3d483d01b56a75adb3b11ba37296702c488686d

    SHA256

    3cb8cc63de7dac78a392c57412965fbeacc3cbe9c782d768d7b94e86a24e9668

    SHA512

    8e7d7555c5dcd04db983d72c0bf3e3ee8bb257274be8da360baa2a2394440f8ec8fafc7fcd2300b76a88b460a54e04965c9a748acf9150c3732c2d16ef9aeeb0

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d6391ec1280a3d20974b7290e5e12e6c

    SHA1

    c409522ef9a6e44f9833a65ca0c2bc053dcc4aee

    SHA256

    a9770f451b2e04c0fa0cbd7c0fe68cbe89b5d4a8888cc0d22dd51999740b70c3

    SHA512

    28a9839208763bc8456cd2b1526b4c1792aecf0f9361bcb11fff986223f1d6a8ca7fad86b7967e2e4704b4bd11e6bfa9bee7ba5d1857126e196d2e036f476c34

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    12b8b6fa76955e871bb11f1270a90476

    SHA1

    96c2ac69b94f8fb88b9723a9662c037d701aa962

    SHA256

    b69b2e7b20226fe149ea2e4c0670eecd4ad6a43cac18ca52cbed2af32bfb7605

    SHA512

    97bcf0ad3f1e7259e50a735091f9b19fee071298347144a4c3f54c8abfc785a13dd98b47d9627985fe114286f5e44ac42aa0aa2e292a28e770f9df6dd7f24f95

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9374562d63e34bf6933ff8a0b3d0877e

    SHA1

    8ca7fc8fa8dafe8c418ea2bf775fd4410bd9991d

    SHA256

    5581621636e4caef6a75e83257e7ef95f8947aa2d0c504f0fae6595f73cd6018

    SHA512

    7e6a8627fced9cef13d297c647bc9b5f3cca7e2d1c48944e1e5e5861489ee0038869eb75b8f30c0ea660632d53bc7bb2a15adc28f455636180e02b05d818586e

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Cab54A6.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Cab5594.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Tar55D8.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit