Overview

overview

7

Static

static

7

BotNets/Sm...er.exe

windows7-x64

7

BotNets/Sm...er.exe

windows10-2004-x64

7

BotNets/Sm...er.exe

windows7-x64

1

BotNets/Sm...er.exe

windows10-2004-x64

1

BotNets/Sm...x.html

windows7-x64

1

BotNets/Sm...x.html

windows10-2004-x64

1

BotNets/Sm...x.html

windows7-x64

1

BotNets/Sm...x.html

windows10-2004-x64

1

BotNets/Sm...x.html

windows7-x64

1

BotNets/Sm...x.html

windows10-2004-x64

1

BotNets/Sm...x.html

windows7-x64

1

BotNets/Sm...x.html

windows10-2004-x64

1

BotNets/Sm...oip.js

windows7-x64

1

BotNets/Sm...oip.js

windows10-2004-x64

1

BotNets/Sm...x.html

windows7-x64

1

BotNets/Sm...x.html

windows10-2004-x64

1

BotNets/Sm...x.html

windows7-x64

1

BotNets/Sm...x.html

windows10-2004-x64

1

BotNets/Sm...x.html

windows7-x64

1

BotNets/Sm...x.html

windows10-2004-x64

1

BotNets/Sm...x.html

windows7-x64

1

BotNets/Sm...x.html

windows10-2004-x64

1

BotNets/Sm...er.exe

windows7-x64

7

BotNets/Sm...er.exe

windows10-2004-x64

7

BotNets/Th...de.pdf

windows7-x64

1

BotNets/Th...de.pdf

windows10-2004-x64

1

BotNets/Wa...al.url

windows7-x64

1

BotNets/Wa...al.url

windows10-2004-x64

1

BotNets/Wa...be.exe

windows7-x64

1

BotNets/Wa...be.exe

windows10-2004-x64

1

BotNets/Wa...be.exe

windows7-x64

1

BotNets/Wa...be.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    1566s
  • max time network
    1574s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    04-04-2024 17:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    BotNets/SmokeBot/admin/data/index.html

  • Size

    91B

  • MD5

    3c79360ae83ecfdf909a16cbe606b951

  • SHA1

    7dac957f1b426d257d11c8ffad85c4ba2faec511

  • SHA256

    da1f9d3c8cdee13dda98734237fabc708a983ef5e70dc9a6312bab87ff99aa61

  • SHA512

    31a55456f48c3fb787f0f4410004777e3468fc5cde4c2c2e2d4159e2a1b68e6c03fef5a74e70e106d93e8b737508c34858ba5e0b5cb39d7a5dd234d06f455c55

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\BotNets\SmokeBot\admin\data\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2220
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2220 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1712

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9b378a865f800166a177f7a04e4b2213

    SHA1

    28352ff97bd91c864f29911e27621b39894aaf3d

    SHA256

    1eb7ed993f87b57a08bd01a8c0ea3905740067190f85243f2450114a32f2f7f7

    SHA512

    5298f4bd8a4d10c17a8c9ffbd0e3a5bb536014d13a4779ed6ddc7d8623a02a10fbb7693f8d795275cf3dcae10c366d883d74bf0ef09f969cfe8b59ead2c84447

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c54cea56a3531e52fd4f36f5cf1d58f7

    SHA1

    9b9cc3485493882e556a152e5b036e287a75033c

    SHA256

    f0f063671e5d780049d07dfcf3fb98f3376a5536033e56a67e3e9063ddea689f

    SHA512

    c75cd48a83de8b8596800a95471f93cac966b7a2457e5d561fa18f36b2ee8e62ebbba3e4425846acc7f8297cfeff2435d23807f809ca68ec49e13501b7869e65

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    57f0639e5b187d3fc0f2787e335619f2

    SHA1

    c40072f15c36c47fbbcdd1f04a88db458e1f7fa8

    SHA256

    c97a766c4604ebeafbf2dfed3e9b44eb3119a1215e677c5d43d651da5f1801de

    SHA512

    fcdaaf462200ed8b8d6adde658514b40d59441fb2a728bdd93051724353c20282fc205d6f94607c1a70e07f33dbe65366e4ef4f6c0817a0be256877f10859363

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    012ef0ec2672ed3ccf00c6317df49ac1

    SHA1

    f31a6279ec464ba3067aaacf0ea61640d368a238

    SHA256

    77dec24234157b9e2c37fa21daad9e696d8f5895501a98d6ea97fc83467b27f8

    SHA512

    124c9f776a81aae662d32aa36b9d489f7a987587b583cc8bbfa539b501c45f8c1ed1036d72ee2da5744d639df2126854faa8585e07d1bf1e922c0326dfd42291

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4ac267303e4f2b6689ed3cf52053bee8

    SHA1

    49b2bffa3d7a16c620426c9071caa30d2f0c4b7d

    SHA256

    ce30a99a010f991ccf75d985cb850f191dac6804edf65df589c9300c9e40bac4

    SHA512

    738a6b7b427d518663220e33843d78747838e6added5bde198e829e17abc188c04568bafe5113bcde33d2b9c3f107fa34025dd41371d4cb66d1706bd3f7b88b3

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d36b3db58f7890ece03941b9ed159f96

    SHA1

    4ba18059e187a1f11e24dcda7d7b1dc642890d1b

    SHA256

    2175f14fd2722c874b7b4609a334a82d8bf482ede5bbe4df3de2bcc985e3c9d5

    SHA512

    3ff6d2ce352614dec978001501abb670a78e1e014d715a930a5ec8f86b4fe24a15ea5d04e9748f8bbf20468bf785bbf8dcd88ea112d6ea2b5b85c8252e2da874

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f2acb693e1d7f659bd978149cfdb1c74

    SHA1

    d8f57b0d7a6161dc27f73d22ec9913c3264ed69a

    SHA256

    bee102086830c811c330bafac6c99c52d2f0db5655aff14d77f416fb610b1a62

    SHA512

    cec340ef23a2beb19153ee84d26e1d9d6cc90aeeca0a1bd49de0caea51a7ed84286892c24755f0d4e7f07a890b328da5d75041c8a94361d08772b44209d6918d

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    377b6c9d1166d16cb9c0ce83441863e4

    SHA1

    4817c96dbf46ca20caa9c6344a06d6271ae7682b

    SHA256

    55b195678c3950f68cdeff2da6694d878aa3ae75cc96a6433ac33f49609e39ef

    SHA512

    5d071c4a1f6de2c646c6ac94e6983aa4804ab287d046cdc88956a826fe92bdba32395726a01b32762d6f0edf44badee0d9af18db7443f0b4dd35a32cd85c67e2

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bb77784caf11436657d3b65472680d9a

    SHA1

    db3073c4ae6b1fb2065e2f020024a431e5bd9268

    SHA256

    aa8ed708eaa7f12899649a2c7a965a4558624884853499945937c50121cccd7e

    SHA512

    c2ebdc10a9c8042d6fee4d56993ce4e98b6bd5513b1e43f537b160afd56187006ca934d5fb84a73d2da6410d6178a2031290d8df1911c0b4af8e13f9a548825a

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6557495fc4b6f954a108a7a698625827

    SHA1

    31938cac7ba9a88f8e6fd64775fd4b7ef7e569b6

    SHA256

    c07d8be594434018e3ad9af47fda83f8bda65aaf3cad73bbfb410c2f1b0a2abf

    SHA512

    6fc95d84a4676a17456f9f705647befd9e6f97a0cefe078d062c1b1ef4a690dec6fd9eb52b4898571407add60f2ba0b3ee61a5b81e9df5ea235e08ac37955db1

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8de348d7acb411862748132a6d65d85d

    SHA1

    019db14424d8c3514a2819237368afa6639944f7

    SHA256

    9e3f5345f6b6aeae8106189986dbd8cc20d0e038f9ddb0658e9e7627313a1118

    SHA512

    bdbbbba6cfa07949699f6cc2e3b102bce35b006c1dfd35afc79fdcdfd957e32c26b475732f9552ecc223a27c8e57ec4cd71e4ad3eef0952fa4c8729e31c77fc7

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    84caff3b8c899700477a876693dd3531

    SHA1

    4b3fe78fd7a799b0d8006c0272f8505b4d6aeab4

    SHA256

    cf81c9f4f3fb6971023b3af2dc24f6c233ee8a491cbf5701296e87eb1b077ce4

    SHA512

    9d88121810a5ce99c3932191cff007d77c690ba5e6a137d36c5c9ce5e05f426c2d902695aad11dfdcbc17f56c49125ba59b2411bc0fa042dd15155dcbb056461

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5deb81543f975599983ecd4f1b76d5fb

    SHA1

    4634d1037042f26fb4fe9c559196dcdde1df94ff

    SHA256

    f0c50916753b54f8ef5dd6eba88c88fc9146bb87afc8fd2356408a818bf6b919

    SHA512

    41d3c14ed8c4796897a9778d1a962269218346156901fff576759d8bff26946ba56341e5eb13d6f143a1a3fe1f7119ee3fce01702b1f536673bc6373f6129000

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5066b31e9f76db2242df7ef3da998081

    SHA1

    2ecace9fb18eb004415bb5e0e3dc0314aebab97b

    SHA256

    56b02d0f8486fe779406c52787aef34b988cea880eb2a3466473eed800c1ee8e

    SHA512

    89c94b1c43d6b4450652f70c4fbe91cfa751243931078eb2cf1fda43cefc10248e39df6920a4923417b8c5e20f1cc5354c347e1c5162d37504e6911017ff0609

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    07190bf523a9efa0c9ce780386c62ea1

    SHA1

    a0752d8da60b5c63ba8a97a5eace2f5a9bdf3e5a

    SHA256

    c45a0eaf136241268d4ce3107bd992dcc082539157a90851080d4327a721049f

    SHA512

    c992a33bc32802c9c0624134d96e5455d95cd8a30adc0ffd4365e1d08c42eb34f50cdfcf447b949fe17b5730ab08bb4f1deeae525aeab3e0c5676cccc6c70c22

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    40a8d7cdcfea4fc4545f90286561d03f

    SHA1

    ebf03f962e52e36459e6e09e78466d96aa25351a

    SHA256

    9ddeaed7ce00a49369994c9275526a8dba6ab5c0cd691fda94107cd01399f606

    SHA512

    aec708d49249e6011d719341dc17dfc36d19719ff761251f9c6a4483ba8ab1b8db82354161ead61dcd28a9b6ac74a99c85aa894e812a851bcfc36e7ef8d2384b

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5fc455154ab5cdc3db50b765386d01e5

    SHA1

    121f57c1bf977c7f31942f9a73fe70306c0b62cf

    SHA256

    328363fee6a9f8dbdaf11047f47061b146f9da84d05984197433ffbc1206b1ab

    SHA512

    c4b7a0e147317fdfafd39cecd6ee9fffaabc61a87f788c5dd943a8c499ebacdb9188429b1eb6e94444aa5474a2851f2ecff0b89b8317e1fdaa2f53d3625e4bef

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ee09dd14f4942c6d2d6d6497d165cace

    SHA1

    939064b07061c758f6b213c53f073f5877e06e69

    SHA256

    050deca5881c7ee11981fef25a366e7589495a5cde4700a3b8ec2c78dc1972a5

    SHA512

    f7cd58e6f50f256df4463717255fceafa4649ca518c413fda9587be16bd3d201c47f2cfb59c0ecf7ac9cc5aae900e50c36da27fda1cfbfc9061e90df8f3a497f

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6e6af19f7155f0c13fc5fe45c4dd49ec

    SHA1

    bbeab1db454e12fafcbaadb386069f8e5772586c

    SHA256

    e00b33769bfa78570cd232d02f2e565988ef1aee06190f6b1c91d999ff682189

    SHA512

    717afcfb22ea4be91eaa9412348c29c01fa5f4f5542d26af3b9d0af9f8ff64abd805e9bd047eeb44507ad8c18c3ce772e4cfdd5a3574417845fe7b2f77114107

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b5e9ce525edd5e85ce434326de64ec67

    SHA1

    aa81b816f8e193fa5cf1f70af43c572112f1ba47

    SHA256

    8f4891cc22d3127a973ebc32a129d2858a6a16cc90f472b11e52e6e092fd0038

    SHA512

    dc191c3c1ae296fd92435edd29813f7aa3c85356255e5ea6cd1c019dea64138f080e8bbb5bcad1cb60b989e1d6df7f8af82f4ec52ce617fe0c71be1ec2e636bc

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Cab403D.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Cab40FB.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Tar4121.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit