Overview

overview

10

Static

static

10

www/backen...ate.sh

windows7-x64

3

www/backen...ate.sh

windows10-2004-x64

3

www/backen...ler.js

windows7-x64

1

www/backen...ler.js

windows10-2004-x64

1

www/backen...ler.js

windows7-x64

1

www/backen...ler.js

windows10-2004-x64

1

www/backen...ler.js

windows7-x64

1

www/backen...ler.js

windows10-2004-x64

1

www/backen...ler.js

windows7-x64

1

www/backen...ler.js

windows10-2004-x64

1

www/backen...rce.js

windows7-x64

1

www/backen...rce.js

windows10-2004-x64

1

www/backen...der.js

windows7-x64

1

www/backen...der.js

windows10-2004-x64

1

www/backen...ice.js

windows7-x64

1

www/backen...ice.js

windows10-2004-x64

1

www/backen...ice.js

windows7-x64

1

www/backen...ice.js

windows10-2004-x64

1

www/backend/artisan

ubuntu-18.04-amd64

1

www/backend/artisan

debian-9-armhf

7

www/backend/artisan

debian-9-mips

1

www/backend/artisan

debian-9-mipsel

7

www/backen...er.ps1

windows7-x64

1

www/backen...er.ps1

windows10-2004-x64

1

www/backen...l.html

windows7-x64

1

www/backen...l.html

windows10-2004-x64

1

www/backen...p.html

windows7-x64

1

www/backen...p.html

windows10-2004-x64

1

www/backen...e.html

windows7-x64

1

www/backen...e.html

windows10-2004-x64

1

www/backen...d.html

windows7-x64

1

www/backen...d.html

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    06-04-2024 20:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    www/backend/public/injects/html/banks/ae.ahb.digital.html

  • Size

    92KB

  • MD5

    a21403b47f2c49f472a261098338963e

  • SHA1

    b210c8b1a4929d20b46e6b1df69a64401f47c027

  • SHA256

    f5bd0ee759cdcbf723c35be37558d656390b63ed505a1c1058156dff83f18dfb

  • SHA512

    29baf9fcd94eac183e38870df80bdf984a9b77e35c82dd6cddb3ed076eaaed52e2c44528c9e7fce93fe6217b29620783c73d865261f9fe6c296bb8200264a9ba

  • SSDEEP

    1536:eD/iZdq0x2Y93D4Kys5f40x2Y93D4Kys5fG0x2Y93D4Kys5fo:RRRhR3Ry

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\www\backend\public\injects\html\banks\ae.ahb.digital.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1976
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1976 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2868

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    f18cace9fc8a59082cec76d87b39b622

    SHA1

    2466c2c3e849f4f92a74db97e710f559dd979bd3

    SHA256

    155a63622f381285bf5c9f4bd3ec8b5524acdbed33e2109f9dbca6fba2f69b48

    SHA512

    04702b5cf9ea30353e4ad9d8f1c0bde0c49e41f623c6e50841a3a8006896054c5e81330d13eab2f28b861eb218a58dfee51b02c21f9017c57f77b03ea0b5cac3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fd854d2a6c6d84fcbb0ac91b37f8b081

    SHA1

    bc94759319ee041d58c35c397af177a631e57a95

    SHA256

    e1b3d7937f90b801ad2560b038df22a988e3c8504063552156834008ef9a3802

    SHA512

    61d5f81ab574a68e0f94c8046e18e949e4406afbcc6a41c36940604a197512a1852d296269568e7effc0d00c42f46ee41d6efec3fcb4654e055bf3a9b482be2c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9a14e2b91c91306d9925caa6ef463d1a

    SHA1

    db06c8f30b3a6218d39c193ba053710daa403a9d

    SHA256

    628f975dcc50549e3e8317d0f990f9857186240e6fadfdf36a1be0b17df35a51

    SHA512

    8349ff9d057b6d033d8d4992fb705a2c120305e219fd52ef91acbf0eee93ab821d9dbc3187637ad9f3f4d1d0bd672364959496bd0309c52ca023aca0e8beab36

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ebbcacf5dc88645d1793096c88681232

    SHA1

    3a44a5cfb359b3c5ce57ff033b2e526af8fd7e3c

    SHA256

    1538db594f73d3382af4c1408f85b783c6bab24b02c7b93027e84933e7f272cf

    SHA512

    f8aa2f2990ab0f24b736af023a4837e55195ed6c70ca903d2e920b76c48931d2d1d50e0746547d684ed8ad26a79239e3a1034e3e0b439fac9009234269102d80

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e51979830171b5d7a119842ed42c6112

    SHA1

    b8b1924843b74ff865235061b10e4cba28f4736b

    SHA256

    8145bfb4e6427888c97c788e455d615963cc5600293741202b582be80aadeb95

    SHA512

    872dcfce5535c7312e206e583a2a8e0a9fb42f697d4c08c038d5eb8c0d01c4b473cd5fe304ae2451af7a5a8cbbe75a2a0c177ce3977057213a00b372b49a5bda

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6d1282ee8a69629edee279513d90c6d9

    SHA1

    80a619f38382c9aa9278e54c36af2e62ba342ce9

    SHA256

    5f06cc0f8db130f705c328ca84bd510af00dafc3e5e0d5d504321d90d3bd74bf

    SHA512

    555f1af82d20497113408efa4355aeb1db5cb57e02579386d91284e1f6612034e1e0df20a3dcbef40c22566bb0f8bdb8e5905b0b5466bf1d35e9e81232b2f3e4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    53908fcbd2550592d195fca366404565

    SHA1

    6f63572243ab75f9b855b3d9420e7ac5c6d2e4ad

    SHA256

    19f2021db86a95b22423728c59929b3dac387ea7ad570b20881c420c6dcdb401

    SHA512

    0c07a9ef06eb97dc8b958b5857c0f6aac3779c83c232e45c74d7c8157e1b0c13f6a56621cbcec7c222ab7341f1307e3f130e4faffb79c8ea1564838b4f148251

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b661f859c486f5f14831be806a8a778c

    SHA1

    403f924a125370e021e886f49ec33c4c8c6eb1d5

    SHA256

    b521a33db7e35cfce3f68ab9a47f7b39c55de4ac75db3ae6b17aefa115184696

    SHA512

    e6eba9623d230caf06533ea2b0ff4c35ec7006fb1f98c4c7d590482528f89704a28797bb35c2a31421e8b948ce8938b420500adf7751090a4290b0d822633e46

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cb6940a5dcb5081da9d82365062b58cc

    SHA1

    0a3bd5ed7a8b44e02682d66c647bb2b1ccc3760d

    SHA256

    869b25b1771e96e601b25ecb9aa90a2172072139d0aad3910328b940e5160976

    SHA512

    1a82ab92aa9e86fe2660db28fef16a16821c592078c74983cb59c490587c3f48a78eb986792f12c0401ad5a29d1d5704879acc44b6227f0baedd35b7ac27282b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    08f109cf1cf0594268ed59dab178cfbb

    SHA1

    3ceca02b65931953892df6401545a9ca7c5c4b80

    SHA256

    239b6b63eec5355e13530dde820a43a02e742d4533095e2ffc13419d862fcedc

    SHA512

    abc1d16777796497d023c51f17b903b8b8b5e2fcd104b5a58c2dac4c6559c2d5a69c9b3996391736b0da52d0978e6dbe9bdd2e2d64bcf47c4a99c01a16b6baea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    045a2405fabaa92ec419e92f417034f6

    SHA1

    ebe3565d96c2ad3741b8a862785e1980055bf72a

    SHA256

    1dedd203900a5661ae1559ec4bf193aa3e7d9b5b41954f20968b579038ca2966

    SHA512

    50133ed19d39c5014a8b8121cf175bee4dee6b3e9253c8b5333e0c3596f6e98e799169a30f9bf4a0002ad2db8578cbbbaffe8d91b2b12a054e2fe6626ee7611f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7bf535b6b91a045e4b9132f338f0b8d7

    SHA1

    1b76a495dd0a7af1ea8a1d5e93bde705a350991c

    SHA256

    7e17043e6fdb77b42544ec91ec84b0a6c9a028ec8625af455fb4ba7f15a4d667

    SHA512

    961736cd1cc10ee377dfb6ec248e16ae124cfd01e8d212cca29f113c04fabaf2d692944fd01544a10038e9e0e043aea5eb70f6b7467a98d0f284983617c55a4a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    743415cef188fa64aa23fba1704feacd

    SHA1

    1996bc4fd26c578740ef7a175e820a2b1ae1958a

    SHA256

    6c18c78209af533e9ebe6a9ff41bce2910147e700152fd70495aa71525a678a7

    SHA512

    8aa740ca1cc8cbd9c7e1790a1e77dd8b86de377559175a941aa95b612ec5b009e07b62682c0c644577015e4e3f6aa0fd2125e7c728f77fb2f433a5672a720858

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    67fcdc5f31cdf4a09cf1999b536d2660

    SHA1

    c9984711c85fdac4ca0699e89f295f23d8f1b073

    SHA256

    3c6c073233db65eb849259d986987a8c89a16859d801ccbf2eaebcd3c44757e0

    SHA512

    d6ee312471dfec643f769596a6ec1c439c4177739c6f7a11836eb68ff01de901cf432617faea48944718d1e25e540618459a9ea615b9944ba13e780d14164b35

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    baf5b11a4560e16b44cd922534027902

    SHA1

    28320f008e595a293f076b1425a8dc6691f15b16

    SHA256

    3986e40a9dbbc9442f691b539b1fa1f6af4091d75a29d2cc309dc5c6837bb70f

    SHA512

    3ff05155e40a3ec11e0171672f5849c9a256d7fc8fb0faa71d57a99b6284b6dffa5627efa5c64150c72dfe3bce63c94e325e4a1c89dc1a430bb1364732151592

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    aa34abad32d2a68adf35688c36fce134

    SHA1

    f621d57951c535dc440e242d0c6d48655a917061

    SHA256

    9d558b724e05a8b71402895a59cc1cf7183e84a8cabba8c85c29051f3b5bd2d6

    SHA512

    426a40600f38660c15d237122e1b54fa10858c0b63ccd7a39704d598fbff4e84dbdec75745a61de97b8c51bbeb65d4cc45f9499578cbb912de61e659c64e41c6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3eb3ea6dc7f018187cedd684925b4aed

    SHA1

    549ad467d7a9bf8df5512f472569b3c8e50363ba

    SHA256

    a64c88e14525e13b987f03207e7896eafb92d3816da0a2d1bd21ddba38df910f

    SHA512

    de90c40d91067df648349f6632b5ec2e963bc972b3ff08b79e721bdd2d15ea5f06ec51e88fa73d92e2e51e3ab73b1fa17d51886654359c1a7dee483c75ce2790

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f9abe368996ac10f394b0b88fc63a31d

    SHA1

    ff412dd320c53bceccb9c0eaf1b1579861efa19f

    SHA256

    957db38a049e0f2aceac0a86d46ccda798892e2ffb879a2fdd6aa7ede895c359

    SHA512

    87dbd328072e053c60519bbe76317360a9166c187fb015e2cf6e6ad5bda0370e8d8fe25e19a217a6d42a633d93aec323b359b14bf5881f1e39eef4b61a8d18ca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    481c3adc2f626ba123fd50e7886569c5

    SHA1

    7a0fc9c0391b77dcdbb99237a3248195b704a4d2

    SHA256

    483fc272f0c18f22dfdc7d648a36e26e7cfc97a66e8f1aace83916c62b06311f

    SHA512

    eb0354bb8506e22270f859dbb7cb1fa6cf41e32050c06f1706844e9bd5ba1af07972dde20cfa4a6e0de3b489e72ded6fd5068be55b21f470dde9655ffd9bf867

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dc4c737562dde478b890a889376d569b

    SHA1

    b5ffef0b57d64741a1a12047d4a3bdf2a63636dc

    SHA256

    bf220caf8c224df27e057a4ac5af7caa4a528f12594a6397424e86f4ec6698d6

    SHA512

    ffb47aaf07af730a4ed5fe2c8aaa7b497c694989548545136db92da942fdf354b6def31131e4435ee340c8261f2b99ffd09fb3e46d948cf73fedb22d38106005

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9326a402466989b9353596d318ae37bf

    SHA1

    4ec5e9bb8d0de466b9bc95e5f7ca6a8c9cd991e1

    SHA256

    4c004aa34101fd1a0adfd6881ba29b199154d5628b661055aa53c8fc6c1baa0e

    SHA512

    b9243ff96a7551521aacbe8e937a15ffa1aa673613394a1637842d38af70ad11616c59140af3ed12eaef6275c0f11d87fbaca72b9f5ba6bb793e5d0665712ae3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    674896867dcb3d7a00d0b793ceae7964

    SHA1

    ec014fa27f10206420049922975c1269235f1ff1

    SHA256

    b109a67b2abe6bdcce020f18bb48df00d72dfb9b91629dc31f0471f21eb5d18b

    SHA512

    b8f8cfab03ba544c123b09ed07028483c5087d9f5f07078ad5cafc739198dc4502d693b28cf7eb52cfe6c3f9b019f4a3b6e0dc85c02bb9148450738c2c44dcd5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c114d51063971a25f8cb9da5bf14b0af

    SHA1

    67d511c9cf6693a14983ff88068fd923cd955ba2

    SHA256

    f6532a0b2365761f2a420e2a6fbb4568e1bfb313636f8f2a60e554b13185a411

    SHA512

    c86ca5df41d3c6d3c1a93937dde9d050cca854281a0e56fa3aec9554bc54804842d9222d1d016d7958ba1f9b7d217dfff2102a9ae2e3f35850de691e8f98ac88

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    30eac0b9847c2b744a39a5f03aae81ee

    SHA1

    bfe582adbaeec2b13cc1d9ea5b56e832e9efc54a

    SHA256

    240e3d10f0d81dfdba33ef186338e8f870a5c9a0177d2a8e5c80d54206aa4a38

    SHA512

    232bf05eab1d1347e7121ea1c0e1805ce1e2bafe6ef92a8a5a24eca8b15bc433675e0d8c5f577a84feb8b0795979a00b680eff3184f9e2cd046f192fa6b22b2d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2AEC.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit