Overview

overview

7

Static

static

7

AMVpack_24...64.exe

windows7-x64

7

AMVpack_24...64.exe

windows10-2004-x64

7

$0/Docs/Ru...min.js

windows7-x64

1

$0/Docs/Ru...min.js

windows10-2004-x64

1

$0/Docs/Ru...ls.htm

windows7-x64

1

$0/Docs/Ru...ls.htm

windows10-2004-x64

1

$0/Docs/Ru...s2.htm

windows7-x64

1

$0/Docs/Ru...s2.htm

windows10-2004-x64

1

$0/Docs/Ru...io.htm

windows7-x64

1

$0/Docs/Ru...io.htm

windows10-2004-x64

1

$0/Docs/Ru...in.htm

windows7-x64

1

$0/Docs/Ru...in.htm

windows10-2004-x64

1

$0/Docs/Ru...hq.htm

windows7-x64

1

$0/Docs/Ru...hq.htm

windows10-2004-x64

1

$0/Docs/Ru...m2.htm

windows7-x64

1

$0/Docs/Ru...m2.htm

windows10-2004-x64

1

$0/Docs/Ru...ag.htm

windows7-x64

1

$0/Docs/Ru...ag.htm

windows10-2004-x64

1

$0/Docs/Ru...mb.htm

windows7-x64

1

$0/Docs/Ru...mb.htm

windows10-2004-x64

1

$0/Docs/Ru...nt.htm

windows7-x64

1

$0/Docs/Ru...nt.htm

windows10-2004-x64

1

$0/Docs/Ru...tc.htm

windows7-x64

1

$0/Docs/Ru...tc.htm

windows10-2004-x64

1

$0/Docs/Ru...ff.htm

windows7-x64

1

$0/Docs/Ru...ff.htm

windows10-2004-x64

1

$0/Docs/Ru...tc.htm

windows7-x64

1

$0/Docs/Ru...tc.htm

windows10-2004-x64

1

$0/Docs/Ru...ts.htm

windows7-x64

1

$0/Docs/Ru...ts.htm

windows10-2004-x64

1

$0/Docs/Ru...te.htm

windows7-x64

1

$0/Docs/Ru...te.htm

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    09/04/2024, 16:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $0/Docs/Russian/externalfilters/tivtc_tdecimate.htm

  • Size

    30KB

  • MD5

    0b881986ca10d8997a035ca44e63b469

  • SHA1

    dc2bdf144447383e63f8994ce3e97d4f27a61528

  • SHA256

    5e15a06b55b2bf79882da11b30f93c52d3648207d5f47aba5ae438e47b48cc14

  • SHA512

    0039a2c1cf18bf19902d3b3b0631a1479729475ec7be04e9680c47f5d54d671b211a9abd27b6f2f5bfdd5ca2b814f741d17b86046beba6c5307a6d85ab5186ff

  • SSDEEP

    768:rjVrltu9x3vNDo4yMG8g23B/kOEjSZhW8889/wYzqNsiZ8cm:rj3flM/EjbY1

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\$0\Docs\Russian\externalfilters\tivtc_tdecimate.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2192
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2192 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2500

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    81b46ff2ff6b08b28b6db7b311b5aaa2

    SHA1

    114e9b6d0a008dd9443939bc2d4f48ab38e3b7bf

    SHA256

    e106272ade9d833d0337b4e1d95e3cf10edcfe9470bc254ad145d7603d4ae0e1

    SHA512

    2d6dc8cd66bce9ac35f6de4e5018a939d0dbf17d10b52831766515b767138f4cbcae646c9325855a770b8ef742a7bab540bb5afc84a6a2e676a86350fe8a6e0c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3a049f0a03dd2e787ddd1ddb476af1b4

    SHA1

    6b5892be8f279049c3e71d105adace5c26e50d86

    SHA256

    12ce6e377da39af998fde6e8a985ae9e58ddc5b163c74b48c08d58a23dfe6ff4

    SHA512

    61f6f401d006d971d41474cf9819a720c04925769444cfabe8ef25f18444dd6eec0563fe94b417dd1cac314461c31e599257e8e1d10a830e1544839d5f3925d7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4e73497f7bc524ee6b3135344aafe628

    SHA1

    4be82ab265b9228a0e65bd818d1c62f383fed552

    SHA256

    287df83a3813cac5a4b99fc1b932ea745070b7682e45f4a66c365eddc6512b40

    SHA512

    50ecf8e0d5159ddf39b27c7b363000dd184b5f16b7f91cddcfad418b19f32fdca9fe1eb3c5a190ed624dbb83bb1ebc7035069feee074571d7d54859c93123525

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6b969a56a65067c1307cd8f409b80f98

    SHA1

    c1abcf6a64241f73e6adaa5b9a6bbcbc0d5fad76

    SHA256

    42fd83e91535f4565eb839d4dc17d7d654cfda0cbd906dd1a3c16f451fe17ecc

    SHA512

    bccacdce433f23cb662f9aa1003ec0983d308174d358055d4aabbc2cde8463c47e53ff78f32d31503308e3be9a9fcbdeb62b97883f430e134e3c88d05314dcd5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ae16d703b32a1c86ba8f95768ceace53

    SHA1

    ebdf69472aab441e8a7ff28f35a33316c2630c15

    SHA256

    508b6f5c133f7e9f68b413a26f2e64e4145400407c698ce4754216768e3e907a

    SHA512

    c1d676227ad195e450361c5a830a9bda885d28a8ee45f87f45d895baef63b98100b7c6270f5d8e36744b7e3c7363742f741b4713d31733e325e2f35ef309b37e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    184acb7303d8337b717c82d267c54f34

    SHA1

    cfd08e061deb0a1f12768358ca1848017110538e

    SHA256

    33d1a86aaa48dcecc70483a1e5ed9f56ce5a88b5ee8643999bac1ae20c1f2cc5

    SHA512

    fb091cca7422b6091d8e17ac0a3a096420defb700814270d27431fee379ea3f4fd79468e2c383517f9aa81838f9d7d603cccac56f7d415c399e8d2ea3e67bffa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    532f9311de4f8d59ced7ffe3b59bd508

    SHA1

    2e99540f7c2864336091fb717dbf10a8215f6b82

    SHA256

    93b17e9b91615852a43c20e765e4587497da71fb902bba76b473a8882864b8f1

    SHA512

    8072600f68d49f349900ceefa91e60ee25c499071e48f3cea512eba719981d99997dca33caff778c522f9d6f5c8da8a43df198cd0d67b12be7075aeaa5a8ce11

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f123df8bb824a6a63c96e8d71f23179e

    SHA1

    0a1c505f3961404a8b9c6bd45cf8f05f9bc91a75

    SHA256

    d0155b3ae59db1f0106a113d87ad88bbf42445508a48a177ef978b184eec80b0

    SHA512

    e94f7fad9e541131f666dc77d442a494cbfa2926759441b8cd2403e4fa2eb386a5297c6fe5445b8d6ce8cf354aab7872e54d878f1c1d98372d48bed46c8f3a30

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5e063471282924d644c2aae0b642bd07

    SHA1

    7c4569b811cdb3e711027c6f4b5709a9855e3d64

    SHA256

    a6879c02a28eeeb204c8a769c31e3d2533fbd67c9040092a6f337fc877a84f1f

    SHA512

    f5ed8f5d6e2860e635b7a723a92bb1d0a289561ae4d55121ff13eadf04928d7f4776e07d42c3e3398a4b1bb2cfce8f0ff916fc7b8f1edfd7814e81061d89648d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5bf89f6e9070988915a5a8211f57b3f9

    SHA1

    e1e5aeefba604b02dc48f756c7db44c3074bc61c

    SHA256

    cf5ab010ea2c0542b8ae8b3ee57442aa785eb2e12ac3436f47ab80e8b047d79c

    SHA512

    8f37a265dd31671dc2322d1260b79dce95cbf43991d6da76df2a450a27b609fc57724068f7d39330f7c63f134787fac82cfb8ff46ec2f1692304b7975ec75f51

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2c804f79989436606bf53e616f61a05f

    SHA1

    7ac7f8f71f016352a91d35b7ab87fc82518276de

    SHA256

    ff8420f6681c409a0fb5f02124e30ba84be569363ba21fbafb143a404bd27aa2

    SHA512

    29d3c34b21036258f76bbb7f51c1aa25bf9e6e8d370df60f662b49236165ed035da30ddc514b742a0e8817120be58fc31cc2237fcc954de4e9cfa1d6a636f839

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4615a05c36fbca6640c5e2f76db28699

    SHA1

    fee1c0a4d15faf0fe71f1660edd70692be7a6991

    SHA256

    f84539c9a507570e3c121f551009dbc08cbab80eaa47747acc778f5a0b547ba6

    SHA512

    398115aac87e17748a4646ba1ad390de70e99c49c089c9205dc92c49df31213aec4bac3be34d3ee9eb215fce10d69ec08dc4ce4848c7c30c465480c105b79665

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8DD1.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar900A.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit