Overview

overview

1

Static

static

1

posh_2.2.0...ify.js

windows7-x64

1

posh_2.2.0...ify.js

windows10-2004-x64

1

posh_2.2.0...ify.js

windows7-x64

1

posh_2.2.0...ify.js

windows10-2004-x64

1

posh_2.2.0...ed.ps1

windows7-x64

1

posh_2.2.0...ed.ps1

windows10-2004-x64

1

posh_2.2.0...rt.ps1

windows7-x64

1

posh_2.2.0...rt.ps1

windows10-2004-x64

1

posh_2.2.0...ig.vbs

windows7-x64

1

posh_2.2.0...ig.vbs

windows10-2004-x64

1

posh_2.2.0...inc.js

windows7-x64

1

posh_2.2.0...inc.js

windows10-2004-x64

1

posh_2.2.0...ove.js

windows7-x64

1

posh_2.2.0...ove.js

windows10-2004-x64

1

posh_2.2.0...ory.js

windows7-x64

1

posh_2.2.0...ory.js

windows10-2004-x64

1

posh_2.2.0...con.js

windows7-x64

1

posh_2.2.0...con.js

windows10-2004-x64

1

posh_2.2.0...et.ps1

windows7-x64

1

posh_2.2.0...et.ps1

windows10-2004-x64

1

posh_2.2.0...x.html

windows7-x64

1

posh_2.2.0...x.html

windows10-2004-x64

1

posh_2.2.0...E.html

windows7-x64

1

posh_2.2.0...E.html

windows10-2004-x64

1

posh_2.2.0...L.html

windows7-x64

1

posh_2.2.0...L.html

windows10-2004-x64

1

posh_2.2.0...R.html

windows7-x64

1

posh_2.2.0...R.html

windows10-2004-x64

1

posh_2.2.0...N.html

windows7-x64

1

posh_2.2.0...N.html

windows10-2004-x64

1

posh_2.2.0...x.html

windows7-x64

1

posh_2.2.0...x.html

windows10-2004-x64

1

Analysis

  • max time kernel
    138s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    15/04/2024, 09:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    posh_2.2.0/docs/fr/INSTALLATION.html

  • Size

    9KB

  • MD5

    3a6306833018dc4bb20121cfd9cacd29

  • SHA1

    6b41808f42f8400c02bb90ec43031d0c5d4762a0

  • SHA256

    ccfa7f157deb117b34d8195111e9a990997476b60dc4b9e9d7e729543cbf6bfb

  • SHA512

    1c9cd28b613ea9bd50177ffdbcb467d5a49a14cf50c25fa0cadd44e1d15c47638d8cee09a0e4d97e7232e1a12bc57b7a11f574f0794ace8133d4930450b9c4cc

  • SSDEEP

    192:St1xEvB269ynhTj0GA2QKA+zauHUHfyp65Nv1i5n+qe/GFr10:Sqo69ynhX0/2QKA+JHU/yp2Nv9sFri

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\posh_2.2.0\docs\fr\INSTALLATION.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2848
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2848 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2536

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e402d91cc18d86fcd1d90f76232c12dd

    SHA1

    76aad4ae240b14ed96ccb890805be0c5a7292958

    SHA256

    8b08a86e6be42e9a5249b20d346c67b63dd302231b812c6cfc0e68147310c43c

    SHA512

    a1a3720f477ec6c21e12f20df097616444ac0ed8dfa9552352688bcc93d92ca14647cecc2ebbde3c4b7cea339f2102818ec0017141f548caed959e66a56d1c9c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    39e37e2804ebe0d2240ae3f0f2443431

    SHA1

    6d93a4de60bd0da8589ee167d105ab2655b2cdd2

    SHA256

    bf0d4b015d9db7ad229a56adf6d3092357e069e11b84831267faaef08f8cccb6

    SHA512

    b65b6128c865f122fb644e0ef0d62ba66715bf51489c12c140d6f92b06cca7a7427b904ce80ebdea4ba7af853223c85cd731357e2d8bd9730c70dd7d8e2cc5b6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d6ca234994b383b1c15799044f5e237d

    SHA1

    d6b2a99cb224c514fbd7b871429b1888e15ea68c

    SHA256

    6c115cad6669184696047a647d8bb9d3a467e07c1637e2193cb40834d40eb69d

    SHA512

    4d5efaba5babb6170003437fa564bc1ff599368f86274db01211ca864fc637ca4acf483fc8c9a8af4f81fcdeb2b00f0638fe07026af0c47e771802b35f423880

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d3116cf042ca75f39c27a726f0fc8dd2

    SHA1

    b8c4687aabebbdb2f2aa22d0ac6885b8f083999b

    SHA256

    8ed6374cfd5045d4766a7700354f81be5ea3535a0e5a97443c89c89a69a577ed

    SHA512

    197e2931f3ec3d630d804b14e865673af2f5a6c5301e7449252a152ca9551d650023b6f9dae7755920cc19249c55f5ea0afad6e2ccbc911dc216ed9cf0f6f1e6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    29f4a767cc0a959057f84ccb7d5ef4d2

    SHA1

    0247c2b6b0a1d6948a13edb46e8669bdf5bbe675

    SHA256

    0ca30e6c73d28884271f2a92b1348b3823ba0cf8c9230d83fd974dca277b44f0

    SHA512

    f9037c8e15af9ab7c922ea12e03873053c61206949f33d8f06bdea196f4ddeb25187c4e500f83fd834e5dc502e3fce5109d8085c7f8e37e36c9018bc4c5d6692

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2626ca4c9f61f49f63aa259227ba393b

    SHA1

    2a9edb69f374cf27d461ad85de7668bcd740cea4

    SHA256

    07a8c0594bb690e907020e3903141b06a8e98e255852bdefee23b45c1719c693

    SHA512

    30514738d4598ec2e85c18c7c5cd97b52715edefb8df0a26c92cf1f433735868097b2c4592e2dd0c86cd8d4a51ebfe40e486d669dd3850e8b15c276fb1c314fc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    860aa47e3dac76082689fbf190b6adce

    SHA1

    dc784eb7632b680bbca50c5a8969e6e9256961a2

    SHA256

    aa6971746c207d3dcd7285f2edf0f24186a909a211134108bb8decb2c5c3c34b

    SHA512

    420ba612907d0fa5ff7490262303a98f2e1e769a2b27d0cdb6c83c7d679a6f07ed45ac9c8e1a8d60d677b533dfe8d3109e8bb5d56f4bfcd54570edb8d3c15cf3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7d7c63925d23d91e329f87c30d35401f

    SHA1

    04127666665c4e959270572c63aad06d9c48e99d

    SHA256

    d9a3f59cf83788ab71dbb1f0917137f73e238c3fdaf2153332a696e5c5a32981

    SHA512

    7ee43b9ba8cd3196a1fc663f08bbb267c746ce0e7518e97e383e0d0427b5456ad6139f873ce3f284d9e7e955a1c92b7f8b3f528917eb3962f30cf3070004f5e1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f7cfd7a2819fe09a144829ea6b5042a2

    SHA1

    ee4a64439a5697e46c69219b39cc41572b614c3e

    SHA256

    2bb3a24921c6035f89d564f3156724f7030cdda198dcff8271fcabaa3bf6d9a6

    SHA512

    993be866b9a97d41616c64a4ccb07374917dcaea9f81eab93ea01edfe994bfaa39c1d764003721aa5ebc0992242a9376c4174879ef6154874d01530514ed17a0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5daa5c000a0ab43b6edbf5b1c1f05bf9

    SHA1

    82caa430c1df7f6e8d53289c503d618a4e43c4f8

    SHA256

    5d484fcbc3a198f9c1b16629dcd00107473b018fdb3a08bd10f7aeefce307f7b

    SHA512

    f5bcf125f191fb85a5da176b11a53b1621e2d4bb27444360deaf9b8ad67c74cf49a793cf6d0ed961bb8d0ad6b4a06584bf12883abb5563691e6bc5831ec347da

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    de0aab2c64984cf9ded458fcdda78877

    SHA1

    6afdec997b7d000e9967b59b8495eec2d75bddfa

    SHA256

    062b008e70fb64d2976cb18bc28d0f9f8275160b60850d375a1ae767858969ba

    SHA512

    33bd44a4c3d1fa867a6e532593384862d0cccce2a9bccff2725450c420fbc32178fd11efb2fb725f16670027c65050a8298ee7786069bc01a472e7a9f8c6412b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    389dd5652ef4d996aaa2fe2de1bc88fc

    SHA1

    2cbb50207051c9609564d9d0a0007be26b65e054

    SHA256

    dc28a91335070b93fb57737684babd520b704d3141bd2096a376bbecf9aaa244

    SHA512

    d21f8c285329535caa5dbf44d6421b100a5839c88af69786051700cfb8ec0b6bbfd7f2057810659a0e44f033685bc91cd89c17bd2a04ad38abe4edf47cf65a73

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eb5f6d0d7893fc65e4c425c81c4e4a35

    SHA1

    d44e5acf75ee600607e42caab273c9c7ef21b348

    SHA256

    c66b78cde0696dcc76cf919deb4380d7b4d840686f81032fa93c3106c6a0cdb5

    SHA512

    29514d3193206849fb4399a16c59e7e32707316b99ba8a5fce8f2093b322d40d9936f1150c37d229668396cd6e716f99bf80a73a49b360f0af33d5fad1551930

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0dbd47ebe3c9024b52cb7812bb1a82f7

    SHA1

    f386edee05666a2dae65cef16a1682ef0f059821

    SHA256

    23caec7480da4911addb75e1e395afef3a2b0bb889220562801326d3739b9134

    SHA512

    60eea29c69c23e5a8c43ee633de73130022f4292e85b5967986d61f270d6fc6b4b9dfdc11c81b03c06ce346f8deb5928980439a00d35d81257dddfa6fb4cacca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2b9fb2ad358903e0aed6412e066efbff

    SHA1

    c9e2b2b2bfa2e321bc4031b5dda6b21d984c6adb

    SHA256

    fb4bdbdb265cb014ac06c8115e4d4894d76818353553972909c25af32c0479fe

    SHA512

    12adbd5a085d6627a8d3670fa421c19f80e4f3f7d6517c71bb930f3aea7e1637e04cf151fb53c34a949388da17eb4a7239dce2cf9b9d9442bf1bd13682b10910

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    00084c6a21eb2781acdd2a00f276de8a

    SHA1

    b1dec815ab13180a3983722ea3676433adc4ebf3

    SHA256

    f90839e1fdc3d5ab732a005e9a9c8ddc657f4edb5f3f0a42700316f95dc7a967

    SHA512

    c6899ac2921608fddcbf06180fe388e50d2584f554597885f4eee0b808ae5830dfc098edfe6244caae5510d8cdc4ef840be033faacfa9521e5fb4d618603dbbe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b7f74ebcd2960d01e31b8c761c1965a4

    SHA1

    128e7d23b7781a0342307cee34c99c84f9cbcd34

    SHA256

    7c5d4a6f301969b4807ffde4e68a556b6d59d182a6a4138c859b6a5ca566b4c7

    SHA512

    3529f12abefd9e06d48575d6c3e98815f80f1a3fb5e20a253543118d7fe62e96deb9dfd91eec9c437ffff1f3c5f8623f27abe96376a67ccd4cd8ee655c1f5f4e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9c63b965dd33d342c29a8ef25824b028

    SHA1

    2dd6c8f200069be6a2049be13550b8aa7ce464ac

    SHA256

    f51cbf4a41d651e49dad8ea676d7ee696918c7a9a611e3cc7b99ea92e9eb9875

    SHA512

    8dc4b20b139f4a891e7ffd73c71fedeb6f1c80f887c4f95cb5bc80e279c03000b9c835323f8fc5ad3bc52b37ce02833d569cfdb60ddf26c2d23edaea17bfaadb

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9D9A.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9E7B.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit