Overview

overview

1

Static

static

1

NfmBlog v1...nge.js

windows7-x64

1

NfmBlog v1...nge.js

windows10-2004-x64

1

NfmBlog v1...ot.htm

windows7-x64

1

NfmBlog v1...ot.htm

windows10-2004-x64

1

NfmBlog v1...nt.htm

windows7-x64

1

NfmBlog v1...nt.htm

windows10-2004-x64

1

NfmBlog v1...ks.htm

windows7-x64

1

NfmBlog v1...ks.htm

windows10-2004-x64

1

NfmBlog v1...op.htm

windows7-x64

1

NfmBlog v1...op.htm

windows10-2004-x64

1

NfmBlog v1...ad.vbs

windows7-x64

1

NfmBlog v1...ad.vbs

windows10-2004-x64

1

NfmBlog v1...in.vbs

windows7-x64

1

NfmBlog v1...in.vbs

windows10-2004-x64

1

NfmBlog v1...wd.vbs

windows7-x64

1

NfmBlog v1...wd.vbs

windows10-2004-x64

1

NfmBlog v1...ar.vbs

windows7-x64

1

NfmBlog v1...ar.vbs

windows10-2004-x64

1

NfmBlog v1...nt.vbs

windows7-x64

1

NfmBlog v1...nt.vbs

windows10-2004-x64

1

NfmBlog v1...se.vbs

windows7-x64

1

NfmBlog v1...se.vbs

windows10-2004-x64

1

NfmBlog v1...te.vbs

windows7-x64

1

NfmBlog v1...te.vbs

windows10-2004-x64

1

NfmBlog v1...le.vbs

windows7-x64

1

NfmBlog v1...le.vbs

windows10-2004-x64

1

NfmBlog v1...te.vbs

windows7-x64

1

NfmBlog v1...te.vbs

windows10-2004-x64

1

NfmBlog v1...dex.js

windows7-x64

1

NfmBlog v1...dex.js

windows10-2004-x64

1

NfmBlog v1...ip.vbs

windows7-x64

1

NfmBlog v1...ip.vbs

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    16-04-2024 02:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NfmBlog v1.0/ad/ad_userbot.htm

  • Size

    1B

  • MD5

    7215ee9c7d9dc229d2921a40e899ec5f

  • SHA1

    b858cb282617fb0956d960215c8e84d1ccf909c6

  • SHA256

    36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

  • SHA512

    f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\NfmBlog v1.0\ad\ad_userbot.htm"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3024
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3024 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2380

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    56941dac902313e50bf80b18b37530c9

    SHA1

    19854ef973a568582c743b5413ae8633c07f38e5

    SHA256

    7006108acb9eb0a27ed2b3b4f2eca3716e760821ee52a1a6fda600fe749a4578

    SHA512

    e34d818b0c0c7af8f9075132f898ae3095ca44635a2902d85d5d0006b8fb8eca642657f19b884c9fee4da3388c8be69e0d69fd0096eb21832e49d78cd9250ef2

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3084371c6dec418fefdae6cabd80d6ef

    SHA1

    46ff49a37b30ee625905925d570a640dc7468e9f

    SHA256

    932a6728534b30de4b9a4aac23ed74e20ae2b06f67c071446d6639d516e83c7f

    SHA512

    e8d61e155fae65b6969476f1c28c37c6168f7b19fe5f6c4106f7d6324fc612ddca7b1a470a217aeb308d51b29861795601a99a388265fb3e61942803db54631c

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3f3a726103b333b50ec31ede5f801cd0

    SHA1

    f8a9de57b20ed70a741588ae5c86e8a1ae9c6bdc

    SHA256

    50d0aa15cea4c4300497e7e9ea6c8f79c881205dfe31915c7578ab24c66f129f

    SHA512

    f50232764f5cf9e2d26bc5ef106cb03a7018d38d101f11e93b4fb470fa5a5efbe553b705c01031d11d94d7a4f492ef009cb3ed60e560f1a9439eb78fac0faaf1

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3b1b3ac40074d71365c1e683b951c8cf

    SHA1

    6d042f55143c06d7e43dd31d6aa4d2d0affc364e

    SHA256

    b9db59d22b430d3ee440514eafc6317e82fb5a02da0db343515a1983a64bebdc

    SHA512

    607ed1e642047ed6f97768005194e3fe589c1652487d7a504589a0e4c9b4eef476e53321046a9169ec89d29c68b4f40682fef4952fff892de31ea95541517e21

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    32c4d1bbc5ccb14258af8a6a734cbde8

    SHA1

    bb1bf857f36fc79acf5b22be4072f14d1030653f

    SHA256

    28713f8ba2fa33196393280012dfaa18c417805aa91618e00bcb34dd399af6c6

    SHA512

    c20be0a05e1b9c45466a06a457da3f3375df7bcaa216baa8cbb6e7314abc28ff98ac9c5b206c04ba14b99c23d30230cadd8f103ace76e558eba651c6ad2b46ab

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ccd7e568b803eb06b21730ecb7d3b562

    SHA1

    c34b9ef8ee88f3f65f3b55bb44fb171a8a73aa47

    SHA256

    bf698aeef7c18435658dafaac1a7544c672da12cae64eb2d45c82cddbb9500e9

    SHA512

    00162fec253701af3f29a0668fc3ff0e58d967ad0ddb201b122ff48307e67b36b7ae22e37f7e5909961c8b5aade43e72d4d4e4139fc1a69fd24d70d51b9ca8f8

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1f8c49ab1e3b272005d143fdbd891f9e

    SHA1

    cbf2980d8600a9ceda723e72fa59e8a391f12672

    SHA256

    06a582d71652cff739cf9e2ef774badc71425fd02b7075fa8813ac93de0b6e58

    SHA512

    9e3f56831687ab9323d6b209ee9e351d56f8d1fc441c4eb23ceec4ac774c199c8d5f39d4d0086c3ec6385b61c7cab62e9e846ee22c4417ad9bea5554f0b0025e

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d361fc067776363cbee0ee4ee0912fed

    SHA1

    a8d5e3419d9a58b5373cf992fa91446b5a303eb7

    SHA256

    1bd9271df64811f3475f072f14e77514783e16d8113bdcc9a3afafb34846e1f2

    SHA512

    afa24c5fba2b503c1d5f067aa0d7d94080eefefc6de9fc72df49ecb08330116d7b0ab4c14cd00397ddc5a2d1964de8a5dd4e2ec34eaf077867376f1b5e59705c

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    86514d72109c340f106418c5e77ab00a

    SHA1

    bcecb12e49bced483b860aa3e37a9ae910439f67

    SHA256

    a7cd52dafb15518ce6521a95845830b01e46ecc8f44825102c4945346b3ea52f

    SHA512

    3c3172cf8b213ef7424651895c362881011c4fc0bc6d1ee97113fc84046f5cc6e6368f2bc2554d5659900d6079b3d7f9fd41a8e578aafe4bd89ad4a109b485ac

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    01a729068cc923396a30455216e4a59f

    SHA1

    42c1a04556fd233df6843a0a2e259083195c74bc

    SHA256

    ae93b6a6d3b928ec73b54af1a533900771f166b976967920bede867943c6b6eb

    SHA512

    d4e157211ccbad34c524d89d92a46ae5950e6c9fb46cdfc2affd1171e04d56d5ddc4fe18a0429abeb0464196f3e15364dce334a3a06e9726eabaf97ba7add49f

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    39ca57d0c9a8a674ed6cf6d13e1ce24e

    SHA1

    c2515916d2957d74faf186840b391f054ed06d78

    SHA256

    e67ee6830481b46544adbb0d439088b8714bf1e82bf5eaf680a8d65e472aba26

    SHA512

    cfcf96758f6b380bb1a1654639b45a355287355bdb87230142913cd3cbb75172a706574c88045890ca9569fd0cc972db5f2b5f1b4e5582f14cbf5728d92e92b3

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e6adb1d478495437c6f138d7c3404d45

    SHA1

    db5dda14bd27e4fdf2417a5d21591afffde148ce

    SHA256

    7f1de15d7df84a33ec23d33deafdbca88aee93ebdef584e4eb0643514fc1283b

    SHA512

    8aa9c3241ed4f15d499fd38d51fc6df457361095d9faf8fb7b8b0c589b8d8d45e097daf88d9d8824602d2e1b9e3d412d034e0537b872c6d5a261fe50245b469c

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a6c5aedd512228744771f56b0bc1535e

    SHA1

    eab153e20b6460b3ec69a782fce9694344033a38

    SHA256

    9e54ffa41017f8c5f975c1c4e3993da88e0ec0a886a70e85eb377e4e0e2a833f

    SHA512

    b33b38ab683b7ade25bbcfbf1b634f25f1fed26a93ae51db3bc7bc4fa4cc974c1fbfcae0baa6adfbeaa2c9a108e6cd5d347e734c951a5d1fc74649249bd708ab

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9bce0abd9a237700b8041c49aa0dad9d

    SHA1

    17a21d23f5352dbc772dc6db805b434acb8f7336

    SHA256

    7366599084a244677d322462f9dce7c411c701451cc65cc50057be50dbfeb5ad

    SHA512

    1fe3b07c44437e5e743b5fae37afb342c4b0b798af9aeefec54ad50a99b9c4f99c0998b4902820529891269f5c994c3419f3999d6f2082da77ffea9841bbef2b

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0afe2e27d4fc8107472d40f7e7506660

    SHA1

    086aa99815bf6dbc413dc3aabe0ed9d68b89112d

    SHA256

    9c8a60257fb9075c9593cba6fe582dc540074b095bf42b7db0650f65dbac4ce1

    SHA512

    86b2e9b611819fe1f8f295b8c152daa3a1c083afc62f17f9510ac8865a8bbbdd0fadbe1cd46a1f2fc8e38f9ed93b399a76028de4970c567b7d93a7b13e2fe2e0

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    839ab5b4ec5139b89a929affed9f84a8

    SHA1

    18bb0c65dcbb3081590bce4d0ab2104a51d45c75

    SHA256

    04da48747b4fd8f7a8f8810bcd386eb02044ca15cb8d570e02ac1065fee1e628

    SHA512

    6055e4bb071e37cf3f4d640f28fc6673f70d8cdbc9df3eb4dd8efa6c8a269652a682bdc96a8a657b7d412acd21871d5319fe2f0a5994b250a28cb0c0cd67664c

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Cab2DD7.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Tar2EE7.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit