Overview

overview

1

Static

static

1

upload/adm...ex.htm

windows7-x64

1

upload/adm...ex.htm

windows10-2004-x64

1

upload/adm...ad.htm

windows7-x64

1

upload/adm...ad.htm

windows10-2004-x64

1

upload/adm...um.htm

windows7-x64

1

upload/adm...um.htm

windows10-2004-x64

1

upload/adm...up.htm

windows7-x64

1

upload/adm...up.htm

windows10-2004-x64

1

upload/adm...ck.htm

windows7-x64

1

upload/adm...ck.htm

windows10-2004-x64

1

upload/adm...og.htm

windows7-x64

1

upload/adm...og.htm

windows10-2004-x64

1

upload/adm...he.htm

windows7-x64

1

upload/adm...he.htm

windows10-2004-x64

1

upload/adm...or.htm

windows7-x64

1

upload/adm...or.htm

windows10-2004-x64

1

upload/adm...nt.htm

windows7-x64

1

upload/adm...nt.htm

windows10-2004-x64

1

upload/adm...ig.htm

windows7-x64

1

upload/adm...ig.htm

windows10-2004-x64

1

upload/adm...it.htm

windows7-x64

1

upload/adm...it.htm

windows10-2004-x64

1

upload/adm...on.htm

windows7-x64

1

upload/adm...on.htm

windows10-2004-x64

1

upload/adm...ng.htm

windows7-x64

1

upload/adm...ng.htm

windows10-2004-x64

1

upload/adm...ed.htm

windows7-x64

1

upload/adm...ed.htm

windows10-2004-x64

1

upload/adm...er.htm

windows7-x64

1

upload/adm...er.htm

windows10-2004-x64

1

upload/adm...er.htm

windows7-x64

1

upload/adm...er.htm

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    16-04-2024 20:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    upload/admin/tpl/block.htm

  • Size

    5KB

  • MD5

    c15528cc367e546398ae1171a37a9e8f

  • SHA1

    776cde789861c458130bead9d4fee0bbc475b1ac

  • SHA256

    6fd05c5a934612fc3f95c49af7d649098cecf9dec15c45babfcee16501284dd5

  • SHA512

    5a3ecece7d650d5b018b17214f14b37563ba68f048842777edbf0ec6f8196ecac340caba47abe9b229f538493f0d42b4378cd158168dcb0bd3f48f6990739779

  • SSDEEP

    96:/8lu8ga7+7bl6vgJ0A3Ws4lOPKBGsLgsf33XvOP1pK+lpN/:KuX8++gfB4lOPoLpGK4

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\upload\admin\tpl\block.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2236
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2236 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3052

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a1b99acafff30836dd996c167ce508fa

    SHA1

    bd50ed0a2f30fb84e8628a00e3adb072261792a8

    SHA256

    f7d382405ffa6176eae84455692ec1e106dfdb4cef9a16ab89b5ac51f0b1c3ad

    SHA512

    2676013921420f2143a1cc64691ea26a8099e6384db1bb6c7598878164d39ca93d6d886046fc046c8dc10a05ef2b230b7cc403018ff177227106f0b906d9c2e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    351439315767d16a29c7679dd07af8ff

    SHA1

    46d27f3fcdcf2387bdaccdce1e91e25c4c116180

    SHA256

    85ecf5972773355ab769629ce3cd5112fad477ccda931cb6621311cf35147bad

    SHA512

    918d892f41f19e1ea206ef7e511fa5637889b9f908a9cabf5fff2c9c439b01b1b06f1632c7814c7dd2b2c969422f0158908333a5c13b4bebcb95216648807764

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8890d0f1973a93fc3f77826a069f4e8c

    SHA1

    d532e398c59b5b99d45428b1b1e8a486ab911136

    SHA256

    da9a5aee83ec92a077b17c8c81f9ed49dd16e9b56d258dd1888cb43417c25549

    SHA512

    b670c6710e3b013a251838507b613a77be68cdfc62b6f5e8080fac94fadb88460f897d346e1af7bff391708590b5f741bb3350fe53a5b1b0f0666e9f97d00736

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bec0e178e6ca40324822331c6b5c501a

    SHA1

    6cacba62cdd6c8be6ac61b377c99222e374ac566

    SHA256

    256f40b3f751378aca1b84c33cca76d92337983bb0d87c13e1cb7e5d9601e0ad

    SHA512

    73ad1b5134acceb6aa1e013e4c2da28246cd90d0cb8acdd82e0ebdb4d153a1ec1917c1c3873cd078a4b6c0c4411f5db98dca5383713b44c92d7876b4a4bd9ae1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9b3a3e3e516ae81d86342fa9687689c0

    SHA1

    aef8990012c1cb0b7460e41917dc6fcad3a8ca8f

    SHA256

    16a08c3192c3e7a6d19fb07cd21b5ef1b574206e699e026a8b43277522ea1229

    SHA512

    9c7f0b7e5222a8ff0dbf6a2950d837573355e1301e2cbb58bd31a41b1a4ffd2a82885700d242436033ce6d5a5cea046119df259aae7483493fa9a18b0fe7b0ec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c0effde9847eda544a99b8521b00e232

    SHA1

    169440b7a7eca19094739b7964e108b85dc528ae

    SHA256

    877e583d5ebf134e4227c75baf9bf54d9a977f38575a10b837c7bf03ae2e7327

    SHA512

    16c9832d08ce2ce8244d0d9396ee2e2855905104d4c74f1b38dd04c6156e5d7bdcee8f80dfbfb6359e8771b296274538ea2849ecb0283fa2a9118fbd9e2d3479

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    604884f7101836d187a2503ae1631e0e

    SHA1

    4680783d6830a4cf3a3684b03f61308e6c2b81ab

    SHA256

    430288c5dd100f7d3763a00f70d9fc9281ac0cdb64f1ec418e51b6ac932bd0f6

    SHA512

    d9955e897779bfd5903439fcb31efaab980fe6268472a8d3bde08c1172bb4037a11c2a9befc429169301a6110cbe0638a8dff514f5917febeb3de510fb3e8671

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4c83e08c22cd3a5bfbdc8bc72f8aa2f1

    SHA1

    3a36e0230e27186a7b0faf3508403a1e8316dd57

    SHA256

    88250d05892410439a5cc6ef664dbc3518a97f9cdccbfe83c06117af0fac480f

    SHA512

    a65ef8b34f5d2806660906ef877688563d8604ced0333eb80630fed487cd5c1b41632cfa7c61b69d7103b720069626e8daf72f1eaa64f146d49090241e93322c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3ad33aed279bc4225cdf8fdca224b034

    SHA1

    c445e872e6a4a9125f9d8a2cf992b313ea1b7b88

    SHA256

    be11c0a85468b2d10c663aee6874808a5a1e39c4ba144f8e5634a73090b9313f

    SHA512

    e3e1ca9fcec565a233fabb5120a1cdbcbd38ac0bec3ad3f108754aad1de8fb3344cd73d7b2778c61ae24dea9f80199a4d12b84a7a6fa86f2c7ce2dd79f838d0f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2f3f9ea65572d49759c55d8cb68cb919

    SHA1

    897019bac10d9c040c5a1dcfa5b2f940dd34f22f

    SHA256

    554f3cbd1f981432faade92b9b7dcd23473d0dac86bc0f08fa379d361240e9bb

    SHA512

    83c132d97259fcaeb0a7740ada303c82a978107ba2dd70a6d9ae240ea73401ada306a4dbf84cadba8a6b41a731542deed9c09f7f319d19f14a43347887ad5bea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8e930d336b1cdfc711c9d3c529a6a4a2

    SHA1

    f7725c9d70addb729e5c27e1cebd1d2c2e6fca03

    SHA256

    42561a7de7229c45364957bdadb120d3f9e5c07271a895fd48061e3c91c03263

    SHA512

    ea71245051263e7e8d2ba7fdbb0be22c12fa78155f11196fad5bbf2c1f06fde519f2515ed6f72397fce8abf03887c066ea2ecd31dfdc135f02731268f4240701

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8b8dd3173130c4f86ee6e314861635b4

    SHA1

    c55e828a0e3fc4bbb5e09728d2232de021f8d08f

    SHA256

    f6d9681d68718c8dedc5a7bebb014fefb34107ff162bb1cbe5dd79d9fb70f484

    SHA512

    4444a5272f56675a01066f287c399afaac7014089848e10e9ec032dde8009052d482eaca7da5af23e2b7388bad805a546c0f634b902f8902edca1dd0e871efc3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    58bdd4a53c5f8b12bfe5950a6c4afc39

    SHA1

    6107214ffdf4b53facc30180a1fc650d2a934a80

    SHA256

    51f8797bf22b333215791778dbcb7bf101543559690d8e5b245c9368c56d890f

    SHA512

    7b5340a2757e10ccd039f0f7b34676bd65e4ac4a4ca6c663c8281a6d20681f62853fed75c4b0bae23c8a24e7812d2e6e889b5a13abb17034b6cb0e781e332e9a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f02dcbcc103de8e92ac908afa97a13c3

    SHA1

    ca3f63affc66101a56cfbc91f95266246005131f

    SHA256

    815123799f73652de96815358a0abd488ba5748ea9e562d4d75a52a3b36aea1b

    SHA512

    0f826174bac6c9b10654bf073e43f4077746e4857ea88421b921ee67a539349b29ace8f5b1285af94663b1261274fcb64ad2ab3c781aee04b3ad526dc6c5af03

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b852998c184c0b2f4f27a14135f00520

    SHA1

    e4403e27645e55df2313ded294fffea5f14db00f

    SHA256

    db4a4d5e6492f7c50d400bb8b78843532f222a975f4f09fd967b61061286afa2

    SHA512

    bbf0dda629a48cef9c5b1403fe39259e6ec67bbaebbbc6a471a1fc77031f221a24d9f9511cd4da34cf5c82404648da58111e89660de1743445865b1cb65dcae1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3a36d4559ae920aa127abd1b258e48a5

    SHA1

    45af105e47e725ee329dd0e68be1f21fba94e9c4

    SHA256

    1af341b969ba6550350fddcf045457b46ccf6e5dac66221c14e1fa8e9497e4d4

    SHA512

    48bf53a3082ba09a2b57bb7548533ea2e673e62482c310dec4df9da1fa9d77e0474b64d23def841be38607e3ace6190929d92c8b9785deabbc00885148b85c5d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3c35b3a7df3b82da48cd9f19c321ca47

    SHA1

    6405891e8c7399559d9319297c2e18a18d6949a7

    SHA256

    7435270daa5c6f1e98c848b573214f56e5101d516a2713cc819960979a5efb66

    SHA512

    3d58babd754c3555cba310a5fa82a94a6f3a316ff0a05885e91d63e4d69bc5daae3b13cbde46a8733ba8d43d5d30614111f065c0d680fea2594a8d4828ed2c81

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    09276cef38adca2cf9ed7b4d60190149

    SHA1

    82cfdf4381ff615877de9b14959e21ca3ff54a77

    SHA256

    0493ee4b2980108741e0c216269a678bdc585d1094dc11ca04e1b6a1b02178db

    SHA512

    2656d9ed070919cd4da4047b9d5c20d0e1bf5dc683805ced023a588375754cbb2b68bee71b5c75f4cb2931b7bad9eb1c9b883aaad2646fc8643d349912fd3cad

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab315F.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3241.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit