Overview

overview

3

Static

static

3

ASPjm-test.vbs

windows7-x64

1

ASPjm-test.vbs

windows10-2004-x64

1

ad-manage/...or.vbs

windows7-x64

1

ad-manage/...or.vbs

windows10-2004-x64

1

ad-manage/...tor.js

windows7-x64

1

ad-manage/...tor.js

windows10-2004-x64

1

ad-manage/...��.url

windows7-x64

1

ad-manage/...��.url

windows10-2004-x64

1

asp-lz/Code.vbs

windows7-x64

1

asp-lz/Code.vbs

windows10-2004-x64

1

config.vbs

windows7-x64

1

config.vbs

windows10-2004-x64

1

dbconn.vbs

windows7-x64

1

dbconn.vbs

windows10-2004-x64

1

department...ok.vbs

windows7-x64

1

department...ok.vbs

windows10-2004-x64

1

department...st.vbs

windows7-x64

1

department...st.vbs

windows10-2004-x64

1

dll/dc_dat..._0.dll

windows7-x64

1

dll/dc_dat..._0.dll

windows10-2004-x64

1

dll/jmail.dll

windows7-x64

1

dll/jmail.dll

windows10-2004-x64

1

dll/setup.bat

windows7-x64

1

dll/setup.bat

windows10-2004-x64

1

err/sql-err.html

windows7-x64

1

err/sql-err.html

windows10-2004-x64

1

excel/users_145.xls

windows7-x64

1

excel/users_145.xls

windows10-2004-x64

1

fckeditor_...mon.js

windows7-x64

1

fckeditor_...mon.js

windows10-2004-x64

1

fckeditor_...t.html

windows7-x64

1

fckeditor_...t.html

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    17-04-2024 18:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    err/sql-err.html

  • Size

    368B

  • MD5

    25dd8f1c0176bff6e19d5078fd235cc1

  • SHA1

    639677746697f8af78256888dfadb456a7245f07

  • SHA256

    e2b621c288535b06ff905cc772e5e0480abd8e7e11432bd6ca17aa573f89d71f

  • SHA512

    07b2c62f26aec578e81b10490edc2df6d322f63f37caa87c8f4c0e148b4586507cff6ddc530686577c7b35675d500016ae33f502a8f1317b53fffc950555fa6a

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\err\sql-err.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2908
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2908 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2920

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    54578e630a389c96513cfe4eeb2613bb

    SHA1

    07e21d5515e105e4c68058e6846a7dbf26d0cdb4

    SHA256

    fc72e7b7c1e96d77d7d7cfe9231eb8d635834254edac16ddcd2e8d1dc68d6040

    SHA512

    108d47710cdc8f70f68d9aa7c2ca1a25bad923ae4aea3a15c432208821a86530d5c947e5d18076263500aa205d88181d3ab44d21254b3cac238ff00b9ff61548

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1e53a04f539b8ea67fe61c6b1a550dc8

    SHA1

    6d208ba47199caa1367f013d543c6317b0975794

    SHA256

    65dafc1b45ac8f2bcf67cb330983e505efa1c664099b1a6c42b959ef22416abf

    SHA512

    0bd80098aa52d8c6e4f53d0f58281b7b1d2ba83eef5c7d57deb1e6c0512b0c4c667669af0ea85da8859ba00f109385a96cc78570258228b2b40fc311e3b0ce99

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ea1b109c8d97a2f61c4894d7faa05e90

    SHA1

    d0f9aef080eb5b9d09a59a50bcf70b9e210c3639

    SHA256

    3713509a2cce3eb3262a55ea559486967b4645953bcb8e331dbf6f9865946a6c

    SHA512

    aefee5b8b5697b5814230fa2f392ee16c61b27764f5c4f052e48a8195bbb7bb34fa93fb30283297268427155cbabd2f9a9063f2a1af4310cc1ed081f760d8fb4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    41da7ad08dbe19847145659c538cf381

    SHA1

    0bacf1144224eb465a1d9ba3d8997356d257a8d4

    SHA256

    bbef441120ffa62b52b5a51793cd46beff6d429865bd4fec1c04e86d10ddc8b7

    SHA512

    8917ef80c8ca0ef3fb88fff5fc8549909fd63827376ef748196d6185d0e9dac3f370fb3cb580fd8e81ea193b53f26aa38d1c3398001b7f01285d9bc6f109c5e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e1e7e02df2b38b5010241e0cd2582e45

    SHA1

    673acf51a2cd573fee5b1ed369ad7592302db20b

    SHA256

    8e7627bb2940f64f32e451f007aa87d9df2e166c00a13f53e49b6d668dfb6a90

    SHA512

    0372cb06bc36d460abb870cb41cb42f9d6c4c114dc4da5a059a516c83bfa0852b67d1ec0002fcb61f6b3588a4d37310567d9576c97baa165653717ea63854977

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    65930f52f11ccd59bdc6e5345b8ced8f

    SHA1

    b7cb00d0104925ee9538039c2cab640d7320245f

    SHA256

    9629921f8bc8876d8113c5b37c2fe7dbe22273307f174eef54114927b21a83fb

    SHA512

    61acf08b5563ab48557313916dced10c3dbab1e7c4bd7505936fca66ab14cd014e518c78bea2a7276482bb6ee2ff5803c870673a54579619b6bb6e7d7b1dc1b2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b6c2b5f746c999edf9668828d49c7e82

    SHA1

    7a278535181acf5f1904fed3ac30e7d710d8eadd

    SHA256

    7178afc3ad6bd46196e67347e196ae830b66bb1f724f5d378bd06ea13322629d

    SHA512

    7969ea5c73f34aa04be2df6759a3746058cebe82828e38e9ff71dbc0f7d1e71f65225082c9c41840815f9a9f7fc935461aa5820342b6ba849fa395757fa1bec4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    54bca13c7c8665bb2e563bcbb7443323

    SHA1

    9d97c5d1ea9d1b77726bf9f80a3fce9e853bd80a

    SHA256

    56b61f10c842735ca1a2df2b87248c948294760c61c27922c7cb38e056c85bc9

    SHA512

    5641bf257013535716cdb3bd4addedef780a8bb50f86623ed2f2215935ce984241d80c613dee5604da9601e98f52edcb821361daca5b230bb7e790adff7dc73e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0cd2215a03e39ff5ea4272b76e78f266

    SHA1

    c30ad7162af3e17f88aa137ebc76441de1f4781b

    SHA256

    ec0b33067b9c546177c6bb232c1808a36c65801579a4d8428b7c81e58ac01bdf

    SHA512

    65d485c0368103bc7606483c405ebd40ca18b9a06c34dad274a2000122444b4c415d76ca00f6d883a50faff18759b423578ece91a1dd60eff88204bd9d262eb6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    51d288d0675e6e39ae886f2e10bb2747

    SHA1

    92b07f936dba92b9b0ae998bb67b4554a025658b

    SHA256

    d2cd06f0651625987aa68e93e82a475a32fdea953ca14ccc9ac2ca5f5ed58ee1

    SHA512

    30dd3471b9607c7464c8ba4e7517ead552d11b60b30508adcfad8cc4b79951f88c926ea9833f387c96cb9ebdf0dd125234ccd77fda04a28e830b5825c862ff1f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9d8ff79476d8ede10ba13993d99e4630

    SHA1

    10557d9c28f51c828b7bdbdd62954c5e1e7b0796

    SHA256

    b00a2af6c0814a14eed9bbde5392e740ef5fb1bd7b0424596b69ddb22272b423

    SHA512

    a82819dbebe159159fe81a2265f0c201edb3334a6096f8ba994d24294f05455fa765afc9af41435e7fd2d43d4cedc4cfd294106486836d64bc8b6a43eafcb3ab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    568f803f14e8a9be589baee155cb41d7

    SHA1

    481dd93d9c6c1d21ede0ef0455bb2f3626490bda

    SHA256

    f1c9b4bf3836278a82094d2a3e660f225531e758b12d7843427a91c0c78bef98

    SHA512

    a7044a4890b31ca62ce05d09ef07235b3ae341e97cac9e6b2dca82dbebf351c8eb47ebe5c6646282f1cdfc1351a227f5779092a6519bded59939e495a1a540ab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    16b9f3fe8846567280ce073746141d5b

    SHA1

    d5dce1f4d6a0f48017a1086ffd35ded4887b8dc0

    SHA256

    7a8d7a387cf7a51b5817f1c050d5c10f089fefc2d2f846ca3e1bdd13761c3f74

    SHA512

    06c75acbec3c6609e2477e3fb926f97aa91b37522f594474947ef75c01027398316de25dff89ec9edcb45921667470804e35e7fdd088b3620e9f1338352a008f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8517e09e2a484ec94538b70df22110af

    SHA1

    427ec1d7572ebc8d174d5fa031bae573fb05aabb

    SHA256

    418b5a8062a0addc0b300bd44d8b56f24226148c8c2104c8f37b65dd03c29466

    SHA512

    9516cbc980484523c3c70ba52c39460b376e5e24f97005360f8d8b9b3a17c64566b7b3f251de99d47bc2c602bb3687f028521524b81f0993b380c8a17d8ba337

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7bcf550a4235c42545b2c23b89988cbc

    SHA1

    b7a6d20ed041700c63d1a9ee57e2097a009f14dc

    SHA256

    bac382530037c6ffe824dda0608c974e6ff290ea57eb698bbd6ad87777d4f208

    SHA512

    9d83ecbf11385be3233fae4fd39e824fe7ea2296187231d47f00e160172ebe2a93ece3672deb5901f8d2527cdc9b3027ccd2dae8d6c1b3a1b334c3e4b091c5cf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dad16203a2f0b5b8c8fc92e81cba5d1c

    SHA1

    22a6e40f57cdd7c427eb979c6cc273af095e412a

    SHA256

    9e80f835eb1688556881d0fbabb2903b363992049077a736ec2e7ba6cf0d0569

    SHA512

    f31372588df3cbc9f46d178172dc9332795ca554994986c7e2c04cbd15149f042dc69ca223d2ffc38afc325f99aa6f963972440b075f846a63f2da09b121bc42

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d68f54505d726df6108634c3e0b6ccfb

    SHA1

    248351060b6ebaacd40b520564c111f33aa5fb94

    SHA256

    8be53d8704dcb89f8d36d038eb134e84504a3905c1e33379bc82b94bc543b3f2

    SHA512

    d34441a36da81cb2e682584cbaaf526fb69c21d71492eac4eb81bc3f37569c76ef77520b6ae1116125b1b9e02feb9783e04f156d04547a07facb6933a193415f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0f1e14bee1662d97e63fa713fec609c4

    SHA1

    6b09821843948185434b7ec565c31fec409b005a

    SHA256

    0a02aab0fc472bf6a5bfb534613a9b520ebcaadccfb9832f54a4565cbb1c47d6

    SHA512

    d65448b51db12ca4b1528e840ec58471b91fb954689e350d8607d2bb6992671433da6a68ea45f019b34cd1807b8fdcd17c214ebd74b0f87c12b8271ac1e5c36c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab28B8.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2A74.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit