Overview

overview

4

Static

static

3

AzSetup.exe

windows7-x64

4

AzSetup.exe

windows10-2004-x64

4

$PLUGINSDI...ML.dll

windows7-x64

3

$PLUGINSDI...ML.dll

windows10-2004-x64

3

$PLUGINSDIR/INetC.dll

windows7-x64

3

$PLUGINSDIR/INetC.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$PLUGINSDI...er.exe

windows7-x64

1

$PLUGINSDI...er.exe

windows10-2004-x64

1

vcamp140.dll

windows7-x64

3

vcamp140.dll

windows10-2004-x64

3

vccorlib140.dll

windows7-x64

1

vccorlib140.dll

windows10-2004-x64

3

vcomp140.dll

windows7-x64

1

vcomp140.dll

windows10-2004-x64

3

webControl...g.html

windows7-x64

1

webControl...g.html

windows10-2004-x64

1

webControl...x.html

windows7-x64

1

webControl...x.html

windows10-2004-x64

1

webControl...one.js

windows7-x64

1

webControl...one.js

windows10-2004-x64

1

webControl...min.js

windows7-x64

1

webControl...min.js

windows10-2004-x64

1

webControl...rap.js

windows7-x64

1

webControl...rap.js

windows10-2004-x64

1

webControl...min.js

windows7-x64

1

webControl...min.js

windows10-2004-x64

1

Analysis

  • max time kernel
    144s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    19-04-2024 19:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    webControll/index.html

  • Size

    28KB

  • MD5

    1c8d91ae52e8d5826a56d07c4344ace0

  • SHA1

    bc0b0e5533eecd6f9d259b8018dd18892381d228

  • SHA256

    f813414226b020ac17e60944966d96422873bb0024ba6d27a5004948ee440b58

  • SHA512

    9596861e9a31291f5793f0758a85a3d2417e45cf0017dd2d01c01fb524551e1953db3b1b0f3bba283d9843faabb07646f2d7c0b3afa41ec115d792377dd56641

  • SSDEEP

    384:tqcq0aWA2p7Ed822KIR+TQKCY/26mFkF9eMh5kuMk3IkrIkZIk/k34qsgtLIAwBn:UTWAld821IJFiFXHbjRnp+8Koz

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\webControll\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2204
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2204 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2440

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    68e6b512d7b645c5168c5f74151b7917

    SHA1

    6bf877bdabd7e2dc9e005f1d1a80d987887e880c

    SHA256

    8b44ffde6184f53815fd1b06ba8b5c3534f0fdfdde85e41a4fabb966b3d88cab

    SHA512

    312d53ddde89ae2ed697980cb4918446221dd842b755cebddf7e029ef0625a4f0637c952ccd40e2fa255162d5324d5a2e346f1e3822a9374e6d18957a93f2a93

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e10ea72dbe72d08e4d781922961304c6

    SHA1

    fce3de671ed161686da5b2d182a0cb481d8f0438

    SHA256

    d04221dbc4b8706529ff6212061a9275b190a429e73f6bffa0e5ee1e859ce747

    SHA512

    39a9b7951d646a73c7f01399c32624ad1539aa439a9adf0823517ca12e4053f2ad2ddae9e4cb36f509eb580112baa079389608121e7b9f5028d333a0971f84ad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f3476115fd260750f2632c2ebd57d1e4

    SHA1

    d9ab09f5d0b6ddd0b6f22fc0eeb71e9f60c2f90c

    SHA256

    7bd693c5106379358ee94fa93bf02412927435b7f01deee94cd7c493af3f5bd8

    SHA512

    35669179e34989334b5fa2490533423350cedde702f699add8afe1764ab53ef6ecc4e61b0576a2d75657fec0ee6b08ec35fcf622b3863cc90419037cc7a4c884

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c0c3eac8e019d787bdf58879d1618950

    SHA1

    08ad9d80fd472d917c111e3444a7a05c2784b29a

    SHA256

    918326edee0464d47a8b305b00ed55f974de76395804c02cbcb33eb44c84ffe6

    SHA512

    c20a129e6af6bc0e3c332d1479b52551345f04468633adcad2d039d797f14a6998aa21dd16226d1a51d671eb734235c657648943a7ef68a64f6a53e1572c5d60

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    13950e1e23fdb6f3dff0ea42dcd635ad

    SHA1

    ffee552ffe43b412d35e31ad8631766e2427c45e

    SHA256

    9c9c3415730cb80f8a60ceb64f1f2a335e8370a8fa72195cc31e05d23b22b48a

    SHA512

    2ce1cf9115ee0497872dbd2a5e0f9081d977cf02ef0388883335f460652e5f81ada8e188f1f5517788736221b6d1333bde4bb620e6badd8a85a61885e03da17a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    72f4bfa641c6ab42aa53101208d30792

    SHA1

    dc198389c698ecb0f52da94b5247db3c88260c7f

    SHA256

    f41aafe4f9f2cf87f9c7cc91f9b4aecdcc0224357ba5df330f0ee06a9e0211d6

    SHA512

    f17cd8264947a4a727346e20a3eafe15798f7f4972480ad5eb4e19e67d5a9f00344e7d742b6fecfc2ed6c2d9cfcf74e9cdb94c46348c46bb81d55ae9d62875a1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9da4a9c0875f2a493cf026b8661d21c3

    SHA1

    de690874324878b1d942bea307fcbb3d28986a78

    SHA256

    954efe791f66794b419bfb840c7337542430cfa222fa249a3204c3977c0bcbb9

    SHA512

    14dbf74b02d97ea5a1167d9e1694403240372c82ca0d0066cd64ca869f4cc6f1449062226048671b71673c74256a78509091c6ca946368b1051c9e3c30303406

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    de33d7a3631d4017fc1e95b1dfbd49ff

    SHA1

    07c06536b791d43481a198d1c7ce19fc62db9325

    SHA256

    ae31374af5ca36b32e4900d5b3695fbcd417504cad92d6169a2e24dcf0b7136b

    SHA512

    fd41cd3cf8b8875bd7c74a411a92c41dc7e40c1a0fdb51dae3039a23281749a20caf259717362be0c90e9119c439bc8e127dd64df6b10fe58846485fecab3a15

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    49b9f60cd04d45454f198806c5de298d

    SHA1

    d71d27a7dfd3c27babbaee39604497cf448f34e3

    SHA256

    e2e542f22633c4d106626c87728713a698e9389d8aabef238b0ba82b5c039866

    SHA512

    d17b9453845b845dea76abfed695c5b891270409f6f6fdd4558c22dc5c6d81165b347114f932ac514d532d5b9ef6ac9ab021c2b1ae72264b4eb8d552f344d640

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC7C3.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC9EE.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit