Overview

overview

4

Static

static

3

046d-uipak...1).exe

windows7-x64

4

046d-uipak...1).exe

windows10-2004-x64

4

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

html/download.html

windows7-x64

1

html/download.html

windows10-2004-x64

1

html/finish.html

windows7-x64

1

html/finish.html

windows10-2004-x64

1

html/welcome.html

windows7-x64

1

html/welcome.html

windows10-2004-x64

1

js/IE9.js

windows7-x64

1

js/IE9.js

windows10-2004-x64

1

js/jquery-...min.js

windows7-x64

1

js/jquery-...min.js

windows10-2004-x64

1

js/jquery....min.js

windows7-x64

1

js/jquery....min.js

windows10-2004-x64

1

js/logi_helper.js

windows7-x64

1

js/logi_helper.js

windows10-2004-x64

1

js/logi_helper.vbs

windows7-x64

1

js/logi_helper.vbs

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    21-04-2024 05:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    html/download.html

  • Size

    5KB

  • MD5

    8b9eb8db472ebe5f0433af26dc7d676f

  • SHA1

    bc2720bd4ff07615f4811450045d0b3b7403f30e

  • SHA256

    5b29978827b527001ede12d08281c36cdcdf7c3d228b91166893285fcf7b4634

  • SHA512

    6d1fe1179743a99581171dc007d754c01ba7f516032d7e828dc6bf56d385538233095c30426175d84b5c1b77a08818afea116912d507e94192ff9b85f56c7c43

  • SSDEEP

    96:x+ekouWbM2UiWy0ISeyvKJQweV6VgxRSyAjwImpKK+bpdC9Qit4H5vKjDltM4:0TouePn5BXJUV6gxUyAM3SPC9jt4HtKP

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\html\download.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2020
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2020 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2976

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    17e7880002c2efa457e8c2daba2cdbc0

    SHA1

    c8ba9ac3ca09c9a8be7272ee91ec49426fdd9648

    SHA256

    4c9532e246a5972ed77f17aa6d6c7662cf04a19974c613f9e2d82c69faa665f0

    SHA512

    4c72deee8397e6cf75760cb0f313141d3707f38675fcc2a2496bd5c687cdb8087be037b068f4c85129fcf4e329be55df4b0f032bb8f3f8962d3fa5599daf4e1c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    686a6c02cb44b1d6783fef5bab7449b5

    SHA1

    4ce5debcb91599c1a85ff25fb66df53b61cea1fb

    SHA256

    efd03971823b633f3d6e9a88a62a141a8363932c6111401d1cb3342a32b086d9

    SHA512

    1c4febabd5081df4f8a44abcd5216cc9698f33630da8db970c1ab831a05cb6a01c018fe783a16522068b6a5bafd0db30535da5e121461a0df576d11ce32edcd1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dca7de59e15ba96f3b5d22b5258ce9c9

    SHA1

    c549fb00c835b1ec8697a8cff1b561d76e78a844

    SHA256

    2d68d3dcd842e468ba9abf2667ffad0ddc418da5a739a9856c6f9b713b765961

    SHA512

    a971a533b52416be62788615df004edca559c3c2848f6c3bd06905a73245cf21afa96460a88772e186209e0edec04808a27d2557edf5e6dcdf7d932c1dc1a5f8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    81612e3331d6a5ec7cd96d0ca73efd49

    SHA1

    62800349be2597c1c4daf78de5909f570dc5f46f

    SHA256

    dae386362f55bbae9886086dac5bd8e34c0785e14aee3e90572bf570447901e7

    SHA512

    6ef12f90f0e9905aaa1a06c71998cedbb75076eb7b8d5819ceb5dafc67d743c20d1a40c44f8ce907dbcda3ffc4d6095a766eaa5a27947992eeda26921f2469d3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3572a63519bff5ed8d7805d4176c4464

    SHA1

    fd8e4e3f4532ccb28a56336f8fe1e318a311a351

    SHA256

    4eb0183f00436b7949a5b8ed58a8ccd4381163bed1f0c71462a0201fea7f27ae

    SHA512

    ad5ce7ec8da326a9c8240518313815aebfa62cd25af5d4db23f8a91272a0abaf718f915348d53d8ab472e972bd3c45fbf8bb601fb0befa01f9de7a64fd15e22b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1b6f66ce80057949a452506eba3d4875

    SHA1

    6e10407b0a2da4d5808c17cbad765c26dab73e98

    SHA256

    86c1147a5ccae7609253cf85028697ab4a26c7028245ed4d27b1fe60ddc2ca47

    SHA512

    477b951d162dc3147751ff6d5343c601ebee34bd9def71c90774a6b5107176575283a867d05a0000865fdc86526ef4a87dac8f45c233f0d578007a8f5ed30793

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ff6eaab01e6826424be5f5260991ff0c

    SHA1

    17e70f7189e14e14698567d76266886c58e714eb

    SHA256

    53a73c9b5db0d95e0fb9db45c7e1987361727a27a7365143d0b3427df7dc1878

    SHA512

    804d60eb8ae901cb8b91c9ae463b14444b1450f91b781a24dbc262a2de3ff06955b135a78eae1bafe17db0c2ad8fc91d963171e2cc41729a6219a01aa3a07598

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    14d5b3ac99d31391cb553ee939574f5d

    SHA1

    30ec9347eed104f7e0dd04def71a5c93fffe265e

    SHA256

    f732052c3067f273c311e0c59ff8d2d5d6941c3024e61d2c9b3c7d9a72de30d6

    SHA512

    9760a1975c4f80cbb7933717837a8245059a5dee607bc243cdacdd80145b975fa47650678d43f88a6d3bb78c5110e43795a49efea17959c80ddcb3eb9edc1302

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    70ecb529bda907676b1f3b56698e3ade

    SHA1

    5de5f20c11e6df6bff4b6be1637cee188814857f

    SHA256

    93b7e702c61cfe99836d16083904c47ecf6e7de27537b852647be1754d4436dd

    SHA512

    306f3d10baa7dfd91891f3a2b476a14a9f7562323a8beed143bd8b868b7bcc7fce38514db7fd6b72f04f9685363b19d202575e65a8a5cd0395c39717e3182e93

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    19e57551b2a2512af107159b6c1161ad

    SHA1

    ceb0c0e71fc97f3ad73c05d7270692282624047f

    SHA256

    bf501e9d72a4c4072cba13a026a9deb0cf18903271e2ffecdaf83fc6c4d6f149

    SHA512

    74cee6abbff31c4db8864d656da27c47f9f5b6f36e905266d3469a6aac2bea6c361ba78061f409c70781b205a129e7cfdeeb53c3f7e52aaaa7cd5db0ac244e17

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d7cfc53fa0f24fe90e63511a73132476

    SHA1

    d87d78199efd8a1efa32fc4b213e35e6de430d3f

    SHA256

    80ae433e26cad84577842bda6fcdcc2c0f84838a412d0f2646cc8b54944fb906

    SHA512

    2ab56d3683cdc0e79221b01ed83f605590dec91873dd208557873f1ca9068a64275de906e8f0354bacae4706ef223ea86d5cc3540b8c5b746a8c520605c3dd3a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab37B6.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar44D7.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit