Overview

overview

4

Static

static

3

046d-uipak...1).exe

windows7-x64

4

046d-uipak...1).exe

windows10-2004-x64

4

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

html/download.html

windows7-x64

1

html/download.html

windows10-2004-x64

1

html/finish.html

windows7-x64

1

html/finish.html

windows10-2004-x64

1

html/welcome.html

windows7-x64

1

html/welcome.html

windows10-2004-x64

1

js/IE9.js

windows7-x64

1

js/IE9.js

windows10-2004-x64

1

js/jquery-...min.js

windows7-x64

1

js/jquery-...min.js

windows10-2004-x64

1

js/jquery....min.js

windows7-x64

1

js/jquery....min.js

windows10-2004-x64

1

js/logi_helper.js

windows7-x64

1

js/logi_helper.js

windows10-2004-x64

1

js/logi_helper.vbs

windows7-x64

1

js/logi_helper.vbs

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    21-04-2024 05:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    html/finish.html

  • Size

    4KB

  • MD5

    572fd27e56f1a964dd0d44350fbb0572

  • SHA1

    a29e6849774190f801d17ee45e01d97e9fa7a008

  • SHA256

    b82dea4689e45d9c1861d03ad7719cc17340eac08225206769e3a7fc8817afa6

  • SHA512

    13f5ed7d9404218c0844c9beebeb45e2673087ac53aa00c05e855297258ede15464b38cbea44094beeab910637d74db7e1ee311f4b93f4e018c083d88fdd86cd

  • SSDEEP

    96:x+eLIFmJZx+fg3bumJsq3KitSyjxjUHnitFZ0aBFVMGCHe735H9Tw6EZGuQwtHFk:0XFgZAg3bum2YKi44hini32aLvCHcpHf

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\html\finish.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2180
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2180 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2912

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    320b21aa8c1aad8b2c5e59c94641757e

    SHA1

    744347d147c67c07ff88f2d3e32388560c1e29a1

    SHA256

    d03b15433913260d90e96116cc8b3ffdc0356692a82f5c365bcccadbdfb5303f

    SHA512

    41168fefe85c1a741a7d588f74bd4eed23dd1ea73c1871f084624573f0623f6a9e3a6d3334d272eaf04181d10a79551b2b4961140fbb45bd281b7ace103a9b7a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bc555ef72bcd5eba6ce6c3a5ba523fbb

    SHA1

    f7b996bde561e1ba59ebeacd0b75b82cea78a556

    SHA256

    0547351f60efff4e32082558c0d158a1d702d99cb81d2f967961bba42e926b7e

    SHA512

    30c8c454f8387c2f16137379c92c53a816affe4ce4ce6cbb8463e86c198fa2df565100e9a7ecaf8805d3b0d85e3214de44cfa4a9409385a9ea5fdf64dbc3588c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    de3fe866a0dbb2dd04d22f2bf3148184

    SHA1

    8c9d51ef66aea32e186c556cf65a1735c13ceb7d

    SHA256

    40877c5e708e44630b6358cd377aaaa1f541f2e8a8aec68ccedcf58d25666083

    SHA512

    08f40b9af82f287c5b55721a5147e8d7d2e7213debf8c74b03501291e78edb5ebc140209d4e4e72703eaf5de16b444a38188155ff091508450cb6864773b7c55

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ab35d71ff9275e12cd7b713b529bc83e

    SHA1

    dc16c227ecf8ffba12532bee99ab9899460ffffe

    SHA256

    f791baf687acf5bf16d308849b5fdf82a7e56a43feb692397222fe8cb8679129

    SHA512

    9fbd0ca85b9c982acf7f129c1d7d83dbf70d6488c50c9e45579c6c1934b996aba5843c84d3bb2b209c8702b6708cfd05aefb8f4a4d92b112f78de5c7c7b11400

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    17b5ee37ddefcebefbfb4f6482212f98

    SHA1

    252076cb93161e45dda3e46cc6e404ae56fc6831

    SHA256

    21f95b28c31d82070a95d386eb68f75e80083799e341bc18b2603f1e037bcd8c

    SHA512

    bba1c257426a2b9213d468165cff22d211989a46e5a4bed37801d5119e443b43dfabd76c1f3d65614b75966b15757c28d958ba750d42f566299f4d6984bffeaf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    054173003beab4383bc50f84a9e007dd

    SHA1

    e575203f6e25846cdffdf5aa1e7b14f88fb9c8ac

    SHA256

    d4e15392da46f1a5201ae9989ab2f6caa85c6cef1f3f61b9762a56b0d36e47a1

    SHA512

    5f89da8cdc516aeceacc448ad14f63ec597c71db284b8a6d0e9015846370a4a03291aa01ffba3a168f9b739c8029411530a76274174c44ba4cb6029a07be3cd3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    36c05900f15bd169d8631f3c4f78dea0

    SHA1

    435ed0a7e1619c104ae34edee80666149a44f600

    SHA256

    49bc3c813269bcc5b17a73ce24481f34254760542e59f2d7b642fd29a36991a4

    SHA512

    e0d52f15a48157a7f918966545748dd1bfe6142d272f108f76590a9c77ab46e1c96f3cfb84fd5b1a60914b13414f29d78b27e8c0e3444d79974e5a3c0e89e86b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5adcbc92f9a51d1efb1dc6b4af05ce84

    SHA1

    9b7ca5762b2638567414b14416813c7da1a0ce7d

    SHA256

    ad856d8992f54db005ced821d7e55cf9c4851ad3f3d2b97247d534292d2f29e0

    SHA512

    4968ed4d46cceca96baec94aa277218e52d3e37143f440b4d2f4dbb20af2d1da757b9c1c647bf8efe9112e958557d9ee53f78bdd3cb5dad4e403d3f3e2d10b54

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2c595fef5868024cbebc86052ce72f20

    SHA1

    ec55afbfdc33d7638cb7f3d3682c1bdd5d71d35b

    SHA256

    aac6e35880fd27c0f5c2ddea6ce3ea9db4837df783ca88aecd4442978cc1135d

    SHA512

    b73487fcd875aae69a3d879bb5de3ab731c251374a4b2db6921e604e65e505f0d47bd6725e7c75622b3a6c9964e1f4e6c7050bbd56dc459d06233480e7863128

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    22c4c47c4f029dd118f6c25ce3bc4b7b

    SHA1

    0fe4ac815a91058f7d827bca8cd0fdb1f1e53ae1

    SHA256

    c4d09be890814f9fcf653247f3e4fe5ffdc5d78a1a2d240fb916beb21988459c

    SHA512

    8ee6690ad8a38afb0c8469c154b0cd6a903438ce239cc9a75021669583ad31d3b3ad99635832ffccf224c6be57fdf32e302df3faa5622a2756cf1e08d1ca731a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    26d5acd464e0a85ad1d03362fa35c93b

    SHA1

    b30fe4de0e57dcc4371bee039e0c5fed5a56f53f

    SHA256

    ba08f4d11983507a05ebb845f37f2ddac276eb2a02561219b32ecacd18bd0ad6

    SHA512

    cf3685c248a0f111313c154b017af1aaf3a0668180ebeb7f33a0f191ef25966a825821fe1854b4aecbb39144b4646957650f1bdcb07490bdc2714a59f657a96e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7eb869744d181782b9bb84e42f6e0e39

    SHA1

    5def476f29f0b0296b2e18b48b654c5771b2735a

    SHA256

    fc7ca41031e0098d3bebe532bfdef848f28c9b9a65a771a9c25c44ac6b2ec944

    SHA512

    ecb0d44a41210a250d0ef98d32a55616fdf04a54f93f34d4a164bba41349c1fcaa40220eb6c58cb85d4e79a81932f4e8fd89ff396385551c08f8dfafab15b878

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7dfd77f8e92d888e389b71c10e59b602

    SHA1

    4abd5373411d85c4ef34014f6022efa05bbda61f

    SHA256

    9c92ff28da7997a168c548b33bf35c76f82adc58c4a05fda700fcd101810b630

    SHA512

    ec37165c54765f54be4fbd072d629a3a6dc6c9cad2e212b95c7b7ab6d0a5a78c302a6f107f9ad12b6f34798cade49bd16f45e708d3cd6156b5aef8ffa2a488c9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    97779bccf028919bfed67b8fac596677

    SHA1

    34fac2cf91a6883a9a31b87c233de1656768549c

    SHA256

    2f01bfcb8d779db90d070bbab027b371863f8bdd1e9d4fc25460bc556e5437e2

    SHA512

    a801255dab4f3e5c06bed8816b32787cbdf1452c4f5589a63c87ccec2f67718549093959915eeecf42b593ab1023551e7473ebee20d89a49db859dced2cb01d7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    f86f86775ae28e5ae1b4f241a51c14f2

    SHA1

    37d72fc3c22481a40480c5840b7f5c283fa56cc0

    SHA256

    ad5bd523929c0bd951445a185b81dd14cc50448b3bdc16d6ddfa7b8dc2ec71ca

    SHA512

    1f5be5478872574072133a20f922745648deb56ea730414080af488e9ba5dacfba75b5afd025ba9328c44ae5620f1b6d11c209b8d48e5c35d81f8016c3d3487b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2B65.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar30C7.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit