Overview

overview

5

Static

static

1

newpage/ac...ass.js

windows7-x64

1

newpage/ac...ass.js

windows10-2004-x64

1

newpage/ac...x.html

windows7-x64

1

newpage/ac...x.html

windows10-2004-x64

5

newpage/ge...ass.js

windows7-x64

1

newpage/ge...ass.js

windows10-2004-x64

1

newpage/gm...ass.js

windows7-x64

1

newpage/gm...ass.js

windows10-2004-x64

1

newpage/gm...2.html

windows7-x64

1

newpage/gm...2.html

windows10-2004-x64

1

newpage/index2.js

windows7-x64

1

newpage/index2.js

windows10-2004-x64

1

newpage/page2.html

windows7-x64

1

newpage/page2.html

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    21-04-2024 17:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    newpage/gmail/page2.html

  • Size

    2KB

  • MD5

    18cb0a97908f8ce90969ff89f49d3050

  • SHA1

    542ac8602c7f9165f1eddc0e87feea2ea8e34eee

  • SHA256

    473cfa34f7717c33cca8860e957596471c223f8a51c753dd67e50bd4cdf330a3

  • SHA512

    78f09496da0c743e5159cf7947b9a049e17f0076cfdac1ce76f3a31130f90e56a1e0c51c06da913e97ff586b67779548ef0b9aed099890018b81c299f34f1bf9

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\newpage\gmail\page2.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1252
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1252 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1904

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1d9b1114c0b5b50dcb3cd7001bfcca63

    SHA1

    c187e43d1065472abd99e0c3e500719049c1db97

    SHA256

    6d982f14ab0ed40a16257eed291d8cfd1814ca5f66f5961ce4e44d8c4f1f66a1

    SHA512

    f6c793c0572da41544fa506a8d24b182324ffe7e4ffa55ec779fcfe23636a1ef5d877e3986d47cd4e2edfcdc19a7c70b932d4a38d5a37632086064a91fd3b946

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d5e8064a535123cb513e5af89038bd08

    SHA1

    7307546cc1d22bcc49809b6945d14e2adede174f

    SHA256

    3d3917b9067fa633077a26e749ecf672d5982c4a8108b5580497d11044b01d84

    SHA512

    d89f189f0581410d4f696c5841d3d2309c33d129beabf54efd9cc43fbf59e69f150ef4662d7c8ba5838742b2c288223c4fb86239827853a46a43bc9a081b75c7

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    57a695908d5b58b441fbd7f4b8974758

    SHA1

    11b99cb7650bda85dffd85a6c56e28fee3551785

    SHA256

    f11fc180c3fede7899d802fb0eebfee7f8151794d71af96a1a2590ef00720b2d

    SHA512

    f6f569e3770c4c79028b60d4f516a8d1ceb870d767d608244f9149f5cc0e034ee60fc3dfbf469992d668460ff7adb07a6076f0774e84ba43c7e9af56285f2190

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bab4c2e1d2e107bbde619e5a941f3e79

    SHA1

    5737dc0298cb4c84de2429c54ddf1688d1f8f2ad

    SHA256

    4c30fdce849fa727becd85c076612882ff109aa951c49fe2cf3ac3c1108bffc5

    SHA512

    980f8f6f909437a110271338d2de0a680d557f2a4d2bc1dbff83ecc0599cf3e9cc24b921c5c338b4ea6b9bd96c3e3ec6bfbcee6c8983370f84cf1a9973b2735f

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    82928eb7e7296135d72ebbad257fd244

    SHA1

    0cd25c6ba6984e7a69f05b444eb7a006c6c96cea

    SHA256

    b3d87537dee55adb7a3e891e17bf931d5e03507ceeed949d5f8cb04b8ff1b523

    SHA512

    579be136e0dba7cd53c56adf2a1621d2e36013e4dfb8979c42c2229e1bacc74c1718252dfba391b207e0c9ab03f5e81af7d9d457eda52862c218df9e7f2fec92

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1540db722c630cb634e8cadc7185a8a8

    SHA1

    d422662df364667356bff514a9fae7e1338a166a

    SHA256

    d1a6da47fd7ac0b472e81e5d3158f65cb2bf88e74c0f568253dc515e01915b6c

    SHA512

    cb86e7230acbc742dc950d0041f5dfdb1ac832cd04c9be5db1862d1a41630e84d38cc8c541ceaf275bf012f5085618635205fd315e4a769fc5ffbb025bf65430

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6f27eec02b7a189c3ace954b8355e90b

    SHA1

    e7fd65b31b5da86021ec1e77f504ba2734e8d607

    SHA256

    b366386e30a1577a85f72032f7c8b56646171befc038843d63a29439c7565652

    SHA512

    31bb250d9f5449de01c4a2abe700b9c78d07141262b260c3d3870d5688ac6b0b6f2227bbf44b5c7b6c9ce4e8a4b4718a2f3453ba12910dcff61c528782493214

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    540de41ac27380ccade61a6aa824b715

    SHA1

    336a112cec00793874c9875613084ae054793361

    SHA256

    7b67ed8b90e0186f96369544959664477b08c27214e18e29fa7c445301ca3927

    SHA512

    d1a7aaa05437cf62ed756fef9313638c1c07c876729241d9d945ed447c78d8988aa4852518c83cebf8d3fe7c560765e5cc0bce3fb976bbc5fb290baad7016f40

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7789ccd538c910af5cf68c9cee4311b6

    SHA1

    bbf6518eb5d4f2154bfc53937e718a8cd1f99598

    SHA256

    080ca1069a36ee497f3da3eb01c6e09ee581df0b7aca82dbb6cd68e3d17a2367

    SHA512

    3580daa2a567ab1c99bdf6b9bd9deaa53061cf7483ea4825762b007509b05d6fef176a2032370a91e777aa282063d89d581e41c63f8c06c71a39e8999b7c1711

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Cab983C.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Tar9C88.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit