Overview

overview

7

Static

static

3

009a813a01...18.exe

windows7-x64

7

009a813a01...18.exe

windows10-2004-x64

7

$PLUGINSDI...nt.dll

windows7-x64

1

$PLUGINSDI...nt.dll

windows10-2004-x64

1

$PLUGINSDI...ed.htm

windows7-x64

1

$PLUGINSDI...ed.htm

windows10-2004-x64

1

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...ss.htm

windows7-x64

1

$PLUGINSDI...ss.htm

windows10-2004-x64

1

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...ss.htm

windows7-x64

1

$PLUGINSDI...ss.htm

windows10-2004-x64

1

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...en.htm

windows7-x64

1

$PLUGINSDI...en.htm

windows10-2004-x64

1

$PLUGINSDI...t.html

windows7-x64

1

$PLUGINSDI...t.html

windows10-2004-x64

1

$PLUGINSDI...r.html

windows7-x64

1

$PLUGINSDI...r.html

windows10-2004-x64

1

$PLUGINSDI...ed.exe

windows7-x64

1

$PLUGINSDI...ed.exe

windows10-2004-x64

1

$PLUGINSDI...lay.js

windows7-x64

1

$PLUGINSDI...lay.js

windows10-2004-x64

1

$PLUGINSDI...min.js

windows7-x64

1

$PLUGINSDI...min.js

windows10-2004-x64

1

$PLUGINSDI...ger.js

windows7-x64

1

$PLUGINSDI...ger.js

windows10-2004-x64

1

$PLUGINSDI...ker.js

windows7-x64

1

$PLUGINSDI...ker.js

windows10-2004-x64

1

Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    26/04/2024, 10:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $PLUGINSDIR/manager/init.html

  • Size

    97B

  • MD5

    cda38dc637a00d09272d0e1d8e08a63b

  • SHA1

    a8b9f973bf6cd39352ba6796cb82332f25a5d2f6

  • SHA256

    b363c46a7f3c4f972910be6622a72346370c961cabc17ec43dc76f541701069c

  • SHA512

    6c4a1033ddec627f34adfb4bc294e5a89d447c6c348105a0777fb450385042c2ffd4161353da77a9e17c8f9d5fa26e7d1139196edfcc4a2434a842e658693f08

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\manager\init.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2040
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2040 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2036

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6fc95098c7378094c2c6873243d69736

    SHA1

    9d38907dd9e8854982736c05a76fe3d27b301908

    SHA256

    631c1e742a733185a17e495728a02347ea3bc4c6c32dba222a85b30136d33877

    SHA512

    8b9e48fdf1c170a4d0864ad28e6e03ac902871b3d2bddcc1fe7814e18e657ca524dd0d53ebf9ced2628c10ba72e80cca8464d29f4396a0103e1c12b08d3ce087

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    00e18d01bb8f29601c4eb0adb4f56c38

    SHA1

    1edc46cacf1e3d2c9c996875cf738fed113c31dc

    SHA256

    89179ba3457b9a9b5b96d8fd695e67dfc28bd1a7e8f28d5775289ed90494457b

    SHA512

    0779b39a6c21f7b606ba80c1aabf9e52e0be3664be3b254e09022a041cf141e43355c1855219646ba98e90efe97cdf6af0b4eaaf4a11a120971ba1a788a64367

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    446ea5da3fad1b43d7c25efcbc3f53d3

    SHA1

    1e64dc29ab64a1417f8c23f371157564669eef7c

    SHA256

    0326c66d7fa9383661e5b327ab4d52e7c4ad3ec0b137ac237c80d0f09d822bca

    SHA512

    94d7a8b71e94253e89a20a3ae394e281a24d7c5a4de1604ac88b720e557bedb1f99477edfe72e4f8d923931553a94dcff8a61e37f0104bdb0061a1331da60e43

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0996ab00f7736ded597b3aeadbe3ef4d

    SHA1

    09137ac62dc32f54569a5cd51e9fe4aaa7f511b1

    SHA256

    18f821bd511adfa62f0af1f6892a2319ce2d8543d8f6c67e2d436821ec8cd5b1

    SHA512

    52a496784f75884dc5d10ccc32674fc9469ad790bab320e03a81d4fd89eb5772faf861ebeffe052641fe47afe2235dac98c0c89ff58093f3aa7dae079244a024

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    459b1fdb0e53d21a35e8c747e9ffb76b

    SHA1

    d6fece02a448850e031b6e7a5ea3e528bd0f3a86

    SHA256

    76e344592dd613d24b39c64ad7e7e3a47d749e7a2029072e632c17ada8492271

    SHA512

    5be0f763cb46ad214db39ac2914c6c3c2dc0a68a37c31ca58e75df3ee5908cf4a889083ea613cf4a9a5672eebecf936a482ce9bfe9258f417bb5e461ea702f0b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fc1cc708624bd2bb943832c14fe52bb7

    SHA1

    00c92189e5514550c11d2b039ef749c2414006d9

    SHA256

    abad30dbdc29201bd7a87f85fa5ea36cc8922d9f415d4e93283d1b25f0168559

    SHA512

    013ea58a615b3232c7a1020b121a784cb6acc8ceb3b26b4aef592fcbd859fb56ea24041629fe13b0dcf1c8ab22ad04ac5163b3115fd81e76fd7e392b8fabd34b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    25f6d7fe9f88f34300bead5fbb6417e8

    SHA1

    ecd68e5fecee26514b7d99ecabc5d6adb82811c7

    SHA256

    54b54641eb142f7f4e2f700a922950740ae1ffe107150cabbe9cb3b0576bcaa6

    SHA512

    522e1f33d911a6e806b7d59aad7f58aa7dc5cf56fe7fa8c1a27b297c7181af8e709a3a52938fdf2745d91e3c00a99dff9cce086b089e2f257f0fa196170f2a99

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    38d61ed09f890089de00bf45ffd5f5e1

    SHA1

    e697b056c34c171a10be06dd605c2c8f1e04fd00

    SHA256

    ae8c5f7cc7fe244232fc1878af8d7c4c2a079512578593ba350c998c09cbe86d

    SHA512

    9f7ef039e718453522ea12c5a52b40fca704aedac87bdfd6384b20a83874c7fab490c6f3821f8b26f0f11c4c12690cfe5eb5dcb05d3f4addb57c0ca4e014ea7b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4368e048b3b61bb47e7338299d685696

    SHA1

    a0ae56e8fa24c6b4c919ca985cf873cece84ac30

    SHA256

    33460bdf837749881e58bf297b169f0cf679cab42608e0a8d4af1170b7030334

    SHA512

    c68df978f182d66d1df5c1ebc2b755709db962837bae850ea83550d338da91acd98391ce8632b38eee3544964a5cc87b35199bcbf2c28afce77fc1c6a705e595

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    58ce810cbb13d057ac2ff6f0207c39c4

    SHA1

    340831799b8917a879a5c5c48c6bbed09a84d3b1

    SHA256

    46ce73990ed8629084746a55d7afca2ed829b2217fdf886ef774af37734f463d

    SHA512

    abf9f56e07980f9885ac23d85bfe923d26fea5e5bdde49dbb5d40363b3cf8ccaf89c37d183c8a4bd060e49039dd0c691f448912f4e89897cbf42efc2e954ccc3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1a5e3fab901b66bbe89132d25c876788

    SHA1

    2f9c4bb8e7f665a9eaa8199a4359a07ebc90a871

    SHA256

    ae26a1824af073746867242c53a5d1e3c9a4a97448434c747d368e0e2380e171

    SHA512

    f6352da113b457ecafdd615179f51e97fa9cbf6f6cb67c774368609d96f01f9f9836ed8dd0715de393cffd9dd7a6e7654620f73b722c6d55c9f8477b470dd108

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fde39201953b9871691a38230513d2b6

    SHA1

    4015d321498043b00852533cfbd06e4fdb8868b6

    SHA256

    0ae35a08dc800cf7c10f9b8727c28fe836fb51c84f3337fc36c4e6a089ed6d6e

    SHA512

    816ca1660624f773e61a57f114d1e983e2dbcc460cee07d631dfe9c0aa620626b2db8b066e5afd9640e0632c0b18648fa3bbd39e41bfee6024345db31e0d0e9a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7fb6d981c56e10f2322796c2e7d63123

    SHA1

    7873514c4bf77c502562d64a72514fa03381549f

    SHA256

    1a5914d93d4f9b5c4062ebad3c3cc0b221a17e18cf577060ab3ce16b2feb0307

    SHA512

    e57786eed17738802c05030ce8da14de9abc211882cc4d6890668a0908d91cf1d7c828a69dbc9ed7d89554c4042f4d5b39edcdf4ec8ff647ae1044ef02181263

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9190873d12a79bb3d6cd017b558860a7

    SHA1

    d7e53b928ecd37001c3589548bdf6864288af9a3

    SHA256

    8094c03b726f9dab4f90c42637202f06a5eac59cc49a715cc68ea791672001af

    SHA512

    d4d06bb993afa7e4e0fd47611553c4339447f9c14865436eead4cde42f5cad3ac2559312a7013403c0677332f935c72d0ebe8693063c17e663ed1a568383fb3a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b30bdb5b0d740e6d383c3198ab6086a7

    SHA1

    a25e78937228fce7875d253d741161b2e6898b2a

    SHA256

    6b142a417fedd05794419c420fb0aacfba43e7256e2cb9678b4e01eaa7dd0ef6

    SHA512

    f5a933707a63dd42a7846ffd256d2b878d2b62e743a69c25b74bb7bacaf3da1589a7009fc0d11e341e0ed672a01fad45d782ad2aefd2bd33e4bed95a1ef69dfe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    81ce8b71321c71c36a285384b5b2e594

    SHA1

    982f96b39f3c4544bdf4b0b85f27412e4529ac2a

    SHA256

    683677b1431da54e3a661b6c81e31923c7a9784636904027e3ac70b9009ded20

    SHA512

    ec1d1bb9d579a979ec1ca6ef940c6ebdae0312641f8f9e9d41a0f974e04b33ecaa535e1e7fa5486c58defe92236c3407260e812659f8e27afbf17e14037f8991

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1b1b9ea85575ee536c18c9f83cebc494

    SHA1

    39ea36522ebb6c3ee0db61a143a4fa6e1590f405

    SHA256

    d3c1ae1b1c614e84d355cbdce37e14f6a33c013a611d5a8ccad3318bd6f97ced

    SHA512

    cc9e6b9b14071a7578ceee899b04e3ee5aaf05f38a4667235890b3fddf781db8e8dbfa2d04087afbf0b75334acb1f4eb5b745fcff109344b316e80c1618a96e6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    08b471bc0f2f520b89cac10932656e21

    SHA1

    eeffb6d5e8724dc7cf43eae77b428935263a91ed

    SHA256

    b7fafd711643f4a6bed7a07cf81fc454dafb1f29668023c689b8fd4a01c6cfcb

    SHA512

    d3564d9c016beb897b8f3df120bb63ea3b3bd6e7e1debdc6834e9c4bcf327267f29d24d79238cc50d38f17d043c0d2c596a6ad9c978f937d37267f6447ac8304

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    116c36bd510b06cd3635a4b98f735d7a

    SHA1

    8001aa90f73c65e4e712962991e73bdaeef3ca30

    SHA256

    e8762ba1d918858145b29ecb3203eb97dff53d90dae85643e3ef0692b4b66b2e

    SHA512

    3b808623d427e25f71af74519d1b9cc52684906a170ffd6536623db89ca1d635046815e9b004002bf908037b51749f61ba387950c2eb6d1e2a530221fb6a36c1

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab258D.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab264B.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar265F.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit