Overview

overview

7

Static

static

3

009a813a01...18.exe

windows7-x64

7

009a813a01...18.exe

windows10-2004-x64

7

$PLUGINSDI...nt.dll

windows7-x64

1

$PLUGINSDI...nt.dll

windows10-2004-x64

1

$PLUGINSDI...ed.htm

windows7-x64

1

$PLUGINSDI...ed.htm

windows10-2004-x64

1

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...ss.htm

windows7-x64

1

$PLUGINSDI...ss.htm

windows10-2004-x64

1

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...ss.htm

windows7-x64

1

$PLUGINSDI...ss.htm

windows10-2004-x64

1

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...en.htm

windows7-x64

1

$PLUGINSDI...en.htm

windows10-2004-x64

1

$PLUGINSDI...t.html

windows7-x64

1

$PLUGINSDI...t.html

windows10-2004-x64

1

$PLUGINSDI...r.html

windows7-x64

1

$PLUGINSDI...r.html

windows10-2004-x64

1

$PLUGINSDI...ed.exe

windows7-x64

1

$PLUGINSDI...ed.exe

windows10-2004-x64

1

$PLUGINSDI...lay.js

windows7-x64

1

$PLUGINSDI...lay.js

windows10-2004-x64

1

$PLUGINSDI...min.js

windows7-x64

1

$PLUGINSDI...min.js

windows10-2004-x64

1

$PLUGINSDI...ger.js

windows7-x64

1

$PLUGINSDI...ger.js

windows10-2004-x64

1

$PLUGINSDI...ker.js

windows7-x64

1

$PLUGINSDI...ker.js

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    26/04/2024, 10:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $PLUGINSDIR/manager/manager.html

  • Size

    328B

  • MD5

    18cca826ea1c82d66ffff240197e8970

  • SHA1

    7e0f6e50bac9b22104634ed6efd71f0a5a5469c9

  • SHA256

    cc91201e3162e0b209123789cd1ce2982d356075a1ec3f527d83e6a0c976b782

  • SHA512

    485238751cbb774b61f6312506b8dbfbeb8f9ccd1aeebcc729a7205c4221816643eb20f7f02953f8e2542b2aa7d540fa6f82cbe4970053fbcf967250880d558f

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\manager\manager.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3004
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3004 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2200

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    18fc2783c82eae2f0a8dfb3bb27983b5

    SHA1

    cdb0153b120c04931df2bcf66675abbbad9f4cf9

    SHA256

    a9e288043f12ba7ce7cb79024cc35cf7a14e5117e5bcbceaab96dd584c55a03c

    SHA512

    8b0c07dfab747b6cbaf800563a2cc799c007021e222d43edd7d894f57a2e51c23589f6c532ccd61aefa317500f1bf31d88f7642646dc475ada775cd9aa78be6d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    09d1fca504cfd0ed2e610829b8049d14

    SHA1

    a1ad4fc4ece506680b51aff1c78d6971f8eb8021

    SHA256

    252451ba45568914873fd699e2c3f325b2433b8a78ab9bcec6a24b51fa8fa839

    SHA512

    52b59beab7927d816c90b275e41ed64bd44936f88d670f511bf41a067c0029d3a4c378af68ac552878bb3aac916ea5eb8fc719a03050c3a210e738aebd7d603f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5d42ad6e6fb0e77facf0c778a68f75e3

    SHA1

    12bd1468bc0d0496d230e753ec29c1c4a8da3dfa

    SHA256

    7a62fcf04420387fe669462681c40ff53f3651fc08d33ffb20ec0a914ed4d644

    SHA512

    9579d1314eb1432d542b5450d2d5df72963698915cd97c9d909592ea43c50760044beb02e549975f0b5cbe7e5ffcd2fd6be967961b65a3acf029cb14296a9b3f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ac4c6a7e2eb3f422f5ba5a06e6a34db1

    SHA1

    4b9208379607d1064221ed39b077a04b21e65989

    SHA256

    032792b798ca0534e992e05e411448f4aa4b9df0b8c818b9f589b9cecf8a6f24

    SHA512

    e4339615ffc728f6be85ad42f2429350813e56ba348ae3ae401a7069206691d13c588d7f31b572711c4eb666c8c750eb1134a4681385c2517893ece7a282a362

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b9133f4a257547f3a65f5f4a4c2527fe

    SHA1

    eb2bde4970608c2217fe7258b69471a789b9f154

    SHA256

    9396c0ab0457a93053925893d7cec4773280e436335e8bafda56128c6c7386ac

    SHA512

    c488eee60ac314908fd5f27d72f24b8cbcfd5a50b0e8c00fa7a561a160d543180cce6c50d9cce6e56b39b62781e4ae82f57be0caf703822fb5377e2bdd639b36

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ceb5c35ceac56a7a017c94f618031261

    SHA1

    de522769b74ed8116705614d281272b372df4037

    SHA256

    653f7e6bfa9cc2388085d534964752d4fafba6f2aa47e4fd9952f5a383d6c9e7

    SHA512

    69dcf6a0b8f45e17336f113e03fd413399379623b234867e0f2a387801f161972321d0a7d8517e4bc05dce3446d8f128b024b60bb4491ceaca21572e35cf30dd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c35d9b188b94dc47a979d2592c3c661b

    SHA1

    6299291b0860a700af5eda282ff8bff5ac2409cb

    SHA256

    3cfda04a70d9a36bc478f8261c0c280b056f0223f33ce3c990e39e7327c8cc68

    SHA512

    bff7c0af56a6769ae049c4c67ea4bdfeb0d4386f5c8264348574a3285a7fc621b25d5e247a3b824b6a0228a661a04511c18b23df080394d2db316a31d93b1b48

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e9c779b43b9fbc24eefc241a1ebf99df

    SHA1

    5af29d59021acd68387d5291db022fbbcc8942df

    SHA256

    eb252e0f4159eef07fbbe5e1d41fb02e94ed1e63cca43ca535568cf8777d9baf

    SHA512

    3a4c739ee3c22c35acd1e2af7a38937221d41dad1e3e7050c3c776b0c12e83fefa006a34c138ca352ef736c0c0080c3fdf93831e3399e5e756e2dcc1623609f8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c0c046309df064b66dcf616ae8d34cf2

    SHA1

    9828f09fb731cb87e098c531770bf1345871d9c2

    SHA256

    0d99d44c971fda4e4390093a0e83f045b208c5f6c82f83d2f72aed3f98a64314

    SHA512

    22e1cb684605392adfc92d506bebcdd52fa2994545990a9e51390e5debc00fad7a69607f9a9696f387c78ebec48193cc120648989537a33ed2d778a256f9215a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dbeea9e08b55befb27fc9f6312daef0a

    SHA1

    efef57f93e03b0b9c3475256716536138108d419

    SHA256

    6215f42e0d4274b487e487bb1906276e4d3f126876cad57217628789907d2e0d

    SHA512

    03f17dfd46509330ee7dd9cf20e4b0cc77056409cf6a3d678a39c3e782e23694c90b4933fbe5481a4cd0d173a76ac631001f642b2054dd12a8504e78da901eee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ae6d1e9bee2a358fa8b5d9a8e4161bbe

    SHA1

    e5ba1b13b48bdb516b264440d5ee44b8adedf9aa

    SHA256

    8676f004ca94c0cc83b5968449809f2ac36f232ed09a745f92511e4734999fa9

    SHA512

    6abed54e65857131d20640902a1c97fb0d04c2167849486608f48424df8997ef1356f6c39544536c355e80a52949238cef0debc3e75a9b8ea0f7735980c29c9e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b3124f35aa04ba82b25d8b17b01f9538

    SHA1

    c112efcf14cb19d5a379f30017cee6d8e0c953d2

    SHA256

    4e3eba8022e6ed2e88dedd10df0f93b14c2b288efbd8649a95cc4530d6a00add

    SHA512

    161705629fba0853628056d920176c1f0e749840ab4106856a1062ef322a614e260029762128aa475eff8b39f57470bb1a8874bbae71a618a2b5f4eed8514869

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ed2c22f5cef72bbfdde929abfbe361aa

    SHA1

    b10ab21c65e7aed18810ba9eec6379c2b0328a6a

    SHA256

    481adb104fc93117257c99ec4893bbd98a178d61d9398f9c62ae4b8fc44dcb09

    SHA512

    8b5496b21cfd636d46aceca5073943dbb09cf7afe8b074dce63071175be9269be4ab5731a62698404b2da650a926fc0ff6a52523d23bdde906459fc6684d39e1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c29c434de05be249b81a7dece39cbee4

    SHA1

    74cbeb29e36de43779db8b9078ff3e0ab2ebe41f

    SHA256

    1412d1ab2dbfbe69e8651c7c550fac045bcd3c67b089cd52fa8c45b6cbe99ebd

    SHA512

    d01a27b7275a4cf15e1c3cb3a3413aece0fbd59cf9ddfe1a452fe896de3609e37075da37b4c5e86c5cf0980a0fe16cf6daf0a42b4d72ac263f257a040b57c2f0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    615d35fae20391b0f42f2b4a638643b5

    SHA1

    61fce18c04544fcbc3cd28fb450835a61549b50d

    SHA256

    dcdd5547f97f177e036b17a15a58a777516569ab56e3bc4f4a69293ed95880b5

    SHA512

    c41df4f7532fd53464895630af40fff05ec8c25b9a186c486ac120e88b7d2b0686eb26fdf20d435d3b2bd8ad776ec72ba9ee2da739983e1a33aab2c0f592690a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eabfe2e604eaa018ee6c688edf155003

    SHA1

    34fe3e57f92185b4cf6beddcc7bb0666d372363c

    SHA256

    b342014a134af701b6f9cbf885bbd5977f21b0ed5ad5e16244eab4ba1d41cb14

    SHA512

    86b88a0bc76e9ef27e2cad027dd28b9a2e25e2f363e6c743c72b38662ce11f7e904870796a1b70f988c9ebaabe6ca67eda5a3b28cc8fdf06ba34e6666402d5e7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    01c982e643449e97918b8500c1ebccb0

    SHA1

    7529cafadcbe5166ca1379343eb65beb0d108047

    SHA256

    96aa00b56c6955ab2f97d5c0c52a8f60fd65a32e5f7abafdbd0c6ea7a37d7ab2

    SHA512

    c802602a5b76cca42bdbdb99ad35b2ccee4568c897ffe65a9468e3f7c999c22426b2d3d9fb86a7f2d6c567a34123722ea0ac93e0698a06deebf3aa90a0e6a1b0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3314ea6cb7af4a2bfb8505f79511931e

    SHA1

    0b4a8d02ef7c3bbcbda71d3355877d5a73c4df93

    SHA256

    fb6415e3d698ff82add724ef88a59eab779fcd0b5afdadd459c56aa21450737b

    SHA512

    f841ed084d3d1818af8d3f43d2d7de0479aac6ef079ccf268dfdd5cd724d0f435eed179aca8cc99040fa9428eaf958bc0998230150fcad07181d8134d45384d0

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab396A.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3A4C.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit