Overview

overview

1

Static

static

1

[origen]/o...ams.js

windows7-x64

1

[origen]/o...ams.js

windows10-2004-x64

1

[origen]/o...nts.js

windows7-x64

1

[origen]/o...nts.js

windows10-2004-x64

1

[origen]/o...ts.vbs

windows7-x64

1

[origen]/o...ts.vbs

windows10-2004-x64

1

[origen]/o...app.js

windows7-x64

1

[origen]/o...app.js

windows10-2004-x64

1

[origen]/o...fig.js

windows7-x64

1

[origen]/o...fig.js

windows10-2004-x64

1

[origen]/o...vas.js

windows7-x64

1

[origen]/o...vas.js

windows10-2004-x64

1

[origen]/o...x.html

windows7-x64

1

[origen]/o...x.html

windows10-2004-x64

1

[origen]/o...ain.js

windows7-x64

1

[origen]/o...ain.js

windows10-2004-x64

1

[origen]/o...bs.vbs

windows7-x64

1

[origen]/o...bs.vbs

windows10-2004-x64

1

[origen]/o...in.vbs

windows7-x64

1

[origen]/o...in.vbs

windows10-2004-x64

1

[origen]/o...e.html

windows7-x64

1

[origen]/o...e.html

windows10-2004-x64

1

[origen]/o...r.html

windows7-x64

1

[origen]/o...r.html

windows10-2004-x64

1

[origen]/o...1.html

windows7-x64

1

[origen]/o...1.html

windows10-2004-x64

1

[origen]/o...0.html

windows7-x64

1

[origen]/o...0.html

windows10-2004-x64

1

[origen]/o...1.html

windows7-x64

1

[origen]/o...1.html

windows10-2004-x64

1

[origen]/o...2.html

windows7-x64

1

[origen]/o...2.html

windows10-2004-x64

1

Resubmissions

26-04-2024 14:55

240426-sanrsaeg7s 3

26-04-2024 14:54

240426-r9vtpseg5x 1

Analysis

  • max time kernel
    134s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    26-04-2024 14:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    [origen]/origen_police_menu/html/img/mapStyles/1/-1/-1.html

  • Size

    315B

  • MD5

    a34ac19f4afae63adc5d2f7bc970c07f

  • SHA1

    a82190fc530c265aa40a045c21770d967f4767b8

  • SHA256

    d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

  • SHA512

    42e53d96e5961e95b7a984d9c9778a1d3bd8ee0c87b8b3b515fa31f67c2d073c8565afc2f4b962c43668c4efa1e478da9bb0ecffa79479c7e880731bc4c55765

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\[origen]\origen_police_menu\html\img\mapStyles\1\-1\-1.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2792
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2792 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2316

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d16b2fb06f285029d9c4e615aeff4be1

    SHA1

    39a0f869a8f57ab55769cb7a46dac40740f8daab

    SHA256

    8839899d1a0e11c174d8a9092cf4f60403793d9d21b5e1d9636dd55a5f988314

    SHA512

    bc068ddcc5434911c8af898beaf4a5d520edd14183369c542c18f7135af64703c586bb423b00b2ab53c07abde2cf1b30d0d6b7a3baf6d8128dd48b3d808433e1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f52482df154f7a753e0ecee41440d988

    SHA1

    52f2f3e69f985b96fc28b3a78d171511a05f9e73

    SHA256

    4a223667c40fda02b6e1b6ce370b4b06832738ba340e354753eb1d6b62160cfe

    SHA512

    32c462ebd73b05a5240af333566eda3d415331f27ca4e477ae8e13185726191b83e3ee0a7d9468621097c757410506af936b73d31dec439c0c26e8488a684c73

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    786a1491044a780af6f1519c152e5dcf

    SHA1

    960dc8974e47b6b3fbdc9212596f7c9e209327da

    SHA256

    867869f5a13750d259c8f09e7b5ba59c4173c9c90f8276daedf6144a13bd51ec

    SHA512

    a434bd87d76ad10969149e1d189523acef2c7d244de464be0e1d53a22da4fcc4da1107be64e1a42b21bb2d2c053ac24458eb774406274dfcae78f353d423a15a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    307939199c8bd1dd8308151dd59255fc

    SHA1

    874a5886902cbd12458c734d54770adbac1ec2ac

    SHA256

    6a23e09824d4118f7f756a407b1e299134a9a889564e0344f111b675e0b86c5f

    SHA512

    eec30747e67300dcd2a7a7744b07299a8d621adfdd9e351f92381cacfcfb1d7b666db6c385884aa651acb24034470378518992fe02c0179a9aa449dfde69fdf6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    848230918db6f7001f3067aa586232b7

    SHA1

    9c41c36ce32caa25557aa32616217be34f35f432

    SHA256

    aef9b5365ad74b77e510212f8176cd697fd2badc1fb6c28c350e361a9f33eaec

    SHA512

    8b6f57d02e6b422ad411dd170c34d84330c364a996bf9d32fd32fbb375aba858722134fc12286479c98fd30cfccfca6a60f3101e3a6bae8c396bd4c75c608f58

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a6f0a18e21953993d8e54c04c1a7e6cc

    SHA1

    78d16d8f4ada9cf27307f5f5ec52f1c97aa6cc81

    SHA256

    e5107d562dedcc8338fe00d19c159d9d9bad66e334ddffe7d0bba54f112f7d65

    SHA512

    ecf6f7ae62ca4cb740aa451a43c8cfbf62d25ff2d8a3817fbf94a249b65ba09912d93328879df2c5c286b237de592289d84183e68a7b47136c480df73d7903a1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    18fc746fbc9ecfec872ac6a7f2672460

    SHA1

    44845abbb9363f085de5e8f9a2764e1070fd0ab7

    SHA256

    0446a15014ab3d7abb2e6c1aafe45d999ce800320d0ea68521821632c3f60637

    SHA512

    8e4f145dc81f33d7e551c4a84c4f27fc6b0ca14e61a49d6591a68404938b29678f48b414c7bfe074cb62aba12aba890c6be633b2fb83c7d025311ecf241a6e3d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    89b8622bf0b506f4d476b8f94382cd8a

    SHA1

    1a32f11a8d75b66338d3ea055da7e4037fbc4051

    SHA256

    e9ed422e35c69aa406fce703d6803479ee47383eab516b778ad74f30f5a3e9c0

    SHA512

    a1b4e896966bd1f5ce61d25cb599f84d08782e21c1706e5de2329e151ea48119eaaac06195e008bd4e4b1ecbf7dca8ab2cf35c15e6cadda8447d003a83686943

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8ef2236343327c8582b2eed04e415a53

    SHA1

    ea73cc85b80ebe49284a9702d223ce38dd3bb321

    SHA256

    478924ee0ebee0dd2ce218b015e9c5bc53cbd0d7a8f338e261839251f5617a0f

    SHA512

    f8ed921a3ca6b0570378aa89c81849b6d61a35bada40867d0cb9eb201ab0f6f3bf8baa79a8389d5bfc38d729784635cd2f1ddd521c026330ccb94ec16eef6b2d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f5473dc5e05af1a3de1044951eefe76a

    SHA1

    990a321cbf9523077be4d204d17380b9cbd5babf

    SHA256

    3051b1d752cec7c5d6179faa0eea4130ebbead3555c6752896bf8dd362334f5b

    SHA512

    b03475fd1e9c16394181e6eaffdb0f730bcec85b4d92bcc6b6e1936ad13b806bb63db2f8e018ef905d8dc95d6eba069317f0a9e17e9632ca19994add9a313049

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    84a0c04fa2851bb95675c43a0db62829

    SHA1

    6706ecd6ea4ed622c90e806d2a4394c9179ebb4a

    SHA256

    c32ec5887d442f48e00df398b3784a5fb9979332aab6c1f597e0973c2bf34a87

    SHA512

    98d3824522c35bacee7a7ccb539b9e3c1bb9503300c2ae6aab132b57e6ca4a946cf554b69d8bd8846254fce1811b361767a6dd83de8b6c0315b275fa7cdc78c0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    67dafd469f32bc7178194e1a29f2336a

    SHA1

    78f4a0c3fcd51baa87951b1c889f5077e3376f4d

    SHA256

    d10803567bd6e130e37d774e60be271290b46af17d105c9e20d48fc08f10e30d

    SHA512

    5256ee11a64ebb8215a18ffda13d59890db5829733a20748c8a58011bc590961d24014a7730c482c3350047d62e63b3d133fc66c1e7c2a80126abe7a1aa2c5a7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4a2cc08e528d220e30efd783c5c2dc14

    SHA1

    0b873187824a090440ba23db6dacd6cd541c30c1

    SHA256

    b28cf6be8c5f8d050e2beb495de499c14d9e908ebbc5d29e09155f2c27ea24e5

    SHA512

    cf523c15b53fbc0bf78b80e8477f370ad551ad6caeb200486cf53aa835d04eec229cc09ba4052e9a11ae9d67cf059c7de1ce0f47bb66b29dc6f7eb7885e30787

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cd81684aca3cec1f5e4378837d0222b3

    SHA1

    555a30466b54de5b08d2b58b93b95eefa11ced55

    SHA256

    a2365aca448c8d624b29a2ce4992107c1140c8cb7d033c885fea4c85a336262e

    SHA512

    13634e06ba26893d33550cf71f84eb26049e528d12eb2bc9a15e01ff86830ebf5349fa220c868d3c39d735eb85f8f70c92a8bb38573b4a3ef2d698dd1c43641a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ef2b613bc267b3e259e0515c9ceaa496

    SHA1

    2405bafa08a5b229742a19f853cd0305704f1d50

    SHA256

    0ff412c089a7711ade7e859d94ed3011359d9a5c2f5d340364719634a1a5b223

    SHA512

    07690438e84a0548f218b5e68e8b3a550f7a6ff86d4761dfb0c35cdc1cadfe5d4f3b2ab3015b363dbc14ec38391717ac4233ef17fcd051235ab99c647346da39

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    accab0c3790a19552a20f80f88b1533a

    SHA1

    ad1a779f8fe2da7c1331e2b48615ffc5659f04b6

    SHA256

    bf9f2a5263c27f36c6e8da04b977f0dfb07eeaf8c8d5ee659ac202af885cb0fc

    SHA512

    4cdfc095ed9f57c902bb636f9e179c9e743c0bf290525872ddc48ec6f1ff83326c9aad0dd24bd09b4769e7d4bac7aefe3672fed6a2d24688b1adcfd96834bb58

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3a19122cb1b50b65f516f59e50a6cde2

    SHA1

    4d3cfa8ed704f2eea2212fd00c9cd6ade33ebe08

    SHA256

    de44d67f37fdd88d87237a5d8a37d309a6c88d985ee63696a28f04cf93d4c4e1

    SHA512

    05ccd85d3d1cc55a9fe962b97d88114949412ae683ca971ea2b310ec5385db0204e697254233ff6ea114cf1c3bbfc803b8532e49cad1edb02ce5849d4abc0da8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b947bbbdc054adae230e5857b022687f

    SHA1

    bc5c2454e87b2d1bacf03294d7e60820472b8e37

    SHA256

    5eabad7f8114f8abeddfea5d22a33469c92a21ef7465684b0996282620ffc067

    SHA512

    e193c33bb4e57e0cd0bab1230991c4ca51b7378eb3142822e80ee9a8ce7aa7df772dbd270845f37fb72223d26b1c06e69a5c2904896681f8211b518758598d57

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9a1ef69edae46af29f1c9909441172fd

    SHA1

    6dab0f5507b5ece20b215b6a11317767b1514314

    SHA256

    e5c282a8d85c329e9038be125228347baef1e0b24dfabd72c6e903286af04054

    SHA512

    820799ba1a6ff9d6fbf155e7e3ee045ac61483d6dd9b97e688e9aae21ff5a074d11760b6383086cbc61b0875f8f58499f9b5e5ed390f33f61486843b750713ba

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab4FC8.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar509A.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit