Overview

overview

7

Static

static

3

069a94015a...18.exe

windows7-x64

7

069a94015a...18.exe

windows10-2004-x64

7

$PLUGINSDI...nt.dll

windows7-x64

1

$PLUGINSDI...nt.dll

windows10-2004-x64

1

$PLUGINSDI...ed.htm

windows7-x64

1

$PLUGINSDI...ed.htm

windows10-2004-x64

1

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...ss.htm

windows7-x64

1

$PLUGINSDI...ss.htm

windows10-2004-x64

1

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...ss.htm

windows7-x64

1

$PLUGINSDI...ss.htm

windows10-2004-x64

1

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...en.htm

windows7-x64

1

$PLUGINSDI...en.htm

windows10-2004-x64

1

$PLUGINSDI...t.html

windows7-x64

1

$PLUGINSDI...t.html

windows10-2004-x64

1

$PLUGINSDI...r.html

windows7-x64

1

$PLUGINSDI...r.html

windows10-2004-x64

1

$PLUGINSDI...ed.exe

windows7-x64

1

$PLUGINSDI...ed.exe

windows10-2004-x64

1

$PLUGINSDI...lay.js

windows7-x64

1

$PLUGINSDI...lay.js

windows10-2004-x64

1

$PLUGINSDI...min.js

windows7-x64

1

$PLUGINSDI...min.js

windows10-2004-x64

1

$PLUGINSDI...ger.js

windows7-x64

1

$PLUGINSDI...ger.js

windows10-2004-x64

1

$PLUGINSDI...ker.js

windows7-x64

1

$PLUGINSDI...ker.js

windows10-2004-x64

1

Analysis

  • max time kernel
    133s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    29-04-2024 02:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $PLUGINSDIR/WelcomeScreen.htm

  • Size

    5KB

  • MD5

    54bbb668f02441624af5d536ad9dfd05

  • SHA1

    6a4a1e9522658a725c3f4d2864a2087d33368db6

  • SHA256

    ed7a47c63626fb0ad11635421592b3e805937ea04a94ca39f6864edceed708fc

  • SHA512

    b7cd133b796af24a17345ba578bd03ea1de659f83f7b7d2b29bcf44ccbca376611d35fd0ec435083c8719f2e35cbab2d1afb2d9fdec89a3ef4302fcd715d439c

  • SSDEEP

    96:V9WOHLKTBGHMVtZTk/fOvkHanGgKyzjAQINeX0XpiXpZr8Y:V9WOLKcHwbTs2vkHanRKyzjXIwX3N

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\WelcomeScreen.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1176
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1176 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2176

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a3cb87c8df2c9153a180920a24fb1864

    SHA1

    78df2b848dd72948ad48f1b13aba267e04a07672

    SHA256

    1539d374abef0705ebd4d2f1c127eeb28c66e05b05418a95457bccaff1598a38

    SHA512

    fa2d409747ed8645e2d6759824e2630ceaa97428abddc6112386f04345dfccf0e51db289750ab65cf5bdb9a63faddb9477032859719c520c4f52131b57bee74b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b3d6a511a37d1f793495f0167cd9f92b

    SHA1

    7e998c8e1d7472a0f6ad00d701a65fb896c91f1d

    SHA256

    155091489c9b2586ba2efa2dfeaf0eebf176446cf38acda733708697e940a0f6

    SHA512

    0f5cc36c9710e027b5f8c2646905d5927613c619363afe8ab505e875996da9bc51c2a57063a28aae5a4e2c64d65f438b64b48041407a1a54fd0ebf7516c726f3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1a4ce3e2df4f952a748da398f43c5cd6

    SHA1

    63807415f0df23d156ba9b036806e6730b66093a

    SHA256

    b4f099be4a2c2345ea5b44bfa2a7e481f96b15036b2d6f79227005ab2963f6d3

    SHA512

    ca66d78d90fce5244620814b909281efa2b719dd77ce69ac2145f979bfa87b27dba20a246d299dd249cf112e205a4c0154f560390907a9fdac42ad32dd17167e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e1435d6443e4830211ba311bb321aca5

    SHA1

    eb64766e7c31bb0f71eba163501462df90d32871

    SHA256

    964e7dabe354870899f3e90ae910305f87e02e766dd62c72aae2405012346197

    SHA512

    88cbba157a747577688042c98da6f8a5fb16c03a7035b6262f97f7ee679e89bfeda5c50fc095b9fb57560d81332264978de8c874bb9d6a598904974df847b5fa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bdcee1d2aa1b99b78082c4e90e9924d5

    SHA1

    4d2039ca77931916cc627525f2ec968768ed6674

    SHA256

    0616cbed0fe4affece9e25da0119e0648e26b4d2a10273d4b071d91809319b6f

    SHA512

    2f0596294684a9d948d490f6e3e62766d73aa2fec8ab89965d768b8518b7cc499b4a203ff11da1f7d9c2ab6073600403e84ce66e903183b023e64da498ae2ef2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d4da1b78e7723bfec8f8870420db403f

    SHA1

    6f2cacf295f313d5e683a7c01f3ddab4c1243dc7

    SHA256

    6eb9172dc0563206b9165a71f55fefa4c00bf9e72474d7e09533ad4e664a3958

    SHA512

    a8844c870e3cb00fa7514e00ec789efd925f8796cfca3f838979deb671b150af0b783c73f630f107cb6906e5fba3d12dd51d3042c7086f90f3466565cc37fe7b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    efb1e34d1da40a0ce099bbca59e514ff

    SHA1

    759c272b11db46da772306ebe5f358509210a7da

    SHA256

    6d23469af061108741e7573a6d475867b350e65df0050423c45b12e9c0bd3300

    SHA512

    ad488515aa076a4f5d459b99f1648668cc308f0d2135793c216e4270554061520de5a9c65aa492a755c2f7aa97dd38b4b37eac1904cf872b9fb2605a92d31dee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7e6e40fefce7570ff6dd492f109424c6

    SHA1

    888618c026b1a05f461908e0b0a78620c0471226

    SHA256

    eb756156d55541d4779d4764d3b23fbe981da8e1c6f92f467e7a1aed38e14ff2

    SHA512

    22acc583d14a4a9c549aafa13a5727653d7333ca7f5e1c4314fd5c80cb6767638226ee380ae62c867f58c02a08849b933a2c227b1bc78aa151571f8999542af6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4f4dbc1a335520e9b325f58315bef136

    SHA1

    699ece951b9e27ca2b6da6ef8aa3339d558895fd

    SHA256

    e704a1560e8650f53416e69d34460c069c0a81fd9337c233ff8972bccaea1a81

    SHA512

    c54722294c189e0870ed47bff4694aeccb1e2b283c438cf28fc527ba31916bbe6def367c9914f6a6457ce952aa1444cc74c6f5d352350b0dbdf1822a6bb6311c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    43b0dc5fd2b5954246a7ca7986891af9

    SHA1

    6a97b2bd047f7830ba84a8bdbb0273e4278bc340

    SHA256

    1d3c342dfac0b16d090b65ab5acd03de099eee8a0da8c9e9f44ea1620085038b

    SHA512

    d61b453e8b9577ab83f23d6956485d1acc17fc432b7279dce7d82909e8ef121efa72498584ed0f28a3cb45e26e4f6776328e9e08ca5d20c6a8173bf1e57bb9e6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d5334f03029e7c6b2bb90f2ae1dc1ef9

    SHA1

    560c0f50aa31cf6ca0a8b0a545c56873e2752514

    SHA256

    b3260e2df4b597252ca85186a082d5df6bf21ff446d15ca2438529d86f81db9c

    SHA512

    ee90a98c3231b02996f6c39388bf8b6999a6b4ebedbaa7b478b55e2bbb4131d06b4f6a170e98342079924a8807ccdad0194bc3b916d2b4060559c581a628aff1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    090c355f447ec21749687a8284fd9471

    SHA1

    e7842c8fcb8ebf44e8d9dbf02e1d29c901070411

    SHA256

    0c6bd31f48b8b3c2a60666df8426f1eb9351689cceb0877d8d1307f5c472d120

    SHA512

    78e5e3b72205a4453276957977cd88794f7ff06c9beb0890138dea8e78207886a688f62e7a25cf699ad5c00f2c397a793a1e85870166c7360dbeb45cd0efcd50

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    48037dbdc578d45c159d14996364999b

    SHA1

    761a218db374c5f8f40ef9af7ba7767c4868654f

    SHA256

    c05f2c921695b6331544b7cdbb1f779a505fac486088a4c13860bfe5bd0b2c3c

    SHA512

    1097d183a63ff7de925df4dab4fcad6ea2bc5e56b28bc9eea57e3c32cd426271306dfaf79bb8c4217eb36868b99e5f9c6cc71e1d984cb06dd3f624d05e91f5d3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    71d70561be0729cbdf2f14232de01c1e

    SHA1

    37e0a33a91842fc8db5f0052f4b138a537544241

    SHA256

    786966298624fe2565e2b3eff7d7dfd2b2a6407e519e860a021314de739549fa

    SHA512

    1269049d0ff0746d0952021a779aa4b48e098426ecbe9c74d83f2a4a76586ae8457df4034ae44ecd8bb3170fccfdabd40bd752aff8b47d22f77875c41347f5f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    de2ff03e7cac1d4b4db7fdc6b00284a3

    SHA1

    9e3362829224c1049b57418353969f10a783bf1b

    SHA256

    7616059477a2e6bebff04d28d464f1c8881fb62b8cefdd8c4e01192252e63c68

    SHA512

    99bf145fc26996e4266113632df6209c3afe08e4a07195bfdef11f7ae85d7043b2cb809cd6905e7bd7ee4a24ef7dcc0288908ad5c899e9a8cbe8563b472cb3e6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c0e29634192f10f124e898bbe2a8807a

    SHA1

    9cb56981a0d2ea82465106f500460b0d718ad218

    SHA256

    58962d3638c06a01741d194f2ec2f05b4c32dd16d9432bdab967d6a2febccaa4

    SHA512

    a784f35cf3e576e6386bc6973b8f7775440ba9822760e5caee1436e47ef814d81efcc906e28ae2974c0e011ac1835c55c0fe2f03c2ff0c808229dba31e680066

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9793947cce035bfe8bc1c1f20f3612d0

    SHA1

    a807cce1763e34e8bdd363b4fe593593db4d08b5

    SHA256

    fa7575a535f88014cfd7903f1dfbfa3befc65a5d6d249a743f7106d2e80ae1d6

    SHA512

    757fb6cc17d16117078eacfe9dd70a38b8593702e0afd200e65bafc40fb87e864bf8435e673d8e944e547a53486afbcbc0bcf0f658a3ce0e0a34c46d52696828

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    97b8f1189c246fe2c555db2f29a49386

    SHA1

    005b9063cff5dc681aeb1b2cad56029159efb537

    SHA256

    7ec3195f1b56cf430db1f64fcc23eac625d6a0e8dbb99046e5c65b40f8bc900a

    SHA512

    2fdb27713ca25c51015b0ba0bce86238d204b4fd5c8e34353bd5a37daeee2ac13c48b4102e9268dc75a61bafe50688435abf3805e68092e52050d48b98774b5b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a41a9dd76cc4791d368f5a1a3b45306a

    SHA1

    22b69aba48caa23be52e6fc62b7248e4c589fe3f

    SHA256

    280354f17eb2d4e6956d15af6a45aaca2e1d8fbdbfe0ada99a6cdb2ceaf1c351

    SHA512

    775055762d96eb9ecec797e2d8b9ff85cf17ed5e834fda45cfd99b9f01ae58e86129d16fa7c2fbe34126f2b0d638aca17acfaf286c2e2d3de5b465a45d2c1d19

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1df2aa9c4d492fd4253acf053b8006ff

    SHA1

    0a5cb9770893ddc93eb65899e5ed1f762c09ae84

    SHA256

    f9abf7d92d66e806c9242681386edf9de63c226413bac826460c697a135e3c97

    SHA512

    76ed4ddd5611a77d89fa1faebe94ace0093788759eb37bd9dc4121eef489c50beb8719863016ba9c212611a1312712725596577dcdf65716ae71f59ade42698c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3821.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar38F5.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit