Overview

overview

7

Static

static

3

069a94015a...18.exe

windows7-x64

7

069a94015a...18.exe

windows10-2004-x64

7

$PLUGINSDI...nt.dll

windows7-x64

1

$PLUGINSDI...nt.dll

windows10-2004-x64

1

$PLUGINSDI...ed.htm

windows7-x64

1

$PLUGINSDI...ed.htm

windows10-2004-x64

1

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...ss.htm

windows7-x64

1

$PLUGINSDI...ss.htm

windows10-2004-x64

1

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...ss.htm

windows7-x64

1

$PLUGINSDI...ss.htm

windows10-2004-x64

1

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...en.htm

windows7-x64

1

$PLUGINSDI...en.htm

windows10-2004-x64

1

$PLUGINSDI...t.html

windows7-x64

1

$PLUGINSDI...t.html

windows10-2004-x64

1

$PLUGINSDI...r.html

windows7-x64

1

$PLUGINSDI...r.html

windows10-2004-x64

1

$PLUGINSDI...ed.exe

windows7-x64

1

$PLUGINSDI...ed.exe

windows10-2004-x64

1

$PLUGINSDI...lay.js

windows7-x64

1

$PLUGINSDI...lay.js

windows10-2004-x64

1

$PLUGINSDI...min.js

windows7-x64

1

$PLUGINSDI...min.js

windows10-2004-x64

1

$PLUGINSDI...ger.js

windows7-x64

1

$PLUGINSDI...ger.js

windows10-2004-x64

1

$PLUGINSDI...ker.js

windows7-x64

1

$PLUGINSDI...ker.js

windows10-2004-x64

1

Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    29/04/2024, 02:18

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    $PLUGINSDIR/manager/manager.html

  • Size

    328B

  • MD5

    18cca826ea1c82d66ffff240197e8970

  • SHA1

    7e0f6e50bac9b22104634ed6efd71f0a5a5469c9

  • SHA256

    cc91201e3162e0b209123789cd1ce2982d356075a1ec3f527d83e6a0c976b782

  • SHA512

    485238751cbb774b61f6312506b8dbfbeb8f9ccd1aeebcc729a7205c4221816643eb20f7f02953f8e2542b2aa7d540fa6f82cbe4970053fbcf967250880d558f

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\manager\manager.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2460
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2460 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2984

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          bcd0aeb7d536af588bdb19fa3f6c6f74

          SHA1

          177c4e35c641788b7bcdb1b39f3e50ea98a505fc

          SHA256

          5154ec10eae44585ff66cd6b6d81e49d0b8cab477899d12b968da2795efa1480

          SHA512

          f0457bcc4d0dbc7381fba93d2f275b3345e45dc71042d14197ba61ed2316089535b7240374bb450dc7ec1ac7ebf97f54af230be39946bee1371ee2d580175c6f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          b3e13bb52973168e5e6e30ce7fb0e9f5

          SHA1

          377591a9dda9cb85eab433dd2fc48bcf05d4fd5a

          SHA256

          f5c94c43940d3ea2d0521f95750da46f260712e24eabe19bd91fbbcea83073d7

          SHA512

          f211666f8261a696784ea3b7fcd3d5c38f1eea4b71fd0520fc34499762c62692d28370a64d894d170a9ea9bbaa96e38ce16164be82aad43ecffa523fc7967293

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          8f65b1a66bdd4db8e8781ffde16aa13f

          SHA1

          916b6969ec3b60c9235c86cc7925ae85dec75346

          SHA256

          a0ca3013575c6e3b58616b460faaf1abc2253993601f849dbc8583b1862e02f1

          SHA512

          f63de1252d845ef6c0a05d348b26994cde0762f954cd5b9e14279aaadfbe7435f46e7630d54b56dbf269e74f71184dd85daa69f4be6a5b9a11da6a71f09f04f1

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          348f948c887cde5b89c212c5fbe293a3

          SHA1

          9332f63a92f2320fd5aaf2e5857162ec18ee7d2e

          SHA256

          d030fb8af246261d2b00b3f283ab18d3b421a03fafdba7dfb3fa3b0346177f27

          SHA512

          aca020fb5d1997b9929063d765c411d6d62fff2a57d3a40e1acab05d774f5f134545a4298553bad855b8d9e368936567d3c2f1337b8bf4a875f3cac2e8c235c3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          49fc3509395504d1d48a740b57e285c6

          SHA1

          381039ff73008dfd1531528261962f669e716707

          SHA256

          069ec7e7bcf8f4948648d84df36bff27bee8e5cee3daa7ac1266ac2e824c20c3

          SHA512

          d13a204124c60bbd1396cca3ec46c0fe2a5500471d0233b8c955ecc0173555c1ca69ea06e4080cc43bf9ab510610bbdcd0968cfad3304fac81f63813ea69aad3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          aeecc0f5949bd5c1223f9558924937b1

          SHA1

          0e09ad57c450dc989888752a6c7ae7e158060461

          SHA256

          e4e2af4e6e481bfaf4a87618d2d257a4f441a7a79a06daea8f3b5e163df6c40f

          SHA512

          7ea8f008324a4afcb2a073509ea6a086abe37835b7d26ac06a2d6e6c3b52472054a44aa837c4a532679d73fcd5458f814fc0c8b7249fb976c5dacfadcdef9dbf

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          d796fdad434b167c972d6aa38cf06947

          SHA1

          c38bd9510907c34f8d35e70a2f7aac17ac49626b

          SHA256

          da40376473699e58c3122ecf57fa7a4667798775cc3755dd2576797688579277

          SHA512

          74f51c83f517345ae0a04f90e194492f8921b361efc637ce2d8caa809994e0e24b645c8fd73c93ce2f9bf00005fa37bc9a31c7cd53f57804a32d71f35dd2eb27

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          cae084ea0106479726db7b0267b8d7df

          SHA1

          f0b8bf582c2b81d7d6f60ac3e83d225b2c53e5f6

          SHA256

          2166dca53bc4bf840f535b4b07e0881926be199c67fabc19717e30ec59a3f05a

          SHA512

          cc8d73e649ee01f9641389721a11d9884f1c2260e3b80fa9aecd7697d294d03e3b8240f95dbe3013dd882fdc0b0a98d5b7af89811a868c9fc70cd55ff38b28c7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          3d1a160e714b66a4c9409acffba92939

          SHA1

          508578029885a8adc9a114ffd193b871e3d516c4

          SHA256

          bf3dbca0e725d59ad34a61d9d8de1deb7cb2042db47fc6b40cf4269c94180003

          SHA512

          09b29b720e7cd9bd85d9d013da1819e12285e4945d4e6d65a58bb3788b525fe60c043133f471a049079fee95999d5dfd08a337bfc9c43645a1c12a0bd42167a8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          707251e4275a7444080c01c48ad37f3e

          SHA1

          5d2e6062b1b7aa36ba36700adb0ef120c0d95a12

          SHA256

          b8863698cdf08eaa191ef112d96be3ca743b54cbaaaf0728c5a018f96c513b9d

          SHA512

          8ca3de78009ba00effef1490b8e82ae385fccae9f50d287ef791e793139b673b736c52f2b65804db841bb37b6e7c07e6516a28b1b3e84d1bc4866044982626a6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          f48c7fc6d8a5a53485e0399c7313338f

          SHA1

          88fee2a510cdce702de56044ea962a48eb20e392

          SHA256

          78742c443bb8064904eef66bec4170bc6abb99780a9071f5e3d42c872c4ab224

          SHA512

          a90959c42840e70548ee1569737eae37dc85657c0a8a722692eb497ac2cf64f3082b41eda3e3ab820c72f9acf9bdaff77ecfbaaba5f8237beee38abd3bb28c78

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          d0b32587b21a3d2f1125213670204f32

          SHA1

          c12506edd53bd625112b0a2ce91a241db80f216e

          SHA256

          0f207865581cf515651d62c44d1aed31f307961f87b58d74bf85bdf6b4d10e36

          SHA512

          f1285bc470c94e37ca07b82eb5444e750045bec79079a0d2681c4cf55a7cc4ff331e8d07c46ca8732c5a48c87abdf4923e40bf5eb51337d8744fe85917e7163d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          8146cc6c15b4752e10e7039e6475606e

          SHA1

          f3fc6b0134d3bc815b97ebd3b75eb2e95c2a4aee

          SHA256

          ba0e7cc997bf6e0bcd7c8accf38ccde10e879b09f8e2df1c859aed0afe283762

          SHA512

          8bc10b4e6f5fbd1ef85dcd9038b1f2924ca8f2efc309a88d762d6aff7d7243f5b8d6ee43f8f66e6af3804b5f3e6d74f96eaea37a0b468a24011486f9cf48b017

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          e5f77d732458f9b9e1dcef4f00b665b0

          SHA1

          6f3c2aec9ac4a71acfb4c42b297376b3d2429cce

          SHA256

          de208c611901ffe54f6a4d03cf11a4d9d6819ec7d10978b7db6cd9d646961006

          SHA512

          4c94761f24edb452f1a14bfb49e22b9f3c44b271917e0c160545dd8f025a6d7ee51fee06415b121a24902ae8ee0df4564a4122b9f8b8671f7c063a55c83d38e7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          1f51c4a3743e0e9e0ab525dee1110317

          SHA1

          4b270181d75617f5a8a50aa38d4be2f2d3803184

          SHA256

          2a6769709f4101af753c5335b2f0502f4305092b8247afefe6fed9726065cb50

          SHA512

          866a0d0b2ecf9591320e43280f18c451ba135a86316344235af0eb20a30f8865bb621da0dc3c5b2474428232d034533895d510828f9e65b50a4f883f6ea3a41d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          3dcb17dd82b5da2b09a7731fa4cd83d5

          SHA1

          5a862483d362d10ac0543e2af5e97d3ec6fea7ac

          SHA256

          2607e59f5426b59ba8686c507f944381ba603c5c745f7c912725f0654e00b0d3

          SHA512

          6de524025583e457b35494a7e1c207323855c84ebb01bfa3f1daf5ee5fa5084f861046bb68dce87b42cfcd934e7b18d746f2f40dd2d20910fe7f83941f7a2b4f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          f1a56930d8866a02c77d2ad76055e93b

          SHA1

          0189cc2f99c98b8caf9f1074d04df9c96d569022

          SHA256

          e70ad191f87938568bf7aa06c403a63a457d8e3d88b1b7e39e4158b28debfcd3

          SHA512

          bcb1319e6e4ddad8d9cedbb3272af92564bc8ab56a30a272985417db1cd0024ac499c5c088bf7eaf7e28684c9238f2d396b51dde409016ade44d2e7212b889fb

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          714bdb7451d515243b2321fab9d59530

          SHA1

          2a9e4d2baef5da495b950b07b9c06c159353ef8d

          SHA256

          856148cc04e81b83d98d3b2506fe7d64133c3be2203c23dbc43f7d38115f89b0

          SHA512

          f700d84c2267e3c9fe9887b02ead43f6c65b58cacff8db8831779ab4b152b6ded0c0f05f7093e52cf4b9425480c010c0353b0cd891096ddff60dbec33aeaa25a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          9362c62e446c894d0ff891cc9cfcb7ed

          SHA1

          696cceeb09e0b46f638205c29a1483801decbec4

          SHA256

          aa4269e1fc1b1a94b983c6e2171910b62581cbe38f1e317815d83c4576e973d2

          SHA512

          143b8126a3ffd0bc39eb50dc4629de11ad44a4a0d920d1f4724e996994b1297d874f7a47475ac91e696bf4036558f32bd6cdf5f5d41cf2cc5f9f6c8f6f2002f3

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab21E5.tmp
          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar22D6.tmp
          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

          Download Submit