Overview

overview

10

Static

static

10

1680kb DMF...er.exe

windows7-x64

7

1680kb DMF...er.exe

windows10-2004-x64

7

AntMem v13...64.vbs

windows7-x64

1

AntMem v13...64.vbs

windows10-2004-x64

1

Atlantis N...is.exe

windows7-x64

8

Atlantis N...is.exe

windows10-2004-x64

7

CSVboard v...rd.exe

windows7-x64

7

CSVboard v...rd.exe

windows10-2004-x64

7

Encopy5/encopy5.exe

windows7-x64

7

Encopy5/encopy5.exe

windows10-2004-x64

7

Eve/eve.exe

windows7-x64

8

Eve/eve.exe

windows10-2004-x64

1

FoldersRep...ep.exe

windows7-x64

9

FoldersRep...ep.exe

windows10-2004-x64

9

FoldersRep...t.html

windows7-x64

1

FoldersRep...t.html

windows10-2004-x64

1

MICROFTP/MicroFTP.exe

windows7-x64

7

MICROFTP/MicroFTP.exe

windows10-2004-x64

7

PDFproduce...er.exe

windows7-x64

7

PDFproduce...er.exe

windows10-2004-x64

7

Password G...pg.exe

windows7-x64

7

Password G...pg.exe

windows10-2004-x64

7

ShackUp/ShackUp.exe

windows7-x64

7

ShackUp/ShackUp.exe

windows10-2004-x64

7

Spread32/Spread32.exe

windows7-x64

7

Spread32/Spread32.exe

windows10-2004-x64

7

TheGun/THEGUN.exe

windows7-x64

1

TheGun/THEGUN.exe

windows10-2004-x64

1

Xcalday Ca...ay.exe

windows7-x64

7

Xcalday Ca...ay.exe

windows10-2004-x64

7

Xpass/xpass.dll

windows7-x64

7

Xpass/xpass.dll

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    09/05/2024, 07:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    FoldersReport/report.html

  • Size

    1KB

  • MD5

    6214a6541b0f896bc5607e1d86490d65

  • SHA1

    27f479af93e7888c3ed8616bf0fcafaf89f2dd1e

  • SHA256

    669fb97be31468036ecef9a0c8051bde78a573efbe6063ba7ee52afe2e7c6e98

  • SHA512

    b7f0c27be8726fec7e49c1c28378ec850ca071f0891773ef603c9d6f499dc7ee798209c881a1727edcc899c4c56259c790ed41f8be33b2ed2dea4b63ba35544b

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\FoldersReport\report.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3040
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3040 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2516

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    8863015c4cbc67ffb361dc66b39473f4

    SHA1

    256d262645c09f0c02126bc94da08d66d0fd759f

    SHA256

    6584e8f1e359faeb2a33f045c47a921dea7e01f7c10b83af611b50ae2d55a34e

    SHA512

    d800a853008638398b55128f4d9b33fb955362e14b182c2f75b8c7970a6bd7a0e1c0847d9f6b79fd1a15486e4ab4270322aa0934a9b24a83aa505df6b88e1de9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    875ed4648db48dd8d8d8a6f88f95d1ed

    SHA1

    2310cf3f5caf65203829a6128f5fdb087b1794e7

    SHA256

    8fb164bc389a0aaa1926fd438e53df26040b2530cc9c2393797d1558a4fe2559

    SHA512

    bb6cda0eb0c881e3b3c9cd6dba257f14829e191901c466dadbc9f93a8e5b5d6472a8c28a24623ed61867997130ddc17ccdeb28df881e013877649ac5d0970e5f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ad3bd67a308a3d2d6ff023680c1fdd9b

    SHA1

    9c23371fc7c1519d626465c53f94db9253fd27bd

    SHA256

    c9b5634e0b29a6b2ffee89e0d9a9ec43a81d61ee5563f60cd0fc40c55ef77aaf

    SHA512

    b60b5c80c29313ff936bad3f98b2fa81145c04409118454f2c72e56275a29ec5f7a9e1674da9a4bed4ce489ab7fd4257ce4ae4b63538ec2b23835edb5d326927

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c684b92482991fa4176e471aa5dac884

    SHA1

    8dc34fa74d65974497c602c438c5f37f81804f0d

    SHA256

    e7d39e0cc80ae9a7cd4faf4803ecbef768624bdffdeddebae69417c0099c4677

    SHA512

    5de1c1d5d289283d4681250ebe265973ded68e7b74b2b03d7d527d180c31e391a377ba9cd74eb47679f2318cf97761f42acc2caf1f71761128838aad822bbbea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fc069ea6344641285568a4087b39328f

    SHA1

    8f0069d526bf125bf4953aea73503d97f773ddc3

    SHA256

    9c64d07e1e8c01ba418cdb406d42137792d2e5ac98f03a253418670a9525e654

    SHA512

    49b705e4bb07e3639cae88d217972f755a9a10849b6a91b9618ade0a4acd04cffd2df030161e4d73ec26e02afbda366cde3f8ba39e54a6697f7e43454464f3bd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0e3bcf3c5ad61479d6f892335e551ba0

    SHA1

    09b4408aadcd842063e944e17e22d4e8dbf2fa49

    SHA256

    cd387c5d307133704df78091f15a23746ec38612b69f82a76f5b17f69c553f91

    SHA512

    20b1e34abcd4d17e642d89d764a1db6375d2bff76527e0ad7d1ee65c19ad0cd2581b2b0237a6a44d54be607e60df77c34f9963aac9e3292edb7c078745776835

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1c7918235a632223fcb3098005dff157

    SHA1

    827f2d0b1f80bfd5c4ef8532269b1937171f419b

    SHA256

    cd68b427ccffd75a0a4854091568224f72f2f1039ea2d5d3a6c28f8c76443cd5

    SHA512

    491de946a00ce2af9dae9699c9b1beb5dbbd40ad4759a5cefd50b48b169c768fd896d3d9b26c492ca75b5a1f7855b6b6b9bc1a08d59a9c3fd258129f9e2ab554

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f3ffbd2d03ab804b8ff8ebb2b7cb8b75

    SHA1

    b71bb8ba1c6c04b833dc2757e959fe4db5980220

    SHA256

    57df64cf1523981a737cf577ad63f90eb1a54ef9389d2dd76ef6c75f37920100

    SHA512

    fcb1d263da29bda8ebb9d324a270000fcee69426b1a9105303c9ea7a70e8b8fafdf902846b7341742eaa160d44a0104892eafdf9788e1ef77ef7f92ddf1ac219

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8ee26f13007e65a691b4e056a544c834

    SHA1

    4c0f9bb0501f86ffe42d66addf581cc151514008

    SHA256

    d1928837941daac3b1cac6de8d4d26ef85a5acb17eff2745a1b100478b65d49f

    SHA512

    ae1d8ecb898158db28195ee28db14d7fb8e1b17f09ff9fea556689cc0059fe6051747edd9747b23e409a232dd598b607a78fafa62ee2ebdd475e8ae9bddd5668

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c1374a2f775cabaa31f99f62eb80d7a6

    SHA1

    b16c3ae90dc35e30d1d9e08dbc50960d98af61d1

    SHA256

    6edf177643434ef3bdbddf10cdf095da189224917b919ae2a63e15ccf0292d31

    SHA512

    3a86bee0b7581db9f094a24ab9428168f5e8a89b53bcb01a65340be85d5b6c0080f166a56115285a875a908c168d53cba5475e22cafa2a482bdcbb95ac275d8d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8bdbeca05f94f48944d80134005ecd8c

    SHA1

    2e6d41566e729fe1686a5c79b4d8eec7d2ed9360

    SHA256

    b008aad47fd7b15fad2a872502dcfbad74964be8e5a0772925c5043cbadb789e

    SHA512

    ca6bcda8b02046c7bb2e43148dc2a182f077f973738a4d136f19aedc5d4aadfdb041bba4dc7a9e6225364f6e426049cf9fc7d063ade7bfb75caa307585767346

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    306b0ee8df5daf196eda1dc5e86e5be3

    SHA1

    8b0efcfadbfa20863b213a11fd7af34c6850d9cd

    SHA256

    9d7f00dacc6639ce5c40469d0bad21832385a0d8925c635762b13d60004685cd

    SHA512

    e1028b6b81d0cfcd1bb794ded87f75b84ab82bea5e6e426c4619cb00a31e9e75c89293736878e5de04906c182d00c22e893c94e6cd6518d9531a77c03a953405

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f48dfae50b2d1470460645b14bb504b7

    SHA1

    935159ce0e5ae355454bc79df185aa5e75d3b2b1

    SHA256

    f86437eeb776d44e42979e44cb89b316b4c21fe26a36440f026e36d7b4188dee

    SHA512

    23460a7f3005caad79a62b10d06185e86b8909432946f2eb299c66a5af82d3a5882e314931ca0f1464de001bf3ea39cb5a33be58b5280c80e31380e8d0c69dc1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c772c06463c093f32bc29ae3c78050b2

    SHA1

    26feed8ca31f5fbcf454120aa43fc76906cb1f55

    SHA256

    a9b9aed4f4eeb646cbb84372a0291e44a611b382f0f6d98484578ceaea5bd25d

    SHA512

    0b9554a9862d694ff2aad9c0ae4fc24769c83263023ffcca2a61afd26e46743ff175c61edc838811900ce8fabafb0cbe2d830600c9436df9cbb7cc1f942257cf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4fec617d062ca42835969ff6352dc16a

    SHA1

    7270f4d320692dcdcaeabecb08de9c76a8be5deb

    SHA256

    014a6922cbdfdf5855582c20bac9af98b56419e506eaa205dace7708b9c09563

    SHA512

    d5f66a3d5932fc77bca16e41eb9a1cc927bae6e0213d7afc0bb734687b57db65382944814c7524a27ed0aa3299d35828820f0d0ba81b82bfdeb3d4b2e144cfae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    aa22ebf0471828c012fe6c13b2147d03

    SHA1

    e957fa2631b8b243caa3bd966969d97d40ba4ce8

    SHA256

    711861e55390a806f5703ce33d9ab8263d41a7ca738c43d2027baeb57f97012f

    SHA512

    88002a6168589724ae71fe2f7febd0745393837ed4c276e5f3391182bbcd699c66817e0adc01573358c87ae4da1ce6b04488543d6e65c023ff92f684cff9a5cf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a6db072c46af4bfaf7c98e3a9cfacf2f

    SHA1

    f88e7f073ec8b5e8781913c2d6839cf2522df9a1

    SHA256

    cfdd15994d45bdab93896b49593058f7d66359bb5a3bafacc76445ca920a64a2

    SHA512

    13c361d2f5f45d5801972d9d59125f6d6635489c27c59075cd7941c7e56aa87daa2344ed7522efe17659fddba725f1b2adfae3f79b38c0d954d7dd2f8ae1853c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    15efd4124a44c379db940a75c0c16f99

    SHA1

    b0314ef50e4dbe209ae159fde20e7b8a7bc806e6

    SHA256

    3c01fb5ac4a39c06b9e0dc435284a194f13ad02e147dd430e20929d4f5d72a6b

    SHA512

    35a7282739ee9593e571d6e6a1184bb0993596a553795d9b4794469d65bfbc7048e74ef110e3f20a97a909de3a9b08a3b573b451e3e809c8aab7bae037375aed

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e04b0add276ff3b0c38e0357c7ceac5f

    SHA1

    3d9f80fcde99b7313568494f9d841567701eaf20

    SHA256

    b552cd86b724c8ae8a8ba311e2321b069e8d5a8e01c89c4cf319371ba9fb8360

    SHA512

    25ab815711ec8525a3672256544b867c549a2c0c743ea7b9d930f5294fdcfd38a9d3b2eba265dae0b9fa714d3e0bb95e7965e44d4e0552a62e76c974b20b0de3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7bccba0189cdce4b0dade4bb3241dbf4

    SHA1

    79ea6145ec83ee8f31aac70c6fa5bea0060af11b

    SHA256

    78bef118a62c4d25986ebbad88bd14ca6be2db41649791dda13b1e6ac8f013c3

    SHA512

    3132c0c18cd0a313b98621e859451ccd53429a90b078307697c1ca70a62b9368cc320bc93d8b59ade22ab4e64add17ca33bdfdf8afe5784dfec3e6a039468f01

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    9cbb34ab618217a3a718a23468febfcc

    SHA1

    df52b12f2949d05cfeb92e2034c078ad3f6b8a06

    SHA256

    ed4e17bcd460ea09bc041effc8ee7f5c8e9a49b2224adc50743bdfb63a4d1ec7

    SHA512

    0cbc501d0d0a583a645550de74355001980bef6cb8ace3aee42408af7609f2320b6fe61756a8bc84ae3312064415c9c49ec20fb13b46bb9475050057316cbc07

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab324A.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3394.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit