Overview

overview

7

Static

static

7

3050e391ab...18.exe

windows7-x64

7

3050e391ab...18.exe

windows10-2004-x64

7

$PLUGINSDI...me.dll

windows7-x64

3

$PLUGINSDI...me.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...FC.dll

windows7-x64

3

$PLUGINSDI...FC.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$SYSDIR/distance.dll

windows7-x64

7

$SYSDIR/distance.dll

windows10-2004-x64

7

distance.dll

windows7-x64

7

distance.dll

windows10-2004-x64

7

doc/Money_...ipt.js

windows7-x64

3

doc/Money_...ipt.js

windows10-2004-x64

3

doc/RU_STR.js

windows7-x64

3

doc/RU_STR.js

windows10-2004-x64

3

doc/_1c.htm

windows7-x64

1

doc/_1c.htm

windows10-2004-x64

1

doc/_204-350.htm

windows7-x64

1

doc/_204-350.htm

windows10-2004-x64

1

doc/_35ndszayav.htm

windows7-x64

1

doc/_35ndszayav.htm

windows10-2004-x64

1

doc/_35numschet.htm

windows7-x64

1

doc/_35numschet.htm

windows10-2004-x64

1

doc/_35schet.htm

windows7-x64

1

doc/_35schet.htm

windows10-2004-x64

1

doc/_35selffirm.htm

windows7-x64

1

doc/_35selffirm.htm

windows10-2004-x64

1

doc/_adras.htm

windows7-x64

1

doc/_adras.htm

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    10-05-2024 17:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    doc/_204-350.htm

  • Size

    795B

  • MD5

    1d6a566345a671dd834560d2081c3155

  • SHA1

    65cf11a860bb266f14e0b8ac5537b19a8061c909

  • SHA256

    c241f457df46522da7c49d775a91994d78338a518f6644aed0f504cbfc386522

  • SHA512

    2f3f0e7af11d07e91e01352b33f73a1fe6fb7611552a2480ef2a16e730ff7d368d19c8c708a8a715154a29bd5ebdb25b3726383557da274489a4bceb3da49061

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 43 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\doc\_204-350.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2212
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2212 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3004

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    46b0b46921f7610251e2aaa16ee66b65

    SHA1

    917b7e5a9c477600c15f4d11690934cc10944e77

    SHA256

    580f28b46009a008db62807b15995dddbe59b4c2daa39ad364fe7f7edb3be77e

    SHA512

    2febf2483ff6d5b4c9027e6cfb467a0ac8c6d15dcf1ee67dcc3a9be03cd3dba17c6e723ff14a883974981d24d4f5151e9854b30ef4163fd4d001fe1a73b2363a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b915d98d6b455955f40cbc0316c85b35

    SHA1

    a03ace4eb568670c89b04d17e286d3c99c0dd9b0

    SHA256

    39ba4c58e3b4f75351058d6ad49b7beaa66356aa17c657d5ba8cbe0fb7660478

    SHA512

    54b220f739bbdbed8d81671b2c11085ad6113a8eac8bd4f23f45f0e5bf7cdc58a9cf13c750eb9069109899391f4945dc986ee118a273955b95310f78bb692075

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    46164ad94955437566e2d151a33643e6

    SHA1

    c0d9e38ebcb379557bcedb909a595e21d187fd4d

    SHA256

    40430d553a006cbba4e9e3f8bd75f7f77dab714803dfee7d3aec721ad3cfa5f4

    SHA512

    b3282afa49bc9a182371e6c9168fed15a6d98514a1fa64c0b911c05e5ddb6ed55d38cc9497887b8a4ef5243d1960aaf2824efd7fa11d641440859c2e37bc497d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    50e06a84a51c6e136055aa4ed81e65fc

    SHA1

    955a7c5621fee09f7b004c308d847729571aefce

    SHA256

    e33c1645338b6aaaee5517e3a457cb77e6464c2c7f84c386ae0464ce76fc91e9

    SHA512

    016be11143a5e50c24c593f79e01b46571ceaa30e9753d828348f0da9ce9c4d8aa21bfd2c26e7e7164bb0c8545e522b982cb71cb1db1b8fb84c7050e02e69409

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    44976462b85201f74ebfebf24b20ba5b

    SHA1

    d606fd5b66b29ace4a6440ada755eac27e644320

    SHA256

    70ef728e930b0408accf491c90ae270af7a5d7f33e5b1414a89fe6221d5834a2

    SHA512

    48b426abff2a679e45f7656773ab79d574e7648f025187b589e66e28f40360d003554a9e39241e408e070e6947d4f44220972f8dcfca7512abf8dab1d1d69eac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    284ecdc2d77a6fd68844481139339783

    SHA1

    e99f63e594184d6817752820333661892181b1d9

    SHA256

    6a61f7f969e3ea57779e74be833b989fa7f1f9529e86ee27e8320d6bfdf0c30e

    SHA512

    e0799a29154e03173d1c62419b29b06a6ccfd31e4642fb4f71d72653ef10d7dfefa404f173e8091abd451f482349df4331951bd3f23ac7807833b15603da7c7e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9da7ab92192f5bf6bce516f5955da1cd

    SHA1

    d8c32b6d0f9549cb020145ddf40e433da8ab7843

    SHA256

    e318936c20910c24a33867cb6a15c850578477771fe296f2c7974987efd7b846

    SHA512

    215823f43f67db8d83ab4a2bb924a4d0ed30c13176d7734326fce58bc018e2fe210a6c485eadf31d7384888bf8ceae19a1c5c0d53d65d1a488a27500f25619c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    190fa3e1b5fc0ed40fd12b7d5854703b

    SHA1

    ff65644ca17b5f11c9a0adc835fbb0d48bc8038d

    SHA256

    c493dec99ef200d750552435f622ad9629e416292bda674e15e85caf79372851

    SHA512

    84b6fb5651568c6919a39d8a3d92cad2f257952d93f52354a277ee3eb8df2107f1d047d32b7297703053b1ead5be6e3cb7de5153467e62bb72028cea3144cb02

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7bead0c59796ea46c2bfe88729499f4f

    SHA1

    871c96f1e4f08c5d08765b3d1119d89293548575

    SHA256

    aa5adf4c25b0587ba816ce131eaecf4b512ec902906320767557cd87819aa13f

    SHA512

    b581c8734b902f685da39df83c1913d247d1df1664d96125fc7ade682a8995d81de58949c757796776955c8cd92126563298136632b16aeae8d9789d0f796707

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7325d65b687429ab2ade0ad71da9b9ab

    SHA1

    2a20e8af6ceee90012ab5aaf46f80ca670830457

    SHA256

    097c4780dbf3e4fd173950a56864d612b427c2936668ff32da302d1d6256efa4

    SHA512

    7dbb04a6cc6fc08c3eaee1a6ca5fd0ae5f83fc02464e8022de5bb439a320d1edc9fe7d08957349e7e46563e31bd5628bec8fd9e77ca3b9b7230575be4241f1fa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f1cbafaf6971cc703776e9dd4297eb39

    SHA1

    416cbabd83d712c3c6fb5621484a7ac3911a353f

    SHA256

    5f0495451fe5497f2fa44d3ccb8c1ff3a1c1b305b288396f2e7f46f146ca9626

    SHA512

    acbb4a1b80154f236bac20c6c85badaa0c6946d990aed2337091c525ee8f4c8728937f2c2d967bdc5d875545c25cf141db7aa46c68f9e79d0bbc601a1514b158

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    26db79a95839f5904f084538603c4af2

    SHA1

    2813a487b2cbc1864e836bb44f0f7194737b5f8b

    SHA256

    9fa52d10332d0f79941dcf4a048adfefeecdd574feb9dcf9504b2db1f7ab1860

    SHA512

    26a7f3eda82024841339929d79b8ce29ec0f3f6538147ca45e23c0f7c30cc6651ea3f5c64fb70960d5122f212aab1bd184b1cfe4d90ec6b6f109cd2c869fa1f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    024c76bf5a582afdf26d076863d35ad5

    SHA1

    195bee0068ca423b3c4e151e49ad593916d0ddfc

    SHA256

    2c21020806a14f06afa322815085d2819bec7d9d0725b36eb595fd41a4ce3b16

    SHA512

    44d5b5cfecdd81c566a67d1db78b1051e015ed4e312dea3a780d952f0756101600e3709af734594190963b987905e9dcd5b7282bc1f3e3dba509bc20c1094228

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a1eb3136c5c81679dffc11cc697777aa

    SHA1

    966f733fb7a663dbcecf323ee07da54c28960707

    SHA256

    62dafa23df0c335bafe6793d9be84109d1a6e0d20065ea6f4f6b26dd70259ad6

    SHA512

    f7665b91e0917bbb66b9695034012c82a8f3074c00930eaee2aab64c50c1c3bbfeb5f04da112fe458be311e8693f9fc971915a8de47720d87232b8e53366620f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e756f3bdd8328b1208630ec6f8c050b1

    SHA1

    cc3bb8a7320dadbec88bca2252e3dc8e776a1e6f

    SHA256

    6aed4c2fc0ad9ed33bee61206ff8bc1435c2a64c888bfd29d77baec0acbc5f84

    SHA512

    6ef20424a6ef0639ec76333330833c5b519f6b6b2e33975d0b763b6eadb11f58c22806d29df412102e0b1578b98630ab349a4f0d3ad6d4b0f67bd9aa5edd991e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cf91afc05033171b6151a293dbcc09a5

    SHA1

    b9f0975830d54f238bb515b762cbcec629991969

    SHA256

    ff64b8292c607622b1c1b7fe7e943a8e9b973b2deb09cda76c1b6d37e2f6271d

    SHA512

    802ff065002e4f45919072d74bedcec03d5680ae989e69c61f625ef9799ea33337bfe9638ece9b5e54783fa234f13d9086a97d3a215a7aa20b2f5f630488b97b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d6f182d77639dad5703919e284327c5d

    SHA1

    01502945a299d89812b02558fac982c1a9e9c7cb

    SHA256

    1d4457cdd53ad77e7f4b9cf20836d14c4b9d6a653391d5de3d3b49e93569f3dd

    SHA512

    39d1bfbd5ba2550b8ba7fc71cea1294b3fe2b8f82b264272696cf5a20861231981289d9b0b24db7569674c7e48ab10ab693f8766d9b14d5845b76ae324c5dbe8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d0ac8c814f46f5d88241839add45f8a7

    SHA1

    be0149f11e2d3a4c363051b255cea5f973573944

    SHA256

    a517ddef7c8c61603b45575e85bb4f129af473f300e3e31523e60fd0356ce963

    SHA512

    4116b12e82cc32d9a0c5d49af2743544f167cfa447baeeb4e5e92fd8bb022662cdeb0276f993ee31848a96ce637a49f746b95d47a4acf815402dea28f8693ed3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7f00db6d5b02258b886ff1d661818472

    SHA1

    c4141b22274e187e8d28b9c4d5225997961c8283

    SHA256

    e96c3ff166ec9ae884df8a96a218dca4f2b14574891e371fc51d8b164234652a

    SHA512

    b7153dd494e0b7f3805ac64730bd6ad1643ba641233f997abd971d7234e7ce97d807b933c8f8d2a7fbb2b8148109d04d93bcff08ad37718fd4e72200d982def3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3cf9f1a896c77ec05f687ee96b2107de

    SHA1

    1f44ee9362b3a2e020d0bfc9aad35ea03ffc3e9b

    SHA256

    e1e1d69c1c10b05e84c6cd17d18b9adc5354cfd0c40a8a02e0313096e3c2fab0

    SHA512

    44498f486be8ea3f842db95536fc72e8588d4c7c9eebadc13f8a41bd58301fcbaec65f58602a84d6ad891c9872f821c9e1c6dcc253a4bb4a9174d088a2106777

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    c7de8b87d71d38e2d6a09e75dc110632

    SHA1

    1806c44915ed6b8be31244219c1bcdd662ca14ae

    SHA256

    1a1973dc599d5e9989f4a69f937905d978a805526aec0c3539c2c819c0a643b1

    SHA512

    5cc0a7028c558a2a3c5f7688754632f1f120b2b4b64f25f66a9aed8c1fb97a6ba417558e1003deb3db555ae67dcb749b329214eb3ee531a86bcc21f86c1345db

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3AE5.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit