Overview

overview

7

Static

static

7

43e45b0caa...18.exe

windows7-x64

7

43e45b0caa...18.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

System/Sha...p3.exe

windows7-x64

7

System/Sha...p3.exe

windows10-2004-x64

7

System/Sha...ch.htm

windows7-x64

1

System/Sha...ch.htm

windows10-2004-x64

1

System/Sha...yt.htm

windows7-x64

1

System/Sha...yt.htm

windows10-2004-x64

1

System/Sha...ons.js

windows7-x64

3

System/Sha...ons.js

windows10-2004-x64

3

System/Sha...ion.js

windows7-x64

3

System/Sha...ion.js

windows10-2004-x64

3

System/Sha...ead.js

windows7-x64

3

System/Sha...ead.js

windows10-2004-x64

3

libeay32.dll

windows7-x64

1

libeay32.dll

windows10-2004-x64

1

sqlite3.dll

windows7-x64

3

sqlite3.dll

windows10-2004-x64

3

ssleay32.dll

windows7-x64

1

ssleay32.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    15-05-2024 01:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    System/Shared/Utils/html/yt.htm

  • Size

    1KB

  • MD5

    f1d61be3741906f0fd1dc461bf12ca70

  • SHA1

    5c3714d0f7d0db000e5d017e6894cf82a8bd06aa

  • SHA256

    b21caf9a8fbc76e131be1a6c943be120fdd1653b2f273e91804e245d26cfba27

  • SHA512

    c4f27d807aa222c105715b0fa97aa5c271392610bdca37f07c95e8da52f221a58ab514ba721fe5086cce7ee9887cebef5b2a2714d45f124ab1f0605765bb654c

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 64 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\System\Shared\Utils\html\yt.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2892
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2892 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:3044

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    de43b9d4d7c2d983dbe22858a5c369d6

    SHA1

    23c567d87d5124aedca4103ca2902416a8650109

    SHA256

    f01d7790e82fd5ddc181e16b4ed6797e2257886400731c69f75dcaead986583b

    SHA512

    f70d9ef6f7ff66b442969bcf705f1166120f2ad7832685b072ab2e778eaa81cd8db0c58ad692421d46d29e8075bbaaa5bd66f967b681c19625f6e6fee024aaf7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5a274e42ef4277d845adbb4c621c0878

    SHA1

    585911bbda4d9214ce415718d2582fb495683d73

    SHA256

    675aa2de5c5a7d6a82cd75e4bd9d6b5589ad73de915c309e46f7a6e89dbda4b1

    SHA512

    530f71d718eb58c8dabb5153c0b391e359639e5f8e54772f1a601ef27ea73a75cd8945a5fb527ac6fecbf49167c880422b38a4cd57e74686fb970771600f3946

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b06d76b429e14cc1587f82500f343b56

    SHA1

    a3ccde261fcf651d0f497749ca8f077e0fe3324a

    SHA256

    93e365bccfece19a779540248cc4e7ffad1a5066a34382dbea728f21248e88e7

    SHA512

    f78af4ce7b1eac5adaa13cd5459ec8322401215c58f7607d7f50ff5682b1ab77dbd9452ee017f8633eeffbc7374409a632568f9905333dabcdacef279fcc5d8f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1a00728e25758ef57c17264ae7740180

    SHA1

    0f8206af41b47d7f3e17844da6787324cb132f8d

    SHA256

    e7480159d2e8489718f8175bc3f8ad211147f9592fb7cc32f02f6884ee115077

    SHA512

    54a3460374376635de337ede62f97e6f0dcc82703891b00f3b2b869bee087747d163b3d79d2fcfad47bf0ab9ca84d0bd59a1b62092d1a42fd49e8ae11351c38f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0e71c253d341c5aff437680a96d92a02

    SHA1

    b4301fb0976b57ce6676167a6c73dafcb839e719

    SHA256

    8ded6a79dc6e24fa3422708b9f4b8ff54dee9ee204932e708563818eae77c9d4

    SHA512

    4e6a17fb0d3bf30b811804194cdb013a14b6676e30bc1f42f1e55a4555aff1a102f5a09ed3291e2fd17e819ec987b1a4fdf0ebc66c23b55206c7d8f22021ef78

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    72b41c4c087986fd3827981261c9338a

    SHA1

    0016b5dca3232800a0334a182d8dce8229e1f0e8

    SHA256

    de475035eea47e067474c847c8ecb23fd1500db9aa603576c858a169c22d410a

    SHA512

    40e0382396ac783d4a177846feff794048d11f5723bd852486e38b80e4c98086b420e8f37520c07c3cf27863d083beff252e4acc7ba6ee37f27ddba44e97925a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f631ffa7f4cfe8555f0b68216e87f889

    SHA1

    017968a36c3e0c1dd77ee132422f4bc27c1b5d9a

    SHA256

    a34e55960dbfa7ada6f1ae358dc996c086d420c624641571a82ec1756eab75c8

    SHA512

    5379deecd913977dca354fdb2ba2ebac413da3e91481e3b9ee56570d072ce2d09ec58cca7a98198a5b8a9ada44780e951d8934638b13e6470c63bf938b295ed3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5280bd41da65d992dc0a004915aca01d

    SHA1

    de9d9150f8269e55919b16bc81400460f2341c09

    SHA256

    f99f9e92b2ebac86e5547968021907726e3f5660b2050604706e9ee6793af34c

    SHA512

    0b9e5ff8511556052f4ecc32dc03968e4ff18ab0fef68ecefebc5dc7ba686723efcf9e09c1b81118c3037c9ec816679a7dc297b03986a8aab05c1072f6b55c1d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3188d0adab53231bff0718a0f8924be4

    SHA1

    e519bba7290e2d071449f9398612237f809bbdd9

    SHA256

    a50ddc61471a02fbd47679f37367dbb74f12db6e31d0d5ff6b0fb108e3a47e41

    SHA512

    9fd8f474a43b5927675702be11659069969983559084a1d09e2b3906df32c66aea818b23d0b44bcea04740be49ee13edc08fa0d052234d5d1012729cb383b4d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c1c2b866c0f51e976373c15062110a8e

    SHA1

    5b8514d83a6677b18c6795f90ad9e02bdf220f74

    SHA256

    78673977bc1c5962fe7703c4ae9750943e53144874ee3e5d56bbba387e1a8249

    SHA512

    896e83d80d0b10d020c01ed5f133f627a39efc5a27da3fed1400295bbd6ba38060ad8115fcf1f8eec028f5c2f82235119758cf628a9cd5f75e6fa0c36bacabd0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6c4531f01be1fe1addf250526b04d37b

    SHA1

    8913860b44d2f4d04279f1756a81170ecaf13264

    SHA256

    f30f96476970d4b1175e78caaadd7a8fcc40a9989c83cfe202a73d72cb30ef17

    SHA512

    d8f59f3dffcce6e9d41cfb370e73f16cf0386757e760781cb53a8af2feb699ccead57f4084d54966a7d64246e1bd52710641f7daaef886e0c6fab97e54366f0e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dec57db82e7e8d974a912f02acaa4962

    SHA1

    21d81e162725d401e116da41d59a2d078862149c

    SHA256

    f80c6450eb8f96d32c2e3b1f03144610e819a2ceb1ebaa9b2a02e9d80afb8236

    SHA512

    7e3ff7fbf1358eafa6387c1262d9362ec74d03f98a36152a82dda0b896450041ce9177a908b4291a470b48ed5b6dd884b8b4e87dfe998b7514f41ebea67da8a3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e6057c398a52bd5ce1ec69bc8eac018f

    SHA1

    e319d9b882af416fe49c935351885b9c708dc552

    SHA256

    c6a328bad079427751f1a45b59036d838175612a5919983bb5fcc0470d3ef11e

    SHA512

    a63f6bd07ba437f90db1112e7c04bf6f4800be7cca6e954fed52a0aca5eca097101fbd6ec50618c1422af472e32cf819423797fb01132805a5c35e112961300b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    37e77e58570feb29d6dd9706a0f3fb54

    SHA1

    8aa2e9a34cc964d455f19010c1260fe02c97cb4c

    SHA256

    62bc9771535de775bad6b6d180b8fb9eefeba11134c0bca3be41ddf0ac5b58d2

    SHA512

    300567e73cc9a7a4107a8f66c492ab342a8287acd2fdc14663eb31ca6a066dda3cabd78ec0bdc921d1769624f2dbe8b1424c557e67a83dd709deef8490ea2a90

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b228c7c465658ef7d787f64eb3ae4591

    SHA1

    7fbbaac3dda24576bdda3f28ad9a5a6840714a62

    SHA256

    080b33f6fb8b6a96b55c44eec9801efd8dce1f4344e05579cb8ccbc86d794b4a

    SHA512

    76aa418761b1965d5060c5907e69fcc31073e28849b7bf9e8fdfd676493ea530f6d98cf1b9ceefb1b425696eb2118d875eac3a4e877270784cf74fbeef8d5e19

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e9a745d994cb1823ee556da576350df4

    SHA1

    3924f68c4fc8a842f8e1f361836504a1a5b885bd

    SHA256

    a249aa2781eee50b8aaf9120b2aed229c869d48cea56e9adb6fd742e7df79ebc

    SHA512

    73d008c4f4fc501ac227eccf87b0da54a7dafce02eaf59cc6efeb1667dff380fe37e64a719c1dfe93e69621794df1aeb47981b4aa18dddcad7ee4cbe73af4dbc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    838f025abb693a8b03fb150bdad9c7fa

    SHA1

    4a23cb0627cfbfb449a3f55a3eecbf1613fd75f6

    SHA256

    42f690fffedb88542f4718008f46bd0c6283d6775fdbbe2dfa4ac85b91bfaf5f

    SHA512

    301ff0d2fab1a20ed9851292e17226acbd03a03bfb032b87617a7949c0a217cc271c5dca081fd3b2b3351f473541e6b40eb614e6d4c4dcf118d128b66a587ea0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dc596dcd46bcddd88df0dd4e52945d5f

    SHA1

    4822f145be3b183f8648066f8ca3e01098957d9a

    SHA256

    6ab3840eb9ff7a2a90d03e6b209b881cbe7fe57dc0abe561a51c186896fc2bb5

    SHA512

    8affc8bc70160cd56c7aa27c9ff48d54e48c7ed47084011c2e5f2d2d16d9098cf5e68136d388f9fd8078ef3db9ae80b47dee7b1de16a4cfce1cc143b712a9ff1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d51194b67a09c3c412343551d240a7b2

    SHA1

    3982a51df48212aff0fab1d24baaec5866f1b901

    SHA256

    0f95b8b8f8660bc9c3f8532f806f2e4c79bf61ce7074148527e55f17274ff78a

    SHA512

    5463cef974253f49e11bf0071f24c8d37a2dc98b7c727b241f991a9cd210fcefc9ea5df58f85e1c849d6492044b2d1619426c146be96011fb61d7663501c4cdb

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3USYNNLT\www.youtube[1].xml
    Filesize

    448B

    MD5

    4ade13d9d066080e159705611dacfd44

    SHA1

    b128e865ea3a1131ec20bec0d7e83f07129b1262

    SHA256

    a5dc9482615010dcb4bcc802afeba7e64a06c36a9cc59616994c1b9ea7ff07ee

    SHA512

    49d9f8f05d18dedcef0e440e3b565f94dc92e4f630e9c881417a9573987ca3b14f2e3fa96920e25ab867b72b6d0b012365aeffb245ae2d9d60d80636cd4b416c

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3USYNNLT\www.youtube[1].xml
    Filesize

    641B

    MD5

    f425ef9967bfb945b09dc9289da4a8db

    SHA1

    c0adbc716c3001e603d1185f8429d2399435aec7

    SHA256

    8626a1cc2b4ef312edc524826eace355d60ccc3a9ab3dff908ed80e918f55c50

    SHA512

    e0f7dbb7028aeeb4ece1cc1701e0f39cb7f0806da2023fcc441c64dfd73c57e7e8d03421aa0a70486865a9b2e799fd093391256330f54d4c0d01fa8aa1d8ceeb

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3USYNNLT\www.youtube[1].xml
    Filesize

    15KB

    MD5

    c9290987265c06c74f14bae6747f9f4e

    SHA1

    4d8d87ff36f0e4e356f17a5be669289cb6c9146a

    SHA256

    88ec32b7ac3720907d461a215076c2a80e5b7d31778ff2bc3c14c5389b729757

    SHA512

    e005fefb2e5c0496d3fe724aeb24951e3531f0efb02fef2c4c3e75eb540d81d0579481467d306ea52844f0fd1d2100d09af7c2c4262edea840f28540cec9ab66

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3USYNNLT\www.youtube[1].xml
    Filesize

    990B

    MD5

    1f9f5d655a47b0259f0c56fad79fbc33

    SHA1

    d31a7bf7d8dad730bc9eb4c6da097624cf634855

    SHA256

    fed42239c9194fa13076c3dc38144c710eef3e9971b54cbcc1b32b2a9bfa19d3

    SHA512

    101e760a2cd80c81159432b095b267b3c9494e723c52c1db2e0424e7199876934624324064d6fd7c8c2d44af13481b4bcdb69564b21e29c5b9afdcc5209064d7

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3USYNNLT\www.youtube[1].xml
    Filesize

    990B

    MD5

    9f5cfcd751c3580a58378cdf26f24223

    SHA1

    d381613f103eef54888eb411892c164c3840daca

    SHA256

    2e2276c9f55a69ffadc3aea8f95495696204e5c9c0bbade0320462182fcaa295

    SHA512

    267181edff32170c2f690d6299df48c7155a60cbbf0a6d2b6f0ff390a027c073e5d8a3912b7eb00892cac7092d10f8d0e0e3cb4501300bc1845fc50d0b3960de

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3USYNNLT\www.youtube[1].xml
    Filesize

    990B

    MD5

    b0272d556b430a4ecb651ff2dea423d5

    SHA1

    cb105f23ceee887d67feac0eb80df015f6ee4ac6

    SHA256

    d69201e63fe5bd79869b03b13f9bfb412cf8b878b1d7eb254bd2fdf9931c27f3

    SHA512

    056aac639c1d0224b841da047681021ca9271ea45c4538d9be9d1d74bf8efccc3cba9481ecf98b4b9a53f8849bf4637083dd2c5dc1b3778b994d62f05effc21e

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3USYNNLT\www.youtube[1].xml
    Filesize

    990B

    MD5

    24597a1ac98efe2b54acea00e01fb3b4

    SHA1

    7ee40b79668bb334b96dd831dfd9b06a81466284

    SHA256

    43a2d924e16524ac79e5e2ce8484b580665e99b6a457585de57eac262c4e314f

    SHA512

    a1a88dbf1e5c4591688e5b351f024ca289add1524c51226dd3422feddd82463aa823467ce8d704e777c18a56500a6bdee91640515b0426cea35cabfd880cc6e5

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3USYNNLT\www.youtube[1].xml
    Filesize

    13B

    MD5

    c1ddea3ef6bbef3e7060a1a9ad89e4c5

    SHA1

    35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

    SHA256

    b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

    SHA512

    6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3USYNNLT\www.youtube[1].xml
    Filesize

    229B

    MD5

    e8fe036c7ad461123cd9c8347cdb7ebd

    SHA1

    4bc91d53a1080bed0ccce211e6db535defe28006

    SHA256

    6e8e92a0df6d090623757a38aa7467dcf8200489ff20ec4808248d8e4933573f

    SHA512

    57dc203671716e9b539421faa8ed0690b8bc8cf6435830f7bb27bfeb6ea3800714dd5e09afd54f43f2a7a306564bb687d54d00953b0b568a91d86292b81d0e2a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab47BB.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar47BE.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit