Overview

overview

7

Static

static

3

4c7eff4f52...18.exe

windows7-x64

7

4c7eff4f52...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

1

$PLUGINSDI...em.dll

windows10-2004-x64

3

7zxa.dll

windows7-x64

3

7zxa.dll

windows10-2004-x64

3

DLL/libeay32.dll

windows7-x64

1

DLL/libeay32.dll

windows10-2004-x64

1

DLL/libhunspell.dll

windows7-x64

3

DLL/libhunspell.dll

windows10-2004-x64

3

DLL/ssleay32.dll

windows7-x64

1

DLL/ssleay32.dll

windows10-2004-x64

1

Html/Edit-...nt.htm

windows7-x64

1

Html/Edit-...nt.htm

windows10-2004-x64

1

Html/Edit-Default.htm

windows7-x64

1

Html/Edit-Default.htm

windows10-2004-x64

1

Html/Edit-...nt.htm

windows7-x64

1

Html/Edit-...nt.htm

windows10-2004-x64

1

Html/Edit-Minimal.htm

windows7-x64

1

Html/Edit-Minimal.htm

windows10-2004-x64

1

Html/Edit-MsgOnly.htm

windows7-x64

1

Html/Edit-MsgOnly.htm

windows10-2004-x64

1

Html/Edit-...nt.htm

windows7-x64

1

Html/Edit-...nt.htm

windows10-2004-x64

1

Html/Edit-Old.htm

windows7-x64

1

Html/Edit-Old.htm

windows10-2004-x64

OECRestart.exe

windows7-x64

3

OECRestart.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    137s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    16-05-2024 18:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Html/Edit-Default-NoIndent.htm

  • Size

    893B

  • MD5

    18c33985ec71eae3b57ece496efa64b7

  • SHA1

    fe93bca5a80c688e16239ce8695dbdd7f3bd27ad

  • SHA256

    684219dd47f1ed338aea5ce5d9f5a1bdebec73286e49feec911589f743c4c43d

  • SHA512

    c44b981ac0a1ee86a9e02bb1a7c1d05ef723ab0ffccb35fa36fba717e3ee925492b2041f484fddec98264efd3214fd895cdc6e807a18f12d74e6f782bf891fb0

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Html\Edit-Default-NoIndent.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2876
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2876 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2860

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7df7614bd4d3209aea7a32c10f288137

    SHA1

    4d4647c128e6e8a823ad701f5c4905fb8f8a76f5

    SHA256

    43e6be9fd54acc52e90be58a242047a0c0db03645f659798d5a3363f40758104

    SHA512

    81fd17b792e1b9d87a1d7504a1f71a6db2161720454288bed5e794d2186fb1b1c980e817ea35b8a7ba263ac6f4e23784ec57a75190d3158a6fb23dbeea967e48

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f6f4894afd81342d8a837584bb42b637

    SHA1

    a856f3dfb68f564f1e59071a7a94a81dfdfd89fe

    SHA256

    2be918622a4ddb23f99155555828527b3d90f9ed5792dea3bfcc3df4ebe35a7d

    SHA512

    5ccbb1205813808b5e5b68f7c8f26820a1bb3b68afd79cd38ca0b67f93b0c46b9254f877f0a0efaeb16dc567f4af414a9209ae5ebe4c619914cdd5d1590536dc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5fd2bb8678e1ca098e71423d9ab2b03c

    SHA1

    65f34b8cb1c343b40bd73ac738cc905acb630344

    SHA256

    2dd24a74c1e4f2320440e6175a6bd7b578d21b31dc417b8a273472b349cd7b3d

    SHA512

    a84a96b84ed0c3d8246394b546d619fdbd1a00ce31ac673644792d057444e6f616269c7ed2579a496fe1a8b9d4c79c58eda10353efd3734b15ba0dccc02fdf0c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f36aa72ab5b1ec2452718c442dc4ad37

    SHA1

    9035d260f51981efb655c8c9d4601b60d6cfc1d2

    SHA256

    6fe8ae8814e0dfeb29335303a711833ae6ccc4333a334a02f5e474df82b3559e

    SHA512

    c1614a67183034841f44ca441f54bc282541351a702b5be3094f7d3c91eae17a66563a4ecd1a9111503f7336e8050dce42cd61de9cec3f4fae4bbe03fe03a516

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    25a0463065c40ff92126dc32144b3b94

    SHA1

    061e4aa6682bc5aa13211fcf01e732f203eb2d97

    SHA256

    65bacc2a3e1a6f2727317b43ff4355a0e68d67e6ba0dc1beca7de6ff10327938

    SHA512

    f6c6d3f0bb3de8f7c8096a933dbd36eb0978788dbd823b8e6cd96517f59128dcc4dea2da4e13f72d38c98684f2c9f5049afa0225794d3010fa30af2192b3ab96

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d682c0deac8c055e11fc177a8a833803

    SHA1

    2429c15dd0eb66be2ccda884ce84557bcfe279ad

    SHA256

    ae81c43144438dec888319b6ddb43bf90e450e127d8c8bc1f6b087bcee61ed3c

    SHA512

    0456c878fe76b735610ed5e9ffd7f99c6c926e85c9945817c60e6c84bb17fd5560aa81c6801912681d35bf2a13b6ca3375bbc2354b65608b402a60bec3d6ce92

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0489dbed2b8a7f65c262e901b769745b

    SHA1

    736181fff20c0188b2cacd76f6b92b4386d3e181

    SHA256

    7309d6d592cb563efaad9764ec4b099c18a0c57e244afc72f2a3fe7ab0f477b4

    SHA512

    8c97a132d1728aae078e222b8d3a08d6e3f60fd37538962292abbf90171ab006dfa70dc4a70380e6306eb89bae1c9d9c56d7059239039ba371c57e8e2e11141c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7a77a148d9e7c785733ff064848deffe

    SHA1

    2cdffaa646362dd7fccbefd945b389a5d6520a88

    SHA256

    cac0fb9533e6de0769774ab81b2499e93ab5f8324449c37b7c1b36033a641e0b

    SHA512

    99f2e92db433c14a6a8897de7b8f0e6c5d751971bdca2eec48ddc5d472445c3c9e3ed90b0c86ea3e1f8dab06b65536036d2b524b194115d181d79b6c18a507a1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c2aa6b1f2f4f994bb43f61fef29aadd3

    SHA1

    26fa71827fb6584c775b2ebcfe8e5ff0b38be0e9

    SHA256

    dccef5ec0a5e5007a962693239c89f0b6a713dbb27c5e47a3e7d67ede4b638cb

    SHA512

    19cc5e680e0d88ceab154fe66c19892a21ff85065a64ad68f37ce599434af14bd0f4585677dc8b69ec34562a0ca20e7465fb671080589ac5f243c42a550cbb1f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e7e06dae0d4dad22eba3841ab8256b31

    SHA1

    b62150e5bd61364133a2515c0cc6e5827e18512b

    SHA256

    8114deba3684d76431e99479d629d2dc1b405a324825ab396b107482e2ab4ccc

    SHA512

    ce873383dfe7bf5d2e169a925ca647f49ad701f75d9bad67612723bd5e4fbd2484cb1bf79d65da1d7a4068bf57b991fd698c76900461cb3271ca6fbe1b707efc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b2be68d2bd2e6e3778b84b053bbcb7dd

    SHA1

    b64d6a5ce2aaa105aeda06f50e06dfcfdabbaaa6

    SHA256

    49d852d1ef0123c864dd1545e8b099945abb91ac54fd20dd857b896b6612a732

    SHA512

    a9271aeba27294b7edfc1f01df9555b522e828d8c67488dfbff6f8582f0d67eefe06256b84a37e87b3474f45e03bd9f8faaeaa5f3f204c0a90454cb07784c640

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    089a64a42bf6c7c77ebff01c9f6f12f4

    SHA1

    efe78bcb1c9f6d3013b8c61116d13d59db8dea9c

    SHA256

    d2e66d42e976ac4b8ed46e2894fdaf80c8fd2f655d2f98f45a7cf19de38ba194

    SHA512

    af80f6d3dd6d0dd8967a4df5c9a4eb956ac4552ce4ab8753965d98385e112f9cf3d88adaf5ffa94922e72cda51faf050c6fbb47c44ab8ffc10e6c81515a38acb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    29d0ceacdc2d2ea516b6703af35cfb71

    SHA1

    9609a84ef7db4d203ee42fa27e20774b1cb8f7c6

    SHA256

    822ff54ea7e6bac87d72105a01dc54c2071eab7e89d7992f6aa038d5bb66fc18

    SHA512

    7db74adc8f487b4db76243ca128fc2ab3840baf5536078261cb44e0e2a27d3acef3b2890f821cd2cadc43068ca7085fa5424edaa18169c0899b983366452066d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d56df4fa3f160349ec6d36504e0f5e83

    SHA1

    63ef23fd031e46a8d198ff15a3a06afa8d582e52

    SHA256

    9719d4ffd1ff637431355d5dedefdb083c25932cdb6890929d8bfe2b0a3c6c30

    SHA512

    983f8570123189721d6bfe398bc11c782094fa274ebc073a444b0a29774de044db82b70e541fb94d6cdd64338fa4ea0ce498239022497e9538973e4e4099377c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fb2edebb86606fce01aeaee755cb7fba

    SHA1

    0990d7b4950decc1016e04c190afb197d460de0d

    SHA256

    ce08c253b19fb6eb1a821e8fdd26ec7a0df44503678af2651c426b7e6c2b8fc6

    SHA512

    215190107cc3857f16f2467810030b1c55930c3cbcce741d310d2256779615b8c918b33538e86647ae76f1de8d78a8f242ce040d98162d35e5201ca25a1d916c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    acfcaf6ec2ce91ad424c58368b0f5d39

    SHA1

    49f6d68b1232145702980b8190363d0517f4b993

    SHA256

    ad253cc5e5a031800e4497570f3909c9ed2b792693d92f5308d1ca76bc58780a

    SHA512

    e7652c1f840475bf1779ca776b494f3660aa2d61963bd35f7da7b381aa17178df1d999cfea306038cc84ee58682325305ccab39f28cf8ab08162aa483442f437

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    34b60141997f75d71fc617b00ac2e1e4

    SHA1

    0978d0b4778205874f0085bd1510a7da66100f98

    SHA256

    ae8840f349fc3dafc0bf3142150a1e1dcfaef1039b8f716d0df4b38ea2dcaddb

    SHA512

    3029c14427afd3434d14058b44754d18c6037ff2fe70321a719b92d9bc7f772b7a086e614b39ec77700a5af1898f1ab9673ac4956358ad0d035b57420c7b2bd4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    69f981ebb8885921860c0fc89a36177a

    SHA1

    d8940e212af1377782741861ff8d60edbb214e01

    SHA256

    6c17bfe2354aeb60d73fdb5a6d4c8c74851ab14e859b48c52054df965dab1e97

    SHA512

    a61189712e707886513f1657229ed5dd8c8f6f03a52676cc73584dcbcb00b16f65718538efbf166d0dea8651e98b33a0bfa9f229d896b85440469a289b044948

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9bb418871c9886e54d7d03915b497a27

    SHA1

    9b4d649be05be0640855005e82bb9edf38d19dc1

    SHA256

    af7dbe22d38d4c44708e21c4f02e79b25d5534acd00817e7f391394dabd4a678

    SHA512

    5c6c7dc466d4a9ebee209c4a30205e915633ab08d8390c851082793b08705ee767a1ed880dd2eec022801612d04539ee552a527936ee28fce1cc0269eb0da3ad

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB750.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB8ED.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit