Overview

overview

7

Static

static

3

4c7eff4f52...18.exe

windows7-x64

7

4c7eff4f52...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

1

$PLUGINSDI...em.dll

windows10-2004-x64

3

7zxa.dll

windows7-x64

3

7zxa.dll

windows10-2004-x64

3

DLL/libeay32.dll

windows7-x64

1

DLL/libeay32.dll

windows10-2004-x64

1

DLL/libhunspell.dll

windows7-x64

3

DLL/libhunspell.dll

windows10-2004-x64

3

DLL/ssleay32.dll

windows7-x64

1

DLL/ssleay32.dll

windows10-2004-x64

1

Html/Edit-...nt.htm

windows7-x64

1

Html/Edit-...nt.htm

windows10-2004-x64

1

Html/Edit-Default.htm

windows7-x64

1

Html/Edit-Default.htm

windows10-2004-x64

1

Html/Edit-...nt.htm

windows7-x64

1

Html/Edit-...nt.htm

windows10-2004-x64

1

Html/Edit-Minimal.htm

windows7-x64

1

Html/Edit-Minimal.htm

windows10-2004-x64

1

Html/Edit-MsgOnly.htm

windows7-x64

1

Html/Edit-MsgOnly.htm

windows10-2004-x64

1

Html/Edit-...nt.htm

windows7-x64

1

Html/Edit-...nt.htm

windows10-2004-x64

1

Html/Edit-Old.htm

windows7-x64

1

Html/Edit-Old.htm

windows10-2004-x64

OECRestart.exe

windows7-x64

3

OECRestart.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    134s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    16/05/2024, 18:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Html/Edit-MsgOnly.htm

  • Size

    248B

  • MD5

    3904dbda871d2363da995a876de0f403

  • SHA1

    458761f21943c7f51a84936e9a5c5b988b4f084d

  • SHA256

    33b857af977d9a76328d7b2eb4dc8b3614db7ede70ac7453a7ff9f2dadc6929d

  • SHA512

    5512823a8a13f91d3f775e1baf41b9385edf4e886aa57fd20ad5d85633171bea5ce4ca7ccbf1afe4311e5bad9b6704849c2921825457a6a683ebfd78da8a7099

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Html\Edit-MsgOnly.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1876
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1876 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1884

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3120d15601cfdc868612255429dbeb9e

    SHA1

    49b7f4fd8c5be263d84fe6a08e7e56f7e5a1fb36

    SHA256

    d2b9a03cb834d14e41ceefc720cddae53467746935046df8860c3b0bdbedb9e6

    SHA512

    b35af193cb0a8f98b8074e082f38aeea60bb212d82877e68bcb14f6827d1ddb66fa4aa4bacac02f5bf0704555293018a132328a1bf1cbe87c40e731b44b94ec7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2fdda9df00edf56bd59677226a512a90

    SHA1

    0f0d6730be23ffb2987896099f0a7ef5066a6e7c

    SHA256

    57fd401ba585815f597964d443dec207aaa8e0448c6bf7409dd6ebbeffb987ca

    SHA512

    73e74cbe188321ec7c2a00be123dc30194a3df487d818f9937def974fbc58512154672eafbc0eb52fcdf3f44ffe1b68bb42886b7ea44e3d7308d33190cc09f63

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8041eb0fdc480a09005bf187edbca9a8

    SHA1

    8bafb9196e45e4b12d97e9b24f0dc7f5dca7e523

    SHA256

    bbe501c0878de352a8f64371e3a35db3a570ab802d674e1e3963c4f8a9d2d1a2

    SHA512

    d412124a31f57edff743a4155c4d11b4e088b83e4b527afb6c5bbf4fe6579f911f8f326179b204c993f61e1fb01ce576cdbe03c6265682e9e7eede9ee62a5ad5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    edc403f7773f7ed756d76198e4274a7e

    SHA1

    659a34c8c274875e4cd9160703f91bcde394a01a

    SHA256

    7a579ba282d1c10fae356dd339060bb4ddc99b7ffd922111360bfbafabf789c3

    SHA512

    024a4db7189cc40950bcdcdd4e4630a9273a2cd4c9759104e634b66a610aac9a1ca96f983fed2cee905473d482d2b539ed6b25912aea8b3ea33e1ddf668ba91b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    038b61fdd13befafe7ee1d2256bb962c

    SHA1

    fbf9dfaabbc89acd4132239ed7f28a6cb152798b

    SHA256

    5a74ba72ddd7a6c0eddc81f5f57503889694b73ab7474f9ed4d06e47bc5c7610

    SHA512

    6a393b8f71e2c6cbbdb4e9989ede56c6b97b95e648f9e2f5051121272ac009c7a295e0e802b08c64d4a0ab6dd2e6cbc55a27b655b7001fc6f06bdf7a87d9d3d3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a73b3451aedebbc212bf5646ea6ae14d

    SHA1

    e4a1b1ca44e4d1634919fd328556c8a135ed9b99

    SHA256

    beafbfd03c1946abb1a6dcc4c0f1ac7e7db621ca27a27201e8fe4ddce737d2e8

    SHA512

    c67cb32d316aaac9dacd21e3fd4644a8a8257f87bbfbd7f757ef664ee2d12c1d9c2bc790c2810e32f1c99b30e71954c462d03aa251bd759b6849c75a25970891

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    124cb367a8414d39eb732fdc30429207

    SHA1

    61b99d9df6bc01ada13c9a876870b2e66bc0e044

    SHA256

    9bc3daa81e213c82200a27fba80fc5d16af8bed1932a9edbf99909b259e2e6eb

    SHA512

    dcc364584fd25366d72bfb5652c5f55eaf2490c6c93f486102d11ae0f2b4df46ee2be6f9be8f4097b7bff6f863ca56fa4952612fec1afcb7a5d28fcff8199b15

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b979c143d1a2079923e21537f51350be

    SHA1

    dc3494c0dea798b2768658867ed0f32bf4491935

    SHA256

    1928f2d8ca85dd439ae70207fdde60e87f5b12133a75b5d5007b3c0ad4278faa

    SHA512

    70b99c48b1a4243e5f057086b2ecccadd38f54d24ac4ab9f2513e9b22d6dd1fa65da2e9470d72722ae46507687d5bb72a5c043c3cdffecc9747677716e43df11

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a6cca9549ec38668d505fcfbb4c65de7

    SHA1

    be4356573a6f010780f49823dfc5898b34a054aa

    SHA256

    355eb04e7608ae56269fbc9ab599bc19340e354d2fda2480a50f0b7cc87e461d

    SHA512

    0b5acaf006653e92aeec5aa289b156d144dadcbd4c0ac6906b371a381dbf989358a7f01cd5ed540b841b37da93bd22e33e381b69f2a4aa2b73f32144055ea5af

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a162557be33de626ae16b44904f3f15f

    SHA1

    1b9e45f8f44b934259681e69bdb76764983120a0

    SHA256

    aaaebb8bc79437929002ec4d5504e878563163f26f6145e20404e6985a0dc8b8

    SHA512

    2e5b0197bba2dec1d295fb9593efea5255e30a0aa32bdccc3dc74cf3be985c30f8498f83748a5e42594c0d33c0193d62e89db273cbf09228ba0346f272e05446

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a757bdfe7ffeffdfb7dff575764d03c7

    SHA1

    63c3f986c810c7d69ce118baa8fc099053b150e7

    SHA256

    c82f5013b9e58ae3ef3f08133dca5cc69bc9ee056d3116f42792153a84d7f905

    SHA512

    a212482f5cb30b0372acfcf3dd6f8253405938c40c9bca4350d4e222cec3fd94edef477e06c2dec22fbdca2d7b7edde4928b640ed1dd88b2b149fb9c4da45f7e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cb1e9419e2766e9fb2c05a3bc46d82ea

    SHA1

    7e393a2da95d06b6285ccd297a9a77fcba226b32

    SHA256

    fcce189a81299738fdca4f277037b20a7475a56c918e4086886fbd442f2a9ca2

    SHA512

    0de42337f3b5040bde8ed8ce92390cce3ee6905f174202366efc56acb259330cb455bca5cacaec998727bc06e902b5c21219df3bc28fb8afd9be702c14be7b70

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b21af2db8da75f77baff8a4c16351efb

    SHA1

    e0df6e6b3ce13c01cce0d71d6edfe59ffc64b684

    SHA256

    c9349a64152d649ea7ef4e320f26a8701af483e76db396eba5b444b18c8d380a

    SHA512

    d2c49dc5eda5505a5bc7fb6e9068c3c2ddcc20864001d869c6eb38deea4f8da97b73022a5e3de054a0cc12085ab6f901c050a7d56722295439b958508b354dc3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dbd6d22a869cbec0c367549491d44731

    SHA1

    ce46accb5315cea934062c8b81a8ad461d70c355

    SHA256

    365edb865a58a3ef7717cd1cc6582065efa3b33f361ef6cccaf00b356884aa4d

    SHA512

    2039bea931f491407b3d40ca8c766777d005cdf6e1b9bdc1895846497380036b2319085ea18d21cd1ea7b6b7e909f800e07c4215f4f991fa6cc03717622682b0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d12ce690a4cca37727419dc09c3c1887

    SHA1

    18f09c6982f5f0e9d3cb8b59b1cb7f8ce21ef9df

    SHA256

    20048bdb5a4d0849391181a4fba07347fce9cc7ab9648e7e93c2cddf4faaeed7

    SHA512

    0bcb75eda25b42757e9d3039dfdcd09ddc879c5175fa570bb58341db9ea51ee66415c9caa15478cdacdebda4f64dd2d43247eea2272fceafdce3953ed940d99c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2CDB.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2DCE.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit