Overview

overview

10

Static

static

10

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

bahs.us.h/...5.html

windows7-x64

1

bahs.us.h/...5.html

windows10-2004-x64

1

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

bahs.us.h/...dex.js

windows7-x64

3

bahs.us.h/...dex.js

windows10-2004-x64

3

bahs.us.h/...all.js

windows7-x64

3

bahs.us.h/...all.js

windows10-2004-x64

3

bahs.us.h/...ns.ps1

windows7-x64

3

bahs.us.h/...ns.ps1

windows10-2004-x64

3

bahs.us.h/...eck.js

windows7-x64

3

bahs.us.h/...eck.js

windows10-2004-x64

3

bahs.us.h/...log.js

windows7-x64

3

bahs.us.h/...log.js

windows10-2004-x64

3

bahs.us.h/...ons.js

windows7-x64

3

bahs.us.h/...ons.js

windows10-2004-x64

3

bahs.us.h/...es.ps1

windows7-x64

3

bahs.us.h/...es.ps1

windows10-2004-x64

3

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

Analysis

  • max time kernel
    133s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    17-05-2024 08:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bahs.us.h/ninja/lib/lang/index.html

  • Size

    13B

  • MD5

    c83301425b2ad1d496473a5ff3d9ecca

  • SHA1

    941efb7368e46b27b937d34b07fc4d41da01b002

  • SHA256

    b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

  • SHA512

    83bafe4c888008afdd1b72c028c7f50dee651ca9e7d8e1b332e0bf3aa1315884155a1458a304f6e5c5627e714bf5a855a8b8d7db3f4eb2bb2789fe2f8f6a1d83

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\bahs.us.h\ninja\lib\lang\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2024
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2024 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2828

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7764befef3db351626cf3f64889a318d

    SHA1

    62faae934982a17dc29ebe977814288b1baa64f3

    SHA256

    1692d3b9b13addcf150a7ffb553ea2837d25f3639a741c65bf21ca89b05dab1b

    SHA512

    6ea35c80c524c25cd1bc7775fcbe85a8cf4c3d457da358414f4ce4342eb7d11f1125a907bfea47be2d8bab2c1cac5cb4805352f210093bdfb08997f19468c547

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8dc570a4b2c4ee70de4d16740a8966ac

    SHA1

    9cbf3e10b5b7641314504b29243b786207726eea

    SHA256

    a5c5d237b4b19804dc07d56c9189fccb4b0ea0802dee4a87e9b0544ad6107698

    SHA512

    f37dd617d1da10e92083b1305b6aff2148e00af69148abc2dae3a98a3093a2b272e9218436d7a676df8ce80ec268355eb63b840309cf4c77ffa7540ce724cdd4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1702fac5646b381dbf0ba21fe301b1bf

    SHA1

    118e3f40ce717964f99d846bf98945c634fc5c05

    SHA256

    c7f811c84635700e573dcfb654a01147163d2becddcb919ea8bec8850092865c

    SHA512

    b85db3fe42c966adbfb44953a988026eb92cd6aeb669b8122a6939d9b598dc1500cf1a5c2fad8e0757ecba5de509603bb59f43875730e618b2d9e88c703e4a38

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    19f1482f28c70419f5cc52a7c8a2678f

    SHA1

    52b298b9a9a253b591d1a959b1be9e81c9daa102

    SHA256

    4a5551d78b92dfa0749b40b3e2a9cee731cecdc2dbfea71a457682a80339be77

    SHA512

    875385bbb089809a5328c0e3adbe6431ffcad3b21de7386331241dc4b7561bc8a2531bb4e3a4df2ededcd8768938d85b98e6f79e5c19888ee7d5adfa9a02359a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    89a63a38a060af627cec7095bd73bd95

    SHA1

    94ba7b9e99a9b8c410ad17ea581e539844e0e6e0

    SHA256

    155fdcfa10afe17216b10a43f20a57ffb7e4527a80be631321fd74ebe42bb4c0

    SHA512

    8351c3bb3d18539138f224e28a293b1ae9a0a1e22dfe83b2af1fb9171f79e7f4c7b6fa72e5a83214f292e74ad7421e8fca20e8809d244127ef576ada247ce753

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    27c43c7099fd10815a4167f910fc041e

    SHA1

    f9f196cc3c5daff33f85d53c65dd96b18738c4c4

    SHA256

    13fcd2a95b541d23c7dbefefb810ef84b0b3fe10c314fa32f841e923683c7dc2

    SHA512

    95c7ee6a22dec450628b247caa82c2dfb4f06db278c68d5011092fa7aa500444167899a8a3aed811fd8cb2997b60fdc74ced04de43e190883135d693587e55f7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    967c819a64713d3f295d4b6918eddb92

    SHA1

    1d0d9b5899abf666c20a3dc81e43b1da9d826aa3

    SHA256

    09c1d0c0ac98f6441d4a1faf8f4daa2b91b616b301ccf29ac4cbf07f6ba0e2d4

    SHA512

    5483b39c2c3711e47f0e488a30b0a470f5d9a6a0125320566a01c83773e09b4b2a624416dd2ab716ebb2d041340ea09731a53802ccd36dfcbe0cbb91bd6566ad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    079ae32bd46394439b3a7618b83d10f4

    SHA1

    257334c88fa6767f851beb67d70dfbaf2e971890

    SHA256

    4fabb07418f1166cc70c7cce66c840c6e5c53951d5723465df9826f3088b02bf

    SHA512

    ad363e994abf892ac2e9fbe1534242faec7b0ee958096b35f5f46857cefc2869ea07becbfa2c056e92bbdee4ba70338fba21ae52c9784bd4188d4a79bb1335b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    669fa8baf6e72a7d45fd6582e21f5dd7

    SHA1

    6ec0eddb9ce52ae0b7496b2748984f01c8363b2c

    SHA256

    9a104be4f0da70607c46096027bb27b8d7b07f5fb81184cae5a5e1b84c24b2b2

    SHA512

    b16e7a2d1783359820c708ad9a8b36804d6d9003fbc431abeba982559962878712d2432a4d58ae6680ad3d451ffd116506f3b0612d9a1e1c76e5daa7ede2847d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    33ff369f1dca5d8e7d8ee56f075a93e1

    SHA1

    1d288a877466c2baaa4ae97f2a50ce6d9ac0b0de

    SHA256

    02b72162de2f272cf90c892a212fb7d7f1100096cd98470787400c1ddb81423a

    SHA512

    7c803df6d6e529f5e321c299beb8857b958b96d257ab3a661db54b18f75629d18c9531cd30210652e8493f9251eefac6237c9fd7185bfe657b69ed9a678d5648

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    745352f0c5f29446e5b3966bbf771fb2

    SHA1

    0407d83d61da325249b978ccfd6f69a7743f30cd

    SHA256

    6a8d5a12a0251aa2e3c15b05f69f9ff701a17ae0194c875f1affc27149d13087

    SHA512

    c139797a8d7b64cc1d44e354634606a4a2eb0a3f7044ca42cbf30c6600b7d4d5ce8d705285f77016a4b658614fe8fdc2872af8cbe1f92483e754905e5c1cbe3e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6caf058fe4abae6b0e7ad202a6c61c0b

    SHA1

    3507d19ba78b2e16f5aef482483c2e579a7fde2b

    SHA256

    19faa562ea8a92f42a30bc2901e659f95779b0bb545a09a779aed64bb4563204

    SHA512

    f3dc43a6c3e91299a017a2d00240659a7a9dc956cd729c1bfc2d5e4803b656226827aa55d1d6520a646b9d1128f97c2ed965a951a8c71564572fd1a4f49dc5ee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d3edd90c94e254bd30f1f82156215d25

    SHA1

    0f8bbfd4859bb148bee1bf56c166b5d47550ead2

    SHA256

    14dabad63ffbed79167f89cdfc7a7fdc56749e73207632ce73847b2ad6281174

    SHA512

    b2874ea28047359f5dbf87523798237cfc437c25da94efa980d3ece3aa2d6b77acd1b7b7c51d102ed50ca23baa932aaaf14844d0c724ea10c74cf65d09e03cfb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    162d6f440c374307000077a38a3319ba

    SHA1

    92026e67b7756a2e2359b92ace7039618d2b8595

    SHA256

    c20d140651d3194713817e3f6be656e1d830610606a93b21a3afd216b63bbf05

    SHA512

    7cc4f55457c15dae39fe7838ed34bfdc7d94560051ce6c5471975bdf10ac0be07277cbfacdc36b5e531c83ae2a6715b8ed57e07a0c3a9a69da91e2b68e692561

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fd82cbcc9a42ea685edb64b52fc4f9ff

    SHA1

    dea4d60f1df1b38c29cbe83bc467bf255575bf0c

    SHA256

    210d15e0e3eb84170ea8d6aebb80aa5c22e62d20bd53addbe9a7899d37fa98b6

    SHA512

    9cddf47a9e45b0ef75efec6fdd9514dac0e3a560c4d90bbd80f46309ae7328c1095c9686b74c9a40f836aed380a002cb97383d1923394eea70a2c580744a7d1b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    45ee8afb35bfba20880a9c7584bc42cf

    SHA1

    e240dfa476500c6ece4e2a803e1ae93e8530c061

    SHA256

    5e4ef26e363d7751525d7d29708ed787ab085876a8023ac546015c18d77e161a

    SHA512

    ecceb29b4ba825c3d41567cdd7807955c872fd8d93563d2a6b098c9804ca085c4e803cdb34efae13d37fa6fe97a08080c19823a02d8ae6f38e38e5940c6f9e23

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    187e45d328256898ab1f1d2519a5124f

    SHA1

    43e7a28023f189684bc7d5d07436d9d9ed5adcfc

    SHA256

    2855d7ea3428a97cbd5cb198faf0450c3f565eefdcfc85053c6a8a780c3f11f0

    SHA512

    e489eef1cd035f4e148a35ca15a24f315b740525ca2b117f29f9efd8ab3ec84d27abc42a35b41d0339fd083201a74071efe41a9e8dc661637ae9bc5e3807213a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a6b52644da6419522ad82201620b4160

    SHA1

    4b2b88934996ec70d9ad4a0b17c61da43bdbe82e

    SHA256

    833fd71baa2706107f3c86af99329c95ca246b69dbf89b1d179b2c290977689d

    SHA512

    91e7998058d7a71acfe4f96fee497739b6b8e0ecc7c9d1a0ef51b1a8e76056c9602a8fd9fadef9426e66e6baae78851def5aef6ff9af07d557db5cf9808e5f74

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9bc0f1f80a52b3113d775edef9c37756

    SHA1

    47e1512c3b54a3d46a0ba6550c9662ea54603f4b

    SHA256

    0b6ac3963eb935a527d47ee3500cc1c4a17b7021c75a96792ad0a96d5a6867fa

    SHA512

    829d5cda9729efcdf22d9b10b22915f2e25890378321c5ef3ddf4256603d74808e2b7fd75795d848c6d01ca98ec2c820ace460f9a8b6bdd68e59ede5ec2e9a63

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab404D.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4110.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit