Overview

overview

10

Static

static

10

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

bahs.us.h/...5.html

windows7-x64

1

bahs.us.h/...5.html

windows10-2004-x64

1

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

bahs.us.h/...dex.js

windows7-x64

3

bahs.us.h/...dex.js

windows10-2004-x64

3

bahs.us.h/...all.js

windows7-x64

3

bahs.us.h/...all.js

windows10-2004-x64

3

bahs.us.h/...ns.ps1

windows7-x64

3

bahs.us.h/...ns.ps1

windows10-2004-x64

3

bahs.us.h/...eck.js

windows7-x64

3

bahs.us.h/...eck.js

windows10-2004-x64

3

bahs.us.h/...log.js

windows7-x64

3

bahs.us.h/...log.js

windows10-2004-x64

3

bahs.us.h/...ons.js

windows7-x64

3

bahs.us.h/...ons.js

windows10-2004-x64

3

bahs.us.h/...es.ps1

windows7-x64

3

bahs.us.h/...es.ps1

windows10-2004-x64

3

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    17-05-2024 08:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bahs.us.h/ninja/nfwlog/cache/index.html

  • Size

    13B

  • MD5

    c83301425b2ad1d496473a5ff3d9ecca

  • SHA1

    941efb7368e46b27b937d34b07fc4d41da01b002

  • SHA256

    b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

  • SHA512

    83bafe4c888008afdd1b72c028c7f50dee651ca9e7d8e1b332e0bf3aa1315884155a1458a304f6e5c5627e714bf5a855a8b8d7db3f4eb2bb2789fe2f8f6a1d83

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\bahs.us.h\ninja\nfwlog\cache\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2116
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2116 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2004

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6dd8df331637d803f6124cbb64b80627

    SHA1

    b74f38b8bcf96ab6fbedc31dcb4939d398aacaa4

    SHA256

    d0d78d2af3c29b9af8330021b1fb7dedf8d3e5ac838738a6d1d35eaff23aa030

    SHA512

    1b1e8414aa0daf5cc5d3972a4aedd2d82766aaf94c9e6fa428bbb254ab5fb16d0d535cc5876e38dda91bd78c2fbde453f7bbd09d262c8fa796cf2cba051976d9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d61ff8aaf1f4c58dbfcc83e041fc27ad

    SHA1

    17432e538243ddce19e4f5fe1f26d7df1f970493

    SHA256

    040853b343368546ad78c85ea6506909885ba4b2a9dbb8fbae718478bddb0c0a

    SHA512

    7b7a7a03669544a2eb3ef668e81493038ecbed55cf01601843a95b4c4c2cca2f3f1ea19087f8b25e185c1ae0efe782dcec1fe6eacb6b07b54ef4d56c92840677

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a095f26429c6e1b518e4d149e62896b0

    SHA1

    d381acb89b3eda7471ab1044ba41916bcbe4d53c

    SHA256

    c0efc327a1a04922c5219df17d0d6a1e860e72ecd4bc0e7541b1bd77e3afa792

    SHA512

    0195a989f940191d95704bd3ee41e8198d2a32d703bd48e6faf2899f79f7172db9029161fe5874467eeabd8d47757b2a11f3f75443eec8e0c8ec9d2d104cfb8c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ff4ed2ef646f578b475c620f95c7317d

    SHA1

    ec94a70ad3612f8d93f209a101cdd0adc6d4e049

    SHA256

    6ad3bbc4dd47c6410fb5b9a86a80eb9abbcb6c5e1adf7432a4fbbc03283d1a38

    SHA512

    99d8ae8ddad296184e76bb00f738e4ba1dafc821dafc1364a77bd6835334ad46cdaf9255403ec318d7193a1d3286cec6ea78e46967e36ef3506622cdfc884ca7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    37576fdde48b5b6616020230ef9364d8

    SHA1

    398b6a7aab1823fb9ad5af6ef3a2607c6f63d9d6

    SHA256

    d5a43b661ef1e331ee439139866207ad37e5b71f217a0f55120739232e2b2045

    SHA512

    14de14bad97fd2b3ab505cfdba2d5af202bea3219a9ec42dd34d9bfeb03d0ba79b724c9aa77f5a61e45f1f24ee684b9c60096982a1462c26adcbf9aedc67c99a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f10a62c3b433dd9eef49379f3ed34d24

    SHA1

    e06610ed1809d19cfaf3109452120af75ebdae75

    SHA256

    d4b10df4929194fc7d460998295e0893e3583320f2d4bfb20e3b0aa67b0edb5a

    SHA512

    9bc27031c965be5590f25e7f4b6e28f5d8f98fe0ebf8a82fa90c9f2960028e67ac2f10abf42057b43cc1b54b4c61ccb6a3269e2df354fef1c749244f4b6167d3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9a3e33313362de5c04e83bdb544fa078

    SHA1

    ed9d5dd12b637af667b76f6ae7403b7c8eec655b

    SHA256

    a4344ab66170cbd467fb84ac055aeb099c0cd7cca81bb965fe5be601bd4299e4

    SHA512

    16a16c7fde228aad77fdf8d0d6dc6bd8304d625f227994cf7b9b9b5639a5478cb4203e1b43f365f79be8588eff94356873f5b6a1b1637a8a55d6e67c80d1937e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f16a667b2c27e02db44c6a3a8a105de7

    SHA1

    fe382340907f9d477572afc29cd70e0ccfe3c430

    SHA256

    dca199513eed9fe5029ff2ac0cd8f3f5d1ae28bde6d6b928c881e50f45756ebe

    SHA512

    99cffb3dcce032fd4580b7a8b5faa8c77096b7746c3f5f44a6590756620d5d73ef7a7bfee7421d37d0130179d7f400dbf9fc3fddd203a5c364c507a186adcc53

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5d53cb53345ba397f2be9d3902fd36dc

    SHA1

    38bd7a73ee416879a805024a365e3c5247342f91

    SHA256

    aeb5e224545af18fb402122bb6feedacdd76f959c8483ea80f02c5612af66204

    SHA512

    572d46f3e759f5faa2e9d753e81cfa4992e8438166a5429da780c5f4bdb836d63b066121d3a7d8cb15ac2555b8d37fadee24f049b55daccb8a0d1bf9d5455bf9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7d077775a1899bf157e7ca253335c763

    SHA1

    8b0ff046c7f89f30806199f9ad9c24fd5eed4941

    SHA256

    fffb77b151ded7c2868b3dd5fe45edfd145f8a4adbb2bc47518f0384c8ba6d11

    SHA512

    f79eb23fa573334f41841e54078773b0e24f09cd10bd40d4dfb37ded5c927e886fae7af6081c2810455f6fe358a3c77b33fc8ecf759ee066fd999b8618f8e4a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d2923ebc47b250a2e1c2c065f622f9f7

    SHA1

    68c6911a0a514be2f18484c4ee9d7b94ee08c365

    SHA256

    ba1f0f89b17089c134ba2dfa0ae94008bf78baf4aa2f4b986071f7a710800d5f

    SHA512

    bf128f8b6f455631f06006e2c58f98d9b8b82aaf6fdd69578824d809b8c0711479c10dced659e60ddb8c53f58c18fc3d5f443fa214fa5eaf65f6fa9071deacbc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a7c3de0b35cbf18b05fc957138f82ef5

    SHA1

    dede0b0ffc89952ed6af6b085bc37bdd1d748528

    SHA256

    5d80de226b8265cc151007a9a0ce752b2cc5c1d9a3d81a88a936c0506dbcb513

    SHA512

    2fb3abffd9754a26af2f850f86fe1ef42771a057b344329c80dbdbfc9565f49eefb75854310798f037c29319dbad768d23b337e0bf80807791f04880ab04d0b2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5d329cf56e33fd935ba48ffa0840b46e

    SHA1

    752c7dbdd86cdfd86416900cbdcc979ad2934867

    SHA256

    404dd1dc415023e5e01b712b2df8365bc704c1cf34e2cd23bf7e01e8da20c417

    SHA512

    41d7bb1d13f668fd43dc46ef092c091275739bd9f5b5f729e65b3708d55a1334b41a5e23aec25e4d40f69b6c0b4b266e15cd521e6ba264f7d8d6cb8a96609d25

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    75d122a2a5c62f1a3fc347b05200677e

    SHA1

    6fea28c4fefafe9237a64b6862ec413ae789d08b

    SHA256

    c450a0db1fa4fe67b333f481cdbec1e2d3355f760cd901942bd6cfebf47d4146

    SHA512

    31175230ae84cd08c7d990b62ffba0ca5fae10a9b7e3b6fb946475a368abbd7cb0d85edd53e320140562a582465eb2801ce2ab58189323bf8398ca2f965637f0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    492dd0f4793530349c2351b73f90921a

    SHA1

    5980194fbdd99df4de620d689b208f548d55fb3f

    SHA256

    15692c48242616248ceed41aeb2a1450bc1a359f90e99cffa0c17bc0134016f6

    SHA512

    4ee2381bdac4cda42dc0c034c0e3e4e94d335b36c749917b4e2a487b915ded96af4abaf51310b8e357fae8899ff9dd8a97eb7d6127698e8d96e87dcc18dbe411

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    513979305de4aa4d189251a833f004f0

    SHA1

    3ac4702baed828974b4d4a2bc4d6fb3592c48793

    SHA256

    3b87ca5f575a0fb164aa6734d832f6cfa92e19e0bdd78a33085ce1c1486eaec7

    SHA512

    204f08cd4d3f6d91530bb56fe9d0ed3011eb951e5012bfaeba099c7f85c771b99c8fa56731b5b5bec7b45c82117e4ec7d97d7721d9039e1f0e8f9e14db8bfff0

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3DDE.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3E2F.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit