Overview

overview

10

Static

static

10

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

bahs.us.h/...5.html

windows7-x64

1

bahs.us.h/...5.html

windows10-2004-x64

1

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

bahs.us.h/...dex.js

windows7-x64

3

bahs.us.h/...dex.js

windows10-2004-x64

3

bahs.us.h/...all.js

windows7-x64

3

bahs.us.h/...all.js

windows10-2004-x64

3

bahs.us.h/...ns.ps1

windows7-x64

3

bahs.us.h/...ns.ps1

windows10-2004-x64

3

bahs.us.h/...eck.js

windows7-x64

3

bahs.us.h/...eck.js

windows10-2004-x64

3

bahs.us.h/...log.js

windows7-x64

3

bahs.us.h/...log.js

windows10-2004-x64

3

bahs.us.h/...ons.js

windows7-x64

3

bahs.us.h/...ons.js

windows10-2004-x64

3

bahs.us.h/...es.ps1

windows7-x64

3

bahs.us.h/...es.ps1

windows10-2004-x64

3

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

bahs.us.h/...x.html

windows7-x64

1

bahs.us.h/...x.html

windows10-2004-x64

1

Analysis

  • max time kernel
    133s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    17-05-2024 08:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bahs.us.h/ninja/conf/index.html

  • Size

    13B

  • MD5

    c83301425b2ad1d496473a5ff3d9ecca

  • SHA1

    941efb7368e46b27b937d34b07fc4d41da01b002

  • SHA256

    b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

  • SHA512

    83bafe4c888008afdd1b72c028c7f50dee651ca9e7d8e1b332e0bf3aa1315884155a1458a304f6e5c5627e714bf5a855a8b8d7db3f4eb2bb2789fe2f8f6a1d83

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\bahs.us.h\ninja\conf\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3068
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3068 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1776

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d39a242306f3575068171490c847b6d0

    SHA1

    6f6fe8d766d9e3064dd0808b6dc8303a8ca1d49b

    SHA256

    bcc36e6a8e3f54138de5dc6e0892bcc2720fc9a9af03a403f085802566f7c3de

    SHA512

    ef27ce96da41b2832ce61a94b3c38582ff8053eee02134dd906dec89b49ca247180a1da2128ab04f030c9334154d363a20b0967ec2cba802042c66fd5d39c407

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8dcfd776903b7ff7baf859b78336bae1

    SHA1

    23e72ce093a22b5c28b4762571d7e02950e552d9

    SHA256

    9ab8169aab5fb25f89b670dee133f60a4b0df71c518e63a0772a0f1f3c1320f3

    SHA512

    da3b6c60a3bb6f4adc603b25d2d65f47157ed91606972b5ee14a90039f4fc9a3a2167f0c9939d8d111370aa5e96cd885ddbdb5200b74fdbfb418edf36d0983cc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    60115e5baa5757969ed5ade431426475

    SHA1

    22da660c688a3f61556d8af83c7ddd87ec2500c9

    SHA256

    030f22179f8e8fa89153d773ca5f08f099d40e3ca698e327bda5840654a35669

    SHA512

    7ea5ea844ab688f700ee16f7a575f53aac329bdaa64591be12d6208b015ea092571477a1fbdb8f8dd38aa92c14b7af041177376694c8eb3858593350be5665fa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7cc67b4abcd1f1942ee15e0451e3b536

    SHA1

    a2f99562726f8bf420987f47e18fab88883efd8b

    SHA256

    9c93f8832bc839529362c22a8675cf90395a1a10f0e28b207dc10c50d6353146

    SHA512

    383472cb84f64a210a511b2b3f9be3557ad8f3204cf4fd9d02b733ff196af8c457e93a1a0a441a632f7c6612f7ee349986643d4329e54e4a92f561b9454d87ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fb1431912e8a2a453705b947583addf7

    SHA1

    1e0d6482cd36af4750ca74c1a96c6501a83c2ff7

    SHA256

    b65412a65bd1cf790d3a0baf4c47a216369253b9ac49a16d925351e2777fda48

    SHA512

    acf7e4da994ecd74e9cbc66be12cb304f93f85e1db68dceb656e139017d64a0eab0e602981423ea78e0ce5c7ec815b626a3ba60d4667d660eb0497abbf2ca88c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e73cd08b4e1374c8fa5aae68be438976

    SHA1

    c4ece6d8007b1d6cdb5450dd076df8442fcb5326

    SHA256

    2a15bfe4c984add6e54f0ae1b5d27f707a5df3cd9feb5fd626b6dd7b142d64b7

    SHA512

    807a76301c5488c76398eca7f37903ca3771075a18d4f3d10d35c6e5ad7d530f0f2d41d6bd8036335a62a38f2576749e4a08dc68e385cc32eeb1f242973e17f0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3f25967a075ab1465bddad845d409ce9

    SHA1

    a6f74b9d1c2fe5b42af0113e79836b9714d0dce8

    SHA256

    4592a64ae285b5d6a972d66a4880fd9b8474fb171671b82482dcbdde3bf52ea7

    SHA512

    cb327420afdb074d524e0c3d55208b976781280d46a2596e007941ee7632d9a701d0ff423d2d6b8e7c71092bc48827d5d28d92ffb2d49ca84869e68aa4d5d76d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e0f0c81c05cff8bc412fa844f87e6a51

    SHA1

    1c272772ea36d1d1e68cf2383be299a70b461d34

    SHA256

    2da176b6b8d995eec5060bc0fb8b518a150d5c9475190ae85d8586f5c47eddda

    SHA512

    18fc108851f9a652861158c86749d2e55ba6191b7b0fa08e247c882ccd39007b56730661c6bba98f82065966eff0861d3bce96bce967af25f56b4c6c4334de33

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f44814ffd342bd5f47abf96a419cff48

    SHA1

    73871287177cf4d5099bacacae57e25f6ab9afc3

    SHA256

    f329211bc9efb87cd89b97771c231a63521a66f02eb66fe9e57f3e01a2d33b94

    SHA512

    bac0d0a02dd7830409813b3fb6f42fffdaa146e30711b8cdb733d28b1ff9bab200efd20477387ba22da7e6753c91bc44a11615f0a42d7fa0bb42d643b836570e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b68af5e8a808f86c4b21c924cee4bedc

    SHA1

    8dd9b112ac51c4177a71176afc99341d037273c1

    SHA256

    32ba9c2c80a7412393257819db3323b49cb8f66a728927a05e192e0733ac352c

    SHA512

    476cc22f69a7c3d8b6b7e36de0348dbeeef36d2c40e52ea498a7d7d2e47a544433c13f9355c02897689e52062e35ce791e73eee1890b57f332d1f581e0b8e946

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f7d032ad9954acd5620d2206ca898dcb

    SHA1

    186132627d120cfea97d4483c00500728de145ed

    SHA256

    56af44fa03dc4ba9adf178b699824e6c8948750721b1301758f109165ad4b349

    SHA512

    9e8b34cf0eaed65baaadfff7ffa262fa0e2c2cfc6fe7cbccd16f883cc0e1104037d6283b4edb6aa3c77565cd883a2af7327060ff7f79d164ea4b28901c30b69a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    410bc10773ebb3c9a9a54e3bce1d2abc

    SHA1

    cb713c3f930b664c7804924500dfeef7394f3da0

    SHA256

    5a16bec7ea83898842c525fc2ea95b2abd02092675b10f3d5f80212c89129d24

    SHA512

    0c3e15fe9abeec9a440d6bef3627023bbd4cb436309058cf499d35d711f8df01ba70d0d94fb673e7c6a6b33780db21e0561a44aedcacc56c588276e42aafcdf0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bbc94a5999df643195929e89b1cca893

    SHA1

    d6226ab12806a7dc4ea425dc1eb8514850c1129e

    SHA256

    762a0943d21fea91facbb590c3a19476882952b0f0aadfd65a2b09afbc9ffa4f

    SHA512

    7976758658232b8f61710edbfdde4253395157233ede0427c5328f547be95c2cf446099fa11fe4883cf05542e3011660143c816d05e188a18e1a3481525c709d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fc42a033a80f2bd5f2c1d5af3c9956e6

    SHA1

    ecca69747dea7071b68c10b774e548fe7d97557e

    SHA256

    fd588319439dcd3731048e1026eb31758256599ef9dc5b695844337f604b28c3

    SHA512

    22e501e58547b19ff398050842ce8404af21249af62e7ec8114a4c44e604db77da647765f4493f033a74053f21a2cbfb1f1bc843fb4ca0c5d21fc8e497d0c168

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f5d818cb35445d83538b8e3ee757b824

    SHA1

    eea3961377f2ac7de666285d3a03868f3ac40445

    SHA256

    c38930faf82ccd3996da2c61b49ff32ad7d256d7c266edd7aec4bb333fbf4a19

    SHA512

    b9354494ea1cb6a62a14b3685c1facdacd031b4f18a85b5bc28a495c5285b857a517856842934634ed9079bc9e28eec6c4e488df92b0314cd82edc6cb8464e76

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    645ba835451aaecff3adc2e2831c9566

    SHA1

    d907ab14a895ff615186b9f8c2382992762fb07a

    SHA256

    a490c3243052a67bc2948f462f6e1c9c410cac25aa4ff8542ed9dc4bd47ee55d

    SHA512

    e6b8dae03d7f5681d9c496975691c7c58ac4e33fa967e712012882d7f7b1d5db25ffb1f4e7a901695fd673b65597bee27b3e002761b4500d95c214a8303f0319

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    512d1b4f07d34e6010bb7afa3f356834

    SHA1

    5aa6e4f0066d4fadcd71e4bdefb2c9b49fd7a46d

    SHA256

    14f20f83e38b2943e9b8add25bcc13eb7a7459ec3da780f9f7a0b60c40132e78

    SHA512

    c36cd0e83a432b000dcf3f1d0669ca3d3859756cf3418a3f6f283bcdac95c5b0f207d32366fbe02158b83ca33407ddc4c8960baf3a5a3f587b62a559a7cd5212

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9f4faaf8087ad77272e31480c7f23c01

    SHA1

    3eb1777ee35efd32ef0853a98e93b78639626926

    SHA256

    bb90419d5f9ece7a599f8356cb853ca6385423943c77cf920a4889623cd09591

    SHA512

    334947a88f377b04997d53e4ab8faf16a3133fedb28412f73e246eb61e573b65bb816f337ba4f9150a6f2a6320cb910ef76960459de088b10b4c639ab0c27ffc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    752a97a03bc931960f5d49dc1efb5817

    SHA1

    c0a022c55144a77d77c6e8a1abcefc96fc19bb40

    SHA256

    9ebde95b6b9432441a76f54f3b94fb183606e62aba6cc4459c319c99940cad15

    SHA512

    21e0eaf2f36703ac66a6623e53cc12dca3846af0f3707581646b149f83ad69c7ef5b6aef1f02609da9524dea66e35486f674197a23ce0f4ca713337ea142b09a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab4B36.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4BA6.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit