Overview

overview

3

Static

static

1

post-install.sh

ubuntu-18.04-amd64

3

post-install.sh

debian-9-armhf

1

post-install.sh

debian-9-mips

post-install.sh

debian-9-mipsel

pre-install.sh

ubuntu-18.04-amd64

1

pre-install.sh

debian-9-armhf

1

pre-install.sh

debian-9-mips

pre-install.sh

debian-9-mipsel

pre-uninstall.sh

ubuntu-18.04-amd64

1

pre-uninstall.sh

debian-9-armhf

1

pre-uninstall.sh

debian-9-mips

pre-uninstall.sh

debian-9-mipsel

start-stop.sh

ubuntu-18.04-amd64

1

start-stop.sh

debian-9-armhf

1

start-stop.sh

debian-9-mips

start-stop.sh

debian-9-mipsel

applicatio...x.html

windows7-x64

1

applicatio...x.html

windows10-2004-x64

1

applicatio...x.html

windows7-x64

1

applicatio...x.html

windows10-2004-x64

1

applicatio...oad.js

windows7-x64

3

applicatio...oad.js

windows10-2004-x64

3

applicatio...x.html

windows7-x64

1

applicatio...x.html

windows10-2004-x64

1

applicatio...x.html

windows7-x64

1

applicatio...x.html

windows10-2004-x64

1

applicatio...der.js

windows7-x64

3

applicatio...der.js

windows10-2004-x64

3

applicatio...x.html

windows7-x64

1

applicatio...x.html

windows10-2004-x64

1

applicatio...x.html

windows7-x64

1

applicatio...x.html

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    21/05/2024, 05:52

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    application/controllers/index.html

  • Size

    131B

  • MD5

    c92aa5f16d78423a983a5d7ae44428e4

  • SHA1

    ddabaf1127fe57f9c65e2cc83cd3443f4efe5caf

  • SHA256

    0ee6dff170c38f66cc1e9ef00cfb927bba75b30379af3281c026647c068a4709

  • SHA512

    e6da7a7c4f00aa43d6683d254b31b19b63be2c5110de15aa27e2865499dc7cbac356055f6bab38ebed326e90b2157f295eb231b89e1a1da8d3990278b5133df3

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\application\controllers\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2296
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2296 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2604

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          117e6a874c29cb1414a794e4ffb12c62

          SHA1

          62d6817957f8df454de8bb605962f5058d24c293

          SHA256

          df7fa700e6f6f99f64144f2be4eed401400fc9e1b08d2e60d7664fa62b3cb55c

          SHA512

          ede36c3c729d418ebf07c2c97e1999cebc9e6a777fc529643254d52cd56cc8e9768bfa74c8fdf0af923de621927a3f83a608299abe1c315a414aea5c10efe836

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          37f4362dee767e380bae5d09faf7741b

          SHA1

          a0176340710f04797325f047478767d6782095f1

          SHA256

          43f8908615d56e1715a1c536a3605dc760a7b3352aeac3c5e51c07b26caa23d0

          SHA512

          dbb263501a14e00dc8fc3ff8691c5d06278da68bb8d1632d916c26e43fe7d49369cf714e4b829716b39c3b7f0c616b9cc2fcc621131baf8cacb8db2c2c977025

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          f347509ae9d877db1d81ba45bee37476

          SHA1

          e9f9849579a8f14689b906bd45c4796f2670607c

          SHA256

          6e3624f327d6503773b7ed54fabca376d0e485fb4771626ed99bc91efbfb9f9c

          SHA512

          3bdede9e13f75671316ff199f811528c574a09b7cbe6f1c65c78a1a7f8ca7dc65811fa52aac6711bacfcadeac2862136b011ec660e50538f427cdb2afe91440c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          39060d45addcc249e1e537edbaddbb9d

          SHA1

          5f9b65839d9aaca2b19a81cf2430a1dc1809c8fe

          SHA256

          fa1cf2aaa20a941d5aeaf05de40e9552a4163e40427e87d3c59c531631687720

          SHA512

          f0754cbc12d9aa30ee464f1d9f3333126fd999db09d2daa1fdea27e09cf0672a70074a4949d03722dbb9cec944a9424f794d80844c9ec65f528fbd1492d09cd6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          3470975feeec9e5680012e6d5d2eccb5

          SHA1

          e081171180e2e54a9c470c4a97d0835aec014a07

          SHA256

          4918af0146f6cbfbfd7aa51504d01699c69e9b3b37121b854e5f75dddd766dba

          SHA512

          28b97f7e6880a5d5a55a6c7f9586cf2144b27fddcadf454a0d812a42c444202ee687484c41640345547981a334a773a647679d952a710f3879ed608543aff788

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          44b86469fd954bcb451329d90175eeee

          SHA1

          4066c69ca8c8bcd6f347252f995e11fb629c895d

          SHA256

          195d9d8830d95c77a0f1a2330c8846567525f320dd7353251b34fa5be1909712

          SHA512

          fcb9c9aa7a667f5cc64c10dce21f1c09e0e0bb428dbfa5d23c2c1f4c82330bdb80edc4e9fc7ae3735186d44b6b40d2caa2be10522e20d7664dddf67cd911c410

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          c559ec745878c191c57f65037814ea76

          SHA1

          30a34fb300fdccb4acea738950e1c89468556190

          SHA256

          c574f342f291f6d70f4bc8628e97fd3b1a0e2b7fd76452840ade2b6e47cfe9ab

          SHA512

          8f3a6cf5344b892df0261df99ca05e7a8b151f148e09285b79e225243a7548afb99f3c3e68c2185487f0569d255c91e9838a11dab1d69203e6e840afd48a65c3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          db3918ad11471186125aaa92988d2f1e

          SHA1

          2276b06d5d9b1c4815c27b21e73ed0cf2ffbe9e6

          SHA256

          47de0339f4219ef499b96fd06e718ccfc5034317c4b878fd87cfe01cb15d8f0b

          SHA512

          486557d92c333e79ccec743fe7ab406225d23f0513f658464d3b43eaeb0fd0e03fbf8fd897b55569e8c2ffc79c37b34a31e9e1abf65c3191a286ff692d494ea3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          9944ef0536acd7850aeebbf3ee7e6308

          SHA1

          0d724586e1b27a4e158ee8cd90eefde231d4d264

          SHA256

          cf2d846dcccf99d69a727baba6f30cedb628782ee8a21ce0dd1672982dec65e0

          SHA512

          452c4d330c3f9b7fe9163106a4f78f3b845e457fafddaf6a6b7bffa8d6146b21cf9fbbfcda7796538a7df7fd7c0be8e90bc3be52da096e704158f43177f4cf54

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          0739da73b39ce848aee4cea7051d38a8

          SHA1

          36fa54e3c2d3d5543ff6bb0aba8a5cc6845677e5

          SHA256

          72ad06c757216af8922aa47658ad90397ea18bc8743a37787118a4bfc43f6580

          SHA512

          8cda82533edcbbaeadcaee4d8867c81bf4df89cb09d8add94001c9eb6569912dfefa1f4c967cb4eaa8de217874354962a2dcdb8881629e5ae12c9d8f0e18fdf4

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          380c73ec5066fc7d204dac61f5547a8d

          SHA1

          7c2b6a9c3b62fb31780b535892d935548a38a18c

          SHA256

          c5e1e9c02b3546ac7e5895c0a975d0a0bf4b738477dbe1cc27bf9fa40b52d30f

          SHA512

          4363ad52cdfbf5a519babeeead714b1f95f240e7d6005a15ff8b307d204a3d0daca4500cc914143ab62fac41331b1ead5abaa8a8f0118c74485e55abeace4afa

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          0289c7159ec0f4b767baca6688257d9d

          SHA1

          0b25ec5b4daaeaf378e9b1bdb6f690ea14767a71

          SHA256

          ab6b6fb08e4257cddec0d752a91959e23f765aa6d47138efe31bf51f31de7e55

          SHA512

          01846e2044e00827adec393f95796509ddd627e64e80ef366dc91a66946d37b684048c4843d42effd897f95ea7fde347cd13d8a4250fd01337eea1c98436bd80

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          1fa39d3014937bbae9f2a1d6b606c01b

          SHA1

          54e5bded66cc2b1c242bdb6372f1d296c57061c9

          SHA256

          230b870c687a667b1cd05cdfdd0602697f4f65911be2d4886f7a357a1ee60156

          SHA512

          247e19927c06fa1d4d791d5a406c2c73fb85afee0dd9d1a7773bc2972d4b81f28ba12ab49ab19461fe87325615e8286bfa142dd1750c0e577ebc497b08943619

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab29E1.tmp
          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar2A32.tmp
          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

          Download Submit