Overview

overview

10

Static

static

7

RoseBETA2/...re.dll

windows7-x64

1

RoseBETA2/...re.dll

windows10-2004-x64

1

RoseBETA2/...re.dll

windows7-x64

1

RoseBETA2/...re.dll

windows10-2004-x64

1

RoseBETA2/...ss.exe

windows7-x64

1

RoseBETA2/...ss.exe

windows10-2004-x64

1

RoseBETA2/...ime.js

windows7-x64

3

RoseBETA2/...ime.js

windows10-2004-x64

3

RoseBETA2/...or.exe

windows7-x64

9

RoseBETA2/...or.exe

windows10-2004-x64

9

RoseBETA2/Rose.dll

windows7-x64

8

RoseBETA2/Rose.dll

windows10-2004-x64

8

RoseBETA2/Rose.exe

windows7-x64

10

RoseBETA2/Rose.exe

windows10-2004-x64

10

RoseBETA2/...6e2.js

windows7-x64

3

RoseBETA2/...6e2.js

windows10-2004-x64

3

RoseBETA2/...x.html

windows7-x64

1

RoseBETA2/...x.html

windows10-2004-x64

1

RoseBETA2/...au.exe

windows7-x64

1

RoseBETA2/...au.exe

windows10-2004-x64

1

RoseBETA2/...au.exe

windows7-x64

1

RoseBETA2/...au.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    143s
  • max time network
    152s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    21-05-2024 17:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    RoseBETA2/dist/client/index.html

  • Size

    642B

  • MD5

    dc0297e1499d6be4efc3d519623623d9

  • SHA1

    3babddcfc55a2e33f4f21bedd8d15097fe26e8dd

  • SHA256

    4988e09362697dd88b69e9185f884145ac1b939c1e883855dad7b80479465c17

  • SHA512

    7dbcdcf74a4569b2d188b5ffca867db82acaddabf3c7ba184c62250cbcc375475f31a89607d799021be918dfdf76b5b7a215a87e1a7a157a433f1b8c21f5f61b

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\RoseBETA2\dist\client\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2820
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2820 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2372

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bc52ef8e014d723bfad97d0c235ede0e

    SHA1

    3778f75a25e1a539cd638ad76fb297dfeb216908

    SHA256

    4576982d8e6cc7e6f7a8d99c3187db1b407e71ab04505ceaa9555e6872f85efe

    SHA512

    b005b53230b28a7d968b12a18da97ea52b6af65fae12ed8e905b9471360ba1f0b30677a3beee6b556abf239571ae9fdb596368b9ecd63a5f684e4c9076d713fa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b0d62b17252831269d39b758acc2ae12

    SHA1

    437e026c08275e8026a4b52582dcc3f6a01c83a0

    SHA256

    abc604eb93af8b34108dc23fe5e686b43b84d95c05c0ff8f32b7bf987ef33fee

    SHA512

    52fce8a3f744b8af82ca6a912e2fdc450966f9973ac11dd4b7c0f095516ea0fa4a92dcd1cc65a358d6b783253d213b35392985cca722fd5375ddc5abaeadd0e4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    be957c7d446cd2b968f56170a24a4408

    SHA1

    ea53620bd7e900c5bd0a71c883b4fe57710543ca

    SHA256

    0911589328cd227c4e1e5c49867c81d04cdaa6ce30b032db243e7b9e2d466411

    SHA512

    e8a077e713c10f84ea5e7df4fa10a9bf23678485f714dadf9d0bf3f6bd4846d6da42ef25e7859ea88de42f993b732d57a159e83b18236a46f2b3e22ebfb5c11c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    43c56a6fe43080d7e006a25b16c23f37

    SHA1

    fd313f9fef7f2372dc5edb6e3871b04a09ac0663

    SHA256

    4d77d648b348b8d77fce8ae7241b42f7869da5e18d5a6f414db64e06292f5cbc

    SHA512

    21a58ce85d905335093fce584f8e2cb22a377f19d94b290c07e7242f189109f05c2f2ed08199ca11ab6951e6c57cfa505444e4b32e86dae3da1672b8f6db2670

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3e00097e8e0c36560d19433581599701

    SHA1

    31306e2821160c0bd7dec9db59cfd4a3935c5777

    SHA256

    eabd1f2776c65f18eda50d7b8d00fd42f0f2140bc495d0fd85cab1e9be6013be

    SHA512

    b26785fee3150d622ef73c2408144f44b83297d5801139f20f8cfc32f8f69ad8acbb5a9abd21e11b9264920a00cbce55fd2a68efd157fde65b20a2177b915543

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0ed73ac456d49767306d8e8d2785390e

    SHA1

    24bb67e5fc7ecf14dd419638d91f06c8a26f3f89

    SHA256

    15e03e27f35382ac0947a0b149e5b37a3c4d4a7d89e63f9de76fefaaa776a450

    SHA512

    f476a3d7bd93911f2e34ac536b46aab1c8f3c44927fa7e6f74aebc1314c31c40ede7947acb7f5562821a3b38e200e8b0618a301270f788bc1c5d2c7e11124f09

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e23042eedaa6dbbb3b5d2ddac2fceb36

    SHA1

    2a5070094076005d2dcedf708110a71ac05cbf78

    SHA256

    56aea31fdeefce0fb46a4a9afedb516fb74504a4927a3b0421e759150170144b

    SHA512

    eee12a7581aab5dc6d9fc692e831b6a4d11dbdb062a7d6652bacbe2176da1f082084cd961673362ae1d224eb9fbbf3fb0d9040d325cf4d7289da64faf912ad16

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4534e5267d71e8b46f4a3fdc9a8608e4

    SHA1

    809392186a7dd4f198216d4fd0e99db135aeff48

    SHA256

    9b04c8ff207db3a30e9cc30eaa76814451fff38f54f3f4f27546f1d591269fd5

    SHA512

    db9a91e32dc9c9529a20be73dfb7be02a2d17bc8cb33387507f1b087a89be93aeb98a4020f9b2168a549be1d5d3c6558fd4920d4481f5bf3ae3f137c7c5fa748

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0c28dfae18dff2dcece69daa8099fcbf

    SHA1

    e87cfdd9fdcb99c859f7dfb2c0f9ba913c130c95

    SHA256

    431ebbab4940274608c06f45b9593bcc80d75f822d4c81d95c9b9c8a3a51392b

    SHA512

    f9c02e4368d2e60bd0c22d3f1b866ad0f241709af69c8b0554ef1ff0f9ac7a4345327bce8aa31b4b9e258ad0988dc13c102977f8701b5975a92fdf733acd8e7a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4824529df251694a3323218d2e1248e3

    SHA1

    6511862187bc21673c6dbd96edd7058544661698

    SHA256

    561d7ca67aab1fb691c81561234813cbeb8735ca0574ba4f7bd131067c24b4a5

    SHA512

    db9c19a044fcc688f4ae0d245966471631b01240966e171092d300bbfab04d012568ce9af84c8957a7f3dccaefd16105e8e52fce1f76f1ec6b83e29dc12f7f11

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6dc28d5ed380be110b44b05e8e07f8fb

    SHA1

    db3fcd74a2a340ae0ad6de7e681d808c14cf8507

    SHA256

    109ae766a1a1c44244a854942393abd10b90311855e9610b7d66675a9c3cb28d

    SHA512

    2444ce7d13d8696a8dba9942c8f2d1256b71d8498537ee8a9bf0683cbf442e2ffe0660550137f88b7201b71d05d3949ad9c18c0f5c8d611905eb1f9cb7af1d69

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    133baf0c3257cf1dc4db8dbdf2082dea

    SHA1

    cc2ad75bb955e6ea305f28180c75861c9262ab43

    SHA256

    1b25f0a48c3de2eb01d66f1f0b00416d25be7b61c8978c9596fe975aa894c3ea

    SHA512

    7f5ae21626222af1ac9a2fe696ee71c625e484ebe643edba7739f5acbc7680e4bf77e832e277c9ab4cc1be51df9db182c9c7d2e2ecc88100e684a710816e3301

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6b12aa7cef77bb58f2395dd560be5ebc

    SHA1

    0f01748f709d026a1adf7773f590e1cb5b3b2b45

    SHA256

    9fc2abdb4b2b467f3ee54c555c0374ab3022216f66d14805a1e8f9d2f1a132aa

    SHA512

    51e50d18e549f6b9fd381c7d0865e041bc0110cf254becf57112265b3473764d90428546f7565f386bddc54b36682e2bceaf18dbd1e9051a8fc0fc334a297bc4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    17dc32df520094748ed1f7a9b9a9b381

    SHA1

    11b2620b5abcfcdcb73789156a37fd5bc0ab25da

    SHA256

    bb473825384bd9523e78a60b26d1f445b39d8d2747cc4197f37d9453ae25d9ec

    SHA512

    98512b7eb7b0da9c919a6fb7eb715697b7d775b4c3f15a0fa91b3c6fa2fb01b6e61ccae438fa1f2dc4ebd67b63562391478d8d3de99488baf11f4270ec787dfb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dd69f656614499562e68803e46bc40e6

    SHA1

    5959f28855a8dc154544d9dbb8895cc89f91f1f6

    SHA256

    ae15a6162e5fc99d4889b4d8c3e90b0f2dacffda2d44c0919896e80dcee5fbf5

    SHA512

    4bedee2c70f510039b0b7f3cd90cceda2b97824b275541edd20b303801e88923009ea1e2da34667d86432414be3223fd54b1ee61d2df88285ba56fe9b0e6f12a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fdfdb444900bcb60722dfa01cbb66833

    SHA1

    ef32f54c809e7bee133c462076b7ef244ebd9071

    SHA256

    0589ceb12047dcc9391e5c270f2aed73bc94c29096c530ace36c2f3d6f9b8e2e

    SHA512

    a611207fadf539d311353fc3d9cb4c84736ce6c33900f909b938d6253b6dc39bb4c785fa3e59d2c8e811dfca88ab273d6802ebe03875a0be009999085dfb1522

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7ef24e98b9d928af87cbe18c74736fc9

    SHA1

    a920796395bbc81f2fa40646780bdaeadadc69ae

    SHA256

    e84f4b8ce4fef6dde9b4a85a732a85a0459cbe58a4e4b609131c5581a9e535cf

    SHA512

    00cfa4bf321bef796e757497b2a7643b35ba815ce1e117f0e210dbf70ef7621640c62218fa18fe296888fd19f6b919edcd841b57f7a3bbe2e73c343a48e47242

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    33af52a8157d54dd666f3a4e23fc82da

    SHA1

    bd1fdf2f7be7bb7e0e2594565ff49bd82dd4d58c

    SHA256

    d679b35558f84cdf0b7876e069bea44d7a59b1f12efa58098a92480d305cb005

    SHA512

    d1e9767aabc68ee370da345f9948de84e54bc6c21bc059cbccff9e7430cacb0857e7a018beea3ab6ea1c99d05c0dcdc7f8f90c9f7614fbd0c355422568819a56

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabFA09.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarFC72.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit