Overview

overview

7

Static

static

3

662ce2779a...5c.exe

windows7-x64

7

662ce2779a...5c.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

ANRITSU CO...NT.rtf

windows7-x64

4

ANRITSU CO...NT.rtf

windows10-2004-x64

1

BackendModels.dll

windows7-x64

1

BackendModels.dll

windows10-2004-x64

1

FreeImageNET.dll

windows7-x64

1

FreeImageNET.dll

windows10-2004-x64

1

MapStore.dll

windows7-x64

1

MapStore.dll

windows10-2004-x64

1

MapStoreViewer.exe

windows7-x64

3

MapStoreViewer.exe

windows10-2004-x64

3

Newtonsoft.Json.dll

windows7-x64

1

Newtonsoft.Json.dll

windows10-2004-x64

1

Resources/...mon.js

windows7-x64

3

Resources/...mon.js

windows10-2004-x64

3

Resources/...age.js

windows7-x64

3

Resources/...age.js

windows10-2004-x64

3

Resources/...eak.js

windows7-x64

3

Resources/...eak.js

windows10-2004-x64

3

Resources/...ata.js

windows7-x64

3

Resources/...ata.js

windows10-2004-x64

3

Resources/...h.html

windows7-x64

1

Resources/...h.html

windows10-2004-x64

1

Resources/...h.html

windows7-x64

1

Resources/...h.html

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    23-05-2024 01:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Resources/connect/search.html

  • Size

    94KB

  • MD5

    98c69fb2d391293b1b7e73ee78c9ce62

  • SHA1

    3b29d7a97975fb44ed563d5c9d3c58a5cc0bb312

  • SHA256

    1684ae7a9720249147de774767f4be452f05d9cacb27e47116d9d3ea285476ab

  • SHA512

    828c28e6658bf8921a37756ab424dbe48f6badfe57d5142893e1e32f0d41752032d6d9a7f6defd4dc6ac36ea03294bda780dfe9ce6298430b3b6ddd5e2802fd9

  • SSDEEP

    768:FMjsWxWxWvW5Vjk29youV5OicNZf6crwicJWi6XQThZlbY1hUL6Lwl2j:EQQO/k29youV5OiCnwiez6Am1hULAC2j

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 43 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Resources\connect\search.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1736
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1736 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2172

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    571ea533e339e6db1dfe25a028fe4870

    SHA1

    c36401ff03f6f6a79cb4dcf1b08f1180a35641f2

    SHA256

    3be1653eaec1ccd2f2913ad8a3ddc559ab63beaf156849d4da332dd9f00f7cc5

    SHA512

    828209be677c3c1ce3f6528e62608428c1b8f1462665c2ff9090a1f8f5a11171ba88eb81e81c59e0becafb953d27352bfdc6013aa3a0e00660800f6ddb6adc16

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e5e2926d4cc199355c07f271c433000c

    SHA1

    0768e9e118f59b3eaf07038de0d46e9d31b4cca3

    SHA256

    6fdaa01e7158185ff5f0502a7ec052f9eed89da5fd22928ba22faf1d9d315cf1

    SHA512

    03f7407ae9ae5ba03d6d3c00b6fda518855d7a2d66409d761bdfb901640d39ed7747d1d98f35f72df7eb4595180404d7cc1359e76ebdf4f1b3dba556b0b9a67d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cdb1d7f599d6053f4fd22c845704fd57

    SHA1

    179b3982950cd3c639d9498f34dbea7515eddf89

    SHA256

    1651b74c540cb5cb1a574c79f75ee79b0a26bd4657557e8854531e9a7c4fd3af

    SHA512

    9403ed3b753ca8e6f08eae0d0a80b2004a846a9dc3864f06989b9868e46c1ed00e955cb7355a7404e9ee813158f703b3ade1dd4f1bac6c55fee0ff951865e414

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b674d800321c726f9909c047ba23f9f5

    SHA1

    03dbd3b94e3cca6bbe851b8da2b8ebf8f8bbdb65

    SHA256

    9f779a646cb9879f788e2418bc1ce8b9a5a4d6fa64309c9f525adee66842dea5

    SHA512

    c6dc613c4387a9551fc2ef778a544567eea79c47dcf4a3a52f4b385bec3124a3148ce92417339d4b2ebd5e8cff0544583d4a19c4e06e4d8cabdfb34c246ee33f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e8da3259c903f657161427d138148b9f

    SHA1

    c08c8e973f086b5a50fc21f3f1ead4f5a9f9f786

    SHA256

    75d4076c2a5f30df926c2706ec13669f7d662fec0c809fa28fe1be7c1eddaade

    SHA512

    642ce95a7a6965bff3316dce963fcdf7cf02909eb2366f246b494204e8760e9c531d81ad8c5ba61684abb020c7fc31845f4c774fcdd10d4152ecccb9edccfda4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0d178613ed6fa052d9fdc039e59c27c4

    SHA1

    280f91c493d6752fbf7699ed3124ed8c3ef47802

    SHA256

    f3997c22b63379093311cc965e888fb637c70c93c24f3c8baa0284ebf4cf86a7

    SHA512

    fe10de0b932974cd00b6088a94e64ce248283c01fd6ececa3dcc5194b9cb690666cdd9d075206591f240d99991b9bf0939c5803cbd0d4c6f5166e5835c58d980

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5069a45581e20f21842aa2765dc1e0dc

    SHA1

    d7088c565ebe1fc7ef76153939ec957ad6b607fa

    SHA256

    a2b53f6a32d6da910a49c46e1d234f7b6706caf230e8e49c213b72f2cb28c04a

    SHA512

    c5f85b891dc863308b126887b04308052e8108892d19236b047525805124cddf56733eda85e0ec20a85e59c10ab182fb71f611f9a0559509590a0213931dab61

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    852aabdff0eba375f3a8f9e8ad35f11e

    SHA1

    033e029886222632a4bc6a8d73237dc99bdce6f9

    SHA256

    aaf92029000974ab8694a6b2950e53c86831ffbad43db98d65f4c3b36179aa32

    SHA512

    54db22cc3c29786bb0f60b47645afb1c415328f97e6c1f8b62964f573891af82c8be074c60a9b5690aa3cc516695a56eaa18a29dc89362755eaddc2a57c21cb4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cfe1d34bfaf0a299d6492a027f6ccea7

    SHA1

    62d977feccb4903286b61e73b2964480a52a091f

    SHA256

    6ed740fe2f7d39d845832e5c5cf83fca661684eb862b726fb11acf379bb5e686

    SHA512

    7ae9416da979a5d9f095c99cb9bd6ef061eda1daf6cce5707f277dbb220b7c919d053cb616df41826e773029a516c284c8ae7f51029cb03cbc72f986e1593c28

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    67adf28856f0363fce76312880c17d77

    SHA1

    2471d90c95dd1fec6238e02bd886e6c471c22cde

    SHA256

    8da5db742744f1b0945b61f58924b1e388bf041d1b44093bb7b9cad47aaaa93b

    SHA512

    605ce580cae635bbb703a64bbf7ad96d37c1c412748efd65a9d8bef30e088f49f4b513568114d87e43bf781457f8ac0c252f67fdd77059fbf4564eeba43c290c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7b01af6d628f17e45881908a33da3060

    SHA1

    6bb46ad642754474b84535f57b7e088c3728745b

    SHA256

    645a3ad60ff48f8f2d4390c85b1c98d9070df21e6e64db392f22b28d92d94e38

    SHA512

    889da0b36778c87c3a2447414d4486d36dde0c24ce4ef701b7b09cd9f378ec2f5deac6175f537b4736e7798190e67cb6d4ea4398d14efaaf5955a0988d4861f2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a6601c3f3ef887d3c7e416ad8ea0952f

    SHA1

    9ae951c2d82564a04a9cf8480546991789fd5dae

    SHA256

    5aa0946362f1760558f82a2000aaaf7541679af18c796e01a1028ba6e6a72517

    SHA512

    5b7cb5c0a67782d0a7de85c9254b7d396a71b12373354f4bf5888c0fe3daffb2867d03cb1e9a959cea4798d37d5f37879bf3926543f1b5db4f33d024168dd9a4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d366fac5bd913abe6b032c951cb58d73

    SHA1

    ddb4093d68d05629b1f55e3c399e6467cce3a170

    SHA256

    5b85f4d767f6e7f86e769782633dfa4ed6854c2800e07e54a46ed0515b437aff

    SHA512

    6df8206e581a2a4bae790521043a57599089ebcd205ecdebefe8b3b7a2def7a12744f377f63238cfabcd69d30bc41f63901129ce578bad1baa9e2c739821aa08

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9c7cfddc4b4434c79ddbedd05bab7190

    SHA1

    a6034ac6ebbc0e1154ad8c042a05fb35ab409ad4

    SHA256

    5591bbf6c1012a2ee37dc019ebc977bbc9375509077546fd2286b1f76a63a28c

    SHA512

    678107452636f2c33e21197420db7ef25a75dd993d9b7f595ee567af3ff3352849bfb6df95dacf20268d4f20d51341279e19a646c4df1c3c4b35302a7ad4b8ef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d43a92e1c94e2dbd2bb90efcf5d52186

    SHA1

    882cb353abc91252f4e456350ed347e9d768423a

    SHA256

    da35d79eeafeb5c15a67a1373a0c829e803c6017f612bed842e6b9c207db6cd3

    SHA512

    43d181676681baaa3e6f694cfe4dda6b28370e3daa639650cf909b3a060a95420d50a97418b644e1f9d2463f1092e1b4fa8c5e3c5d1b41c160d914656d7152ad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d26e6f93b5e2d4b2b3f3d5151190f8ef

    SHA1

    7fb56c2a2a15e3b7361c2019e3d3c9c1fd507515

    SHA256

    f0dc3d098a63af4e87a9c0d4ef874307c2f8eb4f4fc91531c9aac1bbef291d2f

    SHA512

    b8b278ca2b667587168c3d78531b5d74a2ccb8822a4dc536ab9ad45f77ae7420e82b11ea6a8981f679cddba05d0ac88008705acba941ec68f4458f7a0996ee08

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a1528eba6c6f98ba09ecd2375bcb44ff

    SHA1

    f8cb84200124761b5ce7236474ea0613df1ce151

    SHA256

    cd71a10e2136ec9fb80f0ac467137a31cf8706790abbf53c62f0c3201fbdf3ba

    SHA512

    abeadd0af28487f1bee76e462b6dc120158a4d4cead5e3439d07fed5eb63190e7e88912645176b888e18a8b4dc6c67e39a5d7ac24cf878218d03b22e042e662a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    0c9ada331c21518a76b1229ec2a6cb45

    SHA1

    dc8a2e589b7aca350f6014ef0ac7b2e3deb4eb0d

    SHA256

    e525b77c47fbeaff4b66714d9e17370807d446e6cd1389ca6111c6ca33972c27

    SHA512

    24dd5489611beef2f5d5a45e6a8101508262cd69097886067069303d55ce548480b98f28790a6da23ad97df897329885109e3366d32ff79f02a27eaeaf533d9f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar35E5.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit