Overview

overview

7

Static

static

3

074416033f...18.exe

windows7-x64

7

074416033f...18.exe

windows10-2004-x64

7

$PLUGINSDI...s.html

windows7-x64

1

$PLUGINSDI...s.html

windows10-2004-x64

1

$PLUGINSDI...w.html

windows7-x64

1

$PLUGINSDI...w.html

windows10-2004-x64

1

$PLUGINSDI...l.html

windows7-x64

1

$PLUGINSDI...l.html

windows10-2004-x64

1

$PLUGINSDI...Ex.dll

windows7-x64

3

$PLUGINSDI...Ex.dll

windows10-2004-x64

3

$PLUGINSDI...l.html

windows7-x64

1

$PLUGINSDI...l.html

windows10-2004-x64

1

$PLUGINSDI...es.dll

windows7-x64

3

$PLUGINSDI...es.dll

windows10-2004-x64

3

$PLUGINSDI...ss.dll

windows7-x64

1

$PLUGINSDI...ss.dll

windows10-2004-x64

1

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...sh.dll

windows7-x64

3

$PLUGINSDI...sh.dll

windows10-2004-x64

3

$PLUGINSDIR/nswg.dll

windows7-x64

3

$PLUGINSDIR/nswg.dll

windows10-2004-x64

3

$PLUGINSDI...e.html

windows7-x64

1

$PLUGINSDI...e.html

windows10-2004-x64

1

$PLUGINSDI...w.html

windows7-x64

1

$PLUGINSDI...w.html

windows10-2004-x64

1

$PLUGINSDIR/xvid.exe

windows7-x64

7

$PLUGINSDIR/xvid.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    24/06/2024, 07:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $PLUGINSDIR/Final.html

  • Size

    2KB

  • MD5

    20622cde5d463f692052753d96b47ead

  • SHA1

    03c103c158d0ff18561c11545a9a9ac4f9c3a1b7

  • SHA256

    2217f8bf3db14b7d9038fea9f835c00fc0cf70bb4b92b5658fcec9bb5e6a5471

  • SHA512

    8871514e23d2a61274066c6334303e185843e6b4427379a54b6dbcd3108b6bc0f947e120ccbe97e34a4b30679f827d75519b233a2ff0128f19ce01f120fdd1b4

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\Final.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1704
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1704 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2356

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3bb2bf9aa3ed5812d4ec9a650ee54a36

    SHA1

    684eb9c9a22e93f1ceb4b7d7b57a93536c1954b2

    SHA256

    68112ecb82c5821e307c8321fd19bad0aa5cf39d7c239d23196d75ab31fd9592

    SHA512

    4dca7ee0f472decaa35e7eded163bb3513caf2bd99d7f207a45c144be4b467f7cd49c160738e99a8bd31f382163ff550c8f36fe2526a4736027e20540e026d23

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    da630ee5de4e410e681342f90c572620

    SHA1

    7de92162e352ba450bb264649bdb1d9201d327d9

    SHA256

    b95026a51e863020d901d8cf85ccbf0ae02c8c18caccbe2df71f529ce361b63d

    SHA512

    a590cad84cd597a66974e9d668b28c8f26ca9ff8e92e89e11bf92330c6fcf1b84f8d79d8ed0d347fb3d9ec6ac3d45a8feb3544bb00bb4d7fab1634a03980dce2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2ff36e46c78372872f49675bfcbd44b1

    SHA1

    29c6a9c77de85f4d4e5b3b5398fff6848beab1a7

    SHA256

    46ce2117cd12d14193a1cc272aeb779f24bd91ca443ef9c4d339efe2423f0226

    SHA512

    af703778f0454ee85863daaaaabe65a7d1b53446e39c070f724aa6597f022d278bbdeed1811eac06c45d28c11c5f3494f1302fe5c3a54dfb7f84aaad61b3cfa1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0459e3c47624ed5597ebb62d50301b3b

    SHA1

    35e449e10dda62e0aef990e817756984db78348d

    SHA256

    391a697cba76be08f7d0603b6a36a3a52837668fa030c39e669150460696de7c

    SHA512

    eb6e6ed4146763cb7b606303738cef4347a75a930510ea1d2015f92d38d04c5e34e5fcfdc72372b1a0690ccc3f6b96ce4604253f25f4d37c940ddab1a0135052

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1fc94c623ab1fd509f30078be232c576

    SHA1

    33c15b81756610a7f4db7a60a7a2674a4e0a22bd

    SHA256

    e5083fb96170e63181245a2fdaf1015617178770f919338c30d64308d58cf1fc

    SHA512

    d5a4e07ad4a93b705ba836c6b2011f9b5152ac01903bc811b3453f5cfaf51153d333ca2b5e4b9dcef5178da3172584b8af02e303dc04431d03360a2b64871e0e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    63b6d2f5e598a4e309473a9dee77a220

    SHA1

    1beb6e5bf4f9748f6a02893f38509f990207e947

    SHA256

    8b1bb8a75bec61902f93570c274ad6ac1dfa7b3f003957cf9684633a650d5c38

    SHA512

    78f7ec4a70f200d9d0767f6858c825d12bc3f1b8c0125c7eada727e124137dd91b193e64ae32c7aec2f5e416184b55c843101104189813c336c9185c8e7efc5e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    37c17809881321dbd6935e96f52337ef

    SHA1

    f2ddfab2106238ba11dd880834b7c55fc3b9fadb

    SHA256

    525a7cfc523e3c4114bcdfde9b10ec5ed7e98fc6b998eef66126d9a9516c9824

    SHA512

    84169e8c85c8c6cf7fe0f65b3ca06088d4c05fdef1a55d6f566d46959513354caf373fea900eb8e68ad521c65873613c341d9e3ced4784bcee5d8d768a502fc7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    33fb023018e237a7594a7e9679eeedc5

    SHA1

    c6212931f24384bc914431c0b6d71e7f2900757d

    SHA256

    1a79196d0896af4405f8e576f07ce6f09a082254868ccf576434822c25e61d02

    SHA512

    67870bc87ee24e6e436994685fce6a6a06996ccd9842a133a19919c1c176d322a6c7ca786cc6081cc1f8cfbfdc838b39927a1fa1628e711392bc1a22deb39028

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    223e6d70b460b30d6447409c888d3236

    SHA1

    31a51b11e1ecf1992edd020998f837c7789ae8b1

    SHA256

    34543e1a460588bbf3e7e7e6f4c4d054019cba995a20cc57acbc9ee328ff795f

    SHA512

    7cf8f75c72c337566c63e384fb6ca497dee6a6cea7d3c9df95f443b33b331337456b8ca07763487c6eec5c02856068fbfbb8130d838c05b052d6c4deb9fcf368

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cfebc80b1cb093a55f83662416d00b66

    SHA1

    b2277984460ce578d615ea21474b66dce47c10ba

    SHA256

    f45b9e270fb69f950a69d58027099c5eeea8465ee21e2c6cc179480f3e422fe2

    SHA512

    3c85e2bb017de12157bfe37af1b68a9a7f1b241c77f52dbf6c04a10a2e85754e69bc7c531f459c06a7ea017e1b7e2f2d93bdd7592a39c71cc3ab060c038ff03b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e966506a6581175fb02a92a91b688cc8

    SHA1

    412225c4c5885933fcb663203a8a62a891a2b76d

    SHA256

    036f7fa40129d8e22fd7dfa7df3a7977bc531a55711ad71ee4ef373e6b57fd11

    SHA512

    236a0d6eeb810d19156345477338866e0829fd3afe33295eb30a2268f574f1616176bd575c86a7bcdde813284c18ff0ff16532f692c8c9dc89cc1c94c1a2d1c9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1aacf923f0a3f4dfc2ab326bb1f488a1

    SHA1

    0882dabcb9ed412573b24ee2ec226c883a36b07b

    SHA256

    2bf0df9877bdc1e10bf89640d432bf388d52ebdaaea8323f315061c0fa485c59

    SHA512

    d9c02680f57240c7c5259ceb66d55c9e3a6eafcfa56507f9a833d1799dfbb31e06efbddc561fe76006a724b8f98654f958ff95457c03190da2b4e3c2e3a5f365

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aaa1c89016966d9f76e3f410ea5e0eb2

    SHA1

    53fc8a4dceb1a9b2b198d4322cb8d32873b2152c

    SHA256

    df10a2e73c91c886da2e5f5f21801bd21dd1115be6a6eae9fd148a340072a378

    SHA512

    50bee38dbf1a012be9ac1ffd87431791405d7cdb59c42f2f4c5da1f5a980c6fee9d97d64594b0761fc6f3f7ed37ed8efa7a2958f279432e2bf4c6b2a0e76f402

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0c37a00854b4ec218a82f681fbd446ad

    SHA1

    2d5e9a792be8548fd4e9ff010b5d8871e29c6553

    SHA256

    4c68b3dfae2df4262d49d3f3a377a693995682dbd2d156a7469ff6e6898063d0

    SHA512

    873d412b2954d53755f08ae6c570ce74ce98b807157246eaec4d73e11892d827d909b2d75b61f2c408bd12f0a0c4e8731e0b419dfdc077dd5307a377d9f0f48f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a6330fa441a1d05c5447eeab6b24626a

    SHA1

    76986565bc0352e034cdbd063bd9aaf4e6aba45c

    SHA256

    5f6054dacc752ec30a27bb77ad0fb5ba065b6c029517c664685031502a0481d9

    SHA512

    a862624ba2ffd9cd31a74613f719b28b977ea8ce1aa399f20f750deafe06bafdead90f216d808720601f8902d8198db9294c937ebaa097bb30c6033ce08dfd0b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    be6300134e6b05ccce56bd0de1b4d724

    SHA1

    d9c0bf0080f045f7d85577f988a09236d5398e7d

    SHA256

    36b7ef7baf198c4d3f85a60e358c24a186145c3059e3d838593f0fe9169e65e8

    SHA512

    1b084b981044e6a19ab6b89024fa130d7578557b96bde6e28112382a5b3c1cfeac457ab85c80c0d59b4826f8951b82058fa32a6a4b580f2090748649b600adee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3D60.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3E33.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit