Overview

overview

7

Static

static

3

18b2c9f1c8...18.exe

windows7-x64

7

18b2c9f1c8...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ss.dll

windows7-x64

3

$PLUGINSDI...ss.dll

windows10-2004-x64

3

114la.exe

windows7-x64

1

114la.exe

windows10-2004-x64

3

115br.exe

windows7-x64

6

115br.exe

windows10-2004-x64

6

html/404error.html

windows7-x64

1

html/404error.html

windows10-2004-x64

1

html/config.html

windows7-x64

1

html/config.html

windows10-2004-x64

1

html/error.html

windows7-x64

1

html/error.html

windows10-2004-x64

1

html/last.html

windows7-x64

1

html/last.html

windows10-2004-x64

1

html/start.html

windows7-x64

1

html/start.html

windows10-2004-x64

1

html/stati...est.js

windows7-x64

3

html/stati...est.js

windows10-2004-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    28/06/2024, 03:58

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    html/config.html

  • Size

    21KB

  • MD5

    d94ac9d5174972efa1dd8ba84fdc3602

  • SHA1

    29c7f474b3fa1332256caa70b0b0efc047f796c3

  • SHA256

    3ba63c4784d9256bb03594720360daef4c65d0dc61584c66d4f6e3f5cf0674a0

  • SHA512

    07dc46a2f1b999d9938c6bc398c7dc782d113f16ceb2c784db91f8baa417e9bd7ccfb5cb2ad77ea5de40d205c5379e614a547993c785985612466a89d2d66db0

  • SSDEEP

    384:pIpQLKOZ+Jr4Ul+QqQI5ED0Fj1GvimHxXlyi0itAlr/5:pMquX1ptA55

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\html\config.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2172
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2172 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3008

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          d049a94bb593836d2e032c63e5af7bf4

          SHA1

          17c458544a5c3df6b8c26638dbb6521741f812f3

          SHA256

          055121d26f9d0621b0d779cbdd8131fe7373b818be560dee1f8194c6e0c2f0d4

          SHA512

          df2c8efa9b7afc82d3ef329b7380661f0c31bc3a6ee70cd744308990bc928a4b70a0af35c9c1729cd2fb4da555a3661a14415a3087d61242e36887247d4df655

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          6b53f0f13cda81516cd9f52131141c5a

          SHA1

          c7e7800e010d02b7d00d517ce9749a37103ba781

          SHA256

          f4f5e290b4cb72862d309206a65cd4c8d8eada4417dc53aa1b39c838a466e904

          SHA512

          42ae6cd7dd0821bed8fa06d60afe7f9d5f1b451ed3f4a9113ae38d7a2258324bd31389d1a92fe68991b01b10ed51e7706ee4391e4b9b8915edbd7ac248302e53

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          8810ec30ab4c5c9f9ddee10ef9cea1ae

          SHA1

          9e24578d4d6b0427e8e3672ebaf6df3cbcd3d906

          SHA256

          e5431bd495ed1fd80149c8ef1c355cb5e6a5972779a0ec53a5664d9c56e64540

          SHA512

          f6897ef5d672c008a6911615c05bcab9bedc80ccb4fd706640c3509c706e5dbfda2e11e1e23fa84888f61dbcc77a856df5dd6595f0069fe9159da5802ea218a2

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          954eeada7d3c946c89ba7d6d836a53b7

          SHA1

          fd97c93591e2a0b9d42f1ed1d7c60c28e46fa31f

          SHA256

          6530a4e03cf581d680090ae0c6d8cd121f7265fd70b8b55645eef344fe01fa6d

          SHA512

          07aebb63cf12890059ee05b7e5d6f51cebb63d4d4e1b37dd1d6b9c10bbdf403a2f0212346420e6f59214b18e37dee9d5796b679303168931131b5d82de17ac29

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          94eefd482129109419e971b603a2e48f

          SHA1

          fac724a08f77c90b31662996528c69c4ca350c6e

          SHA256

          bd18f9f9d557e9fd37fba8a24f15e5e8ab1e0bd9b32f42208c7587d6fad28699

          SHA512

          4a62e1e14b7a45c36565ab66165a9694762f725a5383dd5bd8ed52e8b660687775daf394aa4cb468857c6e8478d1b4bfac9d2226d9c65b5216cd3756cc36764b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a58f1453dff17bf686e2612a8cbd8ad3

          SHA1

          b9f9c2981c3632ab2465875df0276d411e264005

          SHA256

          e8bb2879a644970e9a4ecb662c2954b38e9672ba2811fbbf73a980e58ab63b73

          SHA512

          f4d7a69cda2aac6754813fbe5bea70978ae0c1c958cb3ef2f9a744e7b24f6e652677d20f14194c22a15c4f3b940d65a3d0231f87a87d69a531c3acdc794be4be

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          871bf95bffaf9d5476e1c64cc22a7b5e

          SHA1

          24aabede21e63b3285a0233dbf303ba775e6716e

          SHA256

          5c2848680ca796040b34c2e34fd7c536bddbb07209d1482914a1fd87b309cef4

          SHA512

          e69a3c796b5b0aa1660dd3f30468f2619633caec4338500bf6a7eb6092bd18d6410876099740dc602b7df62675d47fe3472f6697a853415dda61354836e61b13

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          fbb92b318299ced9bcd6889c4707f1e3

          SHA1

          5155a27b9e6447836bfafae7cc59af26f7b4567f

          SHA256

          34fef8638725bb4429fc04e3743df3345f0b4789453e14e984adbed6ce9d1cc5

          SHA512

          a885e55506fa87d947de042a91853e848c0f6ac1b7d9625e7ed15185e1e09d6d3dfd744ce1fb02f0eb41291f41d475b46db94c9d6d0391f7efd59425b3c16a35

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          e0b04361fc38f55d76d73c9624469358

          SHA1

          2586ba93e14460ace54cffae9df97f772bf3b50f

          SHA256

          4b24a9c1e5ce536255be782b1a8e7d698c17314577d5017786edfaa8f9b7bd83

          SHA512

          a3fe399daf10a11c7effd98f69bd11275ef2654dff8dc05faee33ea55122b02dff24557bd4be99b741e038d1e14789b01b372f6e147cb7c805dfa827e5435095

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          4dba439cf5ff71afbf6e6f019e0581e8

          SHA1

          1fd57b06f6b2f8300061abf8e5e8c1798ca0e2d5

          SHA256

          8cbeb80e6fabf97cca151dbd520b77e5b8d94f47c229f142d1123acc3e9f34a7

          SHA512

          990364bbe9970149de265fbe590ea8930c7512c8e983c3b4546b173047dea09a3594bd42761685cdaa255ae2ad565b454eec83e09fad6693661ce684d3cf28df

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a8bbe47e48a0e1d140522d06f1dfbc68

          SHA1

          27eb070f68575e4297da27696d09d111d1dd090f

          SHA256

          7f12cb7d02c87fb130572946b50aed2e4dc9eac1de79c391b9cb138b835ea036

          SHA512

          5befecbd87ae5c6a9d02e4b06a3e3ef552168f891a93ec0081a5c3b411155dfe369cfc5bee4b8b00bc15d1b417bf70be9f13a18bc11d3bb853afc9f32805638b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          3c99930a370c34e676aaf879bf4b318d

          SHA1

          89f1957722dabed801301f8e3ed16f13763eb5a7

          SHA256

          527069e494168a9179a8262d6375fae7f15c988e9036c5e801e784f77575eebc

          SHA512

          77f354c28ea94e1d95e806f268fe4f6fb82f361beb1fb67437d5ef831dbec9964e66ea38638c99d3458c885e1277202d4c2998116890ae637ed5be4b2c70326d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          bfd8f4c8d9d770df80d69f065f1d4e98

          SHA1

          1eed0e425cb33d94b95f469c0e91c3888edaba6b

          SHA256

          a26a727826fae0cc80e24d5d070b2dccb153eb1837046f3260a83eaed8fb323d

          SHA512

          3392197494687d158b8cc11a6d87d76e92bfb78d365b2bd7795e434f292e1e2e5b314a775076b4224a5a270cf2c0f0d7de90bc29b0251a23cab2eb5a65bc101b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          d918957f4f29538eef3427bb0f219ad9

          SHA1

          0c0e9aa58b7c4b5ec18ddffa8ca1338c719ef428

          SHA256

          cfa62e6fba73a2b98284f401b945268d499337841f5c27d6582beb50c761af6e

          SHA512

          c82159fc80933d2dc1e7e90e778449989887055dbcf6586a5b16eccba910b2e1f7dd0924bd73c4d472038928aad96c7f99140a9821b2e1ff329f3d390483651f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          d54a668683b55bb5f3ed378052c6b8da

          SHA1

          c0aee388e47bc87af2ede22d85a286c2d972793a

          SHA256

          78fcb0eed644d5ae01843af5e4e414c63caa7bb5f4667d3e733c6401c5ddc05a

          SHA512

          c62bfefbaddb57bb57b7536fb2d0992bf91c4bafb8020eb31c49ba54afb5fd4432c2559e17c77ae6ef63c9ae83c24f718ac8853ce4d4284e886a7f104502489e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ef2ea5224873c14278ec2037e9f37477

          SHA1

          be6aff1b9693ee98fcd7db0699025df729b9f10a

          SHA256

          1e4d09bfdf8535c03288ced5e12fe49444708751c5a4b57e93bfdd93ab1c7455

          SHA512

          158577d602fdd60b129255c305f54c3943824f5ff6f22ffc82b2ae6055378b383970c92d53620dc8c1b3ab63ff210e9927e9f654919b1ba98af97d2efafb8850

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          5e389fda2de26c0c96316f58a117441f

          SHA1

          a446c3a28c1c32730c6178377d25c6ad0457ed4e

          SHA256

          ad85668e6aa269d6250ac01f22e127da147d9acafd34c5ac1face4753e111ae9

          SHA512

          5e3f1ac26cc6162effd048b181d3137a4e4dd8c295924a5af97dc1a6cd2d5ffce625699da0499227127b350eb67e93d9ce01ce1081305601590715179719c946

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          10f2fbf995f30008ae25d31b166f3b49

          SHA1

          0c5497d8eb57a053b75bbec8c2f2948210c290f0

          SHA256

          290dfe3d7d8ab390e24756a72813785c038682f572e3fb750e0e250062a1067a

          SHA512

          2201b333a8467aca7c1da002cd4f1f3847efe2d5313718b2fdb2db5485d3ea482075458c4717910839ec66a6261edf884fb434504db9f72f44b5776314f5d7bd

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a43f59df6173fc0f6c9faafeee549186

          SHA1

          f4c8845e6c95555de9892d9b8ee35f2a66bc14db

          SHA256

          b21e6fd42df54325481b099dac95a5863c2e9cfa96fc7f0df1b67c5b8991e5d7

          SHA512

          a002d9aafe8ce2a71c95393b1d92d94896f552e5068807d759d995f32f1ea0fef1e4078749615b837d79f074bba19a74632d409bde6d9f3ea9fb7e56ff62e7a6

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab2C13.tmp
          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar2CF4.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit