Overview

overview

7

Static

static

3

18b2c9f1c8...18.exe

windows7-x64

7

18b2c9f1c8...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ss.dll

windows7-x64

3

$PLUGINSDI...ss.dll

windows10-2004-x64

3

114la.exe

windows7-x64

1

114la.exe

windows10-2004-x64

3

115br.exe

windows7-x64

6

115br.exe

windows10-2004-x64

6

html/404error.html

windows7-x64

1

html/404error.html

windows10-2004-x64

1

html/config.html

windows7-x64

1

html/config.html

windows10-2004-x64

1

html/error.html

windows7-x64

1

html/error.html

windows10-2004-x64

1

html/last.html

windows7-x64

1

html/last.html

windows10-2004-x64

1

html/start.html

windows7-x64

1

html/start.html

windows10-2004-x64

1

html/stati...est.js

windows7-x64

3

html/stati...est.js

windows10-2004-x64

3

Analysis

  • max time kernel
    117s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    28-06-2024 03:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    html/start.html

  • Size

    15KB

  • MD5

    c7d5b20b5ae4eed31d49ec946a283ccb

  • SHA1

    61a8de3cf4325325a899a0b3e126719ef6ac82d8

  • SHA256

    cbeb41f8ec703f496c34ce1ba722b4cbb2c03cafd5b6da8056d015b6c496f186

  • SHA512

    e125259b6e156a0129ba5329e6ac152657d79967298537f8ddf8bb8090ed090218eddf75b3f8fe8a3805e1a5677d2561f14421364dcc299784a1a168bd3088a5

  • SSDEEP

    384:SIDjjUvKCrqHbdkkkEQiZiBaGFiEiJiJi+swIGi8bn8DoS0Mc:SqPUvKCm7KkHtgBa95QQ+sF8bn8ESvc

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\html\start.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1652
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1652 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2172

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c6afa7210de0c82e8df6492c8d16da62

    SHA1

    98f7f9af2d0518ac6ce9c6362d6a199bc3b0b681

    SHA256

    1e487da16cfe6c4a7bb390e3a1c83493bac0b62245632457a4d65e1e4a54101c

    SHA512

    a3b718ee293d5dd25a02eca4043ff19e563f45eeb22329897cb4906b0729ce31c475ffc1c3a593df4f88fc8e500d4373a096b54136e4bb213ef701bebaca24a4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e662e74564bec8919fa27017f86d5674

    SHA1

    cd2a52d7901d1648894a6bd52cb9a60fd68753ae

    SHA256

    0d589771335ea88deeb067c78361599da8cec7d9b2c579af751ab84e8e7d868b

    SHA512

    035dba2ceec539077a19f71e1bbfb875655c7743ca50d0ce45df71936ef8c5848333ba482e6b60ef1138aa81d5391d1ed2e3c3dec21f791e0aa0b31f45d648e8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    68192ae2c4498a6d31e72729dc9f9a31

    SHA1

    bb2f71e98dbe30fb1a1a3dcf49bb47c7a206df7c

    SHA256

    71653bef17f56c06b442ee7acc54c46c204e8b72a79b4e1f604ead00bc67159e

    SHA512

    65a783c87abf4b48377d73f24c25c4ab7c3f916980f8e64aba038ed2444663054f0856dcae7dd2092d920c08c875efca1d7e5d5ac563f4c5c9786b0544bd841c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9fb52e1942e2872a27f41d11efc9b702

    SHA1

    a855de28bf1e21f647a0ea7c0e27dcb516ecef1f

    SHA256

    d1a702090ca1618e6c6c0c4509bd4ddadd61fdef1be93fa5de4be2fff2777d5e

    SHA512

    de5456188cabb5d394e2cbf73f25cbc1a71679a1d3c0cb50e52c2a2cda87560c3d1465c76ca384821b5b2a9159b8bdd99e9bf7f9a90ea6308d835f3855c2dfdd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d4430558801bb27675d2292282bf09b7

    SHA1

    8fda7f31f7e6c7df737b74ad06e1744fcc483525

    SHA256

    0fe3e05b5b0dd0bc167965e46086269df4d8065d0c00e50c240413eccbae4e6e

    SHA512

    c5a59c45e18fc196c53545b002408bbd08f9fa36fef37d4b9e5d2fa6fbb88cb9fc955c020a6a29bc53bda36f2789d22f032134f8d8e5d4ba6757f19fdc085260

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3df18ee0f6ab2f229aff7aa8da96068b

    SHA1

    afc99e0d97d210ad38a91b02fd5d3b371e1869d2

    SHA256

    76dfbb7e9f1a405c1044c04c92ce2761af524059eec95e1354c90e72adbc7aa2

    SHA512

    b003578014a7891ec8b1e98e00c74e3233b90210a41ca7ed8b0bd8827482c9262660d62e4c6befba8d4a16019cb1673b3536aa25165f784efa28f5162dffa75b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    15f823e8e3bc47badf5013a33f6fe995

    SHA1

    b77b1e1fa36228c82835d3eedc1effaaece4df4a

    SHA256

    bb0271ecb4a05534b4f25c3c581d1bbe940a3648e4e6b6aaafe2286cca8ed5a7

    SHA512

    f8ece48fe6860b212df68b518d165f1f1ecdbdd6dce7697a9495c9f85ed7ae9659cff3b7b45a3d19dc4443073ade09e23b8ae3e00a3ceb7b3e96cfa804cbc190

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    30b72a5b1458af4ebcfdca1c26ab79a6

    SHA1

    395ab35fe3b3d3cd4a00db937ccc1fce27f5bff0

    SHA256

    0991829923c86bcb6eb13b4484ec9f95e707aa5e02f7f90d6562269afc2f3e18

    SHA512

    ce5ab6c1eaa6e263b8aeffffaffef74c7bea3b2ff9fd0fa2aa60e09c850959bfa9e016229fecbe41604c18820fbaedefa3614927ff1260981ff1fe5bb06698fe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aa363a9f3104ec9a82436935abeab21a

    SHA1

    eea666cc0d06e20f7b5f0ae71d2180e46b15081d

    SHA256

    9bb5d1a957e414fb00d34fc641b50988a3e8f8b7f1fd0e76d71eba3eb71ff4af

    SHA512

    c8268214a61c06d3c8d824a13dda83e0a2a226291a2e12e460ba8768eff4c23fcb0b7e495738ec3b58a15821d3b58839b21a18692f90ba6c603e548eae237721

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    684d801b59a67120fb807eb039ead39f

    SHA1

    ac7dded6d9339649561b72b8936664f37a9947aa

    SHA256

    8037407c1c48232c91dfee0475324ef18d06d3f1f6d488a0c336c268b0fd70b2

    SHA512

    74efc232c4e6b8c62c0ab3a108c09b941a2dd0a466c16ce60ee91ee4ba8039edb815020d83feffc1112bec1aa8136ef587572dcbf8df5a1373bb705ca339b080

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c4f1251b1e080a45c3a99526df1f4300

    SHA1

    7dbff61edb5a5d0aee76795d027903b78b341ccd

    SHA256

    bab34bd72af33620ebf20c1e21c4f906d2945701a7a79eaa311773f00cca209e

    SHA512

    5bd2417f8a3cc7582831183bcda04e64b8bf11364473095e1fab4eec24b8a2b09efe53df68cf7e4d98fdeef69eb24fa5ca581c316e465c929be54fcba811c99b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cfcc5687504ba9e1a4d420d325d1bf68

    SHA1

    a12a43e38021d3701a3a17a433ee78a70bb52c79

    SHA256

    5def0b8fae89ef60a6d05ae7ec4893860bdc780d5ddf9c36b93b77f1817c9ae0

    SHA512

    8d0a1a7d72c39b65e8057c9ac67b00b34ee9df4e015571774b0128f040a8a3571595084a79dd5b92667de13d0a3df939845791f73c4bbd48c568684ae11e86b1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e43f52824d2f3f73bbcc57007b10cf32

    SHA1

    a696230f3013bba3cd1c80aad9fffa736ff89bca

    SHA256

    4b50373355eda3d447a5be8ba7e417e415312ee7650e8988e85618b2c7b99ea5

    SHA512

    b041d49c3beae778fe6128e1b7e3a3c1e2a8e0765f5236974532c646860178e7a51c0cd100cad7f0c31910fad90a333217fb61bbae110972022b27dbcbb6d4db

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a4b8970184ff2c30473395b8e522ef39

    SHA1

    48a0d95408d7ed6e86e01ec50a724f65e5b6fdac

    SHA256

    aed97da1f0fc3709e41418cf85e057229fb23933baa525cdc13ad760ce914b04

    SHA512

    076833247886fe215d100a64f346ebd83bdb690876e5a5a35dcb180ea06ec76266e10ab237e56b22a3c72bb9b71f7e76fe429ed3a0ec491a10c4ccb9af9b8078

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    38e9c1b227d0adf6f2a5d9535e8314f2

    SHA1

    ad960488512dfae4fa2c7507a123e9584716da68

    SHA256

    1aae672f60e7daeb3cbb18d2cf99ae464f05007810c7130b387540d19e5d245a

    SHA512

    8a1c21c5bd154dcc03c159e1b95962b4ad1eb0d5f129ec55820628408134a25d2cf651e1b78d77d00b9e7d6c17d4e92db5ff3d847e6f4e276a9daa4ca68fadf1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ab20c131ed068034d6524eb7df8ffbee

    SHA1

    2539a30eb000ab325ec6f7d4de82ae1e0f671ed1

    SHA256

    381cfb93b6455ffcfdf986e41b3e9173cf73f9d2838dda0fc9dd4ae4ba43d140

    SHA512

    358de46c06905fa2bf07fd48335dd4bb424086de0a34e13099ec68560cb590fcc9499ab838a29917a643d47a3d5b35bc69d8f5959d0723237aae1f934062388c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c17c810c9e10321367b198f4c25f516e

    SHA1

    ae6743248d5ed8f81a19e68d4a9e46c3c75b1949

    SHA256

    bf760dcac002800f9772c6e6d6106186b73c595cd32f5f9dcdd8b0af4c758880

    SHA512

    fda893c8ffba35516d6151ac669ffa81c7895d072f2bfe9662066de9d4ee627e8de84bac509479f22775862d77917c19112159fca3d0571b73ec8857e7edf03c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bec9f7a210ce336ee405eba9f5ef11a9

    SHA1

    7f7f1db2c5c7537bd3968759c3f82ce13fed8302

    SHA256

    09180cf0c875e12748ed49f49db03420b5335f2195fb78aec0f0cdab9f7fb375

    SHA512

    a801383e59f0b09f909634a7cf9978399e275bc6b1ac65ebad9c855aa191789417b18f825ee681e04ff4fc3b9cc42f96a2a4c10d301c70d42df4e90992412590

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5aad25f9ef64658fb20d8c2edcbe1376

    SHA1

    b5697e90972d040b57f89461b899a291ce7cca25

    SHA256

    d25ed448a218b27f94a4078bf87e835744029587c82a9ee59d8958eecb285f14

    SHA512

    2500f248595cc0b4358c2a55e5bda402c9fc4ee3ad2b0db30a9dbb97ed9558007a5239f43c92fc9a2174fd078f4fde4ed945d8970fae307f9dfd700c5155b331

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3AF6.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit