Overview

overview

3

Static

static

1

question/e...tor.js

windows7-x64

3

question/e...tor.js

windows10-2004-x64

3

question/e...t.html

windows7-x64

1

question/e...t.html

windows10-2004-x64

1

question/e...r.html

windows7-x64

1

question/e...r.html

windows10-2004-x64

1

question/e...ger.js

windows7-x64

3

question/e...ger.js

windows10-2004-x64

3

question/e...h.html

windows7-x64

1

question/e...h.html

windows10-2004-x64

1

question/e...e.html

windows7-x64

1

question/e...e.html

windows10-2004-x64

1

question/e...k.html

windows7-x64

1

question/e...k.html

windows10-2004-x64

1

question/e...a.html

windows7-x64

1

question/e...a.html

windows10-2004-x64

1

question/e...e.html

windows7-x64

1

question/e...e.html

windows10-2004-x64

1

question/e...e.html

windows7-x64

1

question/e...e.html

windows10-2004-x64

1

question/s...dex.js

windows7-x64

3

question/s...dex.js

windows10-2004-x64

3

question/s...ype.js

windows7-x64

3

question/s...ype.js

windows10-2004-x64

3

question/s...ser.js

windows7-x64

3

question/s...ser.js

windows10-2004-x64

3

question/�...��.url

windows7-x64

1

question/�...��.url

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    28/06/2024, 05:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    question/editor/plugins/image/image.html

  • Size

    8KB

  • MD5

    02e3a00935a45bb933c9908dea390768

  • SHA1

    f3e3775d996184016e4d6b7efec3f12318e0adb4

  • SHA256

    c28f662ef9dc17138d6e96fc21a144137ddb1dc04328e70ffc4c7f00e1e627c9

  • SHA512

    f3533564420ed4fba6f762555a0ca9f78e6a489d890834abcfe2cdc89b72e5c3de51d8943c50bf624003565ae0629189e2adbe4f6a487f8abf5be5daf38cd962

  • SSDEEP

    192:OIUjFD+NzYjWS8+7gwC0OUuLyBK4rTsLsL6K2c:M+8D8+7gwC0OTyBK4rTsQL6K2c

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\question\editor\plugins\image\image.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2396
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2396 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2976

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0a8e51c5aa87048146cdc2008479797c

    SHA1

    7e05b64737300865dfd123a391a65531f04f27b2

    SHA256

    095ae462c6e51c9ac7dc0ffd2cc96b0a55853486823e2b7c6c35186435c93fdc

    SHA512

    dca843a7d5f7d7785849d13ee1b8804978184c7cd15eb3edaf3ea6f027211b4069b6716bf4712bb45ea57aa5a76988034760001a68a8b0fb13d2d03fdc279842

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d9eaec40499799475eb4b813c50d5780

    SHA1

    1c8becb6ebf4e9ce547d496be3d96ec070015aa5

    SHA256

    487601986002bce2b148bc7f3b95d1eb58e2fa1bb50ae975080dd0245aa85485

    SHA512

    5d309e7a1a21ee8b668e736cbdae833090bb3c33301cd32d382808098fe6eeb84f608870d79b97523ce26f02793845a0dbf914951b5405176fac9f55c37ba003

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1798f182d298fa626036c17991efadad

    SHA1

    4c3610b3aa0234c1e3382ec5feba5035223efcf6

    SHA256

    ae4d04c9be2c56ce22b3f2a8a2f827a9a6933750abf95f71f0427c2daa87091b

    SHA512

    53e45ca86430bac92d25a1d1fc93ed059e3da68cb8e0ea5b1040aea24194b328cce5fba9d00e0f6dddee8568fd4744c38a25182260c03d8c7106854630fd7367

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c8c295c1704505a1629678116c0aaa3d

    SHA1

    fca4947f584ba3fa991984f52ff2e4862f3aac49

    SHA256

    52fab2da464a0114377d51058cead377403f3696f49d1a478536d3a78cf3c533

    SHA512

    93fd7e2589353645fc9dba9c79b702a93852c0db4e42a5eca9a8a352a64ce8a29b4c53d53233de4a7c7c335f19f44f7469effc6ba0f011d725aec972437cc0d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6a447483df1d98b5997863a393bd9601

    SHA1

    07c99da74f6b0c7e01e48126bcfd94ef6b3e8752

    SHA256

    4fc5feee027b88aac3a2ac3c0ac7add72365e78d12dd7906d1ae3b051989e57c

    SHA512

    a7494eb25d38cfbbf3f8cf9eea865d0a6666bedf0796fbd05b6dcab8d6d7312e2c1b2df426d554e444c6a935335b3b6b8a1fd7dbd2b4138c7d7fb2855822e12c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    257d28fbe42a479669ddde13efe94268

    SHA1

    62640933407ee532f8670c2edc52937cd68d22e5

    SHA256

    b77ba349ba2e1688fc226719142ff80f5be0c46847c5c1e6b72f54e8838ad255

    SHA512

    16c683029fa65b90a638f0e725999481ebd7d8111938dca3860cdc2a346d1e3168e79d17371e9e5ffb61ad816dba574362033b6f7b4e7f7893780c8e6d879bc3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    412faea09e6c10a1a7b3de3b4864e875

    SHA1

    9b6c936f04369ce7edbb58d47f061205d57bcbdd

    SHA256

    5b7f1fba8cb4855e2ded1fc10a5c0cf62ae9f7ed802b0724fff5b662d5feaaaa

    SHA512

    cef7693a3a7b7d4cc4be86d5aee55524e8a71b7cf7a73fc094d5180296f29f5c08aafe84710b540fb1b59270eb07055b5705dbc1e7dddc69991cd31e7624d96a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2e4458cd68b442bc97838cbe226f44c1

    SHA1

    32adf135493765ed077277842f7711fea1a448cf

    SHA256

    3f577f956429e7e21cd6c3582ac28581a04db7122680617f442cda4d1a594e9d

    SHA512

    3dc84b0a04c09f38de5ec46b53856ade9b017eb93eb85093c6de95f7beb99a2c8ab9b72e77da8df3e264f09bc49f0fcca5aa0987efe014fd3ecaab673ddbca48

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0365c09c08c4df975236a05268bd3409

    SHA1

    b431fc6e79dec49252a98b7ed6aa5c48310b4a0f

    SHA256

    40bed8dd07b197775fa424d5cc64356a42370e016a7f1e2093842dca5e54d115

    SHA512

    ae8809a147f0d6703e48c2419ffa1e71a8788daaed4edb298fede60631b4bd52abd9f8dab34f1c13683904c03c6b215576d13ab53f8021c3ac8b65e595b3e8e7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    322c51153ba654d7919efc45548fc425

    SHA1

    d40240d209f27e1a4e01fc042effe1ec5f6a7619

    SHA256

    2e1b9988b04f5e37dc197cf373ece49e72e9ad6126961c0400be90a3a239caa6

    SHA512

    d1eaea541d12ec4fb819b580e9f1b7fa7f5e27d3ca2c5864158abb6918e24064ba8956cd9e81e5ea7c11b10b6d322d0d7500d057ca83a03acd776c1a82937f36

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    65f7bbfa16fb1cbb13226f222af120f6

    SHA1

    d3c1aa1bc9f1275cefefd1d4fe85735455ad1826

    SHA256

    36e305c7a66b9e0646e5a0b2b711229cf6a98a182421e95ceffdefdcdd005b1d

    SHA512

    b6a07c6ba46933ada1c439d3cfc0d148cfd5fd07c558517b24b07de91488b3d7ab967780cd3e067ef3fd44bd3caaa06de265b8024ffdfcb921ab9f18ae0c0317

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    39543cfc9ed21288431501fb44f7c4be

    SHA1

    79d0584c40416d94c7a20366e17a8ad6536a1e62

    SHA256

    67015625af7be262dd3e704c7ab66ea7bec0b0be2839bc53040990030fbdaec3

    SHA512

    c1d548a9510afe47e42e4942ee193fedd4f95487ff782083f24e1bf80a4059701ba3e1228dc811e605ac43a45eb356573ee15da53f038ae4c43d8a7570a33433

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    546518f234dc52f0abd6cdd0d9f0b484

    SHA1

    c6d93ae25c4b8865f64fc3d5bf17ced31ee2e143

    SHA256

    7a5343460bff3764644b187c6f846e3dc46960fa48d3242a84382c479ccf26c2

    SHA512

    17b3454a9b87dd74e86991ebe89ac797cfc40538117899eaceab0b4dbcdf0c873dd842cac7b630b182f4f95553a883646838fe9990219ae5146ba8d7d5796f90

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ebdfdf6eed5d70efbafc2dd55f2b2a23

    SHA1

    469c63cb47d3f00603e2d72ee3f527f8495f49df

    SHA256

    4f1f7f6585ff1dbf3cc78b926db5cbe40adb5f0a8136f9d0d22dd2e7b88be038

    SHA512

    ac1caae7b6662878ce8e7eee11b8bab0cbb1480ee32d6caa53f53c8cffacf6dad88f8b0cddd96a0094eb6dadadc3c2100e637eeaf338df35e97ef78ec972e5de

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9415bd934c8503b565a2521e39f2ea4b

    SHA1

    d6c75865b2cdd5634c1395634cede8f52d8fdd9e

    SHA256

    9192b2c08a7b5ca2fa533e919b48b8c60d94a463c8a707056feb5256f8819767

    SHA512

    c3ec5c6cd22a18a84095e23f78848f836e0e6cbba89bcd80410df00991087c65084252cb665b52a1a4b57c965f778351f934d699e5b394a85b5f79b48ec66a90

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c4114e68eb148a649ed6d28135cf796f

    SHA1

    93fecdef3855d9dae0f4238899cb4c4f7e1c70f1

    SHA256

    4e50faf011a76775beaed8b355a4a1fb1a67784147da08eebe6ff719859e9368

    SHA512

    e51ee0285fce5e08456d629400833f34b366a2a8c6e12c957a17ca150383cf5e99f57199778de4314b29b5a232c5caf6b513c9943638a23b7d1fe0b0d034d41b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3cb9b6d237aa4bd5653164fc78455989

    SHA1

    d5ada1571023cf8b49d4830a9ebca94812d9f838

    SHA256

    d4be7587707795704355b897d2b2b9f83af327f244c1d8a1e77964c3ecad5b53

    SHA512

    91f21a05953b2db81be8b8527ecc16be3c64d4e8488ed34142c37ebb176d8d78b673061c05463d22ad0dd45cf199dd672a2538f79ae037c24a2d284464e17332

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e3796a36e60a6d3b82448d9d16b7dbdb

    SHA1

    7343924c34270db1b6657fe9620b6b0cdf1a474e

    SHA256

    7d7b471fd55a224c1385f7e1007dd1e5d55146095419343cb7348f172f652ac9

    SHA512

    76d32b4733136a3ee678935c2aecab63de93f1893d5c0f5fc320474a87e08f4ce9bd8228da73eeb6f811da0abd56a37004395d29f69de7827dd4ab88d4c9adac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4245b76fc4b4b1f718af639147ecc44f

    SHA1

    2faaf56ac6e8f825f050ee403580f1204ee60bac

    SHA256

    20ed7be52fdf55b37075cb5a50acc1875cecdb2357a12579e2cf89760cb50c5a

    SHA512

    0c3675ebc4160aae1b03b059f0f399e73d9ddba9bf45d83b549acafe9efa3f52c49e52caceb03e88e79ed129f1cccb61bd89f3e54de61e16bc45177e010ed088

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab23F8.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar249B.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit