Overview

overview

3

Static

static

1

question/e...tor.js

windows7-x64

3

question/e...tor.js

windows10-2004-x64

3

question/e...t.html

windows7-x64

1

question/e...t.html

windows10-2004-x64

1

question/e...r.html

windows7-x64

1

question/e...r.html

windows10-2004-x64

1

question/e...ger.js

windows7-x64

3

question/e...ger.js

windows10-2004-x64

3

question/e...h.html

windows7-x64

1

question/e...h.html

windows10-2004-x64

1

question/e...e.html

windows7-x64

1

question/e...e.html

windows10-2004-x64

1

question/e...k.html

windows7-x64

1

question/e...k.html

windows10-2004-x64

1

question/e...a.html

windows7-x64

1

question/e...a.html

windows10-2004-x64

1

question/e...e.html

windows7-x64

1

question/e...e.html

windows10-2004-x64

1

question/e...e.html

windows7-x64

1

question/e...e.html

windows10-2004-x64

1

question/s...dex.js

windows7-x64

3

question/s...dex.js

windows10-2004-x64

3

question/s...ype.js

windows7-x64

3

question/s...ype.js

windows10-2004-x64

3

question/s...ser.js

windows7-x64

3

question/s...ser.js

windows10-2004-x64

3

question/�...��.url

windows7-x64

1

question/�...��.url

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    28/06/2024, 05:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    question/editor/plugins/link/link.html

  • Size

    2KB

  • MD5

    fcc39815f8a7f6c5800cb93ace87579e

  • SHA1

    816848f9b4aa326434cba416aa85935763cc136c

  • SHA256

    0aac816e6b42a171b02e61018471d70076a3bc2e18d5c2d7f60eca7727a580fa

  • SHA512

    6cf2c2450d22f6d258febe26d57e939ce0defb8e72bdd3d8a389bc00f234036897c915002788f6bab4458b9ce55ea47d490e759f573e851b259cb56bde507cc0

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\question\editor\plugins\link\link.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2860
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2860 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2716

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b306636efa9077d22f1e3396a497bdb3

    SHA1

    985b25e99e7f84442f3206d65ceb61fce07e6f44

    SHA256

    7bc94730d8020e67de15ac83726019e65429f810b1483126e2fb3485dc17a185

    SHA512

    c2bef4d1a81775d7708c7ed79967b8e1610c3d15f11eb1a5d22cfc09fdcce7a8ab16a867f6878c2587c07d83a0751581e63cbc7be88c304c3a097203435fcf08

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1944b81b3072e2b13e8c7834085105f0

    SHA1

    28ccbc78ce50c6a946bb7691570b286c42afe39d

    SHA256

    c4677ac9f4fe44911b012bf2d1f6b694cae573299a4cb6856abd9cc0ece35698

    SHA512

    d365a8991181b5c15d5b6a69ad0db7aec1ee8397ff7d6a4d5847a93eb2c1b3d601536c44e213ded55803fc399d8a8d6695e57ec970115eeb7d2b28a8ec03ea79

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    49ed40f422c5fe4802a1a7a3478d95c3

    SHA1

    4ce859decb8bfb10e2e32e4cc7c8bfe2b7cd2614

    SHA256

    b52d3651f36fd77f9fceb5b05462ccea22675e177a9daf2b5b8546b3864824b0

    SHA512

    1d70906877e5bbdee8a3da29fa16f8ae5c25668a27692517224563c60f1ae1caf54eb42c1b9ebcaabd58f92308ff184e9c173ca0c892f6e71b1553233f78b4f2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e1948b4c645a29ecfa628788fd83190c

    SHA1

    a05f6416df7886072213d6dd74dd3e1b1090d3a1

    SHA256

    942024d31574258feaf2c89140fdfb5dfc85e25c2f262263c4e1d5eeb2dc6fde

    SHA512

    6c369e9a14ffd0d56850ec525f592d8e25791e9cc75061d0b9223b2608101b3a1d0edb87ef870f7b48e56040441ad0815be3815e4aa00e2a1819254e0b7c68a2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f7c2c13ad12059114680db2cf9d70f16

    SHA1

    6cff7b01123170000dfbff1f941a1b4dc6e32965

    SHA256

    717e5bdce7b5b88dd2ba1b9a36a026f55ce28fde99fd38205d3063ba15f489e8

    SHA512

    ebaf611898d90c1e1bc521821ed73d32aba0bae238bd597d832f47bbc0f93a188ac528e56e1a28fe9f1dbaf2e17663cbc60fe43c14a10684811239989625b2ac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1071524770249c95f20a9859634732a4

    SHA1

    742fe91f64ddd0f3ab36e409d8c2f9e15842d81e

    SHA256

    0bcf615777b679d6676fc570075e1173b7ca7f1058b347ae8a8a53494b6cfb86

    SHA512

    3bd611ca6fa0d076ad46a8f0127b9a70171b5571dacfb0fab39ede9211bf5fafeaa7432327314fe099f864619bfdaafedad16ece81672b5adcbf3f2bc5506978

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b76a60913d05054679696681e6e284a7

    SHA1

    b99dab5cb9b3f26e3af1af5b73a06b976d5fb1e7

    SHA256

    ec037e2f63821fa693a8af03495a902075de89ed47293f982b135b7961f8d7f5

    SHA512

    418963d1e3829beafcf2721566f9cb5f76ede7d3af7035e3cac363bb201f85de2dac5908d094f661fdb535c531c5586d98bbd9c9b19816dc7536b6060cecdbbb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    98eaed68f87a2d8f35952c8d551f3b6d

    SHA1

    7adf811b53bb9c1b2425a69dcdf1373fda0e445a

    SHA256

    30e053048298ceb714564e1d180ca66a2b0286e92a0648f26d3e93bcef627de5

    SHA512

    4bc94b128cecdc2a000650ccc83054442226644fe6abe0696185c5346dc81e5a4f06e6e5199b114c8e1332766677ce5f3aff44ec253fb3c93cd7b4a2ec042114

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3ab94e4846edeb0c543128d4baf80872

    SHA1

    15825e8d0b67a6367eae2533485f4423bb83a296

    SHA256

    d50d70b27195f598ebd88b82bbca02c78382dd84af174fd41e9aaf467f6d5237

    SHA512

    03eb9e69fb5e400e4daf012da34b67ea272ca9c871d4887c308224d02b935ca81b2c2c9c08e45dcb1e3c580b57dd533885828580475f32f31659a6adfe96ea95

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f3133d2a8265c9a39016496c9e206d7e

    SHA1

    ae034a14c5fa845e5d570ee7853f9f025c99119c

    SHA256

    5709f3f28293328fe7b5e269a1c6e51950d3782e22bc7b44db2271d51f308879

    SHA512

    b1a3496998752befb21b39df07b6f419dc2bff8c55091371254661177a21751114af62df3487cb12ccb0ee1088c1ca91a254a8f26849ce81982a606165c5ef19

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3A84.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3BD2.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit