Overview

overview

3

Static

static

1

question/e...tor.js

windows7-x64

3

question/e...tor.js

windows10-2004-x64

3

question/e...t.html

windows7-x64

1

question/e...t.html

windows10-2004-x64

1

question/e...r.html

windows7-x64

1

question/e...r.html

windows10-2004-x64

1

question/e...ger.js

windows7-x64

3

question/e...ger.js

windows10-2004-x64

3

question/e...h.html

windows7-x64

1

question/e...h.html

windows10-2004-x64

1

question/e...e.html

windows7-x64

1

question/e...e.html

windows10-2004-x64

1

question/e...k.html

windows7-x64

1

question/e...k.html

windows10-2004-x64

1

question/e...a.html

windows7-x64

1

question/e...a.html

windows10-2004-x64

1

question/e...e.html

windows7-x64

1

question/e...e.html

windows10-2004-x64

1

question/e...e.html

windows7-x64

1

question/e...e.html

windows10-2004-x64

1

question/s...dex.js

windows7-x64

3

question/s...dex.js

windows10-2004-x64

3

question/s...ype.js

windows7-x64

3

question/s...ype.js

windows10-2004-x64

3

question/s...ser.js

windows7-x64

3

question/s...ser.js

windows10-2004-x64

3

question/�...��.url

windows7-x64

1

question/�...��.url

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    28/06/2024, 05:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    question/editor/plugins/media.html

  • Size

    1KB

  • MD5

    a031b9efa8e1517f1eb98d57ff8777b5

  • SHA1

    a908bd9dbfc3981419edbdb658f53edf2fd68513

  • SHA256

    44312e60aff6269379a0c0cd754bcffeb50dce2a644b4dd225e02b5f2b82b55b

  • SHA512

    5d23fa74ce8be4e06f521234bbd6d69cdeaf89887e592be1a2c3fae9bfcc3fc7dc3c7a970b2dea7a87318d88e894d0d97da2ee6da03f38b3137555a340ca6392

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\question\editor\plugins\media.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2176
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2176 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2124

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8028ebe0239743be2f85d4802831841b

    SHA1

    d0a60f997c426319483cd1be73e6881889a828c3

    SHA256

    fe97c0332743a017eaf97b55fd4897658b7b1e6a397a092f38f40b20a455d6a6

    SHA512

    56393d34aa7387be22f58da7536517b13bf787683ed711aa9608338f9bb5ac30a9b8af91f26e44ab2f15152d0dbf561e865772783ef38e31294ac6c29a3499ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    79705d0e64d205c69c11611e9a5b37ab

    SHA1

    ee2c1ae5dad80a6c0910fdc9aac4afd8b9cc79d3

    SHA256

    9227ee829a533bb5a1911e0c776c9e1d9d087dca813a34310b7b45ad7391b5ec

    SHA512

    4961c525efc17bd279d71a23bc2c525960a2b7ffa38b7052657af40e6295fda879230cdf4f78dea2d714e709a712670237383f9f444edbc78f1e90255b185cb7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a0fa683b89d63bbfb9bd454d47991af9

    SHA1

    10505f47d916a6faa616be55004b8248d41e3caf

    SHA256

    eeca8e6a4d6c51d11abb5d9cac4e0cbfce4d953ce1b4eee87c0abfb10bc36f3b

    SHA512

    21112bb6b8346a6acfba01e4e6e3e4bf4b23f51a7dcd87777a3e6b7af089be7dad79181899b0050981f3cf9ab8be521e9c0b573ae4662da81fc434f8804d4ef4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a841b07f891753186be255799fced11e

    SHA1

    5092778847d25360d261e5ef826012b2d9370a69

    SHA256

    5907c4f1b778972b2a5aba9ef1ba389ecbb675d80a95ec0feddc0564e853b181

    SHA512

    6b5bc319973412e1e4bc43c426f0fc0bc1730e7b03c0e7befd420bf15f1bc7afe4534ad1ce3e315a4e5120ed91f574d9538bcaba61e64b273537893d2f72805e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    292428bb0f82cf525fdf48b0ea7a152b

    SHA1

    fdb45fc611f48347b81d2faecfa36c47e823c430

    SHA256

    0d0627a49c75641b2103fded7be8338f90ade27d27403e490956bea58c92437a

    SHA512

    0a9d9944c3c8885d35075a01b9fea61d79503acde8e08c1af695c891fe934a687e470e3e1ac0d173c262d2d29b11d7b39f4caa020e99d4853ad3a7cb09b74e80

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3998f91c7e8719ae672387bfd05b75e9

    SHA1

    9ac08266ab85e16e749a3ef64ebf891de261f31b

    SHA256

    a291abbf1097b790c33a2c4201aa0830640f2f30d62c819698df7cbdb1b47099

    SHA512

    82f644d76511cdb22811a3b7ca10a07fbb062c60b0df2e2d6d06beb8d9a6c8b0e98b3fa3c9a0c813eeb80a2cdf9116a9a159f5bea9775a00067167d82220a8c2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    92072c2ddfe93813f5f765a9b99ad4e9

    SHA1

    06b5117814d96e176d5d46fdea4e144d638d6eb1

    SHA256

    2d7cd99934ca2b6ee959f9d4e19ad4cfac1c8cac2115fc5c8416460eeeadcd87

    SHA512

    c614f4024bc45153067273ac48405e13b4f0ba953b85447ca604f681003224c4e20ded55fa3c3c579a2f9c0885ac505d39b890e4cecffd6f449ea89850cc9448

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    60f70cd55efcb96f5919c6c04cc7fac2

    SHA1

    ceb72dfd0fc63d3ad84a74c7ecdf49044c27b3eb

    SHA256

    04d5024e34e3fce8026451fed99b0c862c34154b73ac787fed978a07027de023

    SHA512

    ca2bfcb403d33e705dfbe75bba39ce63b23aed22b235f07587082fbcd57bccc8e569d5872a1d014d8194f243b95db47fb75ef34efdaa7565137eb90200460a37

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6f2d9c9af683c175a0e4a1797fd542c0

    SHA1

    441c25aaba950dae73fa257e6e0df5973ab2e25b

    SHA256

    6aea62a4fcb5d91f7d6b15ba08b8a5c8458ee517a211d0ba51f7341cb7eaeb75

    SHA512

    154f3db8121dbd7bf031dfd2fdfee5d11295cc3ae20cb08b906e4abdb58a27f700db21e7d9c94401475077c3315a55b94cd36d4679dae8a1602881aa557a1b47

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eb31d49f0148a1db9a676a2eab9e61eb

    SHA1

    62a8ae6f133a660a7802be87410b384736704f94

    SHA256

    66eb2a08672ba6d88835f6661b70a5b1dd98ff371f8e63fe6248a14fa6f6ae15

    SHA512

    8d384b963f770a23e61364127ed65999f5966c39c0e79b9e4b484ab9417842c7a4f825a80eea1bc7ff745c252cf7eee62b4870a6d650b1d52fb51b83d22cd03e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cdef55058b22dcc1258867c232d1a47d

    SHA1

    d1fe4cf5974a3659f9da572a973128713a781838

    SHA256

    beace8132ce292ab7b650a5c4854e00431e5f37537cdc00c9fbe89dd41cafd20

    SHA512

    ec0379e1d2d7c6c7fc49ded3d02153203100c476921cca98587e98800a618e22cc4d7a5ab0f3b6900110efd840e2b12e9281dbd7f922a4489e4970a62462597d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b7bd270e6dd8a7ab076d6ebdc51087a9

    SHA1

    cf6bf90eea8f37a32b7feb671ac8a75d558641e3

    SHA256

    d807fbe1671f79ed3fb048b4042e661924ca75201935608f4789a92fd9452776

    SHA512

    8a1accc0b7c70a7ec942731b43c4f9fc4a50f0d7c7ade8907683745334f5c3af147c78c3c7f9d017bbe1e88332e191fb64045c505e1751b815b8018af605e03f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    177bdce3e0a5451acdac329069447d29

    SHA1

    04ca0d57810c06decbf77227c4b9d314fa16e06f

    SHA256

    8e252baca5f22a6219ef1e6f9d45cf4bcf6f83dadfabf10da5c9269b3564dfb5

    SHA512

    4518d73f3fedbcda8827e8469e0178eb7df08066a342336c57deb059565154a3cd3a6134a5bea9f96839e78cbe31da8d3504267ac63ed067e956baf1cad31d8a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eca8c3526457cc0548cdcf6bfb8b3782

    SHA1

    2deaa4ccd2de1efb9705105e73a8d284e8f7f643

    SHA256

    6dab6fbf9858b34d0c858eb51ab57bebd096d7da3b82aef4d90ef35090e1f99b

    SHA512

    33a76e7e0ea25cf48a901884127c50ea612e9d885dcfd749eb04eb138e5972d2e03a0ab4331a8ac4aca3f2dde106323af2f0aa1476007abc92662a4a769e8e7b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3c86a59864ba29db766caa3bf1a9fb7b

    SHA1

    031c25bf6fdcfc9f390d517508c0a44460018c7a

    SHA256

    d676c1be1cb126203046060c58665e8d03fb929157a5e19d8e5b2d4cc7768279

    SHA512

    596fcd95e21846d70c60c8cbf920c34bede6f05c88a96cdaf76867607882545ce377e36103d83c5d32c77d008af748a3c61331b8ba65368f81414c268b6bd0e7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a51a26a9c9d4f2106d5976ab87ebe89f

    SHA1

    9e184a0a403843c121826c20dbc5f655d92719df

    SHA256

    2ae9489326dd3ea4b3f353eefb01a68e3c0d13ff48fce8baa4f9bb47dec00188

    SHA512

    3140d79b08a8d004b6e30367faa13be802d699e8fb0e9385ebb6baa1e3498871fda96008f033477c37dedcf7886c94d331fa2bb15f38e46c53d44e596a596973

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e821a9497dcab3162aee440e8086fd54

    SHA1

    1b248817ce248bd708b57bde3c10448d59b988eb

    SHA256

    668c19cc7b1011a414af403d4aafd19fabcf4dc656f7f78488ee963bb0259b79

    SHA512

    d3ff64540b0b828906efdf8d606d2b8c7979379ad60f9145b10f5c1a6e83ab6cb81a2af9aa358d3c4327b6a39bfdc34a631b27fd260c94cd65ba4f34dbbaf15f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8B41.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8C2F.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit