Overview

overview

3

Static

static

1

question/e...tor.js

windows7-x64

3

question/e...tor.js

windows10-2004-x64

3

question/e...t.html

windows7-x64

1

question/e...t.html

windows10-2004-x64

1

question/e...r.html

windows7-x64

1

question/e...r.html

windows10-2004-x64

1

question/e...ger.js

windows7-x64

3

question/e...ger.js

windows10-2004-x64

3

question/e...h.html

windows7-x64

1

question/e...h.html

windows10-2004-x64

1

question/e...e.html

windows7-x64

1

question/e...e.html

windows10-2004-x64

1

question/e...k.html

windows7-x64

1

question/e...k.html

windows10-2004-x64

1

question/e...a.html

windows7-x64

1

question/e...a.html

windows10-2004-x64

1

question/e...e.html

windows7-x64

1

question/e...e.html

windows10-2004-x64

1

question/e...e.html

windows7-x64

1

question/e...e.html

windows10-2004-x64

1

question/s...dex.js

windows7-x64

3

question/s...dex.js

windows10-2004-x64

3

question/s...ype.js

windows7-x64

3

question/s...ype.js

windows10-2004-x64

3

question/s...ser.js

windows7-x64

3

question/s...ser.js

windows10-2004-x64

3

question/�...��.url

windows7-x64

1

question/�...��.url

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    28/06/2024, 05:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    question/editor/plugins/wordpaste.html

  • Size

    1KB

  • MD5

    bb5aa523d25e931a2e92f408e8aad17e

  • SHA1

    f874a7adb8186fd9f786f8850eba7bcc39cbbc2f

  • SHA256

    c56a8105807ed7a1348c8e93ad77931c262ebc7011acd00e797f355e958c52e5

  • SHA512

    78bb7029fb3473ff8768119a75b46ebb85d09aefb7bcc291c66c77c04ddc163b761b8d3a907c90528e244eb8d907ac3b12dcb8dd76abb4a50c0bd6b38266e439

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\question\editor\plugins\wordpaste.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1428
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1428 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3016

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    13727dd4e4409448d9ee34a3af2b3ba4

    SHA1

    c72e01161cd3df3652c6ebedae1d1e9e8ebd05c5

    SHA256

    cec5cf7f65b7004ec4c9978f8a0b845bb9ee19c903297e61ce9da08b75663eea

    SHA512

    5030204d1e29f9f132997d6d1ffb674dc83d4c35fa162507ed0a004c0f166781a37f9d90aecbdb343ffc6a69d4924853a250607d761aa2094fb03b1fbed1c9f3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6a64b299195e0ac2c8240834aa95f180

    SHA1

    9d628041b2c723d251f8a61c518d5e73a6af4c38

    SHA256

    680cf8d2f39e2b7011819f40613ce93bc931d1fb8497ada49b18a32c5f3bcf7c

    SHA512

    6768d429cd9aa2029b178da91b290301b0815837884b407325a91bf9782f3e151eeaa8ae9290685e2b8786a6c42dbf5ba7c6ef895d93ed987ea08b77b90ce8f9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0d8c6793f2c4101792192a6b2f023bde

    SHA1

    c95ca57cfa7ed7d290468a10935c4208c7ed1938

    SHA256

    4534abbde4091a2b525fca074d0ff078a5e0db59b0223b9966759d8b22ebca5f

    SHA512

    2e3c554376ae0bc695e4ebebea58a028f4ea0dc01207f58012fccd83ffd095a6bd67c734964cc4806c4a6009bb5ce3f2cdce2298f15150edb45903d3e5d63c20

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1cc9ee0d222ee2b8f76d7c061af13e29

    SHA1

    05ec896868f7548dbbe8fd53aad080fd08aff5eb

    SHA256

    05ba8b79fa0a92812b74d2e63d3b2ed39958a069821887d2752707d24e0c8442

    SHA512

    a3c311c588f37b651f79d164219079952bb45eb1a4b6ef8978236166d1a29682a361a1241dc59096796d9365cda8a2e2e300823356cc9145dd360806aa9ad0e1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ba3ea577bd571d54372d902b0193323b

    SHA1

    2f10b08af15acb0e4817a60cc699e5c19736a1c8

    SHA256

    cd02d423d2eb02768f2da44f1e8bf534997769394a9d336d301d3b6d2f7aec2a

    SHA512

    905a11138fa90692e1c231aa585183fad0d8928fcf50865ed0705eced09ce1abdd47c56b7d9e88b976a1f23a4e875f9975155e3f4e2e9ae65a809dc106eebe1d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1977ab44e0fd6fc40b989cc49f2e55e2

    SHA1

    4a1029918a73d3f3be1a65cec7d62602be7469bd

    SHA256

    f2b4ae44a2dc9e686c65c599675821dc39b328373597b6f9522337a9c4d0a8ea

    SHA512

    22b3eae4204771fd657f87372f0c3a72445fe31119dc5c0fec28bc48a3842649f5affb41d74d067fe62a8b4baa34a1f4acfc43a87888c286bd3deef2d2535e49

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f73f3c9f1bae0da8b6317198ba4c7389

    SHA1

    07b97ca1865f1f79c36ae36784e1c26d1311f2cb

    SHA256

    327335599725ef7775f595bc4933d3b969d7945ccf808c1fe3956767f64113d5

    SHA512

    d84134f2bddfb3d34802a1dbf31034a872fbe002a2ba2fb0f2c0c36a29c134b1ffefbc4c86fcb0e603fc1d9932595d00b22d9726957afdb13d780c8eb08b68ca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    44a8926922df5ef17a75ebff9d26fb30

    SHA1

    86bdd8fb4eeaff0033232f27a7ae10e7c7b99aef

    SHA256

    1243f464000a64e57a46534087c4ee737525ffe344c462a4a0af2389db658599

    SHA512

    8f34b39b19e22b71cc3cd96e7be9ec102443199198fdc90b847d875baed8579a2e9eae6bd3cfc974a36a49bd12d5ff1649429b0fe4878ea71990b8208de4bd99

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    831b4dcdfaf3325ad50677531c5a57ce

    SHA1

    f50ab150a39a7175e6a4417f43b569e961529294

    SHA256

    dffb5f62c4d87a168b57b50509ee27aa2dd27c3c8c1621be8a132038730d3425

    SHA512

    999ef48a2ef745ebe0c23d130eb0ab0efef4cebd66a28fd88c833cc18970a013df386e77066ed0025b7de8d8859fee7204d4b13ee789aa6b074772fba5724721

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7c181f20ca0d427f3cc8ded826a8ddb1

    SHA1

    a4d0a116d8b5dadd6bb3107042cba38d0f0b242b

    SHA256

    118f1805b5b33733b5e84035c67e42b173b655c0ffe725f0e8992e5a7e278c7b

    SHA512

    b18676291d1c27f937ce3cc13857c6f3373b06d3b12e34945bbec7a2351a00cb437df4dcca31c9ad5bcc8bfe3292972e59ff79a70216b47ed0b7094d91412dde

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4013a88ca4a7a75a3b952048de4ef4d2

    SHA1

    788e597b765ef9d22c01ae9bcaece8b96ead3046

    SHA256

    08297aa71d300f32a110752f01dd5368a3b6134f1300332a92b5324c1fe9d3d6

    SHA512

    4d265d89ee33be142ff8c8a8667b36d06140cc7d1a6eabee3c6cfb7ff84b47be3c5f41dcdeddcc9346b11ed29ffe1831a878f109a12ad5b70c470942f04773e6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    65591fa3bbf00f4407c3653e97ca34ac

    SHA1

    aae1c883747d71c5f6626f4fd54bf3c3511106d1

    SHA256

    4bce4c0781401a339dcb9508367ee2088fa03bfaa47119c94c24ef96e27b0e71

    SHA512

    afe9b01e159c2e88ad72147c2c4debc295621a05e3cd87f866eb003db8a0bb3814d16df5ba6ee14d779a046cef3454263460da07f122f45a6e2424f7962c6811

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    70c35389f08069e5779141ad9e5e27c9

    SHA1

    50b72f9abd30ad8b2b714777d819bc7debb06795

    SHA256

    882735dafcaf451fff34e89932df42e74374fad68dcbe59534878c7fb726ad43

    SHA512

    f8be3b9a35150b5d21551efc2fb158426a4a3d57e75af5c81b9ae98debec610a35646da15b7c5f30203fe54f9d47f22b9965e89bc25f9eccd79a6e71d339cde6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    decd70c65d093abe77dee3239f330904

    SHA1

    7d278e632f7d3dbd1e7c483e56491b2ac734163b

    SHA256

    14f7efe411c85324e2a9d0c998e504a225031d316a3bd67056d1b8c2646522d6

    SHA512

    7a59ccda47554d20cd49df72ae3e286915192ee73dea4222559985bd2bcdfdcf785ddbe7e839b31ccc799a94702e6e08d3a74b694899962d5e1fbbe47c878a38

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    64709c889aef0e2ba308da53f1ac2529

    SHA1

    e10077c19affb0d5d6faf3b0147a5a7e212c27c6

    SHA256

    6c5229d796bab5faf99d5e3b10b0b09fface1603e37d472e73c00355282aa0ee

    SHA512

    4f4eda8df5530b769779481d04e754a77ff36ffa1a030027d5193799b5cf7fb111730d7e0fb5059c703b67b289177fa948986bf33474c1a6b90578bb88a116d7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    26711159aac24938dcb9186fb50dc411

    SHA1

    1db145a59a4fa7bf407d04453176e8add3282cb5

    SHA256

    5ee1ea9370de216728283f02245ca8512335b7dce403cffe1304b93a9dfd5bf5

    SHA512

    1438f07f0b01be3ff64c14ff22e0d494aea29c6a8231a0e60dfeebc6207e888fe9babf9bcdd5df1de3297b2530fd62b5e70a107700f75e1434781b7b5862e349

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    98d250645cdae8f8eb95ca3fba59e7a2

    SHA1

    733b65e7e7e64e970e82b749d522fa37585d55f3

    SHA256

    02f92f9f04cf2a19452e62f957aec6f9affc6342987c98e6fde1eda37dcbe49b

    SHA512

    c9a8f93b1767bfabda36cdd083533534aa5d579e3bf25f3e08b499681b562c2dba4b9ffd7befa40496ff422d3db7c61cc5a74ecd8a8b67ef6f842676c30e3023

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    95bd68530bda1893e425977fb6f8cc61

    SHA1

    2d8a9947d7f9141ff0c1c05c79fa876b80145893

    SHA256

    afdd3b3322502d6d75aba8b7cabf9c54ae8b394e9a0299e3324382b17a40a3e4

    SHA512

    aa1bff94b8907c794c9ccc5ea0cff25017d94bfc6a100cb4880971107c199e3a47dca1d042d89bce78bbd162255e2289ca606209860890d54173198738ea8af9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab4ECF.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4F52.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit