Overview

overview

3

Static

static

1

question/e...tor.js

windows7-x64

3

question/e...tor.js

windows10-2004-x64

3

question/e...t.html

windows7-x64

1

question/e...t.html

windows10-2004-x64

1

question/e...r.html

windows7-x64

1

question/e...r.html

windows10-2004-x64

1

question/e...ger.js

windows7-x64

3

question/e...ger.js

windows10-2004-x64

3

question/e...h.html

windows7-x64

1

question/e...h.html

windows10-2004-x64

1

question/e...e.html

windows7-x64

1

question/e...e.html

windows10-2004-x64

1

question/e...k.html

windows7-x64

1

question/e...k.html

windows10-2004-x64

1

question/e...a.html

windows7-x64

1

question/e...a.html

windows10-2004-x64

1

question/e...e.html

windows7-x64

1

question/e...e.html

windows10-2004-x64

1

question/e...e.html

windows7-x64

1

question/e...e.html

windows10-2004-x64

1

question/s...dex.js

windows7-x64

3

question/s...dex.js

windows10-2004-x64

3

question/s...ype.js

windows7-x64

3

question/s...ype.js

windows10-2004-x64

3

question/s...ser.js

windows7-x64

3

question/s...ser.js

windows10-2004-x64

3

question/�...��.url

windows7-x64

1

question/�...��.url

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    28-06-2024 05:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    question/editor/plugins/file_manager/file_manager.html

  • Size

    1KB

  • MD5

    f6551aa34ea3461453298bd40aa0d614

  • SHA1

    58f993b9f7baa4ce4f753ba4ceea379d31f24961

  • SHA256

    87c4cf0bdbc36c0abcc6053325e8ce320599ae02df6e0a397821ca6ca005335c

  • SHA512

    330ff96750c74d0994d12ef854fc56d41e1b597efcff974e111262ef34d835c5d4f309b6d61ed0b733a4ca1728faad4008a462cbe9155a095546f2268ee97c51

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\question\editor\plugins\file_manager\file_manager.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2160
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2160 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3068

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f37f592dbecb69914dba952e20cd495c

    SHA1

    8d1a47903d146f59bf27c6f1cedddaefbd4899af

    SHA256

    2ee221899c4373d6193421f248ef9dcaa46f0578a3adca9ffd9fdb2a48985e67

    SHA512

    d01923e458afad482b624bc4de469e009377b473a3c95ac4d78ed5498746fa68b325d8d30f9d731e03f850a900fae68176b947cf62ab3cf37ec5dcb550ba6ad6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3610692734a67b4f436ea0b009802bb9

    SHA1

    10b8ddb32c3a124527cf67ebfa7c63e234209147

    SHA256

    8cdc464283cfa54f9cce3b4d26d724c6f272f0cf7a69cb0d7aa4e36b5fb28f27

    SHA512

    143daf4ceff3e00a16f48fa12a42eb2b7b448d1552fe9f8e0ed57b03b76759d957240c9630a63f343e5afc3d42b5d247d660759eb9f4e12db8910c2c9c56b0fa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fc08c91b5a3237876d5e6e4bf01b556d

    SHA1

    87aed4a19b2f79ff492a4d4c0ea8592a52e00d6c

    SHA256

    dbe3c47f667d42c7c964efcb80727f69cd634b33b1a9a096c84c32cec7e0bccc

    SHA512

    089f4067d4f08c1f5406bfba65e1c049aa9b16dac639269162424e25ad4ded7a261ce28e7f27103b1c3a7b8910eed2890621a8ed4c34ea2570ee32e0c2cd2e22

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0cce34c592c3cbd969aa1669fea0d7f0

    SHA1

    8cdc6294502009f75422d36a0ce1a526d680fc00

    SHA256

    b0ee0f3744b612a48752019c2fd43267359d909b7156e410f899f5df23364e07

    SHA512

    273bc48f3c813703cc0044aed9a0db4f1837ecffe318c53173e84cf5a605b85b4b8b4223bd5c987698c9631a0951ffc914b9f89678b109fcb0aceeba18004267

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    07c504901eb52a68775a1273c8de6163

    SHA1

    6a68310de8c47742a770c2a04715b8c03e476106

    SHA256

    d58b5afe3429ee8675fdd76ae77e006a7de64d6b061d179d009c5bb0c93b5c8b

    SHA512

    4a021cd64c27e1267ab6f56bc3c7443dd0fb61e18fc865679d24070a26760b2b48e76676e741f3c89647fa854687fe5d13686f0589714889b77edba7614c4b42

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    005d214d9dd2fd6867d46e53ba479230

    SHA1

    31169f0fc638d465600824c19836b263db045864

    SHA256

    99522ae8701f52fc653cef2de9faacc35e0a8ed7dea960586a6b017188d6d4da

    SHA512

    260b18140243c79138f2d02fd2388da73351d410c6540e3bdb5dcb701428562576e6a5b5007c40deb26c8fc5649d0114b7b5177d710b19b8881436898cdc1b4d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c0d22936806485a0d543a73c0677d069

    SHA1

    23f47bade7856542900b4e7c672ea7902c1c2322

    SHA256

    3c4d1640129860743a7be4690b484804065d600ff839342c1206f52f569eb212

    SHA512

    37358374fe604d45f023ce32f31d9fb24188142385b70b8c470eaebf1c3d0507cff637859d7dfa658cc9eb9138aa5d8aa939987e1f8c1a9e83abfc696ce3213d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    109f3ac00c3909fab01f1b37820e4f69

    SHA1

    e1b02122d91283809aa6f9145c5e4e9712a50a3d

    SHA256

    89e8d3d5227b623e05d5eb670625f4b8b68ba804405ccea60a61da94408206ab

    SHA512

    0a229eb64d4de3f31d7819a712ad8637f69006f5046aae8c60e8283c404e8bc65423fc201eba8c4c14da73bc6c6d8d8a370855cb9e1c3904f8f69216482dd5b6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5985926409ce0d9d0d0f5ee48818f941

    SHA1

    3513ac785ea18580e970d10318ea201e5a1cfb47

    SHA256

    ab2d9a16063e918e62b76abf3dc51e3f39ae858b8a9cc3f7331dc57bcd8348de

    SHA512

    552c279e66fcd73dc961772b0db4a8ad8a5713890802efe41fe60917f00af9b96a371fc2cd4e43a0049771441733bfed20a6f60d0bd0e0ccb673e875c542b248

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    100f8f68e347577dbd6166e33925239f

    SHA1

    eb1c64d912d8a452271713357b2b7e6026cca2c5

    SHA256

    d98b382994ab81ce829ff4c864f3d19531ddb9bc86c194cfd6fbd7ce123672c5

    SHA512

    45fe1505adda47caeaba83e2770e5ca60aae02f25b742f135f336f422d5eb22b7c0807ea8acd7c231009dda90d810353e99463726dd5b99098e1ed95d04ff13f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ab224b4d0b00c149e4ecde3a48a1d0d9

    SHA1

    f11d8b98fa46f214b4971aff52a0dcc8d8f3ede7

    SHA256

    627983b497cc786de38e6395068c25f60f71cf6f1e541be44dcfa21361b52e47

    SHA512

    e27bef928460dabc06c1ccc93911cc8fc68915eaf44d154e86ca7df0db0300de53aabb0c5cacbe34e1a04592d296326a07e625564c109ddad0c4ec0bc24e0e91

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4f0b96b13dde8ad0c602de09b3a28859

    SHA1

    59b739ef3fce34303e87da3b9ec53353060f02b6

    SHA256

    550df1828b588f3f55712335b1a2af651d4d960cdc6d91a0b57e0b766fe11d98

    SHA512

    c0d8d15d50a4c85404bd51f54c8fd31dc50c81d9d2604e4cef6fcb3a049511b080374822453821ee9654c08e936e5e9c12b7d1fa4cf7c34ebb827d274235c994

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    18fbd0ce9d081a0a083d9990e9898595

    SHA1

    d165aac55e823ea090b526af3b0f8f63c6f2c4cf

    SHA256

    cf8b223855aa260063568cb42861a8dde5ef192848f7885e7af14741894cb361

    SHA512

    ef90c7288f12679282952eefb7bacc65773ddfc8c26cda783389fe0b662574560aea41d7730230b3c06e3c17d974852d26d9ac9fc1a388860f1b88dfda722aeb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f756410382172b0e83e34ca3f999f444

    SHA1

    9a3c10b453f73adcefe379109319f3cd8d9c041c

    SHA256

    e60aab41536b6dc237782443bde3941a89607ab016b64c86f05acdc76daf66ae

    SHA512

    93c9554748ebbedd7c35150e8a88a2562c6caf94a7f985f6475aa401ccb0a5519c4464704426574f3ebba451d10717f339c7d1831b43209fac4e662c5ddf4f4b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    21a426ae4c9488b68bbe977b9724a73d

    SHA1

    b5f71b59fac2da682d4eb4ab135a1ad4d4c535fb

    SHA256

    f7d1015ff19b08f2b1721128ff3ce4ebdb5ae16e3c7e867f4fcb2a8a96384585

    SHA512

    9d0b9555095479c2981388cb5d320e7b1f396c61c7cd19f45838c01cc8a688256f9bd4bf1c65d0e187e80cd5f67cd5d7e4cae85ce12935182ebda23d58f85060

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    717a7d5182b02447330c92732314fbdc

    SHA1

    a1c4c5f2aaca79710583a02a9697448370c2f55e

    SHA256

    ed23988bcf4328b21af447f74af751d9cadfb7648a41c24fb6f95b57278eb61a

    SHA512

    27a11f6dfecfcab57a56b03a8cd2c5af9ff67bcdde69cf7b00d2b4e6fd8b6e82932a44fc71883e0c39ee5af629ddcf62a7954257c0985fe4267f0398d4d66e29

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b018bab90aeb56681d113f56b3820ff4

    SHA1

    7bef55ffefb99012bdea7ac46f60c55c55f068fb

    SHA256

    e5d4e67fe6f5962af2c6ed603f2696bafff678ecd5364c86d866f467115ae3ae

    SHA512

    7b2275f5cb16a048b5347b22fcf8994d032634075231b5dc1811fb48fe313dbe27d903a7f82891b0926fbb24be06cd6c6c520af153f9829cdb97305daff37177

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab39D8.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3B36.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit