Overview

overview

3

Static

static

1

question/e...tor.js

windows7-x64

3

question/e...tor.js

windows10-2004-x64

3

question/e...t.html

windows7-x64

1

question/e...t.html

windows10-2004-x64

1

question/e...r.html

windows7-x64

1

question/e...r.html

windows10-2004-x64

1

question/e...ger.js

windows7-x64

3

question/e...ger.js

windows10-2004-x64

3

question/e...h.html

windows7-x64

1

question/e...h.html

windows10-2004-x64

1

question/e...e.html

windows7-x64

1

question/e...e.html

windows10-2004-x64

1

question/e...k.html

windows7-x64

1

question/e...k.html

windows10-2004-x64

1

question/e...a.html

windows7-x64

1

question/e...a.html

windows10-2004-x64

1

question/e...e.html

windows7-x64

1

question/e...e.html

windows10-2004-x64

1

question/e...e.html

windows7-x64

1

question/e...e.html

windows10-2004-x64

1

question/s...dex.js

windows7-x64

3

question/s...dex.js

windows10-2004-x64

3

question/s...ype.js

windows7-x64

3

question/s...ype.js

windows10-2004-x64

3

question/s...ser.js

windows7-x64

3

question/s...ser.js

windows10-2004-x64

3

question/�...��.url

windows7-x64

1

question/�...��.url

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    28/06/2024, 05:17

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    question/editor/plugins/file_manager/file_manager.html

  • Size

    1KB

  • MD5

    f6551aa34ea3461453298bd40aa0d614

  • SHA1

    58f993b9f7baa4ce4f753ba4ceea379d31f24961

  • SHA256

    87c4cf0bdbc36c0abcc6053325e8ce320599ae02df6e0a397821ca6ca005335c

  • SHA512

    330ff96750c74d0994d12ef854fc56d41e1b597efcff974e111262ef34d835c5d4f309b6d61ed0b733a4ca1728faad4008a462cbe9155a095546f2268ee97c51

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\question\editor\plugins\file_manager\file_manager.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2160
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2160 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3068

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f37f592dbecb69914dba952e20cd495c

          SHA1

          8d1a47903d146f59bf27c6f1cedddaefbd4899af

          SHA256

          2ee221899c4373d6193421f248ef9dcaa46f0578a3adca9ffd9fdb2a48985e67

          SHA512

          d01923e458afad482b624bc4de469e009377b473a3c95ac4d78ed5498746fa68b325d8d30f9d731e03f850a900fae68176b947cf62ab3cf37ec5dcb550ba6ad6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          3610692734a67b4f436ea0b009802bb9

          SHA1

          10b8ddb32c3a124527cf67ebfa7c63e234209147

          SHA256

          8cdc464283cfa54f9cce3b4d26d724c6f272f0cf7a69cb0d7aa4e36b5fb28f27

          SHA512

          143daf4ceff3e00a16f48fa12a42eb2b7b448d1552fe9f8e0ed57b03b76759d957240c9630a63f343e5afc3d42b5d247d660759eb9f4e12db8910c2c9c56b0fa

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          fc08c91b5a3237876d5e6e4bf01b556d

          SHA1

          87aed4a19b2f79ff492a4d4c0ea8592a52e00d6c

          SHA256

          dbe3c47f667d42c7c964efcb80727f69cd634b33b1a9a096c84c32cec7e0bccc

          SHA512

          089f4067d4f08c1f5406bfba65e1c049aa9b16dac639269162424e25ad4ded7a261ce28e7f27103b1c3a7b8910eed2890621a8ed4c34ea2570ee32e0c2cd2e22

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          0cce34c592c3cbd969aa1669fea0d7f0

          SHA1

          8cdc6294502009f75422d36a0ce1a526d680fc00

          SHA256

          b0ee0f3744b612a48752019c2fd43267359d909b7156e410f899f5df23364e07

          SHA512

          273bc48f3c813703cc0044aed9a0db4f1837ecffe318c53173e84cf5a605b85b4b8b4223bd5c987698c9631a0951ffc914b9f89678b109fcb0aceeba18004267

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          07c504901eb52a68775a1273c8de6163

          SHA1

          6a68310de8c47742a770c2a04715b8c03e476106

          SHA256

          d58b5afe3429ee8675fdd76ae77e006a7de64d6b061d179d009c5bb0c93b5c8b

          SHA512

          4a021cd64c27e1267ab6f56bc3c7443dd0fb61e18fc865679d24070a26760b2b48e76676e741f3c89647fa854687fe5d13686f0589714889b77edba7614c4b42

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          005d214d9dd2fd6867d46e53ba479230

          SHA1

          31169f0fc638d465600824c19836b263db045864

          SHA256

          99522ae8701f52fc653cef2de9faacc35e0a8ed7dea960586a6b017188d6d4da

          SHA512

          260b18140243c79138f2d02fd2388da73351d410c6540e3bdb5dcb701428562576e6a5b5007c40deb26c8fc5649d0114b7b5177d710b19b8881436898cdc1b4d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          c0d22936806485a0d543a73c0677d069

          SHA1

          23f47bade7856542900b4e7c672ea7902c1c2322

          SHA256

          3c4d1640129860743a7be4690b484804065d600ff839342c1206f52f569eb212

          SHA512

          37358374fe604d45f023ce32f31d9fb24188142385b70b8c470eaebf1c3d0507cff637859d7dfa658cc9eb9138aa5d8aa939987e1f8c1a9e83abfc696ce3213d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          109f3ac00c3909fab01f1b37820e4f69

          SHA1

          e1b02122d91283809aa6f9145c5e4e9712a50a3d

          SHA256

          89e8d3d5227b623e05d5eb670625f4b8b68ba804405ccea60a61da94408206ab

          SHA512

          0a229eb64d4de3f31d7819a712ad8637f69006f5046aae8c60e8283c404e8bc65423fc201eba8c4c14da73bc6c6d8d8a370855cb9e1c3904f8f69216482dd5b6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          5985926409ce0d9d0d0f5ee48818f941

          SHA1

          3513ac785ea18580e970d10318ea201e5a1cfb47

          SHA256

          ab2d9a16063e918e62b76abf3dc51e3f39ae858b8a9cc3f7331dc57bcd8348de

          SHA512

          552c279e66fcd73dc961772b0db4a8ad8a5713890802efe41fe60917f00af9b96a371fc2cd4e43a0049771441733bfed20a6f60d0bd0e0ccb673e875c542b248

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          100f8f68e347577dbd6166e33925239f

          SHA1

          eb1c64d912d8a452271713357b2b7e6026cca2c5

          SHA256

          d98b382994ab81ce829ff4c864f3d19531ddb9bc86c194cfd6fbd7ce123672c5

          SHA512

          45fe1505adda47caeaba83e2770e5ca60aae02f25b742f135f336f422d5eb22b7c0807ea8acd7c231009dda90d810353e99463726dd5b99098e1ed95d04ff13f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ab224b4d0b00c149e4ecde3a48a1d0d9

          SHA1

          f11d8b98fa46f214b4971aff52a0dcc8d8f3ede7

          SHA256

          627983b497cc786de38e6395068c25f60f71cf6f1e541be44dcfa21361b52e47

          SHA512

          e27bef928460dabc06c1ccc93911cc8fc68915eaf44d154e86ca7df0db0300de53aabb0c5cacbe34e1a04592d296326a07e625564c109ddad0c4ec0bc24e0e91

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          4f0b96b13dde8ad0c602de09b3a28859

          SHA1

          59b739ef3fce34303e87da3b9ec53353060f02b6

          SHA256

          550df1828b588f3f55712335b1a2af651d4d960cdc6d91a0b57e0b766fe11d98

          SHA512

          c0d8d15d50a4c85404bd51f54c8fd31dc50c81d9d2604e4cef6fcb3a049511b080374822453821ee9654c08e936e5e9c12b7d1fa4cf7c34ebb827d274235c994

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          18fbd0ce9d081a0a083d9990e9898595

          SHA1

          d165aac55e823ea090b526af3b0f8f63c6f2c4cf

          SHA256

          cf8b223855aa260063568cb42861a8dde5ef192848f7885e7af14741894cb361

          SHA512

          ef90c7288f12679282952eefb7bacc65773ddfc8c26cda783389fe0b662574560aea41d7730230b3c06e3c17d974852d26d9ac9fc1a388860f1b88dfda722aeb

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f756410382172b0e83e34ca3f999f444

          SHA1

          9a3c10b453f73adcefe379109319f3cd8d9c041c

          SHA256

          e60aab41536b6dc237782443bde3941a89607ab016b64c86f05acdc76daf66ae

          SHA512

          93c9554748ebbedd7c35150e8a88a2562c6caf94a7f985f6475aa401ccb0a5519c4464704426574f3ebba451d10717f339c7d1831b43209fac4e662c5ddf4f4b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          21a426ae4c9488b68bbe977b9724a73d

          SHA1

          b5f71b59fac2da682d4eb4ab135a1ad4d4c535fb

          SHA256

          f7d1015ff19b08f2b1721128ff3ce4ebdb5ae16e3c7e867f4fcb2a8a96384585

          SHA512

          9d0b9555095479c2981388cb5d320e7b1f396c61c7cd19f45838c01cc8a688256f9bd4bf1c65d0e187e80cd5f67cd5d7e4cae85ce12935182ebda23d58f85060

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          717a7d5182b02447330c92732314fbdc

          SHA1

          a1c4c5f2aaca79710583a02a9697448370c2f55e

          SHA256

          ed23988bcf4328b21af447f74af751d9cadfb7648a41c24fb6f95b57278eb61a

          SHA512

          27a11f6dfecfcab57a56b03a8cd2c5af9ff67bcdde69cf7b00d2b4e6fd8b6e82932a44fc71883e0c39ee5af629ddcf62a7954257c0985fe4267f0398d4d66e29

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b018bab90aeb56681d113f56b3820ff4

          SHA1

          7bef55ffefb99012bdea7ac46f60c55c55f068fb

          SHA256

          e5d4e67fe6f5962af2c6ed603f2696bafff678ecd5364c86d866f467115ae3ae

          SHA512

          7b2275f5cb16a048b5347b22fcf8994d032634075231b5dc1811fb48fe313dbe27d903a7f82891b0926fbb24be06cd6c6c520af153f9829cdb97305daff37177

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab39D8.tmp
          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar3B36.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit