Overview

overview

10

Static

static

1

HTCTL32.dll

windows7-x64

1

HTCTL32.dll

windows10-2004-x64

3

HTML_Obj_list.html

windows7-x64

1

HTML_Obj_list.html

windows10-2004-x64

1

PCICL32.dll

windows7-x64

1

PCICL32.dll

windows10-2004-x64

1

TCCTL32.dll

windows7-x64

1

TCCTL32.dll

windows10-2004-x64

1

client32.exe

windows7-x64

10

client32.exe

windows10-2004-x64

10

msvcr100.dll

windows7-x64

3

msvcr100.dll

windows10-2004-x64

3

pcicapi.dll

windows7-x64

1

pcicapi.dll

windows10-2004-x64

1

putty.exe

windows7-x64

1

putty.exe

windows10-2004-x64

1

remcmdstub.exe

windows7-x64

1

remcmdstub.exe

windows10-2004-x64

1

Resubmissions

29-06-2024 23:51

240629-3v89bstaqn 1

29-06-2024 23:50

240629-3vnbvszbrf 10

29-06-2024 23:44

240629-3q9paszbld 1

26-09-2023 13:19

230926-qknhnahe4s 10

Analysis

  • max time kernel
    118s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    29-06-2024 23:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    HTML_Obj_list.html

  • Size

    2KB

  • MD5

    71274b421d3cd7646b01f3b9d470d04c

  • SHA1

    47d5fd4647a5948f1a00871f6ed0dc602230b642

  • SHA256

    c72222d06efcde95006dd8e5103ebc74c9a7d0d0d1aacdf62a7e9aaa4a13d1c5

  • SHA512

    ea237affda8714265d40edfe04b2f1b6ebba3eb0ced12165b831be12a1a89b0e9b87c43ff723da12323d31d497345ddf570c7a606cab8227447495800bbd486b

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\HTML_Obj_list.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2028
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2028 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2076

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    d3ad052df2c9cd6651d93c9146a8281e

    SHA1

    1ef059c9794ca73881d3688c725fdbc58af52697

    SHA256

    77ab9d64c6195062345409a0055629cc76c136a0647726670594e26e4d31f699

    SHA512

    0169a11edb75a1c831bb24182f9dfb75775f4e974d07b2dd5b38d16f660696e585216846cb7191ce53f23f4ac44d6228055ab921bba7edf5a832269b82a5c7c9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    41ca6ea3d5564b8197f5a7cda5ca77a4

    SHA1

    fcf73d96fa51d48264f40926bf94fa9dcec42b56

    SHA256

    762820fe619b4a8a8e8729cf84dda72a1e210b3112cac2ba1e0d48dd0096bee5

    SHA512

    eca40975a6586a7c1f671377c431c14e472e5348ba76ced2acf051676289f9e379ae5927ddaeb13fd63159d2910b8565ff358052e7599911d8b161263879af64

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    6fd0953b3c20ddd0d0a39f00216f1ced

    SHA1

    9331987a98c3e3bb2f010c9e75c32135ba32359c

    SHA256

    afcf200ee0778673b5a2dc154104b705987d15b2388474d93c9e6832235f7abd

    SHA512

    78a52def8fd7cad9a5f30c83820af85fc8e745a5f92c1549e6608ff61b108573a0681ef92e05091935962233ede29c732917af60fa5848bbfa46b5297c98b5e1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    93918bc628f29d571d894fc2b3fa7ecc

    SHA1

    454a157862043d142aef16770e74fcc490315937

    SHA256

    8c257c29608cde054a186142bd96032164e12ea3a7491a8c8430066ed98647dc

    SHA512

    f2957f23f5281f611db185f6b1c9f76d9d1a851f41d6cd50f31993fd1cd30dd1ec2fa317de20445f883da958ca0f61aff7d5dd1618a41da9bf1fe9748b1e1fbc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    ee1fda4926b42ea2953aa95e69c08b7c

    SHA1

    e683d454911c520dc122659f3048fa33ed63b134

    SHA256

    9e736858b29025b785a3b646bbd7e32a92753fe8f7ee85a7a09e62cb063af410

    SHA512

    4a3955e0d181ccde8f2e7f5fc07335ad403a13f537a5b3bb278ae0170a38fc93d587f026f98541a43ee2b055c9e9b51157066468205f4d07ef65661257cfd2cd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    0ca7dbe2a755c6361018cc48f64199a5

    SHA1

    1181cf1a2eb1349c42e97fdebb7184acb1b18021

    SHA256

    c45041afbdf517aa6d9dff77cc6918fd24e33a5093032df4cffa5403bb80efb8

    SHA512

    3db56943f5f3dd63a5a76b08be8ab521fb19a23a19f13e533b84b4ec0baf245254be536a88a2ff0f5b1f3273f981e1c6d29ffdaa84b6cf520e6fbaa3e92e9adf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    e37938b2fa1f111f4e25ef57f4dc0afb

    SHA1

    7352f0458e4d3177d9e38651b708a19ea4538c7a

    SHA256

    a52b3abb727901426a34af879fc5a13e2af195808041a208ee32331797b75899

    SHA512

    143d81da32033b352e750f3e331ac6df53cbb859b89e904c12c8878490087d193cc4c8458e5390038dca4f9b43591f8d03c383016cd1ec375a4459cc1d9b589e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    7e6fba62cd028ee497974d4f6315801c

    SHA1

    fcdeff213d782bd4d7136b398660823bf0ba1f7d

    SHA256

    d248639c8e90b36e8765a65ef78eefa627e560a57a4954eea1851c86b19c5a1d

    SHA512

    cce0658a04aa42604c9170d6a7f04b181f1f381b9cb40189e57bc5e5223c17112912ec456e4e2e0382b477aac113420b0e3cb4077fea59c006d7a097fb1f1f53

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    28113dec2a28a1aed22e5e9940dddbc0

    SHA1

    486958a65ffb11f7ce8e0a751d576ebe5e00204c

    SHA256

    3f56240780c472f46336336b48cc826abebacd41066859e777c9f2f03814797c

    SHA512

    9b82615f2e8af279ef858c39e3d1d6014bb113aeaca83860ec7d7e0441bcb8a773ff2f46524871048d10595f15cb1fcaf3065a4c083fd2e1e678d686d30c0b3f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    0319305fb2fc1e964ab4be5087da7c9e

    SHA1

    176a3b90c04527200ca89af5b55b11772f8ebd48

    SHA256

    760fbd57e5c0bbc0f3ee107e6ecb7591996c312b0cfe9cee46a86c056aa6b47c

    SHA512

    152aa97ae8975506e27e3f4b4c14bdf20d96281f12ec9a0df9970620aa381aefe15828b0114112188d19b6cc6fc2a96d98281b2c7c53f70c0ae061247ff82928

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    9ed0e3909f3acba03ffd4635c9d9019e

    SHA1

    1b28391cf8f84095c1e90df2dec4747d28e2cdf2

    SHA256

    97355708a4000cda82925e417b669f25e9b89f1241096ec0183fb719fd292f76

    SHA512

    a347d21bdd1789b1de43951be38bd231709a7643b260d22df4fc164a30ab23be215ed4f7849b386177bc36233a2df6b0070a3540744f3fbb3d70b552e54f7fb3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    e9f808261c4f406afbabe151a41f5a30

    SHA1

    b27d48eb1972038169e2cb3480517b4fdf4c1dfa

    SHA256

    af5633090e08502801092f58d1869123a22f2a4e559d3fe606d12aec45f2e8aa

    SHA512

    d347f91d4dbe63cf62231bfa32ccbf5889dbd2147d7ac64e4a818fe395d120835128125d951eb129874c2711a5ac14ae673d38c6f0e2d24d303bdb8eb910a4d6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2571.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit