Overview

overview

7

Static

static

3

VirusTotal...se.rtf

windows7-x64

4

VirusTotal...se.rtf

windows10-2004-x64

1

VirusTotal...er.exe

windows7-x64

3

VirusTotal...er.exe

windows10-2004-x64

3

VirusTotal...e.html

windows7-x64

1

VirusTotal...e.html

windows10-2004-x64

1

VirusTotal...er.exe

windows7-x64

7

VirusTotal...er.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

Readme.html

windows7-x64

1

Readme.html

windows10-2004-x64

1

SecurityXp...se.rtf

windows7-x64

4

SecurityXp...se.rtf

windows10-2004-x64

1

Uninstall.exe

windows7-x64

3

Uninstall.exe

windows10-2004-x64

3

VirusTotalScanner.exe

windows7-x64

3

VirusTotalScanner.exe

windows10-2004-x64

3

VirusTotal...se.rtf

windows7-x64

1

VirusTotal...se.rtf

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    01/07/2024, 08:44

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    VirusTotalScanner/Readme.html

  • Size

    476B

  • MD5

    226c61d7a8b446eb0ae5bb26cc83eb12

  • SHA1

    6f664946d408dac9959eb24b6f55f99871be49dc

  • SHA256

    b8bc121c95af50d8876da62687422360b033fd5c21481f3310f590f22c0ab4ec

  • SHA512

    a83af364260f6ae23e7f414ce1581c13807e68b1b1bcbd62b989a6334b4fbf371021630c89031a4978767d881e43c7e0ebfa8232328db8d32d89c888626a212d

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 45 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\VirusTotalScanner\Readme.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:780
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:780 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2296

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
          Filesize

          914B

          MD5

          e4a68ac854ac5242460afd72481b2a44

          SHA1

          df3c24f9bfd666761b268073fe06d1cc8d4f82a4

          SHA256

          cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

          SHA512

          5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
          Filesize

          1KB

          MD5

          a266bb7dcc38a562631361bbf61dd11b

          SHA1

          3b1efd3a66ea28b16697394703a72ca340a05bd5

          SHA256

          df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

          SHA512

          0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
          Filesize

          252B

          MD5

          07a6ba83daf8c23c0d63a824f6f95422

          SHA1

          ae102f280cbdd66999beebd89bf185f7b3a2d6bf

          SHA256

          09846f0752f47b8c4eef6dee45b9823ecf4467a55c8cc098c83c7bf2c24bd7f3

          SHA512

          84051722beca48b03e3fa47843ecf1578c4795516252e03b0fd41f4d2aa1d6343c8ab88ddb9227cdc4532cc262cda0be288f0bb4db95195ad2286e682925dda2

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          8416e95e41479ad76d31ac161b99b388

          SHA1

          ee3842257fee7cf8d0cd5916cb216ae539f2be91

          SHA256

          efc16abb9691b710835a23cbe334a1c6e949bc10b004ed934004cb4462fdeb9f

          SHA512

          6e165fa74cc39e38fa62ad866f1d299394c3af2addf77f93f41a97eb663ea6a380a0a05b253744d9d4dc0bce34cf8109dd19904e03a4fe1d2a88d34f76a214d7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          036fab94463d50a7d6af1aaa1fb50d9c

          SHA1

          42449277df08bbd91ae9d71f0ffa8465031f91bd

          SHA256

          23cd372a465a81f63064cb3cce734b05cbae82335c5fc128959b734411f9a088

          SHA512

          c1a992de69fb1b73535f1795b4e84aa9a0f5ff46c5ab90167be1601fa855c5c8470d1edda1b732bb55d3c8d83502c781fc66e348a9675c8816cd83b658851624

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          291d75b3d47a52f8e6438850edb33827

          SHA1

          71a3ff1a89e0b28bf829c4f8e820e3e5b0200350

          SHA256

          2ee7aa7bf62023e08359506e53e46f2b4dc6033fe6b289c62cb704c44b9f05ee

          SHA512

          c89d4a0bdf76e0737b26281219633fef240a207216922485171f201fe1f06010c2d72eb36924537f295976ef78e9619ca0749bd480aeb51b968cc0ef48ac7244

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1df7669eae4e4a768d9f867025edcc14

          SHA1

          049e05555838770d9dc513fd02c4889820d24c4f

          SHA256

          bfc97f380d0657363c339e346421b7bec4b6b7e588ab5deae4e488d9e608a01d

          SHA512

          5e64386e4f1edcd7db2ebcffc165ff36b0a3ff6f0378ee15ed32c75152f6c8fec3fc4a46ecd2cca3d5c42e909f2a7530ae638a048d9d2a8537702cb18fdd7c6f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          5a5ab2b831802ec22812a8a254a40806

          SHA1

          3b6beb8e10ede364deca82619f0a923831ee7099

          SHA256

          a77a9adacdb73d934107108beec47677e3f76e1777c80367dd2c71e84bf0874c

          SHA512

          abdfb967aaffd0ee49b4c06a435d6393d0dfd9f77c406eebf910c7b34c4fd94c4cee9057f46a6210e1bc24a4acc62cce5b3bc0eeac34ff69f4d7348afb43904f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          99c32df4bbaa679647e438349f0e7a4b

          SHA1

          1ebee065c338c1965ad12f71e8717a144b1ae1b7

          SHA256

          1b00acc78add4af48a8971e092777381663648c67fe29336183a78001156df50

          SHA512

          b158ea3fb69a565022929b5438265ebcd737c905d7f51b01af06ef497348b3a3ad8b84a9dd2748a2535e078eae2e60a0fd7403638f4c58aae92f685fc112977a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          04fc58141431b033252ef811c438e705

          SHA1

          c8ae6f54f041cdfb4844fb2aa758ac82b31dcb3f

          SHA256

          cceefd62abe3e9d971ee0079b3b4816d88892c1e710c475306919ca19acb6abe

          SHA512

          759924433677205ed65ff4312b26f677d43ec13a4edcbcb8ef83c4026b556692221a6c29a9948f8f632e5bc55ce61fc20ff0a1a311a99d38993d98657c55a9d5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          7c1c20f88cf2bac1d3ffbf47d30e504f

          SHA1

          f31ffc6ed262ab20c10f1b1fe98815017387c5f6

          SHA256

          19caa56e09b5e0bf4996f0d10d7a1e2c98a32860e4cf65e74e4931cac26f0d93

          SHA512

          67ff095396f8f60280cd828485e72249d8032aebed8907d41b865dfcfa64b5ee0054a846be0130002f1cfbec5654f0c34933972c9114a9b1cae628a1e0029502

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          75dca56f3312b5a30566898474c5b084

          SHA1

          a199f3229d2acbd0de22ee97b5da605f1968453e

          SHA256

          b8ddd1955bf246890ab1387e5969a64a470f0562712e9fd983546f404d8c3526

          SHA512

          3a09c2a7de56d85297c7de0adfcb215173701855b165fe40149ce2c2ada4f1e9705e1c639b069715d422ca6ad0bc5eb586b96bfad30d61139353b2fd40fa1f00

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          136a3a4b35b3365ba0c5c816df483dcc

          SHA1

          ada057e4436a1bc967839aa86f89add9e4c6fc31

          SHA256

          b176b83e84fe7c7f2590732a0ccf916bb533746bff534d2644532a3c570aaee1

          SHA512

          c331f09b04dcf5eeedfa7536ef5630edd90cfffff007182a48a8e60dad377894931406365967647f55705d2ce7bd79ac9108734632b938dc54d83a10742880d4

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          95fa956d21ebe762af1e9c144a418126

          SHA1

          f69a61395e60d1c86f43aaca8dd6f629e13883eb

          SHA256

          4acb82d18c36068c5085592ef5cdf8dd5277a696b84f280b3c8a286539dc180b

          SHA512

          e76c3de08cf4e261235098863efd4884fab8c6a6782d3cd03ec83ff2b90f1f9e914d88f8c6ec35d7fb49efb2a6a469c85816004510b34286672c985ab8ff479f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1c0db0ad99dcd53f03c5f47b2a577d28

          SHA1

          c36c4a7329ceaa63f43f525a0bcd62e1d561ba62

          SHA256

          42edf63e938b4933a6dab8c88c9df8a347313bb210b95a10db7d71b94bae6f50

          SHA512

          9f251a745a1a9853fdfc35224e2e8027529296d6df5fee320f2627eca2bd34ba0c3303f965fcd3c83ff53435169cd56ec4763ebeef3219a8124a9ded4419ebaf

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          fad02fb5ff5295ff176f83c355123d99

          SHA1

          03bc6d7fc06175c84899d18b603cb4abff4f6344

          SHA256

          e7ea2345454e53e224a4feafbd3c4e99a8cadba933e50d40854e769ff9bbf568

          SHA512

          ae6a559253b027f142e07f175235db0390b49c622475e2f4d7b6a894f834a02e1e21347de8e2ef848674088cb4bded470ff39a15c9496c3163fe40ea760e7176

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          7aeebd4403896c32a19a1fd71319d67d

          SHA1

          c88c893f583203b0e4db669f821ba653fad10ec3

          SHA256

          889875c8385565f173b1b54a216c4f0d4083c9715bbcaf7698c758c7c1829c9b

          SHA512

          4e864f181f682da49bd3ae94b725c1564bb614463a6eae85aabb08eb867511c381776137b43d7b3309c979fd849bf51f77e977a643dce65bbd10cfda4f2f7527

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ef5fc6438cd115c9f7e76f668071e003

          SHA1

          37f7feb51b57a5dbf722a882a7a72f403c127149

          SHA256

          71f4562f7acb26fb47d4c4a9a235d4c36b44db9c2edffad2f8249d9d54f834e3

          SHA512

          59aa599d035dc8f187d2e51f1c387a157de162748a86c31a02c7d40df508f94ca76e54d91a2de9f3819089210b100507405ae66a2fc772db03fd84f10efbb1dd

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a4af623e920dc718cfa144c82ce2c676

          SHA1

          87bb656b6c9f1cf2012a975a85f452beca5fbeee

          SHA256

          46f7c1283579eb802847cfac148700072af46a8c7b4f3cd30b16954dfce827a4

          SHA512

          2d5e220d3a331d0ffc16e3092b65a25dc95ac53046aa87657a37dbca1350035eb9f84bb39369afd31da22b35b6a4547325bbdbed850083e3b0895b1e69e65fa4

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          6aa4b7430fe3fedf8947547b32695aa0

          SHA1

          6d605a4e802ac7ad59b8a45e7edfe652e6ab6f8b

          SHA256

          eb832653c5bf1dbdf59d8fbcf63291c70f2da6f2d1e19163086fa8cc3b65821f

          SHA512

          590e4c7050ce08cae71782a0ec790912c046958fdcb5794c8144c54f4fc4a291767a6d63bef301f5f9ac3b826496659aa4978b4bda78d063f4fd8042f888278b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f28150b319f08ab3f110c3de05c1e3b3

          SHA1

          f557f6a6b3dfb06e8f34b1abc9d5f3f825ab5e23

          SHA256

          4313fe2b4a0f4ed4c658919021c5e77bb655d82ba72b3c3f8078aa6b0b087134

          SHA512

          0b4f92c26cb73d7358f92b181b2f6f329d45decbda53c7fd19b74da4d4257e45a1557f8657669531359c94ad269214df0e00cd6a10014bbb13b7c9d67e0a5b05

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
          Filesize

          242B

          MD5

          ae8e3a66ab1887b0d3351321aef92380

          SHA1

          d790c559169b65294a40a7a8ea81709c4423ebd7

          SHA256

          57caf06d3bafbed275c47d7198246a64feb93cb3bed1bfbc11307f8abb49e069

          SHA512

          1f1a8a11f19238b37ab156d3710c2e808ba9329b511dd39ef0d0cb0530ec8f7d4b750eef5a7d3ec95c82fe64020cc596315d7e45fe89fee0a1dc3eae5f4a4fff

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
          Filesize

          4KB

          MD5

          da597791be3b6e732f0bc8b20e38ee62

          SHA1

          1125c45d285c360542027d7554a5c442288974de

          SHA256

          5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

          SHA512

          d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\s8rbov0\imagestore.dat
          Filesize

          5KB

          MD5

          aa1d0712c0c639dca8c0a69991c06ca6

          SHA1

          2e1c8730d6558096351dca543f69dfb9a4171c40

          SHA256

          69fb150de37828b4243256d58f1e580bbaae0802faf8ff253f94aa688b2f7cd4

          SHA512

          546872176356febcb9177ab8d168733f9601dee90065b54d8748d54c51c2b783f04eac27118bf42420ed061a9a9937ae1d01d8cd377c0da305fe6747eb6a28fa

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YFEJOBAM\favicon[1].ico
          Filesize

          5KB

          MD5

          198e82940aa0aea3b8280ee7b8815af8

          SHA1

          a70218218f3e55d53853ab052148c349aafbad13

          SHA256

          2340e11b6f04989d1bf9056af69c8de98b5e087b4352599124f794b83b8223af

          SHA512

          2aee0ffd9e7858c4d05643cec68551e2f55b203e614f68a93c75e1cfada4404eb1fb5de830aa7bf6eb3a79666ee8d1553eb177e66ea97d34dc54c3c1d370c020

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar24C2.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit