Overview

overview

7

Static

static

7

2420c5ca97...18.exe

windows7-x64

7

2420c5ca97...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

Languages/French.dll

windows7-x64

7

Languages/French.dll

windows10-2004-x64

7

htmlfr/frame.html

windows7-x64

1

htmlfr/frame.html

windows10-2004-x64

1

htmlfr/slideshow.html

windows7-x64

1

htmlfr/slideshow.html

windows10-2004-x64

1

htmlfr/thu...s.html

windows7-x64

1

htmlfr/thu...s.html

windows10-2004-x64

1

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    133s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    04/07/2024, 01:14

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    htmlfr/slideshow.html

  • Size

    1KB

  • MD5

    6656787135e64f08bd6ca30c05c05b5c

  • SHA1

    bbd9bf4cabaf2229834fbf66d657693f189b96ca

  • SHA256

    830faf8ad66597c38ef138d5f44d0dd596c66e598c695587d71dfff847e453f4

  • SHA512

    2fd9c6ca31b2991da5e867b0942afd3ebf10dc87dae2b5113a0ba6a43ce4057a378113355e448ac69b0457effd5b373842cfaad15a083c1785cc0478e0c8c699

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\htmlfr\slideshow.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2440
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2440 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2632

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ea676e0124bb4d9a18ee2602c655e447

          SHA1

          dedd8b9ebd666d7e624e281c063939d4dbf389ac

          SHA256

          75a2da7410c4b5d119407a7289c1185f364c6fd5bcda5d1a2dd5bc5a6a5149b8

          SHA512

          8c6531a4084f7466daedd45ceb35e2e9f7856723fe748bd0de7b8dbd10be56da87cd22b21f49e1dbd276d0bcf1a2d22be4bc5503ec424fe4a0c609d41d566ddd

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f54da65d3f2a893bbef8be1b939005c7

          SHA1

          33bebff1d2a55a32675b988590d0922632c2bdad

          SHA256

          97452a6c1cd67d1b500c7e369689c69b36b40bbe9ed972d43d1bf96d02ab5d98

          SHA512

          7ff630468dfed99c793b1383367ea673d5827ba149e5824c6bd2bb315824584de49df94a18ffef13fd46630f16a2b827912dfeab3068bde27fff8cf7fbf58011

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ea1a6d43a8bc1dc04824e5af3259a9a5

          SHA1

          3885845d627d93345b0908d56c7df602a790914e

          SHA256

          6dfef6ca54ac6b027bfe4577d1873917ab8b6c9a623daf3cd215e6753fa98d28

          SHA512

          055a3df468aaa44cf5868f58da1a0a59cc4eb72f51a9b6c645693b421bf1b9ac0d475dc96db781a1b44338adcd975a6ca3ef7b168ef84aede3fa8f13c29405bb

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          74b4440b0dbfb89093fd6401adf44298

          SHA1

          091cd4efe818771018492dc1a3b323ef56b7f3d9

          SHA256

          57c5d5963bfae550f4606803646606bd2e15ee3e3b9db0da0c6cd996ca404725

          SHA512

          6c9b8b3f05bd9827e360921ca83953f62f7c6d9722fb9953d7712ccfa8b34451a5f5ed234d3badf8998f9bfe867540374d8680eaa377bcabb4faaf5131c4c785

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          cc516b1372fd115d9c31a82e746b4190

          SHA1

          4771b14664d3d34a860bbb687de794bcce34d465

          SHA256

          65ad09b1d9176b066a9fa47f758ef810c0a39260b7d5b9c1237bae38ede1c784

          SHA512

          6dbfb5829969232f2ca7521ee9cb09ef4491c2d21ffd436d454a1689f9dc7453ef5f00c382f8c0593c3c8b63690816488bdc107878a391aa239855940e8a6ee7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          01113da3c917215968f5db9f490d92f6

          SHA1

          99acf8049725330411b33a5d6a2540a12c56c89b

          SHA256

          cfc052bd88f8a83a9b6e6c6b36e75ba7ca94238607fe9b67e4b7c1a9d933e6d0

          SHA512

          380018fb3b7810b4279ddb78f2ca40608412d0debfd18e30894ee14fc2f7c6acba63f84c98c3010f2693d51732b9bb67cfa2354ff8286c8bf62781b280fb5c99

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          8b447c297056a223d24812374afb7863

          SHA1

          de249fc2a4d14641aef791364824f1981b2c9689

          SHA256

          318e1f488ffc048db907a4854d1d1d8b9549d9efda808ee89fbb7e48c3d7c894

          SHA512

          d68f43bd68bb05fed4c025f706461273b65ee95978baaeacf36d6d95e5869b12ec38b5d29521bc7fa9b51763e369f27efe57d92987cc4e6f2ceb81f1f92581ba

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          568e1926309b027540b9ff8a4e324a04

          SHA1

          3efdea2001b1ace852701456551c059bcd12c928

          SHA256

          1be78091aa93295517b9dcd5f90553aa26f11b850b806031b5da922ee2dfcd74

          SHA512

          10b186679cf0c7fab621e7c6d62552a9aaac1a3b7ad04d28571c4df3fa0c0b3d59749a433e4567f4700e2d098a4cbc2a7ae6e4715212a0c46ce42c3cb192512d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          82a67c8433eb55d3505784041a763556

          SHA1

          94e591d0ec1d8ecd481385cdfb9f639f467d985e

          SHA256

          44f256cfb26a71e70479498ed1e5843c669c541ab1d9c3a51ba0f523ba26f1b9

          SHA512

          1b6b8b6b2c2c4ef87eca02b83035b8dcbb25f34e612f18b4ef547f6d6cb2b97551a69065ee0b619ddd9fa74d5242510edf825a868633b4c01bf47fc962a587a1

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ea4d973bfeeefdac0dc7666ca514e91b

          SHA1

          2c41a0bf12803c205d18744a42e40c8cdecf2489

          SHA256

          4a9a0e407cf48094be7590eb03f4cf2927c6c61fdf8fe91453ea70ca606e48f0

          SHA512

          67836ed2cc6adc244b373306ad035c9452e2c3e359ff45f1759e243ce972359e685cec127bccfc189c2e423ca341bf3c215982f65cf32edd7c7fd4ff7cbea6f3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          180c50601a47c81b8e30e5974704688d

          SHA1

          74c893f5ac2759d21a5fea65d6b4018fecc0b40c

          SHA256

          c8ae7d1bd80b452be3cc2b4485d3847954783e7daf75cabc2ea6c8c468c17958

          SHA512

          5a756642843b146e6e5ed28f2d86b6acfb2308e793998fb15aced6e16cb12c380a530a6ffdff21ef5c7a6d25e532a2eceea8d04ffdcb8c73be9900de9a6f46be

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          81722c0f3a8803fab162cd722aad9257

          SHA1

          73cb765d3a49c6fa98a02e8926c563c0ef1826e8

          SHA256

          3bb5f4528bb9ccafa60c7956cfb916efba60a90c6e8fb092a9fe03ff2120435b

          SHA512

          1a885c28cc1b8fc5a2478ed0ce090e6dd8e5c8c2f8cd23832e24fcb5133fb597bd87ee91459aeb7b4f88a7b6852e9e19491eccf6bd5fdf9cba8403b7a33ffff1

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a205115783a081f33094385a72f098eb

          SHA1

          afff043c1a148f14425eca4aab4008321522dc60

          SHA256

          c0b79a44849ba9db578001898339ce7da5ee2ff6bde7f105f5a372b0c37f52da

          SHA512

          be078804b15ee0cda0a7f4191fa06889a0e0bc574eaccfcbb9003a52063af3b8864b1388c0f3e981ac54292069ebb3de8c15f699d329eeebc9a607e5aef426b5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          2cb34d76cfab3f940e85ae00cb97ce26

          SHA1

          ce88be7369ab261843fae0528c1b1288e3ae77d9

          SHA256

          d8ddf279ccaf09c673bf60e866334260f3f87b20a339086a674d1d042ebfa606

          SHA512

          ca46cd2275aebd0bedeb7ff309be5acc8fc41cc8a84355e2c4762b5c90769320cfc686b47d5531e1bb58b2ca47a4f447780ace5effc105959abcb627bcde3a77

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          82dd34241b2705317bf72faf439a7249

          SHA1

          dd45577bebcc68345f1db69e8b2d8c4cd4d841d8

          SHA256

          41b57b65081de4ddc9e8efbaad5cc030020ae420c90f0912668b1089dac33797

          SHA512

          b662bedda4d81f368242e1e8f294288ead71d741ff3f877bb7105499160253e80fe052d2928c4416db884ab7f1c71a1e768d5042f5dc0913c1c69a298b060871

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          931e9932df83f68631a33be8d1d0b237

          SHA1

          331ea9fb56b7e40c28986383a69ad53ac1a8dd5e

          SHA256

          01857358e510ce765be80c6e55aece52ecd8b2eb4633ba2ed4dfdd1bcd7e90e8

          SHA512

          8eb97e9048deb4c1eeb28c599b4821d247bd9afe77b2b28e187c45b9a928f3db4d8d8152d42d57c2d5991e541480ca98c62fcd97ce083d036b84415d727cd828

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          5827fb58a62264cc5b53cbe97bd04319

          SHA1

          d4a337178444fa6f046c23073067d84f1f76c513

          SHA256

          2d096f6776a5abf661c76a30e0f311564dfe403821bcaef25e4da81e705aabeb

          SHA512

          11b00869390dcd3416cd2253fb8d6a0a778c238354c35026c8a0460d2fbfcbea744eacdf50d50d9c564f14c81a17ac139aca6dec04a703b2a383a8103aeda79c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          e2ab597aec91483f8e76d067ecb1e3cf

          SHA1

          dc6df7349cef6ce76ca37259139c818e1db48f5d

          SHA256

          ef4e9dc3398a1fd34506245347974c2985df3e4c4dce8d60f73ca0257534c830

          SHA512

          ecb9003424370473e080fdc72298afd8bc2603ecfea32fdc664d51fdb4dfa97838384c30a132aeb16ca7325111af893ecb6db7e63d4e93c980c68521366fca9b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          4acafc79e992f7d703ad6fecdeb43969

          SHA1

          a16df5d34ce55813e5ac08078d61dc109ecccee1

          SHA256

          b2912cb3da798575c456220070cd09aebcdfc90eb1d37836a38257d1b631b613

          SHA512

          285919c35ea1e5e473df668bfb330be87603f227b11dd932e3ca50fc5d1e21d9ac47d4d06b3442e1a1533a3bc73f745758bd192aee8e1b40a4f173789c049f64

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab2666.tmp
          Filesize

          67KB

          MD5

          2d3dcf90f6c99f47e7593ea250c9e749

          SHA1

          51be82be4a272669983313565b4940d4b1385237

          SHA256

          8714e7be9f9b6de26673d9d09bd4c9f41b1b27ae10b1d56a7ad83abd7430ebd4

          SHA512

          9c11dd7d448ffebe2167acde37be77d42175edacf5aaf6fb31d3bdfe6bb1f63f5fdbc9a0a2125ed9d5ce0529b6b548818c8021532e1ea6b324717cc9bec0aaa5

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar272A.tmp
          Filesize

          160KB

          MD5

          7186ad693b8ad9444401bd9bcd2217c2

          SHA1

          5c28ca10a650f6026b0df4737078fa4197f3bac1

          SHA256

          9a71fa0cb44aa51412b16a0bf83a275977ba4e807d022f78364338b99b3a3eed

          SHA512

          135be0e6370fd057762c56149526f46bf6a62fb65ef5b3b26ae01fa07b4c4e37188e203bd3812f31e260ec5cccff5924633dd55ab17e9fa106479783c2fb212b

          Download Submit