Overview

overview

3

Static

static

1

doodle/2.asp

windows7-x64

3

doodle/2.asp

windows10-2004-x64

3

doodle/adm...fo.vbs

windows7-x64

1

doodle/adm...fo.vbs

windows10-2004-x64

1

doodle/adm...nfo.js

windows7-x64

3

doodle/adm...nfo.js

windows10-2004-x64

3

doodle/admin/reg.vbs

windows7-x64

1

doodle/admin/reg.vbs

windows10-2004-x64

1

doodle/admin/reg.js

windows7-x64

3

doodle/admin/reg.js

windows10-2004-x64

3

doodle/adm...e.html

windows7-x64

1

doodle/adm...e.html

windows10-2004-x64

1

doodle/common/db.vbs

windows7-x64

1

doodle/common/db.vbs

windows10-2004-x64

1

doodle/common/db2.vbs

windows7-x64

1

doodle/common/db2.vbs

windows10-2004-x64

1

doodle/com...nc.vbs

windows7-x64

1

doodle/com...nc.vbs

windows10-2004-x64

1

doodle/com...fo.vbs

windows7-x64

1

doodle/com...fo.vbs

windows10-2004-x64

1

doodle/common/md5.vbs

windows7-x64

1

doodle/common/md5.vbs

windows10-2004-x64

1

doodle/common/reg.vbs

windows7-x64

1

doodle/common/reg.vbs

windows10-2004-x64

1

doodle/com...de.vbs

windows7-x64

1

doodle/com...de.vbs

windows10-2004-x64

1

doodle/conn_dll.vbs

windows7-x64

1

doodle/conn_dll.vbs

windows10-2004-x64

1

doodle/del.vbs

windows7-x64

1

doodle/del.vbs

windows10-2004-x64

1

doodle/footer.asp

windows7-x64

3

doodle/footer.asp

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    06/07/2024, 16:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    doodle/admin/style.html

  • Size

    1KB

  • MD5

    8eb5a7b38d14488c3b61998661fb29cb

  • SHA1

    32974ad574b011f4ede12467e4aee402804d6d90

  • SHA256

    49bd6dd274c17976ab679193be392feee946938cc6ea33080823d102e508ef6a

  • SHA512

    920cd01fab7cd238808463db874ff4ec532497c77cfa19ba13ba36fc573ee19fd98a76470ddfcd5066f051401904458fa6fb9e9a1dc70793aabf0f01992f89f6

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\doodle\admin\style.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2280
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2280 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3040

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fedee4b62e78ae3378b4c028b67d84d2

    SHA1

    46ed3f7f6e4eef04a9a017a3da3646670fab903e

    SHA256

    9d9d6b9f03db69f3e682117b0c387f249a46e256e89a10a40b3b2802dbc5f0c7

    SHA512

    fac238a8d6c7d71c4a8c4142cda095670550fff2a32983a5dc3ed47ec2b488d531654629712e9ec479ffec4752792fc428e97bf50e6584556951cb74e6ec5057

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bf1fa0f40b22b27b8c9229a83608dfcb

    SHA1

    858550a081c2d3ebbbe1cf958614a92eed97e8cd

    SHA256

    98af03c4e15b44af65c09cd785bd6adfef8962bf8b674a2e72c28c2c6e085662

    SHA512

    878d2975be6fcb435ad868e9ce9c18ccc3ef3b345c4001fb60b636b9d746548194c12a41282e5a8c74bc86b4cf12c9578e4b03e1fa028f2d51e7699744fb6d1f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1cb23f2b9ea55af45d1f5ca79a1d8fcb

    SHA1

    d7a91da4f0e96e9892c3b14ec070285d6604fb33

    SHA256

    f9dd28ec7a929054b5b57a9f25bf4a7fbb85e349b8a5254e8f41c33151d35095

    SHA512

    9f618d5ee0a86dff775d9aa0a4615e91f1b2b5133a7ca4c3b2928c4c0d8bcd42917a325d6459b5445bda28f1944f661bab926b0c5ab84ba392c9f93ee27dc892

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    43bd0ed4fe2899581b57bce6b017c651

    SHA1

    48e6bb913e2a3a18a491da58d0b29c5335f99257

    SHA256

    0745476c3402513f7dfda51248209f0fc1225ff09f159d62f7d7d578ce23d8d8

    SHA512

    16eaa093575fd73808e478cc9e03900efeda2e8e5ff2cdb8b3d4efee6034eb7309fb9d8b6b8b45d1fbe7887482e97465dca339591cb28213dff701e3a69855b8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bc4c8db5dbb3570a3eeea5eab0db5072

    SHA1

    b855c1db31a64848fce6350311259490602b9ae5

    SHA256

    8b82900c0a7d0a8005f12112c91bf1a2de777bab7bb1a86ce5422b2120229a90

    SHA512

    dcb9bf36f8f7291215a6aa115e15b4182976ee3f855406f6e4897260814d0100eb3318531f66e9625b51e38eba74ceeda023cd8230fc764f276cf662ca167d67

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5c827d905909f1e4b8834591484d5d46

    SHA1

    3bc451ab40ffb84b4e2ab3b77ff940d482d163a4

    SHA256

    461a9e585abd0052ad0ae4d7c02011bdfc778179bd06f2f75c28921e95b19e83

    SHA512

    4e79e3cda17af66280500b2b7845d304acfe6559012dfa5dddbaa72a381fe232aac788946ec3deb71123d7d386248d888c7fd02b78f3973ee7fd6ef81ecd4ed7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2fbb9db9bfd9faea1777765ff08920d7

    SHA1

    6e054ce7be29e77250ec330236a851bf851117b3

    SHA256

    c44f39d1930c79e919ab3c61639b1d718f65db00a69c648552d0c3a318cb1952

    SHA512

    a64ce46741050682d7a174d068f56a19635c8054bf07cca15c9c9ee0bb2a3b969cd6555fdcd3e1de2d4dcde5c1145613bff751c34e0972acae3bd10338034a9f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8c6f6cc7c63a7e43fa4dac604bc7fc0f

    SHA1

    d4a31145bd5c816825ea0e470de3d199a8d1079f

    SHA256

    a8f6472f07a0216883f68eadcd0c3a2601aa6745a538f5781ffba2fd2038af43

    SHA512

    666ce77443694459fa839b2ce2a495032a6187fa9aac7e5f8d69a0ae826379a5d48a37fb5ba84a4674a104194b8c8bfe7f34d8633584aaefccbbe2f145c39f5d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    97ec6cbe21ef0948ed77935df9c81f43

    SHA1

    8a46ffaaa6e56f4f87ed16d8780e5ef49afd0c1f

    SHA256

    7d81fd81e7d7e24c83891c472bcd575e430a26c47e5bd2b225b23d8528f2ccc3

    SHA512

    1cec5f28ff858b829dc0d7f14896c5deba32fa5ab271a5de7eae079d8326b2429fd1083ebc15a6a1de35974f3a8e19c7cc0b8f719b63c47c416b778dacc10401

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    782d031aa48fa504b9132a15096b7921

    SHA1

    ce263419985fd55a595a04be8f5f4c8293dc7b02

    SHA256

    a52add9306e64f73fc5d6afce745b651e951b7548c1a03e43b1f2d636a31343d

    SHA512

    004d424fdfb769dcfbf93a128df62ff172b5364fe13e68185013f3198e2a6abaf52034ae5ac5b01f382f260b5979739e7e58a5d97f11386f9c487113069967be

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    98399bd271f057cb604414054128810d

    SHA1

    74815b739c3a175d553a782eea6ba8dfe3c9a1af

    SHA256

    5f969abf06bc9ac951cdcb87769ea98e9542d132b4840066bd487eeb8cfdfd54

    SHA512

    bbddcbd3bde605757301f22944435673face7b73be39fe24444a616ce889e3a117cd019fb9f8ea0661ebf3989cfe499872f1aaa56d1825188bf96331840eede9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6433266abd99fdb933a53e9b5c5324cd

    SHA1

    b58f4928325aa430a4b74e7a57ca9a2185dae876

    SHA256

    79159d4885f00e8c5555c6d60ae8ee631f90016ebf117d48edb8a6896c9f3e20

    SHA512

    84636d02637960d1de61df67a1ca9276bf6dd13fe8cf233d99e85eebbdb99a5994a4bdfe72f41eb9243975e4a94af772f015b5b99ee06215d031bb91da65384d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    541ebb590ec59fd59cb2af0cf6c5f813

    SHA1

    80aa2bef4fb376ced051bc160ec6d1d856d3591d

    SHA256

    4d22dc1752668fcfe25b56fa2e66b57ab8622c41c6b209bba62204675f63b233

    SHA512

    44a412a7c5e340b0a4cc6968f8c572d44a6d02c62f7f45bbfe8aee2399dadee1abf64aa78fc6f9f8c3dc9597ff33b8dbff079ecde0c80236068a4e81b57c3062

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7e76b345d94204e2c59d4a47a15277dd

    SHA1

    c9848e9816f50c8dc4a044567b3640957b769d73

    SHA256

    1e85f05e7ee432d82ffd2df0577ac655e8154aaa1926d9bfb1793e0c859cc898

    SHA512

    9a9b64b1b4f525e3c9626ae08a56e6ca5cd6ce582242feea15e7d537a34d948e3dd366b114a2f856d222e0317e4d56b75c6409f32f9c25480772db1038c11232

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f05685d704f833a29ebc6d32ab6f27c5

    SHA1

    83e15c3643555998d54783bf127414ab8d3de18a

    SHA256

    f71646e1b7730f4ea7c0d75c757e3c5bb0b5e1a9609481e6317696173e9e9afc

    SHA512

    d86cab2a7fffb479326c2eb33c63d6aa9b553c674cc91b415a1c2e4d9a99c59536afe99841d5e0fe0b92057c7734458b995b4f2cac5157648e8359233b8f2dc4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d4b09bab2a7f165cbcb8769ae46e634e

    SHA1

    edaad6dd23da71cf9102da24950ecebd55be2002

    SHA256

    5d1f38ca3ba1c416b3510438782c8a64c4627f6533cea960939e597c45747859

    SHA512

    c7cb72096ab1a4563fa55d80d0107beee35b72bd64ec90cdaf6888a1a9f0676d7a31f31afe9a35426a4896bd79bf0e3ee679b35366b8f02f3103b1ac06c0d8d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    780b3aa903737369d1bd3d87a62f11c6

    SHA1

    dbd0bfb58f0a100083b2deaf61ea63429b718787

    SHA256

    da4b09e9afbef6af5ff3a2625bdee2ca35b3cd5a3a1ac3dc3a2329f8d4134f1b

    SHA512

    afa5a50776661f2b41efc281716a91ac067d3983ca07a3925113a62fb7b3e11f343a898ee6fd25857be1f2813c32ad406eeaf0a1b1f8d4422a5a55af13120966

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8477602507e73638580301126a088039

    SHA1

    337d2569a5a13f8c6aba1fedee29aa831f4ca3cf

    SHA256

    eb656883c5843e4e5875e0baf552b78e61474df1f0c0fbad01a3179c8c67a085

    SHA512

    987bdabf82c6659a94d10e99af69142b15dfed9943f3de46e868870222295ba625c6b602e76b6025e9b398dec33cb58d11cac500b4f22a273f237998ad52634d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab13D0.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar14F2.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit