Overview

overview

3

Static

static

3

add_data/�...��.url

windows7-x64

1

add_data/�...��.url

windows10-2004-x64

1

admin/admi...xt.htm

windows7-x64

1

admin/admi...xt.htm

windows10-2004-x64

1

admin/eWe/...ate.js

windows7-x64

3

admin/eWe/...ate.js

windows10-2004-x64

3

admin/eWe/...log.js

windows7-x64

3

admin/eWe/...log.js

windows10-2004-x64

3

eWebEditorClient.dll

windows7-x64

1

eWebEditorClient.dll

windows10-2004-x64

1

admin/eWe/...or.htm

windows7-x64

1

admin/eWe/...or.htm

windows10-2004-x64

1

admin/eWe/...tor.js

windows7-x64

3

admin/eWe/...tor.js

windows10-2004-x64

3

admin/eWe/js/lang.js

windows7-x64

3

admin/eWe/js/lang.js

windows10-2004-x64

3

admin/eWe/js/main.js

windows7-x64

3

admin/eWe/js/main.js

windows10-2004-x64

3

admin/eWe/js/menu.js

windows7-x64

3

admin/eWe/js/menu.js

windows10-2004-x64

3

admin/eWe/js/show.js

windows7-x64

3

admin/eWe/js/show.js

windows10-2004-x64

3

admin/eWe/js/table.js

windows7-x64

3

admin/eWe/js/table.js

windows10-2004-x64

3

admin/eWe/.../en.js

windows7-x64

3

admin/eWe/.../en.js

windows10-2004-x64

3

admin/eWe/...-cn.js

windows7-x64

3

admin/eWe/...-cn.js

windows10-2004-x64

3

admin/eWe/...-tw.js

windows7-x64

3

admin/eWe/...-tw.js

windows10-2004-x64

3

admin/eWe/popup.htm

windows7-x64

1

admin/eWe/popup.htm

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    10/07/2024, 17:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    admin/admin_gg_text.htm

  • Size

    1KB

  • MD5

    426ea95dbc1475625c8d937d2b05e790

  • SHA1

    c2578a022b01e3b8fbb1b5e72532036ad1051f0c

  • SHA256

    0c16b9433aeaef3d0b8e4836d6a99255c0aad485fff42a356ced83b22c20bd26

  • SHA512

    55d7de6d1e01eb5c3f62f02608fe48d453df6f19645d21c4d688908642aaa4043f7229f9d31a0845ed64880c664cb5b7eb32e4b005567853050bbc62b134b9cb

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\admin\admin_gg_text.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2960
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2960 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2816

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f796703a14d35ebb821a64a9674f3e9c

    SHA1

    fb253cdd1a5fff626ec1751eead85e07d9d6e62f

    SHA256

    a12c81471db3eee187ab8d0a0a0703ce2008001aac56d7743562ddc69294fe2a

    SHA512

    5b43af9c0ce9f4b2b82e153def18ee008b759b613db935c65a75dd2a02e56473f04ea04d5e2fd43beb2d3ee01dcab7d4465ae23ded6b5b6aa90e6eb6aae2418b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d32b41816f0f707298b521df3c1c6792

    SHA1

    791c4aefdbf2cd5d984f599ea85a81051c6cdc68

    SHA256

    342c0329912a4d36e6f98ce2c53b000e3cd420603152cbe18831f20dd7f085a7

    SHA512

    ef4bd9e3eac30eefd83bd2b9a8f2e572d77ccecb38f8345e655b84e16d4cd9a495fd887a0f72560be7ae6bd000d93486e6fd4de84122780c406dace136ad19e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c22237007bae81ca348fbc7afa7814a7

    SHA1

    8fc2bcd3eb99111f8f7154dd33d5c5d5837cfac1

    SHA256

    7a146da96e4c88ce225c62090a98237b0fdcbb9a651a207f742d140e1a92c850

    SHA512

    a68733c2b1697ca25da0a75d74fc38e8ea1c72ad6066d0b14d54fc86b35b7ac701da81898f7072a2a96d44c5434648374a6c37dc54363cbc2a8ff2f247f31047

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    be48cf2eb77694a1482268f804bd088a

    SHA1

    16efa3371cd65ae714821bcedbfbd4ca5ee5b3eb

    SHA256

    57b63a9f394e097cebae94f13550b6026a4fb852a4efca11d4b4084de8dbf8b2

    SHA512

    cf691000a28211dc6edd3683e7b8761a1095334148a3c0a41aa7c599a2bf83bfc2f7a028eb33b5a291f34517d0a4a59c686c255a0152f790a5d1bcd9f1a79cff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e43a9f2120533c0f184ef2289929857b

    SHA1

    6107bdbf12cb60bf580e45c2756e0098cfd576e4

    SHA256

    1d91928a4f8f93976f7b336a6b46d9408607088f8e3c677c92d43288895b5e6e

    SHA512

    b881fee75c758eb2c00b09d137bd94fd894d5d46cdc3532052fd8411c88d226aab9e9e38a86ed9c37cb4d2bb962a7d56b9a6641509d5448ffd0ba422056fca68

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    390f613941828d345e4483dfdc43da05

    SHA1

    17aa50a1f2864637324180ffc0fb8f80cb44739a

    SHA256

    0a9be58a7a8400d6536d03e1e775d3993196fbd2de5119c76ef5a18f67748bba

    SHA512

    4c63a268914b0dfabc8685adccfd6af60b4bdaaa7a2787c261d6ca6228960d53c9e076a8f49c35b36a50553e91f67ba24895287ebeb8604f4f508b9539c7ceee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4ea78d64d050daee3b180a3397eb91c1

    SHA1

    bbd1bfce6d50cfb04df3bfa26367e3777eee1c00

    SHA256

    0ec23bd718d3111ee6ec62c522204de161219c2f5266f71576505cd692389a3f

    SHA512

    7a50b605030f7e4c4aae7eebd6bb5bde3664ba7ff7a4422c2e56e53fed18c20c641c8311243fb98932224814255ca89b7157418a55633033d6b1488e6af85498

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    70516e587fb3d3017ad16281514ce90c

    SHA1

    71276e4a1383d84fc15c4a8b8a18445c76798b4b

    SHA256

    dc68b21f04ab73fed9bca8a01ef34bbff91c4975365e6177e58c675e7d110f82

    SHA512

    71e3741adf74143b4044948d0630af923d562131a45d19f2f38b31f4a0adaea0b5d92557294c0122a995a810b61e7ad478e1bda3bb25078dad1218114066ff9a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d956c1e739031bf6d33041674e756041

    SHA1

    deaa5dce6db172fbec125ca9cb0f8187c98be86d

    SHA256

    632ab8fd6d800b72fc0c58a838ec24fb402223743ca6a65ec2720189660a009e

    SHA512

    4bd4ac219cabde1d80392ee0a385fc45d0d012209350f7061b2576d453851e5b62847d08f4736f34f2e2b19bc42348b21a1583bcfa1fd8bad95f29816dda8c8e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    814ab4a7d19cd9f5fe01d02fdf1d8074

    SHA1

    05ab3c1aa908e5f749ca499ed72f9aeee451f516

    SHA256

    eda79df5130c09f99addf1324d010596d5033d42c98dc793d86940fb7c6f2804

    SHA512

    feecae6e7bf08ba251abadf9a099b0c48c79b2d795c700fe765f5ea16447ffd36e483b233bdc3d14eef84d9da7a73c748a9ed15aa85ac4f202402b6e65acc049

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2297645c0ffc0362d8a05ddb4d4d5c4e

    SHA1

    ae6b29339f93eb22277e36d9a65d360714d13e4d

    SHA256

    53a9817d3c2ea24a2dfeae56a181df17698d897e80017d8fe2be52a49326f189

    SHA512

    acda6691674ca3d475edd3d746332710d5de6052019523a998c150f62fe9ca93aaa4cf21ddf66a6e2760df7dbadef71555cb974aa5ffebbe3f03f1e4208f96ef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b8764e3342281e455d33b2d63f5de5d3

    SHA1

    fbfb99c1d1105daa310d1aa84c10645c6d64e403

    SHA256

    56eb5d8912379e9f9f3d3c17244cbebb41699c67c2f62dbbe276763b01274026

    SHA512

    d5a7ee61773dd4a5344959813dba6d69f38328a84da92ad12599dee072cee8dfdce77e1728758bc2113c1ee9a5fa02588b85c537eede9c45eb9de65df6fbb1aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    859817276a7cf9083f051ceded0ca494

    SHA1

    849a446b1aa681bdab8a557499d852da67e8ea8d

    SHA256

    2571d30ec5d16f9b14e4f81861ac055bd9cc1d023ecf08db7577655250c18d56

    SHA512

    af3ae89bdfe504e33f064cc334f84afd5d0f64d41265b2d442aaf350736810f49869a7bd7a60526e7ccad61f51aa8844796611e35cafd2967778a9032f7fdd71

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d4bee433f84d25c5a13596b5df33a91e

    SHA1

    ea307e35f348a054e8f5747b2c162b47791b842d

    SHA256

    2451e935b520c38b0d1b08c7dd39ac134c6d7137832b2752912c71086e157687

    SHA512

    632dfa41f351680548e26bdda6db3c1ae5e74722bcb548450dbed2949e19c4234e4d18fece584e6b13048bfc731f488086ea43be47795c3514c2646fb2192448

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4813e40fb3b7532f94b22bf7fe81df0b

    SHA1

    4512c6634e564925d58d76647fe2137eea675ebf

    SHA256

    2867a4bd24bc5681e9791a6109b3635162e700310ad33167787fe8c20b60b590

    SHA512

    b2c83e3306b43528f741f50bfcd2cf027619153b1f745330abe749bc6f19a8578ae79afb65d170b9a74116a79731a866b52046b88b1bc7ea2f8f62be8f634dac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    df32375eea5712b60039ce29777ce7b0

    SHA1

    f55ff472c8009d579b420d298341a3a54ef6b96c

    SHA256

    b75c6cfa054a5a1631eba06af8d96c963e33ec06410b56c198022ffea859bd92

    SHA512

    c2d284682b281887a1bdc6590cf75dc896333b545b871a6f2a77051423b9e990e93b6d2de58cb665c70b30d9a2cb54bc21d0049fe7bb25c2b2a1de6f93b4e5d6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d9c40a22db80b3b80606f25262e542ab

    SHA1

    ca67fa739c1a3bb32a0bc829e62872f8fdb8938f

    SHA256

    74536508b449bbaf2740eee0930bcf83e734b01fc058eccc765f5232f82029bd

    SHA512

    de9229ceb191ebf88c97d55c78507c7718dfeab4bcd1ad2b6aeb4e3790d1e6d82ceaa39566c243dd770ad0ff2ca08a6ef206e722eda6b85f9ed14289d187e991

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1ad88707c603c99d05272053000b22f7

    SHA1

    fe9909d1a256549b7161e564484b40f3a0388ae6

    SHA256

    29c996aab25504a16b1a417859dee5cb48a404171838faa955d40ce3c5c72181

    SHA512

    c0d2b5e6b6f397702880cdee4db41a07fec37af1e7aca7387317e2b5e0e56246d582a74ee6935597fb7b9be4e157765e22f909a7f4799c0b38d3a6a223c3c5a2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6c9862829551792514c315d5fc1dea95

    SHA1

    25d4f5c79ae90523a5b48191e46f4d9c949383e3

    SHA256

    1cb76b06621fc3dea0a190c35a2cc7c8fcb511f3238070abdc9764744eff4b39

    SHA512

    60f740b9a2b0ffd66325494c92f12bb7205ed3d73f0a96f361eab39a1f6854ea716b932831c3d0c77db32e3b62c8f512f2c3a573ec064a108b7ea41dbbf9dafc

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab1A28.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar1A89.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit