Overview

overview

7

Static

static

3

3e2e1e6bce...18.exe

windows7-x64

7

3e2e1e6bce...18.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$R0.exe

windows7-x64

6

$R0.exe

windows10-2004-x64

6

StartPage/$R0.html

windows7-x64

1

StartPage/$R0.html

windows10-2004-x64

1

StartPage/Local/ie.js

windows7-x64

3

StartPage/Local/ie.js

windows10-2004-x64

3

StartPage/...e.html

windows7-x64

1

StartPage/...e.html

windows10-2004-x64

1

StartPage/...k.html

windows7-x64

1

StartPage/...k.html

windows10-2004-x64

1

StartPage/...x.html

windows7-x64

1

StartPage/...x.html

windows10-2004-x64

1

StartPage/Local/wk.js

windows7-x64

3

StartPage/Local/wk.js

windows10-2004-x64

3

StartPage/...x.html

windows7-x64

1

StartPage/...x.html

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    12/07/2024, 17:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    StartPage/$R0.html

  • Size

    7KB

  • MD5

    bdc5a933dd11a46ba1881a7446bdd2c6

  • SHA1

    03547b50e393b564fb7494027fe3a364018e1985

  • SHA256

    2cb9c99f39635d2905be12cf17167628075aaea33d2da58fee0370f14f894e22

  • SHA512

    17b98eb6296aab9d20b5850a9e31998c7f983b587170272f13df2a01f42e526e2d5b7bf7398e0ef0e748446e9a3417675a3a3e6ed557da227b36205cb547596d

  • SSDEEP

    192:7uEFsHp4giMi03LcioiE3rj0i4iQQe28F:7RFsJ4giMi03LcioiE3Ei4iQQv8F

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\StartPage\$R0.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2700
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2700 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2728

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    527f584abd9a38d15f3d992e425eab01

    SHA1

    a85c96b73d9eccd64b8afcf2ae13a39eff69bbd4

    SHA256

    e88a597fb0adcf6d4c9f37ddeb3947247034f7b5909c336d74e5710b7a0e566c

    SHA512

    0f1da1e2447387e0bb9b71c5d3dfe57c120d25e97873d0af6d84812f051ababf22602ad367c509e9f95d9d8205f5c4d9638cd969491c84afd66d60b0cdff36e4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1c2f9f7fdfad38c7a0739b0204e18929

    SHA1

    9dc554c7f64099c8044887b03f262a841a557a79

    SHA256

    c27e37b26e0f71fc7ea0d0ee0bc97f096cd4f1164eaca661b382cf9d5052daa9

    SHA512

    f4f04743b19cdc89009857f086f736cc8865b9286e75571d6ea7a8c9399de42d007a5d1e8ef5c628d9020b997c5ddebc6b9adef79cc20c5ee8a981600a0da100

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f211437a3a8ced6a6cfe4df104b25179

    SHA1

    f38fb8b4f6340b07b2a72135c1a5e43325583d50

    SHA256

    9f90fc3b4f95b904b77759d9e592a0638d525b900dfb221eab7e1e99af9c38c3

    SHA512

    fa78d038c138a920105394a1b3c3fa289703c65db5ba4f4eb88f8fcf54321cf02a54a2d942193afd04d3597bf5f968fe2bae9faa67bdaeabb5a53ca279992180

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    69668a2b6b43267f92cef585a8287ade

    SHA1

    4924a1c7dd97a91310377c9fa2b419ca07f3f60a

    SHA256

    96bb854c74599f880c1fb24143c67bd95df1a9963a373b94b0f69144c288811e

    SHA512

    0bb6c241bbd8c61a9f016c684961707f7645577e986e44b5f23a0cc107541f0247b79bbf7bc7e28258dc51a74bcf50e043f4d63855351ad1894fd15980d1ee78

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    676decff3e0231ca7179e750216906d9

    SHA1

    25f5eef43f09684d85b2d12d1f1c405a8b4e301f

    SHA256

    64555ae35e543cba43b5bd20c6133debf5012b91c2e1e944282b446fbdc0642b

    SHA512

    d8e70e265087ab7b97e7b70cfaf081ea22b6a65d95cb97a7fb2741b8e23c4b9b9378c91640523ef82e5b13c3962fe49d71969d9496cfac8bc155ffbcdc5baa48

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    88399222e66d74705e6712e9301f0156

    SHA1

    74ef8d2718544fc46443dac87f231627fd4f0a0f

    SHA256

    90c12883cca963c75cd2e8e19bfe30b8c9ab9287d8666802285289280623706c

    SHA512

    cc3457ea4a3df10b961a48f53f07bbb2131c5d850841ad2d7160866bd5fc106f1c948dfb7d293d7c025c5be79c081e95fa2822f8665914ed4e59315cc761fb18

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a757bed031f77761401807e283b6926f

    SHA1

    1135574783c0df19a2556add31867317bd886738

    SHA256

    9c27b150d2924fafbeed20f9c5e56f93458940c34aafcfbff3f91e1ed3d98adf

    SHA512

    3364e6a406311a7d36e3f3db8ecab9c69a1e2ddcd1a9f40dd9354472c3c88e28b0df894614f0ec73ea41caa37374deca0b5f0432727c53087e534298096f979f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1e20f308a7b19ba47fab96f4ebf2a3ce

    SHA1

    986448415ef80ec90139281d9f5d55d4243062d9

    SHA256

    d0474125d0b557465db59a5fc170ceb4495c0c55943f0c3f149c2eef3717503f

    SHA512

    a02de60191fc9b68ccf0cce104a92705cf669920feb9e1200129278dde118c8fc65d211a6d92695680c45b5687537ab4a6b9c8ca436be88ac484ce0d43a14d88

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a66715c541e6485826dca536e2e0b2a9

    SHA1

    44d34c7b2099de877d23727dc43836d6e006ee70

    SHA256

    29a53f098ba468aaf4b94110e22b9c2795bd54b6e4567e608f10755ce8fa4704

    SHA512

    0de56a2597077628064bd181a14855b1d1afc50a724d10b70086e885d133f672bc8ad1443b14746ee018444a2c287af5160b2b42c99c4593a6d4e4150fc2c2c1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2cf557d0c3bc8fb5fd0174a73cedfac6

    SHA1

    1b3398fa460cef6187ff073f7829f4fb98b530db

    SHA256

    cd7a23a2dd8a52a51cd334639244ddaf91d75c79b331163cdee749f0faba1d01

    SHA512

    d7b17841e10e9b6d5dba9fdf7b31f64fba2f1724089433bb0d45a275444a6275380ab47345e89427c51e43fa710dca942426658b2a7bdf9372fbed762b3350c8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f6261791d0a82321a7b6ac9137317159

    SHA1

    ef7bfa8e17466a50ab79bdb423b68c165b0fdfc9

    SHA256

    c9fa141341bef16a4ff82abecb8dacdd5e1ade20f5956ae30ec2d45c0ee80794

    SHA512

    011dd7d3dcd810c475c123ff72c4dceb106cef7267e68f17eecf120eef5e19ea2ce8820b943845430b66b8b489e3291fa65d35891378f9f2ff1842ef41736342

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2b44f85a04580d46f69bfafbb263c22e

    SHA1

    9b0be6d75eeec226228320642630463bce28b1d5

    SHA256

    8d0e98acff3f6fe92c22868acec6b959e1c3ce8a82cb743a165c9f344187bdde

    SHA512

    aad04454a92a559e5e738b2a49a32c7a4c8efdb4650767f0c329ff6ee44f78f27cdd879d2cd36b05a9a07b0b618e2a092ddeeab3db1fa1f7872a0dd4edf3fb2f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d2c71321739dd697decceb47fc6d9f59

    SHA1

    7bbd8258e3c9ed75a5071dbeee0c00668367f9ca

    SHA256

    e3b65cad12b5494fe5e5a7b420622dba3d3db16c08889fc30adc17e4a860cc17

    SHA512

    df4ca5fbc39fd7da10e3da1049d89529e3c5196b8d467a06496b0444e8c2a2ee11fb1e6910115f32d13abf6a9bb08afbd18cb3349a4027fafff0370bb1032661

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8fa10daccfec16b969b69d9bc7f2a6b7

    SHA1

    356e374c22480d866019ad719214348da74610db

    SHA256

    0746219d05603dac32107a8407764162ebd1be8d95e1db1d3fd42477a7e70f11

    SHA512

    508ba940baafc13b2ebc47ebd7ef5702a7a05991d0f8931a486e1ea08ae47f1a5d0f6f9955cb9ce9b0e97f980773db5291bfccb0e6b4001905bc4fe308935cb3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    834d8eb27a57ef27ed6645632fac316c

    SHA1

    561e7242bcabafbf2547efcf2b312c1d2c4def44

    SHA256

    dfa0b074a44196ff6551a83a95cd25c7ec09133c32a8f63337eb84972d29d6ec

    SHA512

    7e68e311326436f0f1995dfd8c6a0c303df80fa98c148dd4c064dd03016ac24032358929c726d4a72e799e1419e056511074c9b6ee4bfa2423fcaca30db4c8dd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9ed749b5d8cc918e240656a1ead5c7e1

    SHA1

    2271e02358b176211f44e2ee7768a1db069216dd

    SHA256

    ed06c76418de8638135d107c2a930f478015e0c69b07b2ad1d61180ac648fcdc

    SHA512

    22adfb87b1ff90d79a396422d3980f7fb4f4a9ad34ff8abf70b17eda9c235b54bcc1b1d1519f1e5374a8720e2a172a342cb94bb2a849e923a1fa0cbec1bb1778

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4049c4a2fcdebb471d09562541391f70

    SHA1

    fbf1a03c4b04d4bd44691f68aede248a21385224

    SHA256

    a27ec3145e5a0453284d630a8af395bf4a1ed6ec9115a1341a2b0f91ca5c1d28

    SHA512

    72231d90b0cc5f405c0f17046a64de7c00c7a990a0a89549b8d8aa7e7df14cc280c67e567aea46e6e0d837c0041c09551a7afc9180590220aa417e77a4aef7ca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    21055eecb9965e6a4d1bd7311be24613

    SHA1

    5918913a0a365ab9183387abaa830cc4c57f3baf

    SHA256

    807046c6d01d8830c9a13c84038a2475c5036b5e0b4d673dc749d380480c2a49

    SHA512

    828aa5ce4769868f7605d39f6188796fe28f80bf210ceb32d7f85089390a76e35121fd4001fc4aa6b95bcb1dbaaf2d339d4ce59cd1940296b768375b6981bfc9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b22f131e78c8aec7c9ef50ca1bd1fb4f

    SHA1

    eb57c9fd59bb11c8a138690208db6d707c9a387b

    SHA256

    1e20858a73170d4b69596923fb6592aa5057e279e814bfff1bd199f6dda34108

    SHA512

    5c8f2eee209533d1895423e0376f29c987b6e0322f79e222e0ce9f257cc1d78cdd9216f8f883f9ab463029344f443611672b4b713b0192be31f88cd581751cca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9d8a2b4249ea3c8565a07dd39de0db07

    SHA1

    e01a9ac2887b4ec435a33efa56da6dc2ce92fe66

    SHA256

    94bf8c01e560e84a9133840ef512791845b0a85acba018adf6e4f6955d82d6e4

    SHA512

    1e7210cc7735e11671c93b69d8092ec0b873c712b9ab5480287e424feb770acdea51a027f8f12d4c12437c12fef9e156232399420afebcdefac831719021e860

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8402.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8462.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit