Overview

overview

7

Static

static

3

3e2e1e6bce...18.exe

windows7-x64

7

3e2e1e6bce...18.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$R0.exe

windows7-x64

6

$R0.exe

windows10-2004-x64

6

StartPage/$R0.html

windows7-x64

1

StartPage/$R0.html

windows10-2004-x64

1

StartPage/Local/ie.js

windows7-x64

3

StartPage/Local/ie.js

windows10-2004-x64

3

StartPage/...e.html

windows7-x64

1

StartPage/...e.html

windows10-2004-x64

1

StartPage/...k.html

windows7-x64

1

StartPage/...k.html

windows10-2004-x64

1

StartPage/...x.html

windows7-x64

1

StartPage/...x.html

windows10-2004-x64

1

StartPage/Local/wk.js

windows7-x64

3

StartPage/Local/wk.js

windows10-2004-x64

3

StartPage/...x.html

windows7-x64

1

StartPage/...x.html

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    12/07/2024, 17:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    StartPage/Local/iframe.html

  • Size

    2KB

  • MD5

    7f025dd24024bb1ea34025cb86d17522

  • SHA1

    19eb3d0d0a365f0997868d50256cce03ad108761

  • SHA256

    0e158e6ad1423ec383db5cfb656e559bdce6f57bf11be464eea555b0d1491423

  • SHA512

    bfea114378bd67b353b9e208478f330910074b2dadc78e82d57cca752fe1de080d10838f0e60980260aecb0ce5703f1f176cd19fd932e74a2726bc0aae5a32fa

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\StartPage\Local\iframe.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2072
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2072 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2144

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a52e8e4ffcaacd091818b89f09a0d597

    SHA1

    46e175e4cc4d1d3ab16f40440e0b3d4e205762af

    SHA256

    46e9ae3f1a6cb8173729fc029454470de4ed8449243e94a6aade9a98166980c1

    SHA512

    ee580447d88b92c44151d07be5e8537d8a73317005fe0a8e58e7c4a3cde4557b79a6745e9a572af58eb8d531b4d941afb1af574b20298b9ff69a4e2aff562dae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c57e1db9114958da24af5c55b7123e4b

    SHA1

    5227c3dfcba2718a104960efdc2d56dd029c5fd9

    SHA256

    3b0b9435d1cd4771c0c1d928e9877dc4c48e00f5acbfe5f427ccfb97102e12a7

    SHA512

    757694ef0cb703551e7c22f9eb2d1b37444ab40003bfa4f28fda3593d86e3c19ce844d440a5ce3d6e73f3d036afe81cecb058893b4d264bd144e6cf7f9dd8563

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e1c011a2999638dbf7c1055a039fc005

    SHA1

    eb4804cd0c0586c888ee077c67732ddb10802382

    SHA256

    cbc47728af997b99037eb17996882f5858c21458ab85368d4e04b3531f15ed52

    SHA512

    dad20f6477048b81c528e37aa592d7c4fda051026aa6ad3c451f86c201af1fb1b0af4f5fa6959108589211019489fe3705d9aa4d152aa8f54284cda75ac68109

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    40715dd38ea51fe8de11444d4985cbfa

    SHA1

    c1607f61d29094bb1dfa1840fceb5a1178f18b35

    SHA256

    1a2cdb387d5da546cbaf9e5b8bb5ff72270fd2af79827551f276ec5292c7a303

    SHA512

    f3d0aaf54cdc9d473c7844450a32a46a171ac30739f46e191bea30e30246a737e543b36c82878c695c304868f1b638c9f1b09e9743047b55b02d19e43df85a7e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dbcde0a23fd7f89b52d4330a8b051d68

    SHA1

    ce099d2258be978ab1149dcd383c49dc8a627bf5

    SHA256

    b7e86e9256676fdaf6ffd6a2ca6b0142ae098fc66c29af1bde6c9d40e5493579

    SHA512

    873c000fe9bd788b459102736814149d5768547a59dad977a4c6966d177fd520dcbdb071ae69924c0436a59b466caeffc72c78a54003bf5831cc2a1394d1ae5c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    18994b07f5be4e901515eec44030003a

    SHA1

    0425901dc2f838fd0f61cc4213723d56dc035e21

    SHA256

    3913da6a776ef1079c4a02109a93c6921179c805cf78ca53bbb2cc8fc557e464

    SHA512

    cc4da0910ef2f307d1dd43d1e089d78047c322e9e038166891c0bf95a3aac8f6c8d816fedc057867600baddd21be98a85be75f59b89f8c08f8419c7268265cb5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ae7899072dc0ccaa7f504a9ed85dc492

    SHA1

    64c0c5a7d4ed2108396413a7b8410d2d78420fa5

    SHA256

    0e7b9f4143101c10e42fa89818a13bfe8f88659c796fb7c5c6ea684a90b13dc5

    SHA512

    7d9b3c1f7050f19ee24849b9be6abb73e93792ef72d400852a838180c5e25fa8130b999f3cd80877bcb54a03c5200fc590244d41294073eb22ec92eb41b10822

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ee37aa6588093007a6450d8b4ef3872d

    SHA1

    2dc389ccc5fec06bc7c534ff8e9e559e33fad954

    SHA256

    8f2b24fa80e49753cccf04c5e0bae2f4a4f3329d623263c9d8a7b6fac032cd36

    SHA512

    5378505860b62a82561ea917f72d3f7d9808913be6d0b0b750bf323f3d74118fa1e783b495aeb9af223e8d012e51cb9e9d5153be945a5504e7ea7a153546a4e7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d843eaf700a3d34e5f7a1480d2bf2c4a

    SHA1

    f8cc3a62611900d61f237c2becdec9fedcc5650f

    SHA256

    e6ee4f59d0535bf72b390ebd763dad4a17889c650c74aa567314d3b23d7b4cd4

    SHA512

    870257616f4fb5fbb4bdd418022d950ed98a5c51a51e09794c4a9af2394faf3651977a7706a0461e32e9a07cfc7844cd9fe28218adc72b168747680e0b2fbe05

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6fc0a497dbed5618a83883915e662de0

    SHA1

    6c106634f36e61a9cc718f99a18b56c7031047df

    SHA256

    64f9e85505d06889448a7516c617b953dc34d1bb3533ce9e1a8e129b72181591

    SHA512

    4c2ffbf70817b95b4cb24df7632c60fe9f39e3f0715620fee36fb573ee079fc77095bb69d1750e89a46b1bf5ffbedbdcb657f49f9906a5d62b4a7050b554d275

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a414daa19ee7cf60b446b8e750ec44b8

    SHA1

    cef78af0d3f39b74b1aae90cf006e1ac097dc100

    SHA256

    a9c2ea27efd247a82c95da3939d9e51ddb5ce96c7e8b227a8ea85f501f3904a4

    SHA512

    47bf9f335acd4721a869e07dfd4f3b914afa623745a0783f8660f9dd16aec624c2d6ed2430a62a8b0692284613d7fa84850ab94006b5d5c0389ddffa9ceb2987

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e24fa79329eb37c8382b1a1943b63a72

    SHA1

    70785fb7fa0cb18ea3b379880e3246eae54883f0

    SHA256

    51c5164600205e745f9654f05b1ab8c29dc701c9719cbd31e7232078167f3ae4

    SHA512

    806ff02761428feb5610b7351d61a21f02e947191ceee659576704a05d91f5ac5e6652a1d6f06b47e2f69bd9753209d1376a8405a217d2d5a604986dd9c8b51a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    66894ef119ea2de72ae50f05081d9c27

    SHA1

    afcd8f58ee330d7843a8f535acb68efcaa3c72a9

    SHA256

    02427b62b83cc9240c1bcfa922305e7585fe8113e6e1dbdee7d51b3f4d2aa98a

    SHA512

    1ab2147257e879f5926dc7be3212e9a6fd2a379c19e19f72e04d2126822794e166783d2dd9761de7aa0903b8bd1e84a9458a82bffc3d6cae5d7a56c038a1db3a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cafd30a630457c274ef4600c15e773e9

    SHA1

    6248118c3665c343b779e5b09f1238228578c8a5

    SHA256

    5dbd560e8607934b3fe28312108b7ae87c6e2ad764d50990c92e76fed57f219b

    SHA512

    fcd07d1fc7790b0e298d7085f1e096fa8143184dc6c14ec2abaa8c8dea33bd233794a3b5e1b3712888fa173dc12f2d60a5b0b7d7b6a150f1c84f0e56ebdf1962

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eab48f2a1f9de7c9d37212363a6eee17

    SHA1

    adfd429f3e4364f91992e544f873c181ae5f186b

    SHA256

    70c49eea973b68f8a98fe37f567fae434d04b40f65689744d2d32349baae51f7

    SHA512

    d6ae8c29f28213ca288d528c8723a0fdda4c88cfb34d32ba862f6153589f9a06f2ca7a89eb9734b9f64c1e1e0730194d3406ce47ee6fa4fa465bb92a5a1b2ee0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    efd33f383f23819e08a40ceb53e17974

    SHA1

    98994cf4faf250f886593bcea2df081691de51d7

    SHA256

    5d4f8a89c101dbfb4583d808c3687971690ca4cef729289a5b59ed1710966c88

    SHA512

    c4d0af24ae9ea806c9582425563f57f78a63128c049cc0c27574278fcd17397ecc78078a5e5aa1a8361c3d7caed71533d2a7071e54e122710bb552621115aa29

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    83abcf72727d13be9f289f3f42f2dbfb

    SHA1

    d20a54b1050b5937e9f5885692c31b953c41d8ab

    SHA256

    386f92b7d62ffb4b28bd7eceea7da32edec8be44f1f17d54b1ae068c8fd0b591

    SHA512

    032fa294272e5fbd42d6c85429bb2998d6527df4fa7d9c07440cddec621766d460bac4c311c651be57f4d83779054fe7a78d9be1d1e5a5330ad5b0dae758e5ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3396e01b420ec98fa705a038c5e12697

    SHA1

    1ecbd88aa1deef41bd8bee4154c31f4aaa95cb52

    SHA256

    abe42f02beb0a68b7677ce05ec7a24eb1b6a77e13a0218db22af6be72c7dd857

    SHA512

    38afaf6726585d759ac62a44831eccc0a4d274cb55b128582a70642aa22cd9ec19fdb812c34cf67b402868bd39a0dbb83430f1d8ff6a96fba10034e9fac4e244

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA20B.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA309.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit