Overview

overview

7

Static

static

3

3e2e1e6bce...18.exe

windows7-x64

7

3e2e1e6bce...18.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$R0.exe

windows7-x64

6

$R0.exe

windows10-2004-x64

6

StartPage/$R0.html

windows7-x64

1

StartPage/$R0.html

windows10-2004-x64

1

StartPage/Local/ie.js

windows7-x64

3

StartPage/Local/ie.js

windows10-2004-x64

3

StartPage/...e.html

windows7-x64

1

StartPage/...e.html

windows10-2004-x64

1

StartPage/...k.html

windows7-x64

1

StartPage/...k.html

windows10-2004-x64

1

StartPage/...x.html

windows7-x64

1

StartPage/...x.html

windows10-2004-x64

1

StartPage/Local/wk.js

windows7-x64

3

StartPage/Local/wk.js

windows10-2004-x64

3

StartPage/...x.html

windows7-x64

1

StartPage/...x.html

windows10-2004-x64

1

Analysis

  • max time kernel
    132s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    12/07/2024, 17:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    StartPage/Local/iframe_wk.html

  • Size

    2KB

  • MD5

    388c90fc50e3e7399da677c10fd108c8

  • SHA1

    6c1e457174aeba2bb60c1da4e88deba7baf74364

  • SHA256

    209dba04648f85caf01b72d112d3312f32731555cb984771f24dbeda542d994c

  • SHA512

    5a70d2fde39626e145f74b3a94aa397b79b6f534d3da37f6db7fd5465ebfc881062003b97f6b74a9ca67799e6dcc5c31b8419bca4b2c18c3737978e1429da44b

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\StartPage\Local\iframe_wk.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2096
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2096 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2856

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    6415c9b7a22bcce0a4ae9aa6049510ed

    SHA1

    10deb7c14d23a4657e28290a7bb0dc74fc20b38a

    SHA256

    ffa0942f9721d0c1eadd2e789ec4c8f83d6bb54215ae61f8a8b12518da81a0f7

    SHA512

    853cad3dc3875e68ff4df6d176bacd28a7aa0ed88c1b176e98e890ebcc6b8578d361df809bcde22bf05c4e88772bad4ba5a2cecee16770c4a2532e7f1486badc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    c07235ccfce0395b9548de6eb6f0e4a2

    SHA1

    f60f19a10a43f1d8c8f800933a22a5e4daa8c06d

    SHA256

    bb849cc563d9ad6aecb4bd0e785e60a77376cec7c2d47d29f41206d482cdddf4

    SHA512

    eba7b3489a1a8b289e4b026eafc2929abc26dabf79ddfaeb63f0373907b795db7407205c87cece6347041937df17ba8c74d69a1edde82271240f061cc584529e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    377be54e37bbca743b0c76834ddc4403

    SHA1

    c09c939b27878bb78bb89f801b32ea19f8522cd1

    SHA256

    2cba1d64619d021f4711a66deb198a13434d0e0247b8693a4ead4218eb77f6d6

    SHA512

    d5bb31da7b656038988d00b95872d5442904a78caedded874136f8afd16eb829a8d768cd668b083194d6a2c419e9bb03a879f98adafa68ae58a94f07919a16d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    51947359f904375b8406260c8b680f7a

    SHA1

    8396ceb5bb73bc04907afad8a185db4551384e95

    SHA256

    bf6f6923ee4e8e09d44c4d94d5c9ff228b27284079b8a0c105f25fc25596e610

    SHA512

    a3e14d216667999b12a3ac742dddf28ffcf40adcd498b32b84eb1041eeac87e6f0863a3268390357ce714380429fc8f0cddbf19b6cc883b3e2d010a0bbfba933

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    7a6d4113178c06b2f395ca94784e793e

    SHA1

    fffa3b2ef067d6713db4121f023e727c9b5d7689

    SHA256

    5baf079d2fdd077c87d32cd4fed994dc91892a1fe6b6ead01e78627daac71592

    SHA512

    f6d80e042b82b48d0c51274a8b2e5061ad2c96d94eb0483fa3958ceb562694f8b50ab030c5dddf08537fea326f36704585e0d29f3ddcf02b9b548606ff2d188d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    528950461d5723203419cb0cea254535

    SHA1

    683a11ec5b72439c5eccde0d16f69dd7c40ad148

    SHA256

    aa2702a7e63399fd8e5663059cb8858707296088e6370e4d407668295f29949b

    SHA512

    e2694a029c97596e5c3f0771cedd5250a5ce54d66f463cdd71e17a242472263a3817f6f554c4b9be579c9a512e9d8f31254db2f7a66d2afab93ee775b59ffea9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    bc25b582638f7ffd7dd9e2d348a3dba4

    SHA1

    100b62ba5fe969de2cf869a433d4eb48e098bba8

    SHA256

    7661509b37b48ea8a0923970ea8cfc6377a3db3631c1b809853cbd2222cc6a03

    SHA512

    a0ab1458b1c3981d710e5756b1c3bbf79f1496201602ee6fe26adc11216c4f99083d100797e905905b8be5b3cf2adab2b15b31d4ca2f074e47215ea6832516cd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    8ef64b6c0e4df268468a23898ca43b3c

    SHA1

    3b722d27f6b7ebf418e9bfa94036c0bc8a35c957

    SHA256

    4b8f357ad2012eedaf7bf6b2d927e5be54bd38d68ed4a1e20402b4026d76c2ca

    SHA512

    06d4167e73c23a5b12e2e19eccd28a59a27affe7e67efad7da841e2cfcfbf22dd05ca703e1b4d47c04cd6d38338c7853afbc567b8b6ad6efc593e3b0773c0d76

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    fc66047aebf00512db68704adcc90e8d

    SHA1

    e1caeac99387691ab8294f5c27782145dbe7b291

    SHA256

    16a1e53de98f0c13d03e410f69e5abba35a86a3a59762b1e50a30e792286d975

    SHA512

    8f39dfb1953b7dc4dcab34b327cc72c6fdaecd4046fadfeef316c7342ef71d937cf44d72a6375d6458099c31055bedd44dbe77fca589d1794d4f54f05222063b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    e5bb5e71d28e52388041cdf0528027db

    SHA1

    33b9957658efb627688e5863c25f2cd7ac2d6c7f

    SHA256

    b47ce847bbb15646738c5ddc0f8c5024b47f26cc2e56779f1061bb3ca5101625

    SHA512

    0d0f2d8f6a8a474973de5bdee2bc3eb60bd134448029eb04f52d99b2284d47269c095d5c780c2b397e676bda282aa81b769203da310d5e9ff1ec7283aa326ec3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    cfeba458761fc03dd14e511a8da09d84

    SHA1

    7b98350f03aa5a8a9a5ea58612bde51afda93451

    SHA256

    10e53428abe49a52e0e43613d170091e0763151aa8e7db91d2db4ca3458e0379

    SHA512

    fb6e625f17d27adb3011ea6de2c6ac1c199128c767a4615f41953d2164c9f88863546ed021d6677eb7ee738bdd3c09bb5d504755b436107f239d7df635cfe5f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    18fd1e1d31a92b600a211864291b445f

    SHA1

    4116e8e6012dd8baa2fb3644c7da3422a7ee425f

    SHA256

    86d8d5cb43e441929a7f78d899cd336aa1bb7acd9dce981a7830c0c9f62d3a40

    SHA512

    d901edf477a79fbcdb599e10c18a5261f45b3c8ea8ae1607754bfadf75e2647631e2d5b743305e15d1e4f467aa9b930f26de470a7183b512e4e7a9041594484f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    7a63fa75f309d199173da19512bc2194

    SHA1

    e4984ae828c3a090b7f9ac79068c521d7ee89441

    SHA256

    db82e55a91c21211318fd2e18708d817496027f357a979ae64d01a5681649da4

    SHA512

    f1182f42aecf34f1efa19c8a1b171fb872ff4ac6248b1e55e5765f75e23d8bbee1cf1dfa25b4c454bd7340a9008ae8f3f2293b2ed1474f86b2c956f0ce128318

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    c32ed64a26519f0cd46b97124b7841ce

    SHA1

    ae8012cda843c5ddf26a73b6edb27c07b1f97085

    SHA256

    dfde03583dbafd72b42d2fec7241577efbd127587a82d755c3fe24a3553bacee

    SHA512

    b2582525317e50a4a02f1395fc5bf47e2c4cbf710669519a8c978b621a130e118cd2cb344e6509548ec08b5d22258178ea55d8f931d1dd968c522f5f6e79cd12

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    8752692470e80e429ba373dda8a18525

    SHA1

    658a45a2714ac0abcb1a5bb23a76da750ec3c33a

    SHA256

    b45db3a405df2bed408699706292fcf218bba62400b9d8efc19bb023302badc4

    SHA512

    aef3238396868e1a4a3d95a49f17c918c7da33f3a2ed9604c8f4856fa248c20323dbc9d56bd72e99ddb659fad15d662897cd11f94bcce9be4bbc5265172fa338

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    7e71e436a1884100336e37731bc2b9dd

    SHA1

    c4f831508d925f6cea1c4b146e63fae13967319b

    SHA256

    40c33a5c287d803d2aea48c7ef8e3a1348ebbb96cc705111a2f1e432cf2e828d

    SHA512

    85d6f26e721dd8c61c9317fb3e807e842fd7cb693b7d88463fb72521511aa5484d2d23a5e8015773f9d41bb399f7306f3b3a214bf699454324e9195ebe2a28ca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    721427825a45c26186cb69e271af3bed

    SHA1

    bd9f8693af14ba8599c1d1b4b2761319120b5fe4

    SHA256

    603fb8e25976c3c5ffc9c3d4f49efe0325c8262d64e85294d1cb77149fe0cb7f

    SHA512

    1c6c34ae34bd77d8e096b52e109112ec72aabb62305207a1208afa685c2bb72969359da461fe66709dd5950795e19e062462fa235921a0ae7ae5a07285b044ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    5a53f3754e1e04890def276d052213f5

    SHA1

    d6c604b3047797b89387ca506cd84cafa6af61f3

    SHA256

    36685b947df0f6d535939e8fdf1910bee2c647c68c2691e9e21e72d66b4bdf4d

    SHA512

    787175b6b2f64226db06387ee2b8a09d956b17228b08345a7bb48682f64b1fc38e9deb352d03fd945961d9d8a732c25e5041eda20d89149a6c5ec8289620adcf

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab983D.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar98FB.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit