Overview

overview

7

Static

static

3

3e2e1e6bce...18.exe

windows7-x64

7

3e2e1e6bce...18.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$R0.exe

windows7-x64

6

$R0.exe

windows10-2004-x64

6

StartPage/$R0.html

windows7-x64

1

StartPage/$R0.html

windows10-2004-x64

1

StartPage/Local/ie.js

windows7-x64

3

StartPage/Local/ie.js

windows10-2004-x64

3

StartPage/...e.html

windows7-x64

1

StartPage/...e.html

windows10-2004-x64

1

StartPage/...k.html

windows7-x64

1

StartPage/...k.html

windows10-2004-x64

1

StartPage/...x.html

windows7-x64

1

StartPage/...x.html

windows10-2004-x64

1

StartPage/Local/wk.js

windows7-x64

3

StartPage/Local/wk.js

windows10-2004-x64

3

StartPage/...x.html

windows7-x64

1

StartPage/...x.html

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    12/07/2024, 17:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    StartPage/Local/index.html

  • Size

    7KB

  • MD5

    bdc5a933dd11a46ba1881a7446bdd2c6

  • SHA1

    03547b50e393b564fb7494027fe3a364018e1985

  • SHA256

    2cb9c99f39635d2905be12cf17167628075aaea33d2da58fee0370f14f894e22

  • SHA512

    17b98eb6296aab9d20b5850a9e31998c7f983b587170272f13df2a01f42e526e2d5b7bf7398e0ef0e748446e9a3417675a3a3e6ed557da227b36205cb547596d

  • SSDEEP

    192:7uEFsHp4giMi03LcioiE3rj0i4iQQe28F:7RFsJ4giMi03LcioiE3Ei4iQQv8F

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\StartPage\Local\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2024
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2024 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1060

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b4ce07c16372e968949bbb8d6d231784

    SHA1

    ca40f9b934570bd8e6986120ed39d7594699897d

    SHA256

    4d3758bfb5b0606fe45ed7d76ab47f7e725ac2fb81d625e1c3c3728fea8a0fce

    SHA512

    795a94cfa4f186b6852859ff4e985eda1a67524a95fc00b8e6d925c5659ba92779e17cd76ad80ce420313da814c55107b8f5973dc09009519dad1b1e124bcdb3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a4aee77cd92307258cd166652c48d451

    SHA1

    cc78cb16c91b5583be885dd6d3ba567dd5206538

    SHA256

    a64fa8fc121409c628bedba8af630f9ca5c035ccca1f02253f638ed68102fc48

    SHA512

    2e962ee9980fd54d9c6dd628e63d2b65d34e38a8e31fbc7f642e5c54111f6736660e3ddb4b7f1bd990cdb22726a4a2710b72c17f20cfa9d516cb865bf497681f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f5271e1c7de77cec6e96c45f5870dab3

    SHA1

    63b0e62ffdedcd2934d9baa84bb87528f6ac6b1f

    SHA256

    4b76d91344f5aa2e0c6833e4474ab7aa12164ae322a18d25cbdab93e444f70a2

    SHA512

    3669f267f46181c1856976fa07ce8357e1b36fb342bb4433cddab57d1c3cf30fa94d5fad4a29b5584aa8589471fe601e975672a26f20f1ab2a138442a9f5ca37

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6be203028143b52dc500fa591d897d24

    SHA1

    7acc082d887cf502138bb585380ee7e61402f075

    SHA256

    a657eb77db1f7a5a06c84c3f02fad2e8b8faec9b5ba2ce6e148d511a8eeedc09

    SHA512

    e1b51fad3e1dd43219d8f5627a26283eecf4f27000afbb94230b4f61bf011a0f46732b604f8185479576d7a1f4ab42e13e014efba3388df7a2a709ad2b40e0db

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8cefa18fb5a9c39680211e2e7f776d93

    SHA1

    0d8cec4a77a32b6df73c3d64ea4d296a6dfec272

    SHA256

    66ff80857f46a4722bd22f155db2191903b8af04f387f75fc299b197436ba17b

    SHA512

    5c4de8816b1e71e8e81a146a93f37ed7f240c24d2a1094ec2fa0c045a135953717033b3a4bdf901e5982e86e5814c2de8d812351e09baf2f7b2ca28fb58736f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f7623777254bcf521ef2b4a0d8a0ae45

    SHA1

    4974ba021dd3f746b00c007ce8706a26758d8116

    SHA256

    4cbdd50391815dcdb74004f5673a8d837010db266d4746f65d4659312edb5498

    SHA512

    dd7ead7b0288922b082bad920010e1c7162bb375df16395879aca33caf5e9929c8229fa560975e990d1b18fa540d4136583c088536b649fffe28e7e822c6049b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    25ea33d3bec1c0d8436189c794059fee

    SHA1

    eb8234bae65adcb33073a204e499fc3d0671e62f

    SHA256

    fd0c979a9571c6207ba8fe17080d2aae6c4d8c5bc8069ac2f364f35b16311c18

    SHA512

    6653580e32130edc1a95694b7a2a8eb31e2629ded1f6481779c1a710f56f192e7232b1ebb5e90bdc4bbbf683e7c3599ec996b9e15a249fd3054c74af7ee28d95

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ae7dd03f35013f816bef7be55903ef38

    SHA1

    e1f6ef3a0e78692a4dbe13f17c45cfd544b5f277

    SHA256

    d3f20ddd93368219410d6cae3a45b31565fa08f1536b9473a6b5df763abf380e

    SHA512

    a59a39a2a9a286153dc362379111a663877b4f7053a5c4e62983d20f95522d1b73b9eb1f7a0745a2e1336214751e424819bbca075c7f06684fe08e1c1bc580a1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    94aef728734664711a4049503f5aac64

    SHA1

    8820f59042786278b34595bb7928336947f82d64

    SHA256

    3c8b4039d1507fc22aa99431312a15563c9053390fcbaf954abba921d0f2829f

    SHA512

    e1b3bcac067c9dea1c83bff0d4646183e2ebd70fdbc5ecc8548bc4ce2c57bc16d0a32489185c4463c47394c421a3635c7e0fcaebc31fc9643ee2ee7fa031e22d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5bfd22acac690d3dc059162cdb1cbaa4

    SHA1

    583d47bafe8ba6f359a552c647b02677a1d52c4c

    SHA256

    1ba648a6293666be114bcc8c0d864f3df1535c8c745ea0990eb45a11c8fbfc86

    SHA512

    73e93058c23ce5af052d0776c36e7aba5aacf3bb87033f4e72aa45e9fff0e6ae3014effe6bb9e31f4494bdb24a6b1b188d90d6f17ad57641256533e68a2278d2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    01d9bb46cdb0b71645e23fd79ffd510d

    SHA1

    c4a198898798185a1310eafbd8a394a020f0cf6e

    SHA256

    1e049ff73cc43ad882d435add09e027d47dbf402a7380248ba9735e3a2da06d7

    SHA512

    db44389cd71c5cca0ee7f7008551e1c2aab0cc15f979054fb2355a46e8c23ea4e88fc81a1e61dae772d785b44c9066b70d01a129fce8f97471971292d92cf8de

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    465e723231898837da1cdd61bcc439d1

    SHA1

    f8339bcd8356a2b48c94e0be1d50218e227c41aa

    SHA256

    061ff829f56018eaf0f69f591eb0f2b11a93681c29a7b811e504750e511783d0

    SHA512

    c354ac748a5a2c266c48e790032f615173db3369d72760e797c90ba98c2a7d20854c072f25c58adee5dadad104f0ebaa3779ffdd91a28928e612a2eb290f0e84

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5546f8a8e0601ce235309eadfa366b8a

    SHA1

    e543f14ae0a471c16406067ebdfcc08631460dd3

    SHA256

    36a61a1d37e8f64b2d6f1c0006116604dbfc94cce331beea5a31674f9355b24e

    SHA512

    013d672f6e8bce49973db8c67b9208d20d455b4aebb9cfad275a54df331079d0b4cb0ca578b39ae95ce1c4a2a501a7d5e848e88cdd0d4172cc57707d59efc78d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fb3604e949867f9081cfe0c87152aca6

    SHA1

    1076688dafecf540690f4f1dc46a2d32f80955f5

    SHA256

    5a3ad8af467738221913f8f66d350bb2f5b497bba08b7be779f3b04b7c9cbbf6

    SHA512

    8dbabf1bd8624269d11c5da2cecc8ffc39516ec3232753b3588f56436e7cc28e9ab27164dc075a14b646185fac3888a7abeba180ee7000154768d9425ef20fd5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7cde81e301faf91baab89538d27717f7

    SHA1

    941b736367b90338a866d772cf1c05b0bc869241

    SHA256

    88d65b9ea00e18a522fe32b2b648f351dea83c502c329ab83b88df957f6ecb9c

    SHA512

    7a372bf05b67fa721e089fb4bcba16f6dbad5d93ba7c05770f04c70e39ec2f5c482734f895bdd43ac679f1e4133281a495cd445908f8a269a1b25382a18fcfef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b92454f880f937d7f68473ad9195ccd4

    SHA1

    190bfe604278e939b9fd3f0395a73e2bd1ec4390

    SHA256

    c302d83f327c52b7f7ee15781b56e0f78d29adb796fca7e56deb7892961438ee

    SHA512

    17617f84507abbeb82a9f8cd5d57133aae5089a29e24b3f6e59fdd3992967255b95348049f3f4579d7ad857d87cb5861bc28525ab807a38048773546e9192ae9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2ce35959d694d170a560ff6e006c763b

    SHA1

    172bbb47cd48c2b9324a5ba0379854c975097a20

    SHA256

    4945deb8e4c5a53d93f1ec1be8aced87294c3e046fd9a3ef622dcd03647d6067

    SHA512

    f8833d1fc60674c70f92acd235a545af182f53ae7533a994603ba9bfc5e986bb1775c12c20e7590f6ae3623f1c481f7fb62371a7eafcd47acc5f8db8a7b0d564

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f1419f87ba06e39bd3198e56bae05ca1

    SHA1

    16776f0a12719df0e897667d3f537f83c107bb2e

    SHA256

    4c41548f549b330cf2edf72e63e94a7cd8357c70a442e5b82a8e185acc59237d

    SHA512

    30c42613fa04922efb07361823931706da792c0a4c2e143909530ad9591ed7e0aaf8b250726fa21e5c7b468d32fd9c64e7c08782cfe3b68a0c938c25c16db690

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c7b26919bf284be511efa6811a6f8621

    SHA1

    4adfad14f2506eff4788f15948e274124441621b

    SHA256

    1afd01a19796e58514a90224535a2695e578e4f3a24ea409adf33bb62eb19482

    SHA512

    c744977ee408b905932c9f5131dc38eab2e3b8264482b214f83c110e6e415f5ddcc5c00be3131d0bbe272804cf449a3b101f60aa4e9acac36ace35acafcfd503

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE5BE.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE630.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit