Overview

overview

3

Static

static

3

456c5d280f...18.exe

windows7-x64

3

456c5d280f...18.exe

windows10-2004-x64

3

$PLUGINSDI...UI.dll

windows7-x64

1

$PLUGINSDI...UI.dll

windows10-2004-x64

1

$PLUGINSDI...ib.dll

windows7-x64

3

$PLUGINSDI...ib.dll

windows10-2004-x64

3

$PLUGINSDI...ol.dll

windows7-x64

3

$PLUGINSDI...ol.dll

windows10-2004-x64

3

$PLUGINSDI...on.exe

windows7-x64

1

$PLUGINSDI...on.exe

windows10-2004-x64

1

$PLUGINSDI...cr.dll

windows7-x64

1

$PLUGINSDI...cr.dll

windows10-2004-x64

1

$PLUGINSDI...er.exe

windows7-x64

1

$PLUGINSDI...er.exe

windows10-2004-x64

1

$PLUGINSDI...er.dll

windows7-x64

1

$PLUGINSDI...er.dll

windows10-2004-x64

1

$PLUGINSDI...ns.dll

windows7-x64

1

$PLUGINSDI...ns.dll

windows10-2004-x64

1

$PLUGINSDI...ce.dll

windows7-x64

1

$PLUGINSDI...ce.dll

windows10-2004-x64

1

$PLUGINSDI...ry.dll

windows7-x64

1

$PLUGINSDI...ry.dll

windows10-2004-x64

1

$PLUGINSDI...te.dll

windows7-x64

1

$PLUGINSDI...te.dll

windows10-2004-x64

1

$PLUGINSDI...ch.dll

windows7-x64

3

$PLUGINSDI...ch.dll

windows10-2004-x64

3

page1.html

windows7-x64

1

page1.html

windows10-2004-x64

1

page2.html

windows7-x64

1

page2.html

windows10-2004-x64

1

page3.html

windows7-x64

1

page3.html

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    14/07/2024, 10:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    page3.html

  • Size

    695B

  • MD5

    080c8144fe173f2af1eb41976efc4baa

  • SHA1

    c919b05ad282d488290d7a285a4622805394075c

  • SHA256

    326a33c1aaeb348c83d0671e859dc8cf7b32d9cb028ef0be9cde550aace1f886

  • SHA512

    99daf282bfa72935b08c1eaa6ba1d49ffd2e4f0774c02c76b9832c2759d2d7e4fa61a4db084dcf3f145c5d062a01a2698d47d012d76213c2e4df4b77d9b13714

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\page3.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1572
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1572 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2116

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    219a1b45a71b7334fd0e552bde40620b

    SHA1

    ba745d87888454826abb3d1620aba8280368f058

    SHA256

    2215f2fa356879ae4fb48b8f6fa6a361857853ec267f35577989dc490b801376

    SHA512

    23cf29672d144ac735b7e7f849265cb4d650b6e4ebabdacd5125675a18da1262035350fcd78d9ba2dc72ae5e138b7804e80551f50802041ccfef79b943bcdba4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d841ad2784d7a5ac52eab529444881af

    SHA1

    9365b4c5345cb9870d050c8b1c83cd156f5d728c

    SHA256

    0570351202a1ce328fd22751d2c2c3087bf1d63ce10280f55263c55b448d70be

    SHA512

    09f19a81fd999e923caf43b498c73e3b0b6bec7ee19642033086c1a2f5780e91cfbe61e9760d3661dbfcb6c4e40635df6ef27017b1f01682079e011ec086e6d3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5f461952014381160da6d10e89c2351e

    SHA1

    a903f8bf5caca184f0e873211cdd010551b03458

    SHA256

    4f900495739e8ed89551558c8c6fd0f69466c6392bd92b3e6defb5e4a3d0bee9

    SHA512

    5e8ffd47cc77739f7f127524a3fcb7e31df4b38d1a7955d41e3a3830e48bfbd5a608cbc54c6b72fefdc3f6f312bffb8cebd94827ac981db89e5e625d02418b5a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9ffacc113ed26efb03e60559a8a5aa2b

    SHA1

    0824ec733fb9a4b0c754a58f0982abafd7fba629

    SHA256

    0fba591d666b5fc294a6f880b463fa5a3a14d222c685ebede8e316db3db15fe9

    SHA512

    dc6b6bd26e98eb7ad4273e104d3240294e8e3cd1de948ef407d0fbc040b68b0d50c31f06d9b742b0dffd4cb2766aad0b5c64ce0e886570d9b11548c81609d195

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    243c4614df02bd26f3389af77498e0cc

    SHA1

    94ce49205a2f8677e194366bb8d14b7ba2445484

    SHA256

    ffa39881465590fed7505e860ca653e2c6bd7c2836379314524f1ed7b697cf50

    SHA512

    cb1eb9e40d03dfaef469775b17a5e176f96fd9389cc9279791a43e852050c39957f1eb9e31035c5d48c659a2d3c02ea252c06e67d71856214fb33f3357e5420b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    16b5185378db260f13daecfcc0b61346

    SHA1

    6e05fac13d5f5f4283867c7cbb85bf3a2c76851a

    SHA256

    2b7b0011a1c278f5309a48e632cd3c553f762a63cf6d2b5be5f3dc620f443774

    SHA512

    5d9b44ffd343ff5af2a607fbce8f9d1826d70115ba343b1fb1f042bdf80b7e4b6e2da90fe5cc529a239b910f52dbd5532262c7b4cae3c6eff33eb301f124f13b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2479bb7b733b8b78d27c004c14cf5f18

    SHA1

    8429a540c1c9953a3785ba376f489e0ef0fa99b6

    SHA256

    e9a21d433aee37db70de93317afe27836ee3e72971fce4958748e2d9c9df2315

    SHA512

    25d5a2cb1ae5134e07e230722d78ee6afef737fb8ba815ae2225070aea387532ef8fd3a7135d8ce9650fe56d69d4ddc3d72dba1c33cd92377e354d737f81823d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    59347def19b6f2af06f4178db66254a7

    SHA1

    40ff3a227e172878bb01210cf9ba0a87028f95f9

    SHA256

    02718abe8b396f228f2742a40eb8a74fbafd2bf15dd8af95e986ca5161de8855

    SHA512

    7fa5a221288449063f8955ce49222085ff578a9724bd2a56bf5fdf147d126f81ce764eb2f13127a4995706f280d6827007a0b56fdbfaed749d46247fdf5f0fea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3985a9aadbb5673aa4ba59c49ed70af7

    SHA1

    11e38125e88b387c754b3930efb2b38a45144939

    SHA256

    f190b3c3ebf0cc4967022f3dbc3e9a11b02ab708d7671402043a99594fc7022c

    SHA512

    2e7b50235bf14fb5a0dca1dafafbe4a5f0875431d1785b3715dbe72320d0ed2198f645a50386feebd9f7ca84b196604583430988c5183b06f197c2af725e5b23

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f3cc9f549f298d2d5d6f602d84418217

    SHA1

    0a8ac6cbd7d3ccf64712caf8f4a57e3540b2e443

    SHA256

    ed2cef036c1e60f79249c9185acf155b7f2f805a5666b96ebbfca1d2248adb3c

    SHA512

    63961386fad745d568d634951e29fa0bf12f9c03c8a4cd98a08e1d3c972842ad810c2a44122146a23e53e44c59a3d1ab027c082195f283bd8e03300e49f744ab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d323b545a43a39364500bbece02c4e5e

    SHA1

    3a1f13f29bff06e4e8589d4c07415c308ab629cf

    SHA256

    3517be9c2a3849f1d2067c96a943dd50be762ff65b7a1d5d4493fb2930b9703b

    SHA512

    d09e8891fb2ab9423e8461b90b97f5e832d52dd674a20d003c0ba4d0f0b991e502a3ec66e5b19271219ca85bd8a19637d5739dfeb6a75ffc786a01e011a4f4c2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0702bf8564ad57494c10c109dfa82ac3

    SHA1

    2b3c74e33c155a5a67999a4a9cd71d2d2b0353cf

    SHA256

    9e520a6df9049396324bc8cd39bd56fb7e354aefa3d8dbc02a9ea26cd27f5cc5

    SHA512

    3340f9beef30b217adb23a09d1a86207dc2441a66a5fa2aab31875cc727dbdb32f81f128a662578bfbbb9e0b51298f11fa4ff2185a51de89ad9020a1bd8477e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    341bb7ec5328a242d2d36340709dff1e

    SHA1

    f96cc370ac68fab343fc443afe8d07c8727e06f0

    SHA256

    ad947ee338cbaa78f232391863d519576fa49efa1cd23e796b96bd086453fea7

    SHA512

    247155fb1a3e845eb3676cf96efd2c1eda41017a2819b29ec00301c9cd70db66c012ced57a0308238a48b8cd5791cb8e2beafbed037c4414f666976e827fe89d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    19bc73940a87aa478997c782a994bf58

    SHA1

    1e2347eaf777256db3217c7830cd5ac42c41548f

    SHA256

    817d2065a0ed0e36778e126894500b5752e34f2e11592673deef15331c151fd7

    SHA512

    e7da8f4d3f0cb66d728f054ac30416b0159e0bf5190ce655dee99187be9a48ab15475bf40ec5ebe5429a391417aa8b45bde201aca39b92365bb65beab0ea4fbc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a6f30e40c48d3a49c30d376a9b909d5f

    SHA1

    0ce9e6ad8ca3a4acdd353a1c0b8b05194344d04a

    SHA256

    177c2cb1bea8d5d67a3bff42cc65f31515d3cd7e74e5624aacef3675bd07ef07

    SHA512

    03a8df9712d16ce3614746d9debfc1baad51dc54e8b0df3ecf850fc502d2fc2f9df4e7ebd683d700db8fa5fa3736d1adacf810be6ca116425687f036f89aeaef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    524cecfa000011fbd629b612595c7a88

    SHA1

    bfb96ddaeac0edaa66eacfbb1b4743dc212bcb7a

    SHA256

    b5a4bdc2d193e7e39c5bf8d0a7e4f8374679b58273beb19d2e5cff6936138a4f

    SHA512

    6b4034fa0a243d0a492d778c886c112c2d32ab3046e002bd823f3c64d4a2a9a006539de638fb2c39976de924dc13162fc4ef08eed6c0d9ac20d21cf77dd6443c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6659167bba497e036b876371c7beba84

    SHA1

    3a9043fd4f47f87ef1a38cc704b1baf1111febf5

    SHA256

    2d34de26ae09c62a9fda35d0bb17c0043ef6d64deae42cadd5d2697e39ba0ee7

    SHA512

    963c291be76168ede017533b31595606b20659d9e5a6890c354a083abc4ff4edbe62accb0499159c7986f956f56058ecdeb0267cb77163aa68160c7e62f4cb96

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    705496c02ee520dc4af33c6242a62ae3

    SHA1

    91e89fcf1a3d9cd18c8a1ac34f0a4716ce6d3f79

    SHA256

    9a7f67d7546b8ea9cac67739ac4e76231533da0c776cc836885c594f05f7ed9f

    SHA512

    cd11ad707ef53a5af06f7bc4d7a38b4dd774d37e8ae20f0de7e4a161cd2a76b1ee1b9801fc2bf4e6e7701001ed06d9ac58c784b64c8a650c0abb27dca46e2fc3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ba23e0bab58275537e2b92bc0e6e3a8e

    SHA1

    7e4b2771a44019dae4d9dd48dcb39a0fb3556efe

    SHA256

    5a5b364821523d684ab282e5c00634ae0eb7776f08c174445cb03418d118fe12

    SHA512

    ad8e60d02e651cd715b3583f3663c0b637cbdaff46bb78c13805e03decc68d982c0a72d7e125e8ceb2a1663357298c9308a4a2f8b92af4fc80a0e42ecfe5da39

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD126.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD197.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit