Overview

overview

7

Static

static

3

485fd9e0fa...18.exe

windows7-x64

7

485fd9e0fa...18.exe

windows10-2004-x64

7

$PLUGINSDI...IE.exe

windows7-x64

7

$PLUGINSDI...IE.exe

windows10-2004-x64

7

menu_en.htm

windows7-x64

1

menu_en.htm

windows10-2004-x64

1

menu_ru.htm

windows7-x64

1

menu_ru.htm

windows10-2004-x64

1

uninstall.exe

windows7-x64

7

uninstall.exe

windows10-2004-x64

7

wit4ie.dll

windows7-x64

6

wit4ie.dll

windows10-2004-x64

6

witapi.js

windows7-x64

3

witapi.js

windows10-2004-x64

3

witmain.js

windows7-x64

3

witmain.js

windows10-2004-x64

3

$PLUGINSDI...s.html

windows7-x64

1

$PLUGINSDI...s.html

windows10-2004-x64

1

$PLUGINSDI...n.html

windows7-x64

1

$PLUGINSDI...n.html

windows10-2004-x64

1

$PLUGINSDI...l.html

windows7-x64

1

$PLUGINSDI...l.html

windows10-2004-x64

1

$PLUGINSDI...Ex.dll

windows7-x64

3

$PLUGINSDI...Ex.dll

windows10-2004-x64

3

$PLUGINSDI...l.html

windows7-x64

1

$PLUGINSDI...l.html

windows10-2004-x64

1

$PLUGINSDI...es.dll

windows7-x64

3

$PLUGINSDI...es.dll

windows10-2004-x64

3

$PLUGINSDI...ss.dll

windows7-x64

1

$PLUGINSDI...ss.dll

windows10-2004-x64

1

$PLUGINSDI...r.html

windows7-x64

1

$PLUGINSDI...r.html

windows10-2004-x64

1

Analysis

  • max time kernel
    68s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    15/07/2024, 05:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $PLUGINSDIR/Components.html

  • Size

    1KB

  • MD5

    dbe2a173b32bc4132c30a386c8b41237

  • SHA1

    303bf844136af8866f3c2c0901665b1024d71d53

  • SHA256

    02c9a76d1b012a133e4ac5e95a2a29fc1c608c4a7245b4886ce89aa07f2c1797

  • SHA512

    3398710971eaaa44fbdfdbbcfa1fa96f60e6fb7676d6521f853013be17bdb691f1cae6e933b2aa85378b7d30c5a3a0a34e55bdde9e63ac69c6afbb948f127572

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\Components.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2612
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2612 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2212

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    be80b0ec758abf909e9c04573b83bb4e

    SHA1

    be6467cc27b3f160dfb5f2dfdb6c67217334e312

    SHA256

    cc57a59df1d3d46d90a507a2c1aafa7cd0c71fff632cc510ec71e77f15767a19

    SHA512

    6f5aa975b8875efb41239a833d8a9645e4be271cd02f7b37415c0b8365c09908f961edc03025bb73d632311a4db4650b7777d88b213b1ec5abc87a62ffa82f93

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    53318948e9304a310f6b48b5ce1eb22d

    SHA1

    86a1c2b44cec25de4dd10ed706b8aadbb2ba86fe

    SHA256

    242d64f66739301484db6e14e46b7bfa4a14f7ea7290fce146d2e446ec15ff30

    SHA512

    6ab425533047a69e66554d9ff111d5cfd2c15b9eaf4eb9cd9f95cf37bfdd705e2abc59b858d38552c3f8e0b75eb0c58a820c1bfd8bab70823695e6a15d1a14d2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3bc01bce369b2701eced4ac6d1198db6

    SHA1

    4e0deaccf3df7c50efcdf1d77a362191a7d6edbd

    SHA256

    6a613426ab19747a88cab5830ecec8cb77ae0d292f71ddefa6145f6bc7c62f50

    SHA512

    986189f2fd667e1fa18ce916c5e34bd6879ecedfaddf0b335990710adbb0712adb69980eb77f3a4758a8cb8a7f45218f3053c711555909d7fed5d530dc641af9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8c30a665b0b226701495e228306cac1d

    SHA1

    c065b0a1859257dd027368588201ee9263c2981b

    SHA256

    fc36e909a8dc7bf050a5f283a3f6c955243871db8a9fe6db07adf60e1589d614

    SHA512

    a502057c562d01fd5ede059012c8d5d0d9b4a55718b11a3f3439edbb24d6096c37b77ace6ae9bba74b1ab1cb0d656e49abb5221e7697f9c35a21132ea4ea1c32

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    daf179447125321ca1fdfbeff7d54b7d

    SHA1

    13e4b9e9723a37acd684d344bf9a2b8edd76167c

    SHA256

    9a379c71333467a6f7804e6cc97087f33db08f8e6137deda8d5b10d1532f1ee5

    SHA512

    65959c32b3a2e706970bb4b36a475b7e3375003b37a56be03fcbc6815c1b0d18c1ec9505e1c037a5817222f491f752ce92d4c518019d1a07d041cf5d46515716

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b44b39d4ac4a634b780326f602c4c2cf

    SHA1

    25850625c8c471ae33455f60553e19e4a0595830

    SHA256

    76b30bbc6f17de10c3e1e96db9966cfa86973cd7e79365bf63f456ff5fb0dbad

    SHA512

    0e193e5bfe8288804fbe9d58093fa6f86dfbc07fa48b599c1a8daf535d84be0b866c05004ec1edbaa35ef8d280b355c0996afbf23a6681451487a667511a1145

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5e1e112577daf332b00dcd977c26423c

    SHA1

    63f4ddae507c74b265b8747d59352dc487d7661e

    SHA256

    b9ea219ae961d026efddac4148d9e5b9f39483446c1734b6f99d9178b81d7f39

    SHA512

    056936367398729c472b55b984d10f69541cc48c2d86f6666d0125ce4c67cb40cbf89cacb2d448130c9b3ffd2d1cccc21e8c7a0a78dc33953021bb804f202d12

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    84aec577ca7f41effb27fba268506518

    SHA1

    a87dd95a455f65128000f1401164964574c1a590

    SHA256

    c514dd6014d9c06d877076205942bd1ba2285d2c8a0062df457b8bc1cfafdb75

    SHA512

    63da94650d0a4f4bfadce859d3042e98553c1bc235eb16989b76e6cf3405bfae3ab459c2f0e153c6dba172e7882ae617a585f37dbf556042cbe62f5e2a5dac30

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    75e15e25448b8daa9cbd38bf7d5fb36e

    SHA1

    b5a6327aab91b2198df92d567bc4e4803c3a2c7b

    SHA256

    13eb9a1f85ec5b3953618b60c9f6b101bf9657266cf89c71f0963dfbe78edee6

    SHA512

    19e357b842cc1e91e70b0d6c1838e9a5a12f5d22a54952795bfe0322a82ea59a1152129025227eeb5ddf5281d50d2c3ca33704f80ce2b38336ec60adb159378d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7a44d3938274ad3c268d09d49a03026b

    SHA1

    3f2d89d587b4f24ba0b9e58b3d1347b89b7dd2f0

    SHA256

    f49d45f8460967fccac91876702f3e4f09f05705499a07cf453331bcf4d15150

    SHA512

    a7c12aa4a91d3c167b01730024585e7d6233d157672365114cbbabc6a8b3919ae72a2b00eba824f12b985410d074fc4c6ff39a5b784b6d2be7d6183e23a45f27

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    428679c42d5f933142333409294178dd

    SHA1

    a4b85163d30f59fe736a69fc770f0f825ae5483a

    SHA256

    dc1f52ac7b9d37fb44e6a917998682633a7bc3a8fae31b5eeda8695b44f30daf

    SHA512

    c96f4b2a71f74f7a60f61e735d197a2022aa9c8d131096305c455c3f92ec22af7a00f7fa26e7f1dae416f8c3c45c271ad5a939ff61875194db21d549d9dbc8fe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    227a360b590f027a3f889796302dbc7d

    SHA1

    8cd243cf681d74da8687484050d7c2305eeb72d2

    SHA256

    6ea5d8ecf3dec9607060be5420d97d93b39e0af7a8062cf6038128ff4408ddca

    SHA512

    2daa22de021b6ba52b9176829d86b33b630fb90b5d03e8b47fa62ef27e825e15c24c1adbf8d85d096cf3cde7af70ead650e0e51b0f9fa8284efc8f204d7d38d8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    09bf160193dbfc5065418ed17c342e70

    SHA1

    4b36e8859556a1a590cc8a7af1419c20db1f609a

    SHA256

    a9d5b4e0f33e475abf11770f71e210e9f5750cbb5c548bffdcf2e2f700c986db

    SHA512

    ba82aa4e2429aec8bff26392b64b9dd00c12b387026d535c07a3a50f172b3387b4ba1ea155d83da05bc572a3688e3084ee6b75e6b23587c2621efcf986a3e58e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a147fcaba67719784fc3492a1a671efa

    SHA1

    e8b3ea4a6e59e8b2280e974fad4fdc90e938306d

    SHA256

    c4e3bae6c75001d5d0d3ce6566a315ad3ec522bc80a0776032fe6ceedb97f179

    SHA512

    03345eee656b072b11e1d58aea02ad042381ecdb8187f971d08c8ff708610eab51ae8d75d2c6ec7545c0455bb821771fb3689a6d5e2d00617d60217cec40969c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    12b5433d80ff73879160bfb0dd232b8e

    SHA1

    361ee3ac924f0f7bd254ed3e1a1ae96eb8b43175

    SHA256

    7c4ed8dae67d82fa8561dfe580f51ceeaf835cc2eb70ceaf0d1f3f7696a0e1db

    SHA512

    514eb83cef4eec23a36b43cb36c4b95e07c903a1f96007d21b44fb1942294b0d3a238c1f33fb3d1818e5563d47859b89635b6815a28bbad2344b814640174502

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    74ccb2972fc0d0969f690281d8feec80

    SHA1

    d76dff6e12b1f0715db1ce66dd89e370d14311b2

    SHA256

    596ab440a024434b80d42c68508c81849dedfaf1e5334bd135a5279d6b976f3f

    SHA512

    868f2b073a0981870e3e88bd90525449b393e6e1901fbc0f96db4a7c28e6648da437df0a1d8a47a76fc205703ede392ddee7dd34d3147a954e9c73494b669acc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    af110895b06a5c8fca349c600af1a756

    SHA1

    3f5db12bdf5ca6dba80de44604cbf5bfd9aefe5e

    SHA256

    c721f43df0f84dfe7af504870b143f14cdde275b5b7679d29fb4be7a9b72b918

    SHA512

    cadc0a6c17826b1316818f34189f89493b236ce1ab2fb5e002c8179c2240f826d8ae03a250d2c4a5be5977eb56b616d6d6ba59f6c85ebd6426ee18cc5df8373a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF9DC.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarFA8B.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit