Overview

overview

7

Static

static

3

485fd9e0fa...18.exe

windows7-x64

7

485fd9e0fa...18.exe

windows10-2004-x64

7

$PLUGINSDI...IE.exe

windows7-x64

7

$PLUGINSDI...IE.exe

windows10-2004-x64

7

menu_en.htm

windows7-x64

1

menu_en.htm

windows10-2004-x64

1

menu_ru.htm

windows7-x64

1

menu_ru.htm

windows10-2004-x64

1

uninstall.exe

windows7-x64

7

uninstall.exe

windows10-2004-x64

7

wit4ie.dll

windows7-x64

6

wit4ie.dll

windows10-2004-x64

6

witapi.js

windows7-x64

3

witapi.js

windows10-2004-x64

3

witmain.js

windows7-x64

3

witmain.js

windows10-2004-x64

3

$PLUGINSDI...s.html

windows7-x64

1

$PLUGINSDI...s.html

windows10-2004-x64

1

$PLUGINSDI...n.html

windows7-x64

1

$PLUGINSDI...n.html

windows10-2004-x64

1

$PLUGINSDI...l.html

windows7-x64

1

$PLUGINSDI...l.html

windows10-2004-x64

1

$PLUGINSDI...Ex.dll

windows7-x64

3

$PLUGINSDI...Ex.dll

windows10-2004-x64

3

$PLUGINSDI...l.html

windows7-x64

1

$PLUGINSDI...l.html

windows10-2004-x64

1

$PLUGINSDI...es.dll

windows7-x64

3

$PLUGINSDI...es.dll

windows10-2004-x64

3

$PLUGINSDI...ss.dll

windows7-x64

1

$PLUGINSDI...ss.dll

windows10-2004-x64

1

$PLUGINSDI...r.html

windows7-x64

1

$PLUGINSDI...r.html

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    15-07-2024 05:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $PLUGINSDIR/Final.html

  • Size

    2KB

  • MD5

    939e3484e47b322c467a6a0f59b23d91

  • SHA1

    f3a315beb9b37736ba7bb4fc15189f3a04d2296f

  • SHA256

    222816c721c2d70a4af59e86840155c61c13d72faae90bb12f5fa6573542b1c5

  • SHA512

    2150dfda6b5d74885bf6c79820bc5ebf1fc3b53c2df39a9da326377182d4a5dc75ac84e9fa75b3ce59cbf681cd751ced68bcc57a7b1a59454e5262d144497ba3

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\Final.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2568
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2568 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1412

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b24e365422fc3c59e2f75ba9cbecf26b

    SHA1

    0a9367a840f75e1b8e6a5d3459f52313bc4134fb

    SHA256

    e3dfa364fd09c69b63475c9dadaa6bf7f4d879b963701d179df99a6fc1d8646e

    SHA512

    f2303c9b04f048a76858f27c3db5719fa91a949f126566ef5c07161cfc3a4812484fe9b1e5ddfb218be8aef5f69178e7b2db025e2376a1e86375a804941cd0b7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    65a7d3f629c60157826f9be684430f14

    SHA1

    26ccc56b79bcbe1980672b4638f7ddede4e25103

    SHA256

    a2335845be705d21261df20cce8c5aabbaff59881eff908e2a9658f70a75ed1b

    SHA512

    65ce43c37d0fdb37ff63a64e6ee3d22ced5725ca73b86c18847158d6a03bd0e556804eae74c42d0ca018cf79b731a829b17d8e34c37e0de81160849d00f31bee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4c16c089548e74c82ab1f25387f6e4bf

    SHA1

    9c3d718105dffc0f759cfde534ea28397e8e7719

    SHA256

    d3c0453d6ee066cf9d39505c1d632014c7306628420f06185cdfa2ee93591889

    SHA512

    b1e848fe34551d6d142bffa3ca2b1ea078e35ce5218f07f51def974ef2ce6f59f13862e6b5ad4767d1b24b99a59490ef51f89fb635a78b549b143844be194140

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    96a83ab9018c8d28721ab7961457fbd1

    SHA1

    90e50b3585979432768cc31442fa62b5774575ab

    SHA256

    44194873191764fed52b57bebf3326775119b6589cd97d862637d0410ffc601e

    SHA512

    a5259ca5a45fb79913882c0923df507f42c35be073b8618c8aee441d7aa8aaa0c8b61aecd699fda1002bc6c5e0a97cbdf30962f7a3ce0b4f653e8f1d7b3ec0e8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eb6a6eebb27ae81f6c4a4fff9a9ecff3

    SHA1

    74e18805d460e2f8803a7808135203cd0fdd351e

    SHA256

    d47d0077ef1aaa780d409171c02a6d0d39102c3c7b40817bc4f4f5463f117655

    SHA512

    b146806817e627c165c28940887837d5cc0ae94817d53e8b7a425c9070e35f012fa16e87d8b55af2a4bba7e108154d35e49175478111554db052b7be46193c1a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b3bff07530e52dbf5c92f29e705f18f7

    SHA1

    584a3240f5451ed3763e32cc9c565a7243b55ef3

    SHA256

    a8942088c6ba721fb05efd05a5a290de045ff2d0517fb941364b9b2f1c8900fd

    SHA512

    db8b100ae8ed208fcdd139a53185c95ded274606434915f87a394ee03c1312d69b4ba1c9850a956dbf50e3893e0918dad29a8c46b2bb4ef231a0355e1258e3d8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b7ca984faa3de4e3a7defa64a8de5633

    SHA1

    8d5e0458987ae5439e930c292e4ffa2a2358151f

    SHA256

    52a393f692051b3bb1ca94c65d3ce93fae56241d62b88173136667b5469fa635

    SHA512

    b34fad1ad03800079de975e82a8297c639086b059c3581eeed73ac49f3393af4d5288b0ee0852be7ab2df750b9a7a3f1ccf4140e84fa8d9da87175631400d952

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ab2d1ef9cd92562f7075c39fd354a63d

    SHA1

    39c6927dea5b1b9b44987b4121605aba629b153a

    SHA256

    57c8edfd65fd782f1af0c0f70e27537e84cdb8e00ae4aebc0f30374c58227977

    SHA512

    2b17c96dea6378b48e7e422bcb2d0ccca6e46c2d65d1b107c74b938e65fe2b38e11b2e384682364a8cc067c3945a2d3dae2b554f47af38eea8c7d12f1a17fdeb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eacd27d094ba7489f6162b1daa864b95

    SHA1

    ebadd5a455edba3f73721ff7ccf6290bd263b2cd

    SHA256

    35b851109814d01a04e60b2b25d3c736bd64273400c79e3df71369df70eb72b4

    SHA512

    6c440a8486eece62232b8a3c5892508020633c1cceb4ec1baee5ed6af8bfe549528661b3f3703ffb3221d846f8dd5785e7435082151a062764cf7a94e58d0168

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c5a99ff25ee5bd09129dd6e7068282e7

    SHA1

    be5face69da2b96b3bd37cad720636a407e43656

    SHA256

    99af95dea39b053f4025988297dd766787056953726bab34b5bdf12548a3eaec

    SHA512

    55cad2aa2aa3aa20374558aa27a12bd836c8adaca40393e752928784dd7345d1766d106e144b900d48d56f1fbccd12c976a603ed95844f928a2ffe512fe1ada0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ea4761409dadd6e4cf1de220f8bebb80

    SHA1

    864b5bfc937752affa4ae15f63fa7c5b445b9980

    SHA256

    fd296d0c1babd70611cb0221bb6423c71e7af23e6033098b6d55cee6f3cc13e2

    SHA512

    3b0e89f1b1a6b6e4ed390e1fc7d0cc1ee4947e1c68729141a3bf11ad0a0af9e3ca7d27ad2ad814645439e955e7ac9d8d18fabcb62fa9ad0a8f80e99f9b232c3a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    86ef8a457e836f3e2419b930560b4580

    SHA1

    378dc57f73e65a51d1755e9917f8f5bad332041d

    SHA256

    0fa0f8ee5ad7d8d65403a1fe1abdbaedd4eadb92f69006a0fdd82a7bb78d90b9

    SHA512

    95faa378a3c03d3899fc1aeac5e438fe0a52a01574bf62d6bd404a8a5f5565b1a7d21c754ff7b3a022127dd0ff836297cb8f1ebaa6f9c000d09260f20542db40

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4bd81f8ead5e155fbfa064a29f09883b

    SHA1

    310b3261c2640910e4b241630ef1d0efc360f357

    SHA256

    43699055557b3a40e6dd828b13b2d102d648138e514a3f671f29c7a726fcf782

    SHA512

    4f03c30ecf648228b2682efd61d3e843d7b628e9fd3a4019418c9ce2c81efd636afa9e90f5f2c6dc344db018fb6d5778f88d1084ccf51f7d1b5b7b57b2a7e134

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4a19c1b2daaa19f03467c2ef8cd836b9

    SHA1

    2de95406a573f338e18106f7a4faa5aa1540d8e3

    SHA256

    a4f75687383b6069465e0b705c08053f8f33e043ffc6b7afe0869d14715173fc

    SHA512

    e3813bd5b4e1b278e3904812797b808f68d11ea230706f4347a044c4cc65a0fe7974cbd6baa0167adaf9c857fa10d0e5080b4f3b68b3522927a274e9d0c97794

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    20b9369fe5b6833729fd9de23c6d885e

    SHA1

    de0088fb988144e6c1464241aa68029cee50ad73

    SHA256

    acb68850c8ead70db6dedacd86e2b5934bf17eb199267a09174be3d740bbb1ef

    SHA512

    c6dc896696d2802e4b2f66df7880dac4f4e921569474dbc2c7422337860af5b809316a4294d32118d8f359cd3aaa1160eee6e893e3699cdbe49851af9f0f18ed

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    86245251abf2f92402e2c48fb78e7257

    SHA1

    8219da4addbb1193ffd0f16c9a09561929007393

    SHA256

    8f0ceb60524809cf07d99a8f5449cf566d5c9931ee796d617487822dcdac3362

    SHA512

    bfe7714d005942af1dd3dfff3490e70b487e3709271879f71d70d10a984e165ce7eef57b05a1993acc81c44621a2b59eaf224e2269b32bf1f618a3d982514b06

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    318da86b47a760caa28a3864bdc803b8

    SHA1

    8dab9558bca87ff50683007bcd55fa2b9b4fe610

    SHA256

    861276a82b0d79d520137fb04553e16111872b232d1f2a80b864da7383463780

    SHA512

    66e11223bf563a999dbc6cd5379897095706d65b3fd32f7ec0084c717bc467d1cb0015dbd83ff0a3aed68c0fcab85d98beaaf0d8ed213f78a5480bfb713aacf6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ded04c5385fef07ea5ba5e645f13f357

    SHA1

    ee9aa98b975c125f585c6d5bbf646d63a749b167

    SHA256

    a9dd6ebcbb4a06d84d153746e4af793bf2c84fa2b49cfb73c64f4fac57a89731

    SHA512

    d5eaa9fb1f1dfe29388798ee1f207b533dcda46bbb1c190c910c274d943ad48c3fbf1dd217b8e30d5305696879f564f785d9acb6037f8af888ebd86615265e16

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD29E.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD33D.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit