Overview

overview

7

Static

static

3

485fd9e0fa...18.exe

windows7-x64

7

485fd9e0fa...18.exe

windows10-2004-x64

7

$PLUGINSDI...IE.exe

windows7-x64

7

$PLUGINSDI...IE.exe

windows10-2004-x64

7

menu_en.htm

windows7-x64

1

menu_en.htm

windows10-2004-x64

1

menu_ru.htm

windows7-x64

1

menu_ru.htm

windows10-2004-x64

1

uninstall.exe

windows7-x64

7

uninstall.exe

windows10-2004-x64

7

wit4ie.dll

windows7-x64

6

wit4ie.dll

windows10-2004-x64

6

witapi.js

windows7-x64

3

witapi.js

windows10-2004-x64

3

witmain.js

windows7-x64

3

witmain.js

windows10-2004-x64

3

$PLUGINSDI...s.html

windows7-x64

1

$PLUGINSDI...s.html

windows10-2004-x64

1

$PLUGINSDI...n.html

windows7-x64

1

$PLUGINSDI...n.html

windows10-2004-x64

1

$PLUGINSDI...l.html

windows7-x64

1

$PLUGINSDI...l.html

windows10-2004-x64

1

$PLUGINSDI...Ex.dll

windows7-x64

3

$PLUGINSDI...Ex.dll

windows10-2004-x64

3

$PLUGINSDI...l.html

windows7-x64

1

$PLUGINSDI...l.html

windows10-2004-x64

1

$PLUGINSDI...es.dll

windows7-x64

3

$PLUGINSDI...es.dll

windows10-2004-x64

3

$PLUGINSDI...ss.dll

windows7-x64

1

$PLUGINSDI...ss.dll

windows10-2004-x64

1

$PLUGINSDI...r.html

windows7-x64

1

$PLUGINSDI...r.html

windows10-2004-x64

1

Analysis

  • max time kernel
    133s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    15/07/2024, 05:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $PLUGINSDIR/Register.html

  • Size

    17KB

  • MD5

    9e98a5ed249763fc62459d9137d712ee

  • SHA1

    0fefb6aa793b98b5e8eab3339dfaea70036e64ed

  • SHA256

    ae58fdd1ee8f76df9096451a6478f859b0d79a0c5a90abe612c6dbab2d249c98

  • SHA512

    0875240c0ca0ae108f31f2b9e12ee79d7940596e2660a6022a1a02543388b31bf929bd9f6ec8b15a2ac9f1298bda1353f1dd50a54edc50a567b3082387b26a8e

  • SSDEEP

    192:zDEyoZbgnNAa6x9Q2vOXQyuv48238xglTWlNr33G+y2SeSpUHCh:6g++2mG48238xkT4rm+ygHE

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\Register.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1820
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1820 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1964

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    3b72a65465398f97e1f9f317450eb54a

    SHA1

    ddfa958a89d6cb10eb853cdbf5d096f070004197

    SHA256

    009e5b0661b8f86760173906e32509e1f21978f2a7fae9cb754f5dac4098a946

    SHA512

    a80240d8574106bb67a0da2c688d4eda83cad428242d6758b53ac2739c4e06849d0c58a94270b02a00149d4562a4fd84ef4bfdf60360bcdbb7f65819f19f1f33

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    253d21185643ed4e9a06c338bf7d0d1a

    SHA1

    547dce6a0fe246ab05425e8227d15e7b4b783dc5

    SHA256

    d11f1749363e88db0f75df217b3da1f10c915ab811b78a8d1a606dca0a49c439

    SHA512

    78084000c4fd537c6f54c1c340ba62a1c5a7c48089167668cd65902946b6c3188bb509696ca25416a73d532f29d7d2b32744ac4a6d2e497124d1bdfd5176cf1a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    37ca74ff14f590ba67c727198ef3c88f

    SHA1

    1444603c422a0a5cb81fb96f32454ce0d00c6c70

    SHA256

    6576ac16a7fdda9c07205f0273365fd910d70b5a9f948a572141ba62abe2eb82

    SHA512

    2b2e808b88bfc4ca93e2a1c180282103c07cdf10a52fe94d27e39b2d0605efc2a01bdcfc91e47a1076d71cc783a1b8032d56279dcc44a85a604a53d52976347f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    1d72d41b949fd29882d0bb0b9a9c435c

    SHA1

    3aeb183694148c7359937b5f4ec57d1e89cbd497

    SHA256

    c67f82b10d07b7988802d379b90f26c8d99934540311075d24778844ca8f5a35

    SHA512

    6e5594f86da36b40a9cdae54afb761e4efb70b5d5cec43ea9011f31c66d1a2e7dd45dd51957143d724038c953673c4a03c8c7726dcf12ced21d70afea91e9041

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    9cf9ca10b55860249bc3fdedf99d8b64

    SHA1

    b0920772783d790ee2779f9e686bfcb461e6dc25

    SHA256

    0857e381d1da00096b074b3ed47c5ab542e115f1fa76a55e2344bd54d920cca2

    SHA512

    7e4b71d95d2d1cb5390696cb685ae5b58637b68d0521b941638a4d2a0003e933ea5c3929fedccf2a2aac79c1fd242c7bb77976cef0804dc7f6b24672147fc808

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    ee70e07cc7200f5fe861715e6f6cb440

    SHA1

    f1d9f5bfdeae3a4e92864afed5d2d1e2ba575415

    SHA256

    99e7fb6e9d6f3d49058f5471293b6a91fe9d1d88dd8df15fbbedad69056e0456

    SHA512

    ea11451e68fffccb69dfc616850c19ed66858272de360622d039aef74939653ffada0497a080f263fd802e46a1417569041d898d4c3afb60096cb4a649e3ac89

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    9d156af5883080f2681063a2683207ad

    SHA1

    7fb0206a0f815d2859067f28cd4def57e8e2308d

    SHA256

    5ba965e3c595baf1905c4f5b759cd67c8e2d7b014abe4f08792670af397d2fec

    SHA512

    42057b6c1fbb671bf462b416e39c2d674140d3b9375d3ed95d7f033dbb0dc2592a7904d74ef47f8426357b54ec574d63ec903a607c5a86e37fba6888de9747ec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    d67113bf87e96b66ec2018621b8bf6e4

    SHA1

    23f5114ebbd82c8c6553a57d4925fd8a4e879faa

    SHA256

    c7626bfe8f8210ae60ba7827fb9a943e796dd258bd183b745b8d7e5ab7d3f58a

    SHA512

    e975071434343ff9e3e88bf871d928786790edad3123faba74fbedb968bc3c194c1209b9e2cfff9e3ac83d9970dc7eb489e3a4d11cf67cef9471d8825639093d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    2f3d6a66cd7e8279b1cfaa75c6fd0c13

    SHA1

    5e9f49453c43e18d2c3acd2282d7e62f98e177ee

    SHA256

    68c8ee3fb908199962173383e14e8c613f5d416a49efb1339f9eb2b36b69b206

    SHA512

    c2ea86a0cf3ba97930aef084304ada0ad0899a1c347db9f92fbfe0d484288bf8cee6175ca89a71e05d3bdb8db33438d1eae53d73abdbf6cc60589802eb2a7b52

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    20a1a26f633aa4d7170f5fce6d56b84d

    SHA1

    2c46f05eb1fc92ceacd53ca40026cd4104b3cdeb

    SHA256

    6987e47f0708456eb8bc97c26e183117a1d4d813945f327b44b4ea47783b9404

    SHA512

    0477c89f7dd9a6d6bcf26a3690ff49dd8b88e0ddc41dd95c84264be46d74578fb36c0c3c51e36086396c216f0f726654584f86762ede089fb35eb9594ad69bb6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    b68332d1911d9de9e66390ee6722028b

    SHA1

    5126017f94780af450f53e71f336b307dba48bb6

    SHA256

    5713e56efe271f0f46179452d20203fbb2714e8cb13378ebad4c9e87b80d129a

    SHA512

    d24c1ba6348ccd8a75f9943ce4ab2822dff8e721c80728515eecc98542f0ccc9485afce65911169186590ae6d60fa51d42d288628d80eda319b88a701e1aebb9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    b10dc29e75bc715b88fd496eb7894e74

    SHA1

    4e04d430b5140eebf449fe27b92944453b5ee94a

    SHA256

    bf92b8fce7ceb80fd379b2cbcf0c31439733ef6e360b3f7290175b8ee6be58ca

    SHA512

    5fb9f5fb365d0879fc014253bebf616cd8353c167f41a4ef4829467cee06145dcb78c562c8fd44ee572d3de5e063ca3b970d17634adef295b8223cb8f57b9b3b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    1d2513f0e677abe7539f5a3d9864fd07

    SHA1

    e0df3c238fc0c7f014d05d443d682209ecb53571

    SHA256

    bfb207b1bd56d9892ac9888fac48b414d442c95eb43604040355b93b65da122e

    SHA512

    f23d25ae2f34813c67a2515ffac08d6740b7e0232198ae941a3eebf0ab00a863e006b4f4f806c226c67ac35da1cf896b79f6d4af1a2721f8d575a1f6416ee3d7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    1cd03117ea499f42d3089780247dd0c0

    SHA1

    9ca57fddba2aae0802028cc004055d889fec3263

    SHA256

    165709f740125dbe5a4824aa6161dd2ab64a4610260283c5204409ef61b6f201

    SHA512

    9656f2d13f7c13f646503cf051ff02f1ef0b951621510015f3e15a24718afc815dba5669ee2edbac08db62babaef60171fd31b4f5b6ed82f91da17b1ef8c7f70

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    3e94c839b08c55f4ef4c05d3e4ff6568

    SHA1

    8b2c5047f54f87628f6bd8ed0b75183231383497

    SHA256

    6453744679984a21de7ed853c4790f52298d7a6c89a1490abd4633e0f8be3e2b

    SHA512

    715ecb3f8a40d1fca778330f90ff92149f07ab8c2113bdb3a649aedca69c18166d71e2276d354a70c6e2b51f571237897089e0f8bf53fa0a9f3cd0104fae42ce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    ef5672528ab13ebbb8e406dbfaf2ebdc

    SHA1

    0ae740ba19a65db216c17d00f3e9b1aea3ac2d34

    SHA256

    09b2f4a55113b2d63532cfe0a1d160c84603f11b20085c0c12a0caf5ffa42f37

    SHA512

    54ec22e2ca3122dcf073dbe7c48427f3cfaa2db238e3ad146fb9d206d7b00077c0a27c8ab21e6d922c73e61dc9e0e266675dfae95835758660aea489e2f1ae3d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    9c21d49886dfa775cbfa0ce049abc7b7

    SHA1

    ccd4067f27ca5a2ae7d232fbe51f244d77372898

    SHA256

    e996cca53b007aba329a504ca09d3a6d26b572244f33b6f61fec1c192b3d2bb0

    SHA512

    9dde5564d51771293e334b332026513c30ff5498fc40f2077c9a61180358d8141d69b4d3eb293c28f55751a6d8f1380d3a04b208be218387fcd953bd029fab8b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    7c40a1fd4e50a50d66e14c654322f77f

    SHA1

    d6ba8cc599f5f48f80fb4b92cb5885b9e470a6c5

    SHA256

    a8c85196dcfd290054a41496e705697940ccf47be212034e4a9faf9fdfaeab23

    SHA512

    0e16785c03c35144cc2fdbdc448145dcb858e943d0ffccc102f138d34e1c7985c5c7ef847827c86753d52c170cee85a0fc8f30b1905767df3b77f2036ab678c3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    fd8614db70d8f029b5deb2169d287c26

    SHA1

    2f4f32cddb2e379d083d02b45f1128c8259d42d0

    SHA256

    84d382e5c0fa14700ec17ea3d8e5161811bbf50bd3d6b350800ec1be867ec38c

    SHA512

    3b51357f9ed38096dffe658bc197db4861d66f21854e349f035050d442988a2c0f7b02900803191ccbf574d57f428213eee1555e8d007c2fdb78fd31e83218c3

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabDE21.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarDEC1.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit