Overview

overview

7

Static

static

7

4a840139cd...18.exe

windows7-x64

7

4a840139cd...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ps.dll

windows7-x64

3

$PLUGINSDI...ps.dll

windows10-2004-x64

3

$PLUGINSDI...rl.dll

windows7-x64

3

$PLUGINSDI...rl.dll

windows10-2004-x64

3

Data/Games/GAME.htm

windows7-x64

1

Data/Games/GAME.htm

windows10-2004-x64

1

Data/Nav1/DH1.htm

windows7-x64

1

Data/Nav1/DH1.htm

windows10-2004-x64

1

Data/Nav1/DH2.htm

windows7-x64

1

Data/Nav1/DH2.htm

windows10-2004-x64

1

Data/Nav1/DH3.htm

windows7-x64

1

Data/Nav1/DH3.htm

windows10-2004-x64

1

Data/Nav1/DH4.htm

windows7-x64

1

Data/Nav1/DH4.htm

windows10-2004-x64

1

Data/Nav1/DH5.htm

windows7-x64

1

Data/Nav1/DH5.htm

windows10-2004-x64

1

Data/Taobao/GW.htm

windows7-x64

1

Data/Taobao/GW.htm

windows10-2004-x64

1

Data/Tools...il.exe

windows7-x64

7

Data/Tools...il.exe

windows10-2004-x64

7

Downloads/...ar.exe

windows7-x64

7

Downloads/...ar.exe

windows10-2004-x64

1

$PROGRAM_F...er.exe

windows7-x64

1

$PROGRAM_F...er.exe

windows10-2004-x64

1

$PROGRAM_F...ar.dll

windows7-x64

7

$PROGRAM_F...ar.dll

windows10-2004-x64

7

Analysis

  • max time kernel
    134s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    15/07/2024, 16:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Data/Nav1/DH1.htm

  • Size

    5KB

  • MD5

    3e9756a6b25dc62fde3b0d75a406e958

  • SHA1

    992a6a34e84a08434cb06c77a26bce478d3bab84

  • SHA256

    0327b1f790dd0b5469e186bb679e3228a9489509e5780fae49f07a8cc9622505

  • SHA512

    326743f04e3b63391c0cc14d75ee292c3d28406d7577f319f0d2dff6ec554b7e76a8d4c0b9b69a115d619290adc3c7917be1d5fa1cab832796ad151040bbf281

  • SSDEEP

    96:ucQgITXjytvQaxxRAfmWz/PZ3w+FQVZAiMhqABwLmFFgH2a:ucJkutpIz/PZ/P2Oa

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Data\Nav1\DH1.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2224
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2224 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2096

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3ab80325a1e2768c92dd11e207cdeeb7

    SHA1

    0baa121668daac57abd5563eb5338dca3a5efacf

    SHA256

    aa6a3d1d6c47288ed98b59c51d30c0a857bbf239a7e229c21dacbd6ab08e5a5f

    SHA512

    46a47da64284b8ff0d3e39360cf4027ebd4d3f31ecdf2b3e04a77b1db7b9e778086849e9bc8fa517d061501cd8ac3caff424cb80d12b1a02e649e61bfab350dc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f3d51d148a9848b72c58ac45ee350a45

    SHA1

    2447f918add73e22275a70ce473ebf569308a532

    SHA256

    109e599d9eafef8fe0a9026f4b5d600a52e14efa1a17dbdfc62ebb8fc85873e7

    SHA512

    b8704dfc80cf0f0bbe34d9c417220f5bbd572638a42241011243300559ce8bdc64205f8b5a11147e6c0621f54dbcde4debeeeb89b6139813705452db044d6cb7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    207dc511b3fc9b7f6709445aa1e02ca3

    SHA1

    9d562c112a025da3aba8bef62f04280b4658203d

    SHA256

    a442cb99f6cb678bc127ecfa6380c9ba25dcfa67e8263d0086e528a3324bda1a

    SHA512

    21b56ae1a2668fe58a5b91b5f7a1e46be42cc58efda304434c289ab54a90a8c0dc5a962bf345b2a24065d6c46dbe4d2bb9bc646aeffa86e06ecf1bc5c1803f98

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b6301751d64ceb60275974e061b33af5

    SHA1

    f3c79dd9dc0934220dbc754573de114a15b289e6

    SHA256

    1f4089b06c6a35a9a4950223c2bc530889ccb7b1b1f1ab8b88b4d9c6a73c8d88

    SHA512

    23c1b91604085b2067a6cf862340ff0d790d6408e0fab9dc368925522c18256c242e8bb3474233e874fc730d2aed465849593cd42a479f9791238842d5d735ef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b61d930034318ae3cada888921acb3bc

    SHA1

    7a23efba2da76bc9c1497c78136d767ab9830928

    SHA256

    6fe50edafbac22ca773e9cd04b3f6c5d7dc41990c7dc2edaaa185676fc73dc05

    SHA512

    ba81d42c48bbc0f9a01c89a4ea0d910a839477cfe61ccf68ab9eed54404fd6863e2d98199daaec4d5729bbb240cb68bd1d0aac53406b9eac9c103cabb9b72d8e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    792f9a15036650461badd4d679c19a75

    SHA1

    263f7c53bfff6085b153010f526482f028400a3b

    SHA256

    6c2a7af51f8d901e22a88fc09d52a3f641b58e7c07f4ce149b00edee790af21f

    SHA512

    76c3b4740382792cc07630d6641b961c79d3dd854112fb184be44f222c1f2e52e18864e559980f9fb83158c71a11e1c0435005917d70b4436cb7b119ab7bd3dd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f0c5ad64283ef277d47eba5653638897

    SHA1

    c2e75888751ac96e36d01266c2b94a5a6ea570ef

    SHA256

    596036db7d1d1f1fc1284348691baa1f16193f35ca670abb4660306b0a8a4386

    SHA512

    c80e60b5597ba78b8de7e93ef1213660c75fc7553bc4dd7252551f15d7cebae084818fee921f631688299d5f8a548959fb78c13ef708148892a14e396b21ab48

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b1bec1baa344987ddc1e56f494ef19f1

    SHA1

    f43d03d4de71c14835b4187d6230b0527987969c

    SHA256

    435460762242ef56f42b726e6b8efe757fa0ae992d734765ac60479459da5cb7

    SHA512

    57c212c0657216b5be653c6e9ee47a3dbe393f959c9f63807192c9827aad831aa4103d93e02cf6ad14b7cac4deb8226fa2ffe12dff21534e57d08815757c5135

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    50373574abaabd4588dcc34bbdaf6950

    SHA1

    1aacc301bdbc1454a20082bb9e50aa100981634e

    SHA256

    e5d893afe898ca888e954db62c9d528bd533c551d40e9bc902a611f99c6638ef

    SHA512

    56b2860f205a0f65083dee37f98060ba2e1df676dbbc49d20e4e59b48902e90d9cbb54024b94707181e3901a4508ef78077ca055fa73ea38c33e11af6ed6123d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    897c56052898f0db2e3cb2601a08b11d

    SHA1

    0d2261b0404bd532732f4e1ac8e2d3dca6affbce

    SHA256

    c3e3417555c0829c5c5fb31ca5101b2139dbc2061fa10bee3ecd4cc49776474a

    SHA512

    601ab31abe247d4c6c02313e1fba8a62f935caa9ff7858ee31cba6763d95d081dd0edd2b3d5301e902576348d5e217b1a87835b0e47f9d970963c29cf4345ea6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    981438732431947c52bdaa4467d51103

    SHA1

    c2846ec1ef65ba0ea4bda8a9674f1f73e6cb0789

    SHA256

    4f9aa84d6bbad53966973083de657a2fbdcea9cb1d25787b47d41abfcde911f7

    SHA512

    25b4b536f035df47e920565fe8a4cdc0016c0400bd25720f056deb9a3ac1f0fa2d8e34f49324389274ec5231e7f41400a34d7b0ca9bed21ef792adabb22c9130

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF96F.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF9D0.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit