Overview

overview

9

Static

static

9

5b2263b31f...18.exe

windows7-x64

7

5b2263b31f...18.exe

windows10-2004-x64

7

$PLUGINSDI...ad.dll

windows7-x64

3

$PLUGINSDI...ad.dll

windows10-2004-x64

3

$PLUGINSDI...ll.dll

windows7-x64

3

$PLUGINSDI...ll.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

$PLUGINSDI...om.dll

windows7-x64

7

$PLUGINSDI...om.dll

windows10-2004-x64

7

$PLUGINSDI...ry.dll

windows7-x64

3

$PLUGINSDI...ry.dll

windows10-2004-x64

3

$TEMP/v.vbs

windows7-x64

1

$TEMP/v.vbs

windows10-2004-x64

3

$TEMP/xcmd.exe

windows7-x64

9

$TEMP/xcmd.exe

windows10-2004-x64

9

$_48_/$APP...md.exe

windows7-x64

9

$_48_/$APP...md.exe

windows10-2004-x64

9

$_48_/1.html

windows7-x64

6

$_48_/1.html

windows10-2004-x64

1

$_48_/3.bat

windows7-x64

1

$_48_/3.bat

windows10-2004-x64

1

$_48_/3.vbs

windows7-x64

4

$_48_/3.vbs

windows10-2004-x64

7

$_48_/qq.vbs

windows7-x64

3

$_48_/qq.vbs

windows10-2004-x64

7

Analysis

  • max time kernel
    139s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    19/07/2024, 08:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $_48_/1.html

  • Size

    321B

  • MD5

    29cbd9faab5b4527d56a284341959a93

  • SHA1

    63ff7726e5c4fdf34b35b9cb9b3abf1912998aaf

  • SHA256

    490ea5924c03ae27b37431e8aea826435990be94b20513872d8cf609e0745f9f

  • SHA512

    4b770ce51a9aff2693d78571f6e443e5ec36d5a0a7ca3a8a89134cc758941cd26bc46321604ce04bec531d2decde723412972653181ed504d6c88a7949ed1117

Score
6/10
motwphishing

Malware Config

Signatures

  • Mark of the Web detected: This indicates that the page was originally saved or cloned. 1 IoCs
    phishingmotw
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\$_48_\1.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1512
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1512 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2012

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fd6da2e5962246fd83cd0b5ed6ecfd6e

    SHA1

    99f96e544191d26ffcd54508e8465b68af299f02

    SHA256

    f1644d375204c4b81ab23fc2cd6046854c62d240c62b090f6a6ea2c285e8f7c4

    SHA512

    0dd732ebdf7f1ef1baf6827d5dbfbacbdd5b60626cb617324749a1c0b6266dfdb9dbfc5a5f8ff335b683987c94e47c66407c244eb70f1a7efd93450266667b07

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a80974fdb30a31faae01edaa2ae056f9

    SHA1

    4bf20d4a57ba5e3dbb3cff996101a5de2610453b

    SHA256

    cbd310df5024ef2b5e644aa78216fc934e48f0509118599d87bc9dab6361020c

    SHA512

    dee6e4d0b755d25202d7c27bc8a92440dece3dc171b57d2c73e19c4ab560faa95a9c4967a0f218d716f0de54b1c403c5c7f58c3a228af828b6243386f334f76f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    841408ae2f463c8fe6dddcfccb8239ba

    SHA1

    37bb0ad6c6b2f1770ac4d9da49763137b6cd0060

    SHA256

    d91377503c0812fe3812653885bc04dfc50cbfe37a31e117d541f43270bd8125

    SHA512

    33b4846064b087d3820a9fe159915bbadada3aeb26531ad1295ea5ffb1cffde372983c1451665ac58e14e40cbc4f1652ccee564b11e87c4f2e7d53ceb0041cde

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d3c16c30d7e480ff2f8525863a7bcdd9

    SHA1

    3f55c185dc27f9ef7e17e88891b25ee686aeb914

    SHA256

    2a10491674db46aa56a677d05d2e822a5a9c3b24f49e9351358bbe9244916426

    SHA512

    ef127821231033e7a410a6c90552c9dc1c6e61fd04be72c4d3478b9dd3f3db939c705e7af0cfd8d84332fd62071c1fabe276a3a5399bf9fce2c941f8f60f3ae7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    11409788b36b2f057d1fe59e1a805946

    SHA1

    d2217ad397832c8f78d6c0f8b1c5f788b93c4132

    SHA256

    6adb5e2a390d19ab4b303271de38b9d7e2b7ba339fa7ad3e5833bea5edc6a97b

    SHA512

    ea99b02c14f0c7a2f82caaa44290830b91f03a85d751b520ddef6cffc6dd0b726eefc8c17edfdff762495b0b1594a1132ea1133dc3357d8053e1f18ae86f7f25

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cb88174b3dce16492290af77c22133af

    SHA1

    b9641af9649d9775e231317534298d85312971d3

    SHA256

    42c4391c0247f4b48a94092ddce1f0f228c8b05f7553d6cfa5bbd031002ad2de

    SHA512

    9d6a2506f1664e6edc2d91a2ef07a14efe59319ae30fc6bd8470f7ee43331de30643d90d62d87cdb480e0df504cc558b404d0048479d780f225f4f002b7779a8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    843c8fd77cd47c4a8e95e424e86ba959

    SHA1

    b71c19069ca58aff76aa1791b04289b31f995066

    SHA256

    0dcf321f414c8fe3f6741811219790ed63924751e9d0fa599b5f1fbe079a251a

    SHA512

    806d76ff79cdbb44b6408594c499fe7475a6354e5a4f430058748a1895ec86766f2b80c98218df0a92f7658a87de0bcd7510bcc4df4a1ca661f1b774724cc75a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    63fd7f97bb2e32761926b2be11473213

    SHA1

    f193379478aa4eec95b2578547f2140ce7667c90

    SHA256

    5b8df98a9e96a72238978f74d92052d76b73225d29fc43be7dfad88623afd79a

    SHA512

    5f2cf93e83c1ef6f80f78446f2e2f717a278b1bd7b2a31f2b4d210db5c13cb0ccae1785789194d1de132cdd62b36853c64cc475ae8554647f69451783ba40418

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    58f300480028fcc329c876aa8e9ef88a

    SHA1

    9dca2949217418de05a30877db66b0e26fe47a6f

    SHA256

    eb55b60fb458a4a66a7424bf2a2915815463fbcbe47d3c45a65779c9e247b677

    SHA512

    620a813de0c3aa4cc229b058ef5373ca38fd36216d046efdff64058ba6061b054afb4e23c3019d1db95b41893818fda76eae4150dcb31b6965eed1b8239eefdf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0c04ffc0e8a22138f2d4574b32b70ceb

    SHA1

    8f4f353ac3d94c65df9dbaf51ec4348b854216c8

    SHA256

    da2aee0db3b2b2deecc37975cff0625a0cf98049cf63ec26e232f0721cc4d44b

    SHA512

    eb5285cc4f0173a137fcfcb2748d263cc8a27fc7fa628d37f0cf1d5d8927d4e047e751c6421df8e2d69bb35526bb847752fcf0d2c8c4ea62e31137ee90bc3ad7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8290ff3aac9f2cef934b49ad58a3b9aa

    SHA1

    dac73a823b9c9714888252ea979a64a6c08cb071

    SHA256

    a49d0b672711c39979e7d49b399319c9166edd7a2e4f469a5129b73b6b66f90f

    SHA512

    8f2895ec553b9071f8f070b354cec48eae0a94d67f032a728d5ae78c2182cc3dc2304f0271f9c8f7786e70e5674cc4b5e3ae370a5351a0e7e6b6582faf1bf59e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    efa352ff240c35d8b24943c26e6f0e91

    SHA1

    5980a2d3413c3b6408d09ce2f1cdf8b6539392c4

    SHA256

    0168c702887be097a4a5b5844d851246936cf0e0501f4385e945fe6b1c4c0c42

    SHA512

    88d8ca90b86788e00038347681bbee964f54541a1c19e274a152b48fcbb3ede968f30852d5dec861fef508fee9de9f85a7838868862b0454bca71ce17639e3d9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9587a283403ad56a38677c14fe791719

    SHA1

    f5f4b6cc72f72ac4755596510525f8aa05b4f908

    SHA256

    d75fed9c0fe75a7fad5957d4aec3eb5e0916b51f5ca0f8e69f24f98fac8262fb

    SHA512

    bcfb238805ba1b902adf7b88121623d2ed6129b7c0260f9d28680e9e457d9961e3ea2e146eae1c5777b49fdee5ce450c0b61b73120ae9c272685b1583199fb69

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    18bbae4165a1a678f9e3d37218cd6cd8

    SHA1

    381448761a8dd773f619dc1badaff19f8e193472

    SHA256

    25afdfb121b3564cbb57e2b569efd87bf230576e34c34483c30a0220a83aa64b

    SHA512

    a27b502828daa0860ed92b688533a84a5c4e70bff649a95a00d8947ff5e7e3f04078679898c50c77629f699fc72e3023915d1f01cc898244ee5aa7ee525b25a4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    81fa1499e0953afe4c0bea66dc8da301

    SHA1

    b85a93c7ae9e3dfad963e798ade22b479daa8d8a

    SHA256

    d2bbf7372992a790e5e287756b83e1e1aadaa35aca570c1a04c490ea7fb46d01

    SHA512

    423a76649c4ddfdae3d699c1ad61d94394981fc6788113d3ba34db7f0493c07ddb7dd4c955cc31e43987d064e4530688b7f35be6fe77df80855274737e64e35b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    228b1e4b6751508dde343c15a9a7079c

    SHA1

    33d3b41322320357c1b33cb58f357f41736217b5

    SHA256

    14af7349505774373196900e5df064e07e7c400f2c30634ced614b2e21e39c1d

    SHA512

    dbd76126323607d2d868d08becf376a0447b9e185c410e01f8ba6c19cf990b7469308a52a6c44257bbd9feb96705e9040197e8bccc747f0bdc0888ab48e7b59e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d659a7c2eb629a9e81d5c6a7133fc391

    SHA1

    c7e6bdc254c369f05c5642694ab21e11dedd2227

    SHA256

    ef9ad737ced8ae82ee7ed550e21ccf0e9d2682ef3f0bc5288bff169059e30483

    SHA512

    84c5eb31f890ff727ee5937d71fb46f75a11c96c8ca7aad66971e2578cf74454868985f0989ea71c95b79d830cf7fae1e8ff967ae74356a7eb67e7447a253219

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4451af2d662ca4c555102fc5728fb576

    SHA1

    8e69717e277611d0d20024c7bd5ab71b91b5a711

    SHA256

    847632b3bb750d52d5ec85f2ee66ad07cd5b950fa704a431acb449e866b61b45

    SHA512

    200871d38a515c327cd3c2e42f203a4e2a6ad8f383a0324501fc3686c64a70a5b777554cbbe9be5b8f287ae6d983dd4b089af35b059f3f43ec7fcb7362dc8876

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    93b2a966670613cbc7d453700dc42c9a

    SHA1

    05fc48b1951ca3dd16f2631bfb4b350eb74b507f

    SHA256

    a9f18eb897d5c2c7e1371bb974dcaec04bd236a1256874a8941525c1d6d9c52f

    SHA512

    cfb143a6f76a2319a6476ae44f4509cc36073f3de5689950d125e02f2ae29a7b95489bb2bd50b34470d357af202cd6f86a9231b54eafb408883320d0fc5dea8e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabBFF7.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC059.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit