Overview

overview

3

Static

static

3

iis_rewrit...te.dll

windows7-x64

3

iis_rewrit...te.dll

windows10-2004-x64

3

iis_rewrit...if.dll

windows7-x64

1

iis_rewrit...if.dll

windows10-2004-x64

1

images/fon...ex.htm

windows7-x64

1

images/fon...ex.htm

windows10-2004-x64

1

images/fon...ex.htm

windows7-x64

1

images/fon...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

include/de...r.html

windows7-x64

1

include/de...r.html

windows10-2004-x64

1

include/de...e.html

windows7-x64

1

include/de...e.html

windows10-2004-x64

1

include/de...e.html

windows7-x64

1

include/de...e.html

windows10-2004-x64

1

include/de...r.html

windows7-x64

1

include/de...r.html

windows10-2004-x64

1

include/de...k.html

windows7-x64

1

include/de...k.html

windows10-2004-x64

1

include/de...h.html

windows7-x64

1

include/de...h.html

windows10-2004-x64

1

include/de...g.html

windows7-x64

1

include/de...g.html

windows10-2004-x64

1

include/de...k.html

windows7-x64

1

include/de...k.html

windows10-2004-x64

1

Analysis

  • max time kernel
    133s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    19-07-2024 19:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    images/seccode/index.htm

  • Size

    1B

  • MD5

    7215ee9c7d9dc229d2921a40e899ec5f

  • SHA1

    b858cb282617fb0956d960215c8e84d1ccf909c6

  • SHA256

    36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

  • SHA512

    f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\images\seccode\index.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2376
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2376 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2928

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    36efa47a1b0764e22617731f70cd8f5f

    SHA1

    1d1c59b581c68039f542f7276febfcc9d359468e

    SHA256

    bf396d792e682cefd53728ba618ec569fb7e51c7ce88dae0d733816f5e3aeede

    SHA512

    0d78e8271641c7fc152ad6aca542f319812384af7a5ac97f824b418c282782204bae8d45791d0819dc1aaf46f8748fce78410139cf15aaf82aa3c3ecfd6554d3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fa30ca34ad3a8602cec6097c566fad0f

    SHA1

    d169e06cc32229fb6dd2d5424aac727d7e6fa665

    SHA256

    04181cfd195d8a41dca7107f70ae058ba7dacaa574b253e56e91e94a5e66aa94

    SHA512

    d93c043b3c8ceabeab0fa816310f5a36c3a020b855008909a2f517ab013c88bc7ef7f78d725bd34134472d456a49409ad9ff29addb08729b73dadcfa931d15f9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2b55263a89d2041bbf7cad260f847603

    SHA1

    4fafb8538c965087973117fd8fa4a294c8bde2af

    SHA256

    8f6f5014567ab9d51f6c0ab18611221ec2cca4a6dda0d1609b90607068f9a02f

    SHA512

    89738931dfbf0de68b1be71471b45fcdb1b49693eb9ceffa5f3830d746d929e153e2022192fe5d6d7c97a48e8e4af418ddda258f2afbc80f7d9cb133384ba12a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e085be8fd61d7a873303389eaefa5cd8

    SHA1

    4457936541afdb9694d885d57ebba3012c9c1355

    SHA256

    bc9d64a2d1947f177941fea6f97edbc55fb8fd9e13655aaf5d9ce7c629674b0c

    SHA512

    2458037c073239581b6dee4c8926fb27b1e00f600f5901f21242d595e1f15e6eb98cf3cf8d2221f181ab567cd9296582fe04f1b80a87a82a61a62264950b4952

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cbe06a52b4baed2dd0213924581e5076

    SHA1

    38e5569597c199c8666ee961c02879ef1fc4cde5

    SHA256

    89754b6f4e8ae5f6df6d0ace3c41002aa430475729b3efe47560769b3393d27e

    SHA512

    c1175f9ba5a4a0a12a64e364412709cd405b31f275de5b9ff26baffc5bd10971a9fb1838e115b03c3e5bb3a5be481c2ee66c7f996363e6253e6493a16a45dbe0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f39bb44edf3e83723e83c98324a41d1c

    SHA1

    1dcf017be093704ec26d9423f11dc8fe48ea8c27

    SHA256

    b4f0cbd52ea7e56234f57edf5ebb08f6006bfb666dbca9bd15952e27d13ccdc4

    SHA512

    cde1f1ade314b576518ef43079c2c1d9c0d57e46592d62f4d649d490bd200cc0190d73c7e037a6576b9dff525cedc65e43cf514ca743f0cf65fe38e362eac97e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7aa7b5c7f0156a40c6f3f9894c8e7d35

    SHA1

    4b5e18e02ec271c4eb4c8baab23c2dabb0c2c68b

    SHA256

    f9dd7bc7e87b10eb6daf7d9a17b776d1f01e934495375e21ce72b67adf4874f8

    SHA512

    334131e5f4c181e3f01caede08e6183c771b2ba6210d432186c5b25fdcd9c8d3a32f16812b60fde2d44d6a19eeb188a8c4f7ade7a9b06a14c8e2cfceed294e0d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c23dde7ff3fb96b93bc1c1ca63e344eb

    SHA1

    049e89f5e690aa39ca07afa6ad5f8cac0859e0f7

    SHA256

    9c7436501ceeac71995d392c296c76f8fa90d934b8b0766e5aef5aae90545284

    SHA512

    4c854b100d6018db12dbb1f4f16a404d7e958aaf0bdf555d06526b7f884fd9d947366ee53408b18e0932c89e7b7608cbda8fa7678c0437558ba8fa2a113a5cfb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1a96884aa753cd3ec093f21b300a8238

    SHA1

    1401d36fa282c70c73e6b709f6fa3d3bd841f03d

    SHA256

    5037f29ed75ba2bfe6fa0b7f28d68c2e573a4efd8c2a265a1c0f00e61c6ff05e

    SHA512

    facb49c0aa958a96a459fecd062a9c72e82eac8b2e799fea1c189019f2ff92541433b6efe826a8fccf06a765788a252a8e1ae92331e9eec7a7e939f7ca60885b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    28add4d74be4d6884a5eb5092ccaefad

    SHA1

    92f1e169ad0c0c44697ea2d5d5dfa5c30d3c4347

    SHA256

    d674f6eb1492deeef008c7029222b705e69b37ca1daaa68f36602b088982c80a

    SHA512

    0145a0a55d7be7d37f339a9b57af32da22853952e61c2195d5174b2c78744242f489f7355b6ea811043989165740ab2f043405d0336528dc1f7bcb8a0f4e601a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    be0c567d3abd7fec5ff1add9e2b28942

    SHA1

    963c42f677ea1b8c9ed4b651cb3e82d3c87a707b

    SHA256

    cba2c0240bd6d717dc71dd35e64f90889bc8a35b2a28f8614e74b0c39009976c

    SHA512

    1e8ca066a70b4747ac40c706db10d7dfe94412a84ad0eb622d2377a7e92e9cfc906698236ed1aa29e00dd571eda0e6399c1714e5f5c04835c7b89671968d8dfe

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabEFED.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF06D.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit