Overview

overview

3

Static

static

3

iis_rewrit...te.dll

windows7-x64

3

iis_rewrit...te.dll

windows10-2004-x64

3

iis_rewrit...if.dll

windows7-x64

1

iis_rewrit...if.dll

windows10-2004-x64

1

images/fon...ex.htm

windows7-x64

1

images/fon...ex.htm

windows10-2004-x64

1

images/fon...ex.htm

windows7-x64

1

images/fon...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

include/de...r.html

windows7-x64

1

include/de...r.html

windows10-2004-x64

1

include/de...e.html

windows7-x64

1

include/de...e.html

windows10-2004-x64

1

include/de...e.html

windows7-x64

1

include/de...e.html

windows10-2004-x64

1

include/de...r.html

windows7-x64

1

include/de...r.html

windows10-2004-x64

1

include/de...k.html

windows7-x64

1

include/de...k.html

windows10-2004-x64

1

include/de...h.html

windows7-x64

1

include/de...h.html

windows10-2004-x64

1

include/de...g.html

windows7-x64

1

include/de...g.html

windows10-2004-x64

1

include/de...k.html

windows7-x64

1

include/de...k.html

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    19-07-2024 19:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    include/deditor/images/edit/BackColor.html

  • Size

    3KB

  • MD5

    d9bf98a037d778d36e97c13d06dad0f0

  • SHA1

    d0f4f7728f55ca11042830e920b05e81e2ee2279

  • SHA256

    31b4435b7c6a1fa3ef640de67885eedd73c0e26e3ec633b5ae993a23a24c08fc

  • SHA512

    c49557d4aa05d25f7159b405fb9fe71688064ff68514680441ea6bcce66e13683f146acc9d3b72330f1e2c5e80f4210c3799eaa535b7666e0ecec3f34c1629cf

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\include\deditor\images\edit\BackColor.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2320
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2320 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2188

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    73b1fb7fe31d5774e451f4530bc244d1

    SHA1

    2921c27f6beba07dfb66464d26185157fdec0aec

    SHA256

    f81a97bb478513c9d3b4bb9c09e357db584c393256e396f1f94a77e767b1eb3e

    SHA512

    1580c18f9783c7d191721aa4001c4459b7253db4a9a9e9141a14e266db8a5cf72a74cf63b0bef7c49d7b6f0d8c6a5e00b7e88c4b4452a5abd2fd088ec8b32c17

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e24ceceb84e7504b3cea55b35b26750c

    SHA1

    849edcba462fb2bbdebea308eea2d77c4cfd1f81

    SHA256

    38ca6cd2eae7269f51ab431accced9adeadc0064ee68a912091763fdd4729533

    SHA512

    4366500e87afc4c7121132a5ce7bd50e4fdf3b7cc751dd92f0860646b24ee2d433a78f37414480c262bfb7581c2246d7b0c32d49392f3e04e36e9584a2e7e1f8

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eff16c6b0b571e91bc17b448aee9089d

    SHA1

    ff7e2280403270692e7367f48290f02bba30e6bc

    SHA256

    de420794c6776e8d92fa647d6a55078b6937ef99a051c0e977d980e9edacfe13

    SHA512

    b4736402504b6798663deedc6f32f7a531529f601db406b2d4a0d1f12d622f0c98804809a39a219ad8b9b24362d3c650d59ef68205d2c43e120228b52f090300

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b37fabceef3744b91c1e47e4d2d08e69

    SHA1

    6a1887d317218220c00930fe612d0b9e7bf9b070

    SHA256

    2d0506062a416a5b71fa41bbbcd05ba59e1c35b6bca688a97128b4883efac9b8

    SHA512

    2f628503a9240a1e325dfced42b1d9e5f3a7eab68090395e9ee91273e55f20007b278547a449f874d0e94e5c61745e61674d20c9cf5e02aa2b240579023b56f3

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7e63782dee288dc0dffe143483d2ab91

    SHA1

    354cc4cf16925493cebf35bc8b7fc37ac521e5bf

    SHA256

    b6a7f674fbbe88b3cf49c54f3ae58568fe2d84e7fddd8dc5e8bac3765e8c647c

    SHA512

    efe6e0857d01ca51695c088011d41d82379df46fc40497f6f5acbc9028f1cd9f7189250a7667964bf77a7202beea60c34005adb63288c7808b6a9853c993f9b9

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1a1efb9b5a197a7e70c04896e8346134

    SHA1

    c69ea811c825632a6e4a7e3b6e38d45e109659c1

    SHA256

    d6df4a0f4e7a09c33e73673c13646be13eaeb62c513751124b5ae3f97b04db14

    SHA512

    af742e92bcb6e37a80345a5909532e22ea7f76546c30e9f8769d22434fc85c9842bcefcb571cbdd87dcd8553d956ac431d4fc3072b7720bba03e4e65d07964bc

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    000f9dc25399df0915f6c4f5b091e2ee

    SHA1

    d3136ad7b7a847d9e06e0c9799e5382e5d462ac2

    SHA256

    f3ef59fd9ba61081e8e5ea3e0cbc781e9b3b8cef64b6ae5350529f0dd80e8d3e

    SHA512

    3d3faca80ec254bbba98268890d7a25092314204f970059790b758e4d26b3c05001d2a3319614746472e0ace72a2b5931ebafda685d159147ba8f4144d15f93d

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e94aa357a43eaf6deb240b78477b44af

    SHA1

    c4fcf072a81a39ed6f7c458e29af8776fee7f7e2

    SHA256

    45ff24704366e0842ba059f612a205364aa809bfbc29057961a68cd8e59bbc22

    SHA512

    63a3878a67eef72c2dfd261e8c013d325c74ac562522ffe5a14c5598df83f587ba857d0f44e509186cce8784ef4ae1252600172041ccae6457afedfbc79b981d

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    861755c07dbbe213856d4a712d5b5e25

    SHA1

    d065fceb9228133a5f75bd32301d7a0f4cf0f2c6

    SHA256

    29dbf81d66f90225a0eed021fadd9286981dd6488b247fca8dce0e8c622aa995

    SHA512

    3a33fb806461f5e9f2b1d55f3ccd4dda880cba22c40289f3cf26901880805ee7b4e7505d8be85d38e82de6cb516d275d5b8c0d9b8d529b123f61f5dcaf73cd42

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    de69a2b01e7ae0976f59696c0c71a4b6

    SHA1

    dc4b60f8180dafb3e64d15ed8112bbdba808f97d

    SHA256

    8c1d3b7cb757c56aa45b5748b31a8688b55587c4e4f5beeb948b9868abe36855

    SHA512

    cbd2d46d1675f00a0d4dd30191399da3c97e375a7fe4def0d35d3bc0ef120b2a5c36530113cd54b0fc83da8db89907fd48e5b7a2834e344ca54de83c059236a1

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b0c2b4134d3f6d9d676d601336aa8542

    SHA1

    bab4a13c2687422a168ab0fa587a8c4f39ba6e01

    SHA256

    e23ae2ef8e6196cdefdbe8bf3c8c7dae875303acd17db6263cc2aa1508c38dd8

    SHA512

    4d537154a155a48fccbe213aff3f1465fa2d28ce22626a80d8f46387ddad862f0d740c4a0178ccab26b943dab2d1a12de15b7fd4658d38e7afae082eb05e8b71

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    37060b690dd29afe1ca66acfa94aa34a

    SHA1

    d213db7354a2036ef6d2c9b0004a681f722ce552

    SHA256

    9ad6f74cbc58d6ffced0910da65b5ef643e863c17963b8a45ff8088272255fb7

    SHA512

    a9fc6ccda86331a919802557893e1c2d3d497638bb778c9e57d83e383870e0b61714493d8706d00435284ca0f0089f0b2f9dd00e35c480ba2020fcc72fcc4905

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ae8e4f255fc8090b2b0713cb376bf3ba

    SHA1

    49149e6997100d49da4004ff4dd55ace47235ce0

    SHA256

    5a18f34fd7cc2713aec604fae71f0b805a95235a54b7259d2a2a80f9a0df35d8

    SHA512

    6e559f06770dc9c86e46635e52882058dfc765972f918da257ee07220f2252be4a26bac91102976c2b617ab42dbb21d6335f450527cfb81009a50301ec2f3445

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f6d7673a59138d04f63a8896ec4073a6

    SHA1

    d0c44693726b20bee85b3b50004916147115fdaa

    SHA256

    645e32299c340e562de0cbaa7506594bb990023188871e99b40fa7aaf08f9116

    SHA512

    b65cf1749d89b9f5395b00a426d6e0a74689d4bd75702d42ec99241084724811897317c3fe827bd7af08ec4a83d332d40d3c438cb89863f7207b7a68939c2b78

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1f5a1bb5321ad0e961e85ea9472d687c

    SHA1

    c390cbf6f3262d2a130547237e50ed3e74a4e249

    SHA256

    f0b6e599ef2c425398295c655919112038efd46b412c9200d73e034462e45e13

    SHA512

    a68449f53da71ca64ba6f2e3985ee28718215f271f57182b87aaad906d07d1f9f21e9c54da7f9e51a8fe3017aaa06021e722e6adca6c7aa91550eb7940ce63a1

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d7b69422243b6ff9990cf430f21ced17

    SHA1

    3784a9fbf9f43c05092f27deaa79723d1b261f0a

    SHA256

    a2341272f9c1cf577bf11bd08bca618878848b38b8bb9fa085e20371e6725120

    SHA512

    df03bd33d5f7a26ef826cf98bc844c56954cd7ee025ac136e7440419e10d4b1482508681aecd929927f06c94c3fc8a21d069dfc05386ef2a36978c277102b9f2

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e5b569fec68d8a3b3801fcf625c0abb5

    SHA1

    ae23eea8d20b83076b3578c5770c55d1f5b9a9cd

    SHA256

    f84544e814556554cd8ae370946ec9db01346495274844d44c864e00413034b0

    SHA512

    ca4621853d0b047bb81a1f48a29921d91b16a422ae4a99bb35bda9ac16a82be92af4095513fc15ae30b39ff4cbaac914032a928b39378bb0aa3f88baad968679

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8f9247a45092f4b8d44cc216261e64ba

    SHA1

    cbc61f125626f900b029b77efe6f7ca6830a4009

    SHA256

    ca7e830f312e6dae08df145669088afcc31bac02a5af3e7f28f321fa56dc04cd

    SHA512

    bbd69b961c4982df60c432c23314497aabebba1cfde7a02c03a57c9ae5a32e0020a5fede9230511537aca6ed56348363d7f96637acd1630a00ca54c3554aec1c

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\CabE8BB.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\TarE92D.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit