Overview

overview

3

Static

static

3

iis_rewrit...te.dll

windows7-x64

3

iis_rewrit...te.dll

windows10-2004-x64

3

iis_rewrit...if.dll

windows7-x64

1

iis_rewrit...if.dll

windows10-2004-x64

1

images/fon...ex.htm

windows7-x64

1

images/fon...ex.htm

windows10-2004-x64

1

images/fon...ex.htm

windows7-x64

1

images/fon...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

include/de...r.html

windows7-x64

1

include/de...r.html

windows10-2004-x64

1

include/de...e.html

windows7-x64

1

include/de...e.html

windows10-2004-x64

1

include/de...e.html

windows7-x64

1

include/de...e.html

windows10-2004-x64

1

include/de...r.html

windows7-x64

1

include/de...r.html

windows10-2004-x64

1

include/de...k.html

windows7-x64

1

include/de...k.html

windows10-2004-x64

1

include/de...h.html

windows7-x64

1

include/de...h.html

windows10-2004-x64

1

include/de...g.html

windows7-x64

1

include/de...g.html

windows10-2004-x64

1

include/de...k.html

windows7-x64

1

include/de...k.html

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    19-07-2024 19:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    include/deditor/images/edit/ForeColor.html

  • Size

    3KB

  • MD5

    614829a6234d2abdaf3eb151ca2a3de3

  • SHA1

    98fc556afb43cbd50c72d9669a0f9b456b9d4402

  • SHA256

    437d4cd2428a5fa7405b48afd77b809d6b7b8650f13f06bf4ad9d1f66b390ff8

  • SHA512

    bcc28c02036309bab4504fddfca15032fde0039fc0244fa37a39aa5eeb3b08e5cc00d92a9954506fa953ac4ff3852a9b027cbc1d16a23f8bb45b8f66bd4bacc5

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\include\deditor\images\edit\ForeColor.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2356
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2356 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2132

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3a0a11ff2cb0279ff0ae51e48a5057eb

    SHA1

    3489cad4c4f88dc94d7de24a7c402738dc33413d

    SHA256

    3087aabf9e4aff4a955777cee278969babf5b3d25af386e738e68ca36014efbf

    SHA512

    8ce59a5f7008361fa6969100939060abe9ea7dd8bbfaad28381e93ee9be1a24f4fe60dc849c19263304f0313e46af71a4a2178b875a9925d28df6a64c93164f7

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    00bfd2ab41881af9124ddc797072e210

    SHA1

    880846c91990eac2a6c200056e932f6f8514ff87

    SHA256

    031d211dea46e312f698fd8904a98ce9297c320e5cd63cabb2fe984201580c94

    SHA512

    496af2e76d357a6465022b5d4f1531641ecc062d2aa1f065d10a7950a2e88278f7bad26024025399830789c9dff6b53e17c74e46c49c25a691671098dc174e9e

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    388e3f0e0409784f70cac3e230e2894b

    SHA1

    1b26752ef2c9a1e1b9140a803b6d2281d2559b23

    SHA256

    78c6bd9553abee95e188d7f1a5290e295deb14f54af645d777dc4f2074f86ced

    SHA512

    e53774d6bda25107fdaef3df8b3e6f8ffb7233bcfb56b3461a050a3ad961a4ca1c239099fdd60d66a0393c2bce64c8b8c0be466fc3285ef51ee50c51ee45bac9

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    083dc957b298d3ffc680ca59051dd9a6

    SHA1

    2fe77ca6db6ad275b5708fcbde1f6c184fb89685

    SHA256

    448dbb25ee3d44ce76767b04c66433a6f037ebd6aecd0b5b2bf68b6a16ecde2a

    SHA512

    1f7c4b7a3465f99b002c460c44ff3eb78d2726ccca0ade39ae1436b085bbac771f1195320027a159e226fd19f2ae43f79ec5c61c304cecf2f2be104364c47412

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d7aac01b2d17ef5a62f6fc90886fd287

    SHA1

    cfa80fb4d57bcde3983592388c6e29a712a30ff7

    SHA256

    55aceb1a4fc0b6bbe90d952ad10a4c112f272fcc0445719107a48b2b3419f48e

    SHA512

    bb3e4c2143f097811422ebb043f33c866ad4708cb56a1b64491c34f82a93ff66cc5254e57d7c9ee33e5373cd869b8f41c1d46f5aab5243fb7e0cc8acaf1c5b7c

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    37fc6d9d8eb40909fae701f4b4750489

    SHA1

    2b8e79eb3b208996511de9a0314a56ae50761086

    SHA256

    fc8965ad19aa1e2eee0058940002cbf660c8400e5cc94d55771ef79d467b611d

    SHA512

    b27bf96945c5965e064520b3b4d71b79c20aded30a1548b947570a48bd144f2f33d51b8741883874d16a303bc1589c42207cfe091a0128922e2ca2efccf01065

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    59ecb5ee14e1402457a9bc209758d247

    SHA1

    1db19227247b14aa349ff660960e56416cc4aab2

    SHA256

    ac9d5d34587b52963855214577a61291fb998c805ea546a32c55bfef1c10d96e

    SHA512

    4b418845e6c4bd5bce267c4c69ebf5f2ef9c65ac595e7fcde7d862784ac88354adaa18196891d54d8c0cd9cc95ef189d6a979dcf30f1246b07e567f813da8a44

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    38799781e5f6ee5c65e0410899cc77af

    SHA1

    e6ce0962a6e78e284777291d9d89bae120668393

    SHA256

    f1b721d2a778b7f5121c440bc85e184f2e813b50cc32b7cdbefa03e3edec1bb7

    SHA512

    d2e135fe1914481defe5525d078dbc391bc19196b4903a3b317a552b285a9e5fb8fc990ff2f53824e65dd85060d0025e1f9932c53e59ec129f84309e8a88436a

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    45fbed4f6ed64c11dc41dc8f808b7c46

    SHA1

    f0bc7e120dd2a5fe6dbb6fb0a6c9770ecc1ec5ac

    SHA256

    2234697eb964cf67301bbef32ad814786b3695d2446a7240261746f8a94f66dc

    SHA512

    334c5736ea1da6c76c4261dab22c25bb4bf6a6d7ead90edaab4bd3c10e42e60c81c9175300c0dafb0914ee91b0c36b70b769d2e8c4d76456d5f8d3c5f0f90936

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6655436808e0e457a426f7da06e5de7f

    SHA1

    fd152e915cb1dce126831da2857bc3aaab86f551

    SHA256

    025f3f5b220eb4929fd99a83c28f64fc53c8d757c86c2b3a0695051597e30f47

    SHA512

    3a6ab1d19f6cb6b5ba7d0d2fdeb7ce3e917f6ef656b97000444845ec13a96f573f4f88f46713c7dc6592573890c173b675f723ac3a4de462079c1767dd99d275

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    31b50097d06a60dee15e84aef516bb0d

    SHA1

    960676521e6b1f087b269c0fddf9c8eb0100a622

    SHA256

    50f92b7d1b0f53b6e44bd5ac47488bf0a21bf6128dfae11eed52810367355a9a

    SHA512

    b64602e573a725b726b0cfb9af39615f8a1b2d059a1a1eaebe5b8e5396d048ba9bc979775ff16a2ace9c0c5b40f472bc565783093869a459aa784bf3d47096c2

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    63f20d752fa1e98a7d6e0b85f9ed8ebf

    SHA1

    a126e61eb4aca0e54ac3a046ad6457bff0bf1a01

    SHA256

    387e4cad16bfcb65d1ccd869b491ee52159a16848c80af65afb01685f5d71d9d

    SHA512

    68bc8788fa6b507598760ab61861524650ca30ade53d7e3df577f99a6ad952356446511895b16111919f29d8b276e9c0a83a22ac4896a3e186e677428b3dad34

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dccac083f1afab09328cc009f5db8a67

    SHA1

    a3328c1b1a7e5ad96c669eac7903709260f2f698

    SHA256

    a52154aede1de10d36574a7b16c2faeffb0125033bd04804f741f9ce03f3dbc4

    SHA512

    13d9295c3d04344feb4cff6d634e449b0cede3962afec0e524251852288443b0d7bbc35bd187f15226850b6b2ca5d00ac875646aba095a9884b638022f86be43

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b66dfd1d774d4cb6dee34491d7e5f797

    SHA1

    4095a2c0703a745acc8148610e4830c38948b48b

    SHA256

    5d03a624c54870ce13a2a428260c11ebf8be96ed3e3d1a9fd0a47ede096b0a85

    SHA512

    5ca3d6a8a588f6901fc8fc6732442cf3d151945568b284f145fa61b62ba03f9f280be9cd23de240e21774e70f0c6aeda4680875c075b1531283563adcf253c57

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6fbc2c477f070998f2f45bfe48a02977

    SHA1

    d72fd6adccf4af318cbf2523ad2b31d7f0779919

    SHA256

    b763dd2281316c56ed02004ab034f7ecd7d4b0a5f354bad647f01753a2f8155d

    SHA512

    b056d3a51532ca2b504d669c291bf14905df9b44f287ec611c9df6c40305e1a648ca55f04d2e5b6a89a58cd8942ec05d6f210fa44bc27adcd3a66b79f2fe5509

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    22f10640e3070b90f5dff80f5e4c6b46

    SHA1

    9fd5a73f6df47e5123e060eccaca193ffdfca23c

    SHA256

    6455c34a89e12602854a967e797e8d93e9cd133ed7db8808c0a652d04157b415

    SHA512

    4c98fdbde8a61c8adf1e4a0a8d70afe1ae1ae8b2df88430d4857e729fcf6ef9a26dde6bf1dc6031c926b25536506bcc5a212d0e4008462bb22077386e0cb1257

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    38f7cde7cfd04f111336ca0bac9e5214

    SHA1

    fa07e09adba5def280f8b5499a848a84516604d5

    SHA256

    c1c70a160a11e1e6b0749e1f9e356c4a7627c7dbe63803565f2286b0c526bbd4

    SHA512

    9f45dacb84019df9a1271548d2f10abf95b57d254862c2c4e8308f0110a06fca62de8fe31025e7dc92bafdb832969835e8f1bd1bf2a209d3dc69e49f7ed515b2

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3817e447aef72a5cb92edebf15c52531

    SHA1

    8044fc7c7e8e641f5e0b49416496f1d8c6294670

    SHA256

    2a08d7f0b6b6e514f8dfb98b84d55f15a6ddc79dad53ff912c477b6df7affd0c

    SHA512

    d3d7bfb1d1a5cfd7e90561f1581923c3274521c6e760ec36a8a63a0063eeba3e76973d3f26ffab7347089d8844ab458f0f252ee31527ca3eeb24bfc277d55103

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    536b6261b449e383832c4b436e78ac95

    SHA1

    cfaf1ef670b21c14aeee204b9c3d9917811ce813

    SHA256

    8e1474e6ca058a6948867b87328bbec47f05acc376ad6643297d86a67cb07d54

    SHA512

    884908d1a3ba4eed75a10023d518bf3705c48be83627292081be63f4fff72a439f65ad3233c1e8627d5099faf1d19cbc58f787322bee1f070a2cb44916c8f78b

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\CabC304.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\TarC365.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit