Overview

overview

3

Static

static

3

iis_rewrit...te.dll

windows7-x64

3

iis_rewrit...te.dll

windows10-2004-x64

3

iis_rewrit...if.dll

windows7-x64

1

iis_rewrit...if.dll

windows10-2004-x64

1

images/fon...ex.htm

windows7-x64

1

images/fon...ex.htm

windows10-2004-x64

1

images/fon...ex.htm

windows7-x64

1

images/fon...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

include/de...r.html

windows7-x64

1

include/de...r.html

windows10-2004-x64

1

include/de...e.html

windows7-x64

1

include/de...e.html

windows10-2004-x64

1

include/de...e.html

windows7-x64

1

include/de...e.html

windows10-2004-x64

1

include/de...r.html

windows7-x64

1

include/de...r.html

windows10-2004-x64

1

include/de...k.html

windows7-x64

1

include/de...k.html

windows10-2004-x64

1

include/de...h.html

windows7-x64

1

include/de...h.html

windows10-2004-x64

1

include/de...g.html

windows7-x64

1

include/de...g.html

windows10-2004-x64

1

include/de...k.html

windows7-x64

1

include/de...k.html

windows10-2004-x64

1

Analysis

  • max time kernel
    72s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    19-07-2024 19:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    include/deditor/images/edit/FormatBlock.html

  • Size

    2KB

  • MD5

    6d19254fb187bad4a6ae213e83331243

  • SHA1

    ca93ab45741fa2c8e3dee5d204eb5a94ead031d0

  • SHA256

    59019563cd735d492a5471859cc8f1b39551b3a606fe230f5e796002197ce5fc

  • SHA512

    fb7e950515ea928c973094b728e3ca9367f0b012636adbda074e09854626d5cfe2a82bb75e598dfbe3a2fdcd9d56b5bc2287152adb61198931cb401dc042a9a7

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\include\deditor\images\edit\FormatBlock.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1924
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1924 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1248

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    501ba57f4ec192056d3077d03cd7e581

    SHA1

    5391f962460778cf6a31a29b3d523cbd0da2f067

    SHA256

    b8ddeb187078faebe479d58d13d8795f91a03a5b5d3700d3069ecae36883974b

    SHA512

    9e00ca3c063dbceea93d59016a554a28257b6545cca9ed5af6b0d2bfe688fab53cd77d00b29e22d5044708b0c064909d8daddcf88aefe4bf45be6ae9dd49679c

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6688f840a2287205e26a0b1ef82348a9

    SHA1

    a96cc500e4b4c02d2d03be6409367af6ad018f76

    SHA256

    f738f96d3abf8ab57bacf66f2692b3e4ea419e5c31e102245db979f59cc506fc

    SHA512

    836308c8667a8159c886221abf8d2e0c444112e77491930330e9826ca38457ddd595a4ebe486bab4ff4b0140eab38b89800eefcb8e43336e9935b7b7f7eb8998

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8d6b08fb4fe1303fc9c61e58330648bf

    SHA1

    34aafad53758c43fcf59530529370f01a793104c

    SHA256

    9bafb1850416030bc951edd203756c38165a3491ff30b45aae7f3c930b2122e5

    SHA512

    4451876a920a670e0bba65b639a6a5633922ad628f928d12419d7237f5ed05ca69ebe45e8f9cdb08cb59cb88eb8868ce6c64c2143fb0fe3aaae3e54a2ded27e5

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    db2563d4f86c5222b7fbcfb0baf97afa

    SHA1

    00f9814759829240d8f50f4288797306089e7e37

    SHA256

    e198348449c6de5452e279b680aeadef5f361407aadd10c95b89e77ba2b6662c

    SHA512

    4dfa0afcb9b0bef1c207bb0fc64831de0acbd8006b7238ac8549ee5cc7a84d8fd9dca5772ca9ca1266324e218901345cba225a47dc240e6f3098cefb58368539

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c41e70587456213a2efc763195360340

    SHA1

    2102b4876eda2c1e13c8dd19f46251709700e9ab

    SHA256

    d27856901f1705b44dbccc7004b0cc26869b7d27f14a952b36a2df1839f8dd2e

    SHA512

    fd1342004e10c21c65577669c827a30a3c7b56bdfb6232d925c7f8ec2c5a8db6376b0d6316c3e1d0fcd2c656f1d46d2d4a2348a22468b6289d6bdd380bee28bb

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1cb669bb838330098256bcb78c43f4e1

    SHA1

    b3f85e8d835ce517729b540ca34bac87889a95a6

    SHA256

    0838670b0befc88ad7ac60557a1a6e81e27c3bce8371c9ebb8b47d7e0e5fc5df

    SHA512

    1c2c744b4e3929de617528f4dd115682d1b65231d12a28adbb5d1d476e62b478b5839ec4b18f08453f51de502a1e17f79308ce0dacf55536cf71b522d36c55a7

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    268d86055f754d331b94bc727739b4f3

    SHA1

    fbad13317202825fb791d9c779cc51dbe1095f21

    SHA256

    8b20a5b4fb088befb0ea566f520bda3c111bb72025fef860dbb0023c167c568a

    SHA512

    d4a0afcb9057128cc501ee5d9e549fed659337c6978b4d58f89f323ffd664a8c25f5c3f44859d5cb4b0b2e4a2eabbab810154b652c474424f937fe9dbc41ab19

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    554b5aebaf6213fdc1bdd8764a640629

    SHA1

    b1ea47f0185e8a13e254ee34839ad2084dfd8964

    SHA256

    74a80c058e00aa4589f1e17d25c7963ba36738b227e5cc46ab9760566fc6d2dc

    SHA512

    e10d118a4c5851047aee98a7cca28b9656613cd70bfc81f5ceef8268ed40122113d77d32dce04400cd325515e0852777aeaeedeab3a8aaedf4fc327aadc9a944

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    46c11fd3aabef1bd58c0ff2db70d109a

    SHA1

    cab52a17acb67ebdb0512fc877dfae0a35527404

    SHA256

    1a6380698255bfd28464f2a68fbcff58ac8379485af553497b1a31ff8703250d

    SHA512

    31770ec1e941968631e75f284dffd5b11da62f4465f995f391c405d88e4b8b954f5d408a47e07d97e182957c9b9ed52092d87cd472784c5f5e23cb54dd5333e1

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9d2a034628cdaa4b4ffbb139f9f6367c

    SHA1

    ae95b693dc307d490dab9043069245f4e9fb512f

    SHA256

    00302e3d7cfcf7e296d3068930790cd96661b41e93aa4a61cb5b93616451d9dc

    SHA512

    d5bc966381c30bee9d951d0c6d487b5d3c2bdb98db0dbebbe14c082e987ae25cb48c101ac8de22630a9d09bb82546b1af34fc05e653775a6e5b1cda727bdabae

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2d145be31d0a2814970e2f1e0cd68f37

    SHA1

    19839bd587a13dee01929935d628ad8fa1f50aa5

    SHA256

    78867b24f0733d56a4121e0193e0f9b6f863c758a15a3cf569f83a4d3e7086db

    SHA512

    833745a3ca46caf6d348648a4eb78f2fac49e767648147d6f9884e9a185bedecc941131c9afd2f243b88683bb6807cbbe4bcd0d47ccd3a8cbde9ffb26e18bf8e

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a909823b1b00efc95e0442fa5f56ac94

    SHA1

    8a2feaa752997d88eb6ec27630b8ae4f6fe1c92d

    SHA256

    ee2341c13d2f935d2d127b98ab4cd2161ed5fa6b5b295af6df79ebf6f5e91fdd

    SHA512

    fd3cadf1b267339cca1745453d0bec0f079c382f5ab58b81505e02644ab693fa72932fcf5cc3ccb9f3c94a3a968f39037edee7c5321c385d989b0867b64c7eaf

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0a5b9e7e07ba3bfcfbc6e004860de51a

    SHA1

    1d2e54b5cd35dad646b8815e36d994a755962516

    SHA256

    657fbed270868f0e3033f871fc7ed888ff3eefdd4387b92d90d1b6ba726d33ed

    SHA512

    0752dbbc451425dc5d5174b0c214ffaccfc1530aa5554ab1c31e89dc9284122cad703fa29ee4de56325ed6acca57a3f50a894d5721e868548f0e9725f70b9d7a

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ab30103135a980e34bed57ae1f6aa510

    SHA1

    d6737b674d9eb26d1b464b69570735a37181b10c

    SHA256

    af3b36f3202e6cfbce385312406613730d9f10e614bb52bff05b005b5ec7fb26

    SHA512

    14965d44a40ccf987d7f49d8ae55abbc923c3ba13567e2615de7603cc9588551930ad1d17ca5134fe33099ac050c88ed23f3b113bcf13f775a026f9fdd1368dd

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f5964b27571d637f80e8489b9a3cb9db

    SHA1

    4e884d8f643d2f318e79c7ceae4e66c54c6f2fa8

    SHA256

    ec2ca7bf7ae9de45c7f23fb03f5aa5b30538209ce038f9ab2e021c45805b8a16

    SHA512

    c74a360622a0b908dbdc8649cb463a7d548b586379db8585ec9f5a89a75a933b448a5c0f867e1e69248d1aee62ca85ad1755649bb3f9df1ea019cef002806910

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4ce96e9f08f7672fddcea2012c3c9d17

    SHA1

    833f02c17b8d7307bedf933ca54c204f1b1b0748

    SHA256

    71a36890d180b1e815f3a1e080d40bee8ca817f358948bff5d6fc4232776361c

    SHA512

    7d18879c42c25980337c6d76f3197f3fdb08a8738520cca67f666950a2ece553513b0932136ea57510a95ff0d0445c34f03539b2b8e0a6a7e20c5ba48b3fcf95

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    03d9c923e165ecaa0761ceb422079656

    SHA1

    0b36100957832f98ef7d95a8ca1aad4a8249eb58

    SHA256

    2ea9b850b016cdfa8c58ec4b1260a6542c054e4870d09db1d0bee4027c98307a

    SHA512

    bea12a22822c4e6b308c464466976ef3584adee09b3ec66477bdb8e68aad83a31729cb1e123f6b6a708211e2506bba2851839d640e8a962be08a32bad412e78e

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9681311958b3b692d7a356bb6efe4bab

    SHA1

    6c87dedb2ebe0b81036b0ffb137448ba80efa041

    SHA256

    9c62b0bf254cb9b85c5db057cfdc6da4b0efcb3442a816b2b06a042d72ee07b4

    SHA512

    1b9b3c32694317b468fdcacda984e90de58bf8338bad5251821ba3da16999bf76b7f51406bed0652e772ae062ce191ff983d20c793f9bf26154016105387cca0

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9e5aea4f5cac6b9e913f650328bef094

    SHA1

    33d2aca60e8a97d1a7a024431e8f23630cafc53e

    SHA256

    64732183c7b37b56e41f14462ac0d3ee878cbff92a1cbb7a4af9bfa11c234ed7

    SHA512

    120ccd97b876847cd988b48d4340f33201355c2f0e6b766517d5c0a1570c82cdc51fd3b5a6b2eb2f1abfdae2d32fb282fb607a72a27c1564d8234407d4cb4201

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\CabCC47.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\TarCD15.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit