Overview

overview

3

Static

static

3

iis_rewrit...te.dll

windows7-x64

3

iis_rewrit...te.dll

windows10-2004-x64

3

iis_rewrit...if.dll

windows7-x64

1

iis_rewrit...if.dll

windows10-2004-x64

1

images/fon...ex.htm

windows7-x64

1

images/fon...ex.htm

windows10-2004-x64

1

images/fon...ex.htm

windows7-x64

1

images/fon...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

include/de...r.html

windows7-x64

1

include/de...r.html

windows10-2004-x64

1

include/de...e.html

windows7-x64

1

include/de...e.html

windows10-2004-x64

1

include/de...e.html

windows7-x64

1

include/de...e.html

windows10-2004-x64

1

include/de...r.html

windows7-x64

1

include/de...r.html

windows10-2004-x64

1

include/de...k.html

windows7-x64

1

include/de...k.html

windows10-2004-x64

1

include/de...h.html

windows7-x64

1

include/de...h.html

windows10-2004-x64

1

include/de...g.html

windows7-x64

1

include/de...g.html

windows10-2004-x64

1

include/de...k.html

windows7-x64

1

include/de...k.html

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    19-07-2024 19:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    include/deditor/images/edit/InsertFlash.html

  • Size

    1KB

  • MD5

    f73c8412b8b25b3c032f44b9fbc147f0

  • SHA1

    8ea55222d21fda2feea6fb326ca2c8a8978f05fa

  • SHA256

    2bb063a07566be763b289acfff87391173b6c9c9e708b237cc6f1dc87c4718e1

  • SHA512

    1e05e2c5bd5dcfb210ebb631c234fdf8efd37bac0a3b3ce9602adc6ec928e4f780cbb0a6e3550b67f2f855d62ea7f8f6be1ad7a6f11da31ed6048fd3d9125578

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\include\deditor\images\edit\InsertFlash.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2408
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2408 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2136

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7149429f3848f67f81c97bd664efc181

    SHA1

    f4af3df19503b3f351fea1d6fc0bf2b408a8f9fb

    SHA256

    00a557d401e3b3ca29126dc9742a423c84aa1ae4db50d9885c8d0bcb4753a550

    SHA512

    660dfdcbffaac4d1955ff9c750910c37126c450a4ce6039570b0baa7569284f718a2d4352d6466e136ff4ce8b37002488e76f86947cac3d808779ef3b066bd50

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d5fa0c897ed34a0de0a8bd59788c97ed

    SHA1

    f2d5cd4a64029055c2814612cc2c7b2479610e13

    SHA256

    ba3dc8c1ca6e506e176baf127107be6f8a615941c9c4f37458ed673e7b1c12ed

    SHA512

    ada1052acda2c4c27f53aa0a8ae333b1f22fc83cfd3aa2e9c5c58021f4d991e7fd6313817b7c8fea9775f1b0a3f40b384c3d377f81942763216736de30e306ae

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bfe3083b4d61d900b1bd6d92ccce30e6

    SHA1

    2a68abc2f7af72e8d42e48eded95556b81c79eed

    SHA256

    046d8197b2ed3f57fa9e3fc4733304c59d54265916f3e9c1a35542524bc80643

    SHA512

    99a03386a79cedd31bd74a63da2f57ecd5ffbfe6fa2a940cc7e9f0f820932903233171012ab0afe45a8838a5fddc639f8bc601b908576ecdbe0038ac06e9f63b

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e63830c26a497b1e7da8fef001dad879

    SHA1

    9056356762e898f38a9795046b6fe766f293a9d6

    SHA256

    10602db06a09900c7439af472753bf8987b0d993147b983b4800fb87a503eb66

    SHA512

    d92f769556956029b8f80fa7d85e279a520d0ce0fcb3360f668b53b97f2a2e562707971101b8c6becc686f856caddadb5c538a7a38a23d62f1d367346fb780c8

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e119c280b5e962087362d80332af80ed

    SHA1

    75c9ef20fcbe84ae41d4ecd3d16adbe27bf4d297

    SHA256

    7c74a9d9832e3422beda1352b2716980fb1def6563e355ee0df55fae63a21459

    SHA512

    14ae51c25950a527a31a6d5261b6e3a756253fd4257ccf4bb1a6bb52ecf8cc1b3a8a1fd13e62ed551ffa9611cccc3703fae941109883f0edbf26bfde85d0769c

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bbd10cbc548f714ffd646edc04b104b0

    SHA1

    799b9187fde640e345010ecfe345e3c9208356c9

    SHA256

    5483997bafa1160d5bd3681163c59741ea63756306ef595e5cfd76822c9930a3

    SHA512

    fd839a96272a337c26044d7f4a5b302b9b61524514e7e41b73082ef62cbdb2585844190cfe3b39b2daf1629f7105c4bb48d10fff486d08f96ec6b6dd3e175b2e

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0e5c2733d0a01e6eacda62abce0edab4

    SHA1

    88e5a096f4a1d124dfc48b2fa52580be116ca15e

    SHA256

    ed8736baee21441de57e8e35222b62c2e084547b972817a6092c0b3bb0b5bf22

    SHA512

    3082e9faf4e69de80e2a802ae59cc7a0e59cd50b3eb441f8c60ae90da1a74b05d6d00e09ba72eb0fb8572de60bd859fd81376b4518e4a2f50014fa027ed091c7

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9c0c6a1edd8db354d8fb3b4f6c4ee3df

    SHA1

    425fa313b87670ebd8698e3cdf0028aff171ab07

    SHA256

    fb4ff577b596b898a2e930b29a95b797517929175b2b2a5b4d0f0ae13778ef6b

    SHA512

    4aafbd03c09e00bf5cbb81e0761483ba13474f828f570d9d9a7c1d8cbde2a2f851d6e6d9d736e88d90e979779a3baa8abc36da2c74c1202a0c63fe58761ed2d6

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    28813456527126f7495aba8ef455cbbb

    SHA1

    c1e1872645143a433030bfc7d02ba6dab74542af

    SHA256

    ab79c8d8cfea4200cc7c79df9a2d1284df53a5d98ffa9642c47ddafe292c5a15

    SHA512

    b492024f4e65db9233ec0a52f7dbd68856e8deccf752d03a10639ee0e57951e28d403b51467d3ed8a91f83a31cfc718265fa0f68c97c6e6dc707183588dd5bc6

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    344830be839f9836f62a18f996764723

    SHA1

    73e124222e48d2ab721a1b8c9120d457d5fc5208

    SHA256

    fa1d036247bd08f514a371fe32ff52f1bd1c010aa9c185520ad64c73b89c3965

    SHA512

    fa3eb93b02d891c5175f7ca824bfde1de4e2994f68770d5734d98bd58486bc23b29c3da8efbd1461d7f0285f4a2fbc19f726c665e8ec5180074ed65240ec3632

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2ccf86bd75317a713568ea6515af16d5

    SHA1

    54270da96930550c947b58319dc5ce13d25bf13e

    SHA256

    c1b5cca8a17a2c0a0ad489ca1cf11f8e5d8e918ab0e80e3200a7f8da79ea7729

    SHA512

    9ff1ce3ac48f8e9c140300ba6c2a7659df690cdc2c4c7f9701ee76eab9b92643398aed1ca3d00ed6cf83f9413819b69913daea9880508c526b22f40e64d08002

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2b36c4ce6315cd8b61814aeeca237948

    SHA1

    274ae2e8228298a168e8ff059eaa0b570e1681f2

    SHA256

    294c41bc9472af3fa63cd64e33a898dae9a16bb5085cac646011d039e94deeba

    SHA512

    50e9850599657b75e20a27853755c658bf0eb28dc2625842c82f22380737200fd9d6d7822692e12d1dfa8b92e6a4aeb8b590cd44b5306fd6e1b0fd3bf28b1e9e

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    be7c1c142195da7be17fc2833bcb8206

    SHA1

    7f64238b3d8af9fd1c60b1bc5af566bc89c91416

    SHA256

    0366d5354ae8fde74f4eb4a44f501b4614dc846172e1dc3659eb63a238edfaf8

    SHA512

    c409af02b2a1d17e48c1786cbf4989c74483df2703c3b6bfc42f5799161b086e9c1d9e7470b35ed58d0cf5590ec4bf854b9b4ff421800cd86887052c51eec819

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e25c6ea4c46bc012979ff0acae30b3f1

    SHA1

    096bc308794cfb600d032575bbac3e85e005f82a

    SHA256

    b47942aafd17ed4d4c322aa931926fb52e2247468f3ed64b9c52c25849ddcd18

    SHA512

    17222e3b6d108a951173cba67d368219c7b948797da2435c253b52535da027d1c71198a6e1981d9d7a25af0a49e352fe814650e2aa0a6a055cc0ba2688ad5e37

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b011c087ee8a52b63301fbf19ca95b0f

    SHA1

    b6f78e8d59996bfcf8f96645e3cd001276e72c1a

    SHA256

    a16fb8b1b8e67f91f20548afff929bc3508f1c6d5b43c7eba023a3b688f12fe6

    SHA512

    271cc2cb6e8f932ab242101c07e1971e4e7de2d56acfbc3d39eddc6e8884a25d3362b736f79ae15cf9f34e1390aae04fb47d5a73d709eb20fee7cb760ab48b9d

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fbd1f06e1c4c68338d0c0d82b1a0a398

    SHA1

    ea118f655961c9f3a9f666ea24f8ab56659ab195

    SHA256

    b49f6f608e75cabbdf66ceb945df7853d6f47a7ab0a12057baca8d317860716f

    SHA512

    d61a0c8a2fcf9191c20937105a429767c18df8edb78fc7c57c6a57b1f891e1e24edd1edf36b015cc2748060ed5596c1dd66b6cc4466589887939dd84333f942b

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    25843beb3dff5174258f878419a3e48d

    SHA1

    447e64b6e3246d012bd377943b7787d3abff17cb

    SHA256

    a3b5bf8dd2e2d0c6b208e12b12cef251c58b4d319af97c74012054efd5ed004a

    SHA512

    3d9ad18937ed5a0383423d89510dc35641c1110f276116d8e3b8659da77da93de41ef98ebb77160c07f800187db70b02b20a292fa7f06da6bf56241817c8ceae

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ae2db72957daa6508af6eae6c1dcf4d0

    SHA1

    d48ad2326fdb8e44ce4e9627ab8d8e8393a0ad27

    SHA256

    ba287e7546ab75a708b7125e526ebcabd3cb9d0067a820f6e3490aeb35a9cf95

    SHA512

    f8a50e96e980ff93cd153c3fae58621a6174d40a3fe8813ecf53b0929a12bc074a279b6a807ca7a7381cd6ed0edb19b3a6554d3ede4778ba540a9212f076e763

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0019c35db69c2db2b41a725013b6b768

    SHA1

    0f6a8315ca554dd10f8cec3917cb088bce773da1

    SHA256

    a0efce6a48b9a23e41b0b0486184cbebbcb199ec1a22977818f9b91cc726750e

    SHA512

    0dfa755f369cbfc258fb872f065ca939e502b37ccd55d10d0cd29137e713635fb108a84743887fcacce56be246520c8630edd05490b08201f92322534ab7eebd

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\CabB57D.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\TarB61C.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit