Overview

overview

3

Static

static

3

iis_rewrit...te.dll

windows7-x64

3

iis_rewrit...te.dll

windows10-2004-x64

3

iis_rewrit...if.dll

windows7-x64

1

iis_rewrit...if.dll

windows10-2004-x64

1

images/fon...ex.htm

windows7-x64

1

images/fon...ex.htm

windows10-2004-x64

1

images/fon...ex.htm

windows7-x64

1

images/fon...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

include/de...r.html

windows7-x64

1

include/de...r.html

windows10-2004-x64

1

include/de...e.html

windows7-x64

1

include/de...e.html

windows10-2004-x64

1

include/de...e.html

windows7-x64

1

include/de...e.html

windows10-2004-x64

1

include/de...r.html

windows7-x64

1

include/de...r.html

windows10-2004-x64

1

include/de...k.html

windows7-x64

1

include/de...k.html

windows10-2004-x64

1

include/de...h.html

windows7-x64

1

include/de...h.html

windows10-2004-x64

1

include/de...g.html

windows7-x64

1

include/de...g.html

windows10-2004-x64

1

include/de...k.html

windows7-x64

1

include/de...k.html

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    19-07-2024 19:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    include/deditor/images/edit/InsertImg.html

  • Size

    1KB

  • MD5

    c02a6700ebb9c4d498854e84444626fa

  • SHA1

    762b7fb194c0e8899950f1959ee56828da7362f0

  • SHA256

    9fb56f783e7aa02507c67265264aa8cfe1c5dcd16c7464f2d0772b7f656813da

  • SHA512

    926e40ef76096b488a9e8e2a7be852c3d004bc8ea9ac8480de499dd3cfdd387b284413b2e208d3ad9e7077ed520b4eab40477df2065e8476569ccf1650aec320

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\include\deditor\images\edit\InsertImg.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1828
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1828 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2416

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1097df65fa154aa1941448abeb6cf0d2

    SHA1

    e50d474daf0686a349c0b3bdb41a03c2a62bbd68

    SHA256

    b639b2b787c69758b81b470278c559cd95d59ab5960713a3ebe9537e8efca60e

    SHA512

    10dbbac340651c7435fe1409dfb3fb00d979a93d605af02beae4cfdd650384c8a1752212fe167bf71291f84c1c8bc09b1bb88f7c9903c8f027b3f9b1c342626a

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0f9e67e14328f3119e705a576746da20

    SHA1

    62da7ef83ac35cd4374653a6de25da6fa1b7baa8

    SHA256

    d7dcf880264db8bd6606402c6c5080898ed2b7e83e68817aca4cf2622717689d

    SHA512

    54c28b0181ab730c5781e21c4141fb240d618ff48868f46f58adf290efd04811cf978b526cb23fea39ecf6be3243f0a43907a66a7731fcb6188f58963406dc93

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9555d2ee51be919c6fd3d02b761adb78

    SHA1

    c908d6c367661e961e780540bd5b41fa576f0e42

    SHA256

    5a0d8ce115932efcefd59ac61906a1b100fc432887dc5d78a15db214909d0a7c

    SHA512

    e7eb0061409a0ae21360c84778d7836a04aec71708b7b6296953b09dee245bab23764c8292aa93063fe2d5c4aa763d1042eb612688d04082396b91fe930dfc62

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6be64e158eef7e92c7d7acb2b636b203

    SHA1

    2235da9ee80bc61dec513194cb2b296219d97ae9

    SHA256

    e54ed058253eaf1faee30dc2fee2fff1878901abe5896de7467bf22f5262e4af

    SHA512

    ff1725f247b5d06ac3a4bfc599a66725730fb7664f76ab273482382cc26985017690dc063e7055b699370e045ae5db9a41bbd7a76252fe27df7856621d4a625d

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    acd04bbdcf2dee2922ed32f00592c903

    SHA1

    f0da73e5d21378659fcdf88adc0e41db49ca0f34

    SHA256

    901252dc119e6dbb603a27ab7b92b50d7e8d82c004f9c96633283b3508051368

    SHA512

    fbc59dcc13721c67ac79ff115d4b4e2bc4df400141a6d6224e39fa3f5d76464f4ec4c04577ddcbb932fac41d0e88d0f36d1c7cd748ab27b8708d05a8ab60b853

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    798c2cbc480c7b75f55a6ca1d4490480

    SHA1

    55b8b8926da2616b993cba6789dd3ee43bac7117

    SHA256

    dec28fb2086036596da20272343d8742aca9501545c3311cd6229bc289777895

    SHA512

    18a8ab1f7a2546851a352eb82ef10cca228d3b6213949ad4239b97254518c1f499be6aa558a2c5c82b16205dc513874bc0878590e56ea0d7eb9c29772a68cadc

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aca623ba79408aa83caf58c7724cefc6

    SHA1

    64c5e2fa8c0938e46b8470250f17e0a53bf39805

    SHA256

    d6b0c6f8e3caaa1c55a043bdf71603418c1106242e917698ceb31f70cc5fb11d

    SHA512

    6d42d3e873947e40a2ee95edb8ebcd2424fb01f0181dd994e0f3a365575b3f5861102870f2c25d0bc35eb64cdd206ad55195f06263490b672ba4198c1c5d5459

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2470debb9bda758dbe9baa268f4ee129

    SHA1

    b43bd905504f25ce13c76a887a222d72ef0c6019

    SHA256

    1a20c6e3a44693dd866608c92554bcd1db1239d9c39c622ff09ce559a5064925

    SHA512

    c644c6e07392cd1f0b06b92dbd7be4cbdd608e4c4789e2ef6838284b159bde302e0acf6e306f33b6c7c6171065dcea0bff08c1c3437fa1ef844da7f2e6289d82

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    be877c1f51832fcaabf6e49555dd6597

    SHA1

    e25adf2d0e57c9a47c05f255eb6539e8c4d07149

    SHA256

    48c4e30d61f5a3116e321b16631e9a277b5966a3ab952ab40c14f3a1cf387ecb

    SHA512

    70636933ed0ee8cd69212c9482d303bcc345c6a1994758e8b3675ba4af963b645866eda4fc0b776bc2922b52cc38dc47ed71e420eb17075d3907edc2c2475910

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    05e6369ac74a836fa7f092a142124356

    SHA1

    8f76406f4f5889424fadb8162ddde2fad1f3705e

    SHA256

    6b4ee6906f9199184e1c53f7f032acece69312ac5c6838111ca94a4c98394d80

    SHA512

    5b3d6c1d0a3804f7a89ab8343080dfe5094fe5c5d73048463a72eaccb7d99f296cfaad00e460e1d2f1a473b9178024ed8ef5f318671f6f5a417f90475532e718

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1c4ed8d3d609a6d4695e2dc4070581d7

    SHA1

    fd01767adbcb5f7a260c8e2fae3564d640e70c0a

    SHA256

    99fa4d1cb9ab6e77058ed4a66f892985925ccc6e094426d3c60c40e52fcb661b

    SHA512

    8af2411a2eb66a279b3dc3ee97c0d7ab087857106c66a77c3710fb8b992c7671f7706ca8e5f849f50cbf88e17a3ba5108ddbf185a363bd9cf50db2b5830e3add

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bc1758a644b1f9175612cb4b106cb258

    SHA1

    c48104aa67561acbacba113ba66eaae1161d24a4

    SHA256

    c10da1046b7c2ced438444901f80d51242d2a408b07326dc1d6de3232dcbda08

    SHA512

    50624143a2e42934d532d91c768ced2ee42736e9552f64ef122befad1e04dcaa88214cf4558354c4e106cdccbf3c43faec9d8ad2d0be5e534ae2e39ec243206a

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c71312acd0914b6d2465b918a28ba0a4

    SHA1

    d4dedbcbe697f0c88ce125e2008a6d3a493899fc

    SHA256

    ea74fc5c8809b97373c6e0927fa222c5a66b1f0b567dfc2724fb6b1911ea290f

    SHA512

    89d85fb3ee1c6dc9a7af4840839a00da8e5a9d137343f7a4ff32165ecbec5d6c3e9d796b1d950247835d0bd2743e66846c839815f6bc456266cf715aa93f8c6e

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    43f018464b46be2dd7b5b9da74ad4070

    SHA1

    28516be99afe318ac811efc389741a276400259f

    SHA256

    1fff908761bcbdc8270688ebeedfb6981cbeca68a2e61d5f2742b77594d049a8

    SHA512

    352a769f26febfa9dc7008dd7059a44aa5c78318730379f9133f41097f735f3c94860300dfc1aee3dc00186f4401681ef27243293ad05e21f3196391282d2854

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f3f5da36963cf6d1e1dc1fc0534885cb

    SHA1

    4d42de82020f14f5a8921af33be3deaeb1cce0ba

    SHA256

    1f9f98c8e938ebef876072856632b220a296e30662da989757446e4ae5f301aa

    SHA512

    422b852c5e8cf413336b0d973f634cb45b18c7d5576be1257e3b0ea6510fed7d4985102949977345a0654096d5afbd4fcdd19f98e7cd681b78de40f3e101b14e

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    357300dba6e8fc75cade9ae9279193df

    SHA1

    62e6401077163abddcf16dd392926525a5622df0

    SHA256

    0ae97dcf82bd8b54195af921924b88a5fe4a6549b42ecacde4f479061a1d733f

    SHA512

    73273d09e8d69b4350ce5cfe9d3184f412eddd2e73d3d55013aeba162e05693c1d228358a239ece22c5db4a427ef0073109f0d0f7fbca7c73cfb008b16b14441

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    911b13c76f9795757d20b11c2c05db8e

    SHA1

    ff31e9132b8474badc90912311ce9073345cd62c

    SHA256

    0ef6f7a6d1b162886e4eb860fc9820e077f1ab71bc8b209edc6566c5e93a5b03

    SHA512

    a7fa1d76d3325bcd48d4f8bc39232b085922d7d942f8f573d06063e178b28bec3d884a532b6af8bf844c24208d781b2f276a5848175b8470864c50a24ad4e441

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2a09b5e52178472f65a01e0c33862ac8

    SHA1

    caedc57d11be17df128e3e28cfe10c26a4b39d58

    SHA256

    06eef47903805024a9b638651d6183a360f7678086ca05b9f751fa93086f0fff

    SHA512

    fb39346aca0edc22a105561fea9aeff9684682d5f67af28ad1b53789ec5c9d3ef880d2f9d0ee3890c41b704ce379db054a2e3bf8a77be740cf38be2dfdb5eb99

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9f555345c411dafec67bcf0ad17861f4

    SHA1

    abeb03d3b2ad24ebfd89e81623a9b76762248b4a

    SHA256

    3d6e07bb6249dc2c85855efaaa7090a8637dbcf43d2ae1dad7c06ef8d0a8b82d

    SHA512

    bec90254104846dd93b1ab41c6730fb858ae32b5b86bf1544645615bdd9a89b5d024182b2f46a971a2ba6c6622bf3dba9911ebeaae4d88dab6f780d5d9c76ceb

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\CabE8FB.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\TarE95C.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit