Overview

overview

3

Static

static

3

iis_rewrit...te.dll

windows7-x64

3

iis_rewrit...te.dll

windows10-2004-x64

3

iis_rewrit...if.dll

windows7-x64

1

iis_rewrit...if.dll

windows10-2004-x64

1

images/fon...ex.htm

windows7-x64

1

images/fon...ex.htm

windows10-2004-x64

1

images/fon...ex.htm

windows7-x64

1

images/fon...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

include/de...r.html

windows7-x64

1

include/de...r.html

windows10-2004-x64

1

include/de...e.html

windows7-x64

1

include/de...e.html

windows10-2004-x64

1

include/de...e.html

windows7-x64

1

include/de...e.html

windows10-2004-x64

1

include/de...r.html

windows7-x64

1

include/de...r.html

windows10-2004-x64

1

include/de...k.html

windows7-x64

1

include/de...k.html

windows10-2004-x64

1

include/de...h.html

windows7-x64

1

include/de...h.html

windows10-2004-x64

1

include/de...g.html

windows7-x64

1

include/de...g.html

windows10-2004-x64

1

include/de...k.html

windows7-x64

1

include/de...k.html

windows10-2004-x64

1

Analysis

  • max time kernel
    133s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    19-07-2024 19:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    include/deditor/images/edit/InsertLink.html

  • Size

    2KB

  • MD5

    57eb3294ed0e24b6dd783c8d9e502caf

  • SHA1

    d3981ce868e475ccc1c108b9c9bd6cf03ddd722f

  • SHA256

    cc4509140cce15278449d0259b7a7235efacf42049584cedb7eff079d593f486

  • SHA512

    736283369325f43bafdc8a03dc12fa8d4a2b282d7bae677d74b3f66ce7f4f3870a77897747b2e083c74bfd0bc3b9393498f615405b0ba9f2f7e5a715cc81c3cf

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\include\deditor\images\edit\InsertLink.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2752
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2752 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2392

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    758ee2fc476a032fe42d345924baab65

    SHA1

    1d9ae5281c2ba687bf34a3c93d4049e11912a2c0

    SHA256

    43ba780b7678fc8ac9c1329bf3327ee92fd9c3697b17613a2c1e4cc20fce5d75

    SHA512

    69a69e84f604aaa42e80898f21e5db02f87bf39ea862886fedae846d8175bfe92b422874bab2614bc088d8359890d526e5cbb8fb2645fe59584c4d9c8ed316aa

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6895beb4597b49384a793aa9458eec8c

    SHA1

    cb172a323e05c430d687cc833aaf5292bcfa99f2

    SHA256

    6dfad21eb1ea555a73c48558bb4ff748ca16d739f78a5ca35a2a12eb053b9c49

    SHA512

    fa7836d8f9e37087ac395276d28ef7a456e49a7f718bc10882af9e052c174a1b6168d8fab7dd4e7e7c60e2234ff6cd1970c924fa07410009f46d7d2811fc89b0

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    97f9af2fc6a0e40c0466a5ede7622cd8

    SHA1

    48f723181994b4713e64955f0c0bc0b32ccfdb5c

    SHA256

    10cbfa5f776f064fe95e479817fee7a1d58ad4c2a10537cd77cf7289149c68c5

    SHA512

    c7bbb25d69eabd5133e8b8710fafeabf479bb61a546fe413662733285eee1c1a891fc2ff69163770ca3a46f33e309160e85c52560ccea919124a49c11578d124

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    939465beccc14de668834fb2a21a4df6

    SHA1

    3f3500a330bb4faaa103da0c300e0efc20189913

    SHA256

    0ef66b7cdba275a790bb6549fd05b7aea1522f86babde7ea54b296bdd85d3faf

    SHA512

    77b7381363a2ea6a2fdeea78f035b9782841a5052aa3c1c85aa2d475bfe75d7db4adad6afb01a5868054483ab88bd30bb52a6683de41c055b8457ad24e46f33f

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6a1d767932bf9c0ede05a01bb63edca9

    SHA1

    ff3bf5fba78ebf84fb4897c868559aab10611d34

    SHA256

    6ffda2948ab3ddb3d3ddf32fefcf14546d0a3e498ce5a4a61ed052e68522df1a

    SHA512

    7d817591f93b26ae4298d42452984adebda4fb6ce731aeeb2ffabe6999e31d2b9eb8fec34d3c2cb157f33070b19d7eb98801851057d7626bfd4e3d1570c65b59

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    70b26b9eedffeb7765867eb1dc19632f

    SHA1

    0f8f05f05ecb536ec9339ecec57c6b3ee847a5c8

    SHA256

    d61f6b7d3a5b280f16db9949f017ed6f6841d7771c6ca8e79386d0c75ddf405a

    SHA512

    92a61c7d60e839b9b701315a1fb3e53b5746669ecfffcc588676e179c090f8275fc87d3cae8dc5f6cdb66bd700b11de587093293bb9468af50b1d3c924411b4b

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b018570fde7670f7b1a138e00157e1b9

    SHA1

    af811a88980a6d4b7367635be8661ee4f8920765

    SHA256

    d46607dd719ff4f59f085d464a8dd1435d0bd1e945d80ec2f138f3cb3a9c56e1

    SHA512

    7ad65d7d55bc6ae3853c1e58c8fc76cb2978d014112460e5eced20dc35eb269ebb3e02f4db274ad207c36a22d2e5e5ba24d2d2880c5145c86493f827f2481a07

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f01cb0e1c68e01ce81259091be787368

    SHA1

    7175042b8a64e6d12231d56559d9c08be2b7a058

    SHA256

    733f5289bdf531f703d45564c2270903b5b8a24325db645efbce1e9df206afc3

    SHA512

    d9dbbe0cc9f9149383c66979382cb98488ac3cdae16a8c9a2a71554737eeb104c8148fee1078929a0e2e0a74484bf578a36dfe14a3c3c4bc1775b831f8fd6b69

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ddb813bf369369ca35f5a9a67c4eb8a4

    SHA1

    7643f0f93b6d604941b37670d8c6a307a7cf5b62

    SHA256

    dbf0f1de3c2bc75bef5d5defaa24ff4bd46136467a69d427b7742607b59e22c1

    SHA512

    863be8cd2bb987ab7d18cbc5aaf203f6e65068d54f252180d6ec2d642f5ac9be4a54afbdc6795a77b770298f40aa1933e00672863972c7a61f6e0ba8637bf3fb

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    80383d0342423505dbcbe72d4e042fab

    SHA1

    f0eeedb0275efa4423b43909c856cb94c90268bb

    SHA256

    f72943c53acd0c078293f55dab632c50eed7b15dcebe759dfd652d7c0bb950fa

    SHA512

    b9279cc9fc10157b945c7848627aac9053edfaf68fa58b0c1d6f797a6bc9178fdc30db9735982345b0b420f72d6a4fd45c73b878b7ecf2792823eb1f7603c37c

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b97d50d9b741c5ad35798731218f9ee3

    SHA1

    a7f8654b30e7da872ef0177eb746bb7369de94a1

    SHA256

    83036a2b7ce3c1d1122a8287d4afa13f91765ec3f559463a0b64d93e0fb0bf92

    SHA512

    cd5f49918f6df54c517975e696448185cf0b7e3d11e903cee44cb50c0acc04988fddff7a9213ebad2048f48a4097c2bff5368c13c840c44eb1ffc045007c2a07

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2330abed58ebd7fdd22efbc9484b5a21

    SHA1

    a433a1937ad2904acaba11105ea507decbd047c0

    SHA256

    5fdd274a6bfcfa545ddac5d3be4c221d6ccfe298120aacc930484b26a6f160f1

    SHA512

    1bf5d6001672b43b6892ba07a92ea6600b6479ca841591aded51102ca2f37ccff34986b54e124e1ca93c69bda7d9a7d6cd1a8a1a9c232e823ab0f499b2267fe9

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    97138a05a38375bf1abd3df44909ceea

    SHA1

    39de356bb731383469514580173d8d38780aee1b

    SHA256

    2cdf5017f8906e9a57657b647d52c1f04d88891a3e70bcf7ec914fde0e011aed

    SHA512

    a28d2eb4f6514b22387af18191c9a7008ab7f0deea8ace2110b0fdce7fd3fb6f7bdd941c7b67d972ef278d16d8089457271716c5c51c6bd65b7b99e1d67ed0ba

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    445a7cc98dfaee60a39d3326c15799e7

    SHA1

    b9352b61ef02261ad35c733b687b3e65aca1ee0a

    SHA256

    6b62d52c45c45ec9787b1afbdcbfacb32c317bd6f8da85c01c204f8d8a18ce1c

    SHA512

    d452e66c4690510a9542ba73502156bcdfceff889c034515bdb995525258686fed33b060da647b76cba23e4334ea03cbd8eee71bc8c8d0c7f9f68ec243fc357a

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    91af19954a1b2e660fc416bf92265533

    SHA1

    857dca960b3f4f8607abb17e8b060f682197e966

    SHA256

    b002dfb97ed4b4ebb82d94041532634a893367b406149206347014294bca2872

    SHA512

    c495a41a1fe0c371cf96dd90c5534406b40296269090d8ae4a74e56976d12454e739aab2b1d913acbdf6934ccf193677d24e328e46a5ef433889392efa7d6d5c

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c6bcfd5d7de92d3391266644a7409717

    SHA1

    bc07073470e1a4bf37bc046a459ac9de6c53f503

    SHA256

    1e7eceb7f3758b1dc06f87810e52c1fc30d0c6e008c7be1d994af17e92b522de

    SHA512

    20e63d6bb2ff82ff6ef7e875517ba3762eb426440f26c80a004d208dc5349bf676f5c1e8ae2ea774ca2da5338ac786eab864b40235cefb4914b8554ffee45ca3

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7e92731c5c218f41cec8b5ba31573c40

    SHA1

    ed79288b7ed46322e9e5ce913448becaaf679adb

    SHA256

    537f3c911c4c826f3cc639cf9df9d0e06c03a03b86259d81584fc2104495ee19

    SHA512

    befdabbb2eaf4d96160b4d5da1d74a4cb5462fdfbdec3df0cbfb3491b737bc9773fa514aaaa875ef410a7a26b235e540c30d2e1a9439ed3bece557c2e0e51efc

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7b4d730eab2e19c4eff3ff9b28837dbd

    SHA1

    4263595c985df0c79d57dda5ae35afbef25ffc25

    SHA256

    1ec6b397d6b9ab571ff1960c0caf9a2634927098baa389a469693464c9699eaf

    SHA512

    ed917a12f48aedf5a711cd6a3e3f8eb0cc7df686aeda3a591878e0ff5378a2892bffbb949b0e30b1f8efbcf5aa5fd0124f4704c389beb25b44578d3583f64bb5

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d609886619daf023921634ca60f11052

    SHA1

    c8f6259273f3521376a0161314fedf9046567e9c

    SHA256

    494050b7e4224ef66ad56be64aeeeb4d35ffa1842c0e87cebe9d38d5b6306db3

    SHA512

    f14851f884766eae6f6ddd6613e9f53b1d7ebd38ee49d583ddb78ac9f6eac4e0ba810d6716eb0e66e36db2bbdb7d8d7b8fcde195b44413bb66255f539e2ab803

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    71b69811a1f9dd40452ee566b2b5438d

    SHA1

    a6de8e4c74704d38d7923301054885428ec8e1b2

    SHA256

    7ef1780294ddd231233130926fb451baf789eedb0ed0eb5fefc5c5ad127026e1

    SHA512

    efdfff98c911863c2a2a11b35ca4944b0548759fa04ae10daa308caa4a13b0e7a39d9f42e1dd1f250f476e1194b980348222be477d91a82b248f78bf2c3b5471

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Cab49B0.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Tar4A11.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit