Overview

overview

3

Static

static

3

iis_rewrit...te.dll

windows7-x64

3

iis_rewrit...te.dll

windows10-2004-x64

3

iis_rewrit...if.dll

windows7-x64

1

iis_rewrit...if.dll

windows10-2004-x64

1

images/fon...ex.htm

windows7-x64

1

images/fon...ex.htm

windows10-2004-x64

1

images/fon...ex.htm

windows7-x64

1

images/fon...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

include/de...r.html

windows7-x64

1

include/de...r.html

windows10-2004-x64

1

include/de...e.html

windows7-x64

1

include/de...e.html

windows10-2004-x64

1

include/de...e.html

windows7-x64

1

include/de...e.html

windows10-2004-x64

1

include/de...r.html

windows7-x64

1

include/de...r.html

windows10-2004-x64

1

include/de...k.html

windows7-x64

1

include/de...k.html

windows10-2004-x64

1

include/de...h.html

windows7-x64

1

include/de...h.html

windows10-2004-x64

1

include/de...g.html

windows7-x64

1

include/de...g.html

windows10-2004-x64

1

include/de...k.html

windows7-x64

1

include/de...k.html

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    19-07-2024 19:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    images/fonts/index.htm

  • Size

    1B

  • MD5

    7215ee9c7d9dc229d2921a40e899ec5f

  • SHA1

    b858cb282617fb0956d960215c8e84d1ccf909c6

  • SHA256

    36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

  • SHA512

    f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\images\fonts\index.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2408
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2408 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2148

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    35e54ac8bcdd5ea64fb087a17a23bac2

    SHA1

    176db4ddbe105ed9a78c28538faac1b620af8c54

    SHA256

    51b9909b2343dd25f6cf2e42dabff82087768ab9912d7cd1ae5296efddc8d632

    SHA512

    07ba480f1c8bd0b4fd6a6d43ea1af9700ef7004265ae2263b038eed7481f0a0c85f5784c4159ef54e05aa3d526311ceaaf3b87b25061112fd219075db8b2f84c

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3682aaf868a11f3079f7250fcadd07c6

    SHA1

    f45dbf0f1771ada917ad9ab9166458ed55115c99

    SHA256

    17410308f9cecbd84d1846c39b4fadfcf5eb9aba0a358a925aa9aa54703819b3

    SHA512

    d69d5cd92b96fd809b77cd76b3c1e4528006ed1f56ddecb728701724941c39613190c44c33fe6aa439bc131741ae1d2b708b19fe7173c05d4dd0765388c9ffa1

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2b7e02987b2dd85896fb8d1a16bf7189

    SHA1

    df8b9c690af9599dac91bf959680de3e02cdc449

    SHA256

    15ee3532c27509da9c886c5e16cb16178a2d1576e04a07a62e43e9954cdc5fec

    SHA512

    3fa3abf93061d9b745e6e72db17f19f4d59bbae88593ddd6a44f1ef5e06ef33a3bd1729835b590ed2af0439bfe8e20c9b285420dadb55888c585fc28e1af1169

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    45cba210a64cf1974a367b036469b278

    SHA1

    3dbf13514e9ed0604d0c9c00e53da0e2fd073338

    SHA256

    04dcf5ab9d61c87f9f13e963b783d22096b5cf63c1ba008ffe5bada35e9e8af2

    SHA512

    135413dc4d5f65fa3f5c3e50d96e837a1c4a56800e4c949009cfe645add6ff205a08dc70637a123c4bbaec7da9a608dde5df8aa842dad26dee359d07aa2bf6d5

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    048e9ee971caefee6803d0493dfa67a8

    SHA1

    32db15f764aa27a0902fcc3597a351b579a85627

    SHA256

    50f52803f59df86a944438a76c3c5b4e51533d2ec2acc978950e6c629c3ac31f

    SHA512

    8e5fa57b489eac176abe8d076d3c6e7f568d186bd441b410208f57c315f51a7600822e9fd38289bf9d69cabf0f0e4b5854a18c512d777d2a670c006675b26805

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    baed2e3f7e410e5c18166dbc9abe2757

    SHA1

    d31b323c2bb3b9dcd6a6d4676947ffeb2cdfeccc

    SHA256

    734aa7bf9c99fb0ee36d139e807abccf7b7d2fc82166e786f2dc58976b30351e

    SHA512

    9baabb0ad67b32073fed3678695b306481d220b2b2d2240e3ac468b52af18a935d08f6a7b42f67a0fa59e03187462e78536d3b60f92cb16bfa60e910c90f5e49

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9321102ed986cb849b3260031207827a

    SHA1

    8538e44be15157cc92c2db3d1fca11a3f3fc694d

    SHA256

    6b792d4c9616321fb979d1a4a0d2ad89219d0e09b832e63dfab3e49b7f4edbfe

    SHA512

    b98fd8acb6dd9d0da860ade9dba96418bdd123ecb452075ccdfd15b9cb6c83a56d13a02a6d5bf4f5331789a5b1d793c5ef9c84f9c236f463763f7242a3de6a90

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    342b759a9bd4f891a519b9b1816a3ffe

    SHA1

    47c4af5162ccc22528183dd18cab97cef0a2887b

    SHA256

    3a4bc7ef92cfc14a24b64d1eabfa45ebbedc8e0e6eebdfa7613ccc160176b12b

    SHA512

    8fda257c9d7b5894a3b0a9f0903b2f8c529c722463c06c2915689cafc4ffab7d13f25019043e51456e948fed426a7bc1fd3c2f289bde217510920161d3d8a557

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f4700b6638a26ab1094921c5db776210

    SHA1

    ba1c35709d3c402409a290a2d260ca492d8a9bb6

    SHA256

    ce92a0741407e1cf82c4f1d93ddf6137041e5e3ba8528dc0e85016b707ebb221

    SHA512

    6cf5519aa1fd5f346a2eb34432ea0ea0a7243a18772ce3876ed9727379fa6bd3313d0f7d7a8c86b465b8a3d7ca8367ffb13fae14f6aa00d72a644750f7dfdbd7

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    71a59d4edab88d85afb840d43d9936d7

    SHA1

    f907ee8dbf9668554c7479f4c474313b777a2237

    SHA256

    811a7b8f36b6da343201a143ac737b0b51653c4af7a729d802e022d17fa49fb0

    SHA512

    8ade0d94058ebaea589eaabb951526ee4317bf5a73bf95a2db7e15cdacccbb5ee2cc225eee3f9a37a941216fb22a0e190c896ed439ffc7001ee3391136f6d31c

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    238971616bf5bf2e61cde18f4ad75a79

    SHA1

    2a76d6556af875fde85d2b0889def951bfc078ea

    SHA256

    ae6216829f7b7040ff5edc3fc015360ec90e8e172572e7782beac53e32354f4c

    SHA512

    6a64e0695475a2c7c5bdc2e184e15d077f1d6bd8915953ad4f8cf9a6b27b5c45911b50037bc55702f2a4bd168c27688a3c1663f81f46f8a20f9d3e7a1ed40729

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    32366d3a078146e43fdabcaa6a19df5a

    SHA1

    ec90caadd43ea9b4b05f3b74b797948af3735483

    SHA256

    c1062282785783a9bc7e7b2612e8d3fa45831122a93faf7df1e47ad938ee1454

    SHA512

    665206504b8196b0c90c67bd6b28f613558d116c0c0a36d1a093208ff65db33c3d11f294c61a4649d4b7fb7d3cd1bab8a1a1905ab2fc92b3f19451daf06b1344

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7a5f8ed9dfd74bc4c687458619c7a14f

    SHA1

    622d88e4d4fe652ff7d4e1ec3887e24323ee4ecb

    SHA256

    b0a6f23c03004c439102e3957b7f9332242b7951e7a1a2c1cbf6ce0412d408bb

    SHA512

    186f2cbd99fc255d85841c175685a655eefa832db1481f2970c82cd3c9fc29cc87f72347f915b7cb12d09f9c4dfccfe22dbdf72827a90f8d62994602e44a6a60

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    94132c0479434e9b615c5b059681c9c8

    SHA1

    9a672442da39582f2075ab831fb9a86fdd28efa1

    SHA256

    418f9f01490ab222ba9038a0b5f412a6c87e99d5b128eed82698ac763d1673ec

    SHA512

    55a4ffd7dbe79bed2c8afaf9ee2cdef6a2f503af95fd63b6a63356a9bae4372e18c126bf12bdd93de482b167e7c20030807c1a3950240c4c534fc127ef9990c4

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    64e66d7a6bbfc9484bbaf5baf7f29ca5

    SHA1

    35379a576e97308377e0c565a135e8229dc3c59c

    SHA256

    779a191bc1b77fb461489d24f1d0f62054fff7505ddeb974c99c76e5ecb38970

    SHA512

    0372883dfbd9150770c16a167f2549a738e63071a130224d0dc064d7125115a9e66f8286071ea5f1d4ea35b20d4acab08868682d4d2fcf8c1a30bdc327460f83

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    549ed9800dae8be8dab5abb3f027fb0e

    SHA1

    e047d5625fdb35b0b97ab931f3993b7605650948

    SHA256

    e80e146f92055163f2bcfb15d76a3abefc27b4237a2f0d72f25d84ca407e02f4

    SHA512

    e58bf47e01413dc0496075d1953cefce8ca0a9a4f197fc5b22810c49d0eb59dc1e7a6b760ac110e1e005499e215a98dbbc0da481b172b0aab8ad919f3d48d640

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    39815537b9788afafa8a79ceed650edd

    SHA1

    e171c1dff57d15e3676b450b43223b5b857d0f92

    SHA256

    75dc8250c639771cc12615b071e6c282b1738cf6b686d73e6ab58ccf41a046e7

    SHA512

    1491be64269bdf042b78a997ee1d966cd42d0f7686a0253bc600d31d3cc4f8245958aaeb717ce237f7f3182dae83ea8de8e02a999a7654007ef56c221ad1ebe4

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    75028bc44bae4a498620f13548460c4f

    SHA1

    7ab4a41aa006ece7f5d3e8f862a2aedf35f2a83b

    SHA256

    02df1e6d3a23f5a3f3984174950a5a4461461d9001d31667fb6d6ba9edb55ce8

    SHA512

    43c208d55198e72a77e7b78abf71c9a46d517d843c5c4095d345a10429ec424d37d13003e64429407ef37b804e50901c8785fc54323810467e899dd58411191a

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    92281a66f112a78a5191ca1c6c5a0d31

    SHA1

    75a92ef259e1c0df3a5e78049074cd442f6cc3b9

    SHA256

    e010fbd19681825d6ab80c97794265cae5cd94a0d882571fdbcce140eebd8445

    SHA512

    15249aa136392ffea43afafff14ce8dbb3283cb3a9b4aa37d34951af58e95fb336e5f8bac5d52bbfe1fe20808633131dac31dd5b0b5cfae3490fe132284a4c82

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\CabD9CE.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\TarDA3F.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit