Overview

overview

3

Static

static

1

upload/adm...nc.ps1

windows7-x64

3

upload/adm...nc.ps1

windows10-2004-x64

3

upload/adm...map.js

windows7-x64

3

upload/adm...map.js

windows10-2004-x64

3

upload/adm...ure.js

windows7-x64

3

upload/adm...ure.js

windows10-2004-x64

3

upload/adm...inc.js

windows7-x64

3

upload/adm...inc.js

windows10-2004-x64

3

upload/adm...x.html

windows7-x64

1

upload/adm...x.html

windows10-2004-x64

1

upload/adm...inc.js

windows7-x64

3

upload/adm...inc.js

windows10-2004-x64

3

upload/adm...tpl.js

windows7-x64

3

upload/adm...tpl.js

windows10-2004-x64

3

upload/adm...x.html

windows7-x64

1

upload/adm...x.html

windows10-2004-x64

1

upload/adm...tpl.js

windows7-x64

3

upload/adm...tpl.js

windows10-2004-x64

3

upload/api/index.html

windows7-x64

1

upload/api/index.html

windows10-2004-x64

1

upload/cou...tpl.js

windows7-x64

3

upload/cou...tpl.js

windows10-2004-x64

3

upload/cou...tpl.js

windows7-x64

3

upload/cou...tpl.js

windows10-2004-x64

3

upload/cou...int.js

windows7-x64

3

upload/cou...int.js

windows10-2004-x64

3

upload/dat...x.html

windows7-x64

1

upload/dat...x.html

windows10-2004-x64

1

upload/dat...x.html

windows7-x64

1

upload/dat...x.html

windows10-2004-x64

1

upload/dat...x.html

windows7-x64

1

upload/dat...x.html

windows10-2004-x64

1

Analysis

  • max time kernel
    67s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    20-07-2024 23:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    upload/api/index.html

  • Size

    1B

  • MD5

    7215ee9c7d9dc229d2921a40e899ec5f

  • SHA1

    b858cb282617fb0956d960215c8e84d1ccf909c6

  • SHA256

    36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

  • SHA512

    f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\upload\api\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2748
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2748 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2704

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6fc2dbbd64b62d35839ce61d41f26ac5

    SHA1

    9b611e96c8e49636f697d49c9708ddb221d2e332

    SHA256

    d6f422740f3c3f84487a81f72dd1a04ef5fc2df56e8e95868e28e46a2d5d6c4a

    SHA512

    4367ec60a38463d7180db53fd1d6d5bee56f66f77ffca41c4eec193960ec01509f3ade18ecc9851ca7c6d9b0019b414111458f69d8d9ec80dac3c78f04715d14

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7b1b7a05d19089bfa336d7edf3406828

    SHA1

    ed55421020a5c0e3f0a918cbcce1b4a64c75ead8

    SHA256

    d0650b670c356c2f97519fc9f6f874aba10a76fea0fd195b33c8cb1d7d75ac0e

    SHA512

    02f3cad3d7cc40033953377be1cabec9efceb0bdb2d4a422affff478676d641e2704720d069b2f38ddafdf2183da0701234bf3c18400492d42d794bc6c1dc468

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    95817cb09d49b04919de24bca22fe49f

    SHA1

    0fbff4677b9aa947402f78bb6f08bf415bedd1f8

    SHA256

    bbbe1aa2d5aed64bf55a1c5c0de8a5fed84a0792191f86208e4a70528db62609

    SHA512

    5425af295701a8c2ab304849e62812cf2506d74f9b65f26f4ee35721e74c71779e2afd4434d55b4608f374a5022993b4a41aae46b128684e9ba8a332d2ab4be6

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3cdc67336a5a49a32558e8efad3469e5

    SHA1

    0029a4b598ceb824950c60ec9412222b9063cd51

    SHA256

    db7ff3c3737a697024b0a19d907a3905cbb7916fc259daf78b47a101e4a09a45

    SHA512

    70863abbfeebd533259f122304db2fc4b177d26b7efab39c1e895c50d08341ef9f51ac96d939f95f36f81ee430b777f10317d5024bd163490c57dd589902540a

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9e5ec8dd4882d37f25fec67192c892cf

    SHA1

    ba1486c36abeccc5be5734691bc8181f4527ae90

    SHA256

    62c3e8fdfaa579f894c6e6eb51288667c4a31578f6be52654b387ad382a6f69a

    SHA512

    c7adc0e9bee91d53c36aa83010dd343a9a233ea8b3265827298193d6403330f36427d20ef5d6964731ed3fa391bba83fca05e811cc31b44f1f57a88c0396d8c2

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5060bffa83cedbde2c37d6c8ae588e59

    SHA1

    630812193645e8702da2a55f78271326c63eddb6

    SHA256

    02de89d2caaa7788c695c92ab9455d8321a7930032ca690c609747576225f210

    SHA512

    20f835ae21eb950460f9ad2516ac735dc1e3f0d159a184b1fb7236084b10efd5dc14b1694e6817a7c4ed0311aff46493c5dbcc228774326d5f1e67d10a670068

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3ec4548d492fed8ebfcf501910946189

    SHA1

    8baf39d4d23ab03adb1dd64cb4b575515ee90b79

    SHA256

    7b8a3b1ede3080449181584e6f60b93dfe9a884b9f08273277e8d4447ffa0ae5

    SHA512

    f3c0846cc09c91918f20a3a05add623c5df6950ee52268e33aea36c4d58b0210b63c49d55a2527b75029c0820642bb6e052e4e40cc2d480a6bbdc04ead726bc3

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1cc841f5bba1b95e32c426255e43a490

    SHA1

    e6b5ff66e91c6890895987bb000107c7179f195c

    SHA256

    2f91a3e70d425b21ab08e7114850a6f0e3a53307b6b14c33c451f8300cfe9bba

    SHA512

    bfc0b04ed9f8942baebfe87add19e664a36549151e4f687bdcc38ee18214b49e9dd019cffb30306fa4af05f8e67d184b9494f2ee70f88f62c87342312ee37e31

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    511adfd9c63da05e48ca0d002934cc8d

    SHA1

    fdf53c5b827fccd18ec5c264bf1ec627853f3cc8

    SHA256

    b0450e153e7a0bfc1e452dd825a4e4f231bf9c9f5fdf43015ec3bfaf4bbc8c23

    SHA512

    491ad7af432c0829c269bcb9927c33db2f111be6e169fe3b7ec4f4f56f41febf5336b6f3836085f556e939a4a67b72c6f6ae3c1f91f5569a8d6b74f06db7704b

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bf6fb7a58b6cfe882fc72de5240a82fa

    SHA1

    2b9942f591c87128b526a5893b8609a79d023649

    SHA256

    ec7f0b1b86becf38679cc7af841784e09c0a6efad42ad18cc47a3135619a172f

    SHA512

    2387d553181cf60a0b94540aa07a1165d922ab408eda7542a488471baed9500a5a550b61aa23e2c7084463d83135756bc9b59c28a38f35de488cfec47b827c59

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e27312380e3e3f526695a839d3b7f23c

    SHA1

    eb85293fa2bd3abf10e613e864389ed0b471bcdd

    SHA256

    f6104e014c667df27075fd4e7db2b92a220f71ca5127274fe6b14730dbc553d7

    SHA512

    fcb97408b33b28aba9c57f8028d4d1c1227bdfb92fa78071770ad5586cf49962bee072b14b49da9ade4b3001264b912bd4dbf2ef1e43e709397ace8be60e31ef

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    35ec0d3dc3a446022f52c6d7349be6a3

    SHA1

    7d1847daa5375a698a9070e9016f91c463391198

    SHA256

    97c32277e74c1fa66deb05b0ee52cd64ca73d649ddb14f42309049e28c0d4205

    SHA512

    2a58cbe3103bd7e6d41ef73219d2b17bd8f29bc93957b2fd19dee40ef33314306fedc83db847c5aadf776f2b8970d39f7aa3b251f8ad4387ad666cd827a08cb9

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dc8f36c142b488812eb4b0c609bf2f4a

    SHA1

    35d02e8cb3f9bc7f287208a1d81d76e5a907109e

    SHA256

    6803fd413f70df4703aa6221553c7b1538122859e739352c8ee581264ef325a4

    SHA512

    6138fdbf26e2128b8034b047ab2e44e8f71e9d0fe0bf07d3dbadb147c5b858cfa7548260aa82166819cb0bf1379efb555275621ce62947d24ff3f30f2d8a2f16

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ed8e5fbdf8cb2c93e9e53e8e458242e5

    SHA1

    8d33a3fff59427319945d33c7a60e4b117e081b9

    SHA256

    a01a3c3213da753dab6efd9438686d1a86c5b6844370e56ae2451b542b5eebc1

    SHA512

    f8b153b6363a826f6d16c10c9197dbacc96f9a4138d21f6e817d86550f44a48f069f9bfb74848d6e1b86399a13f5d1bc832ce3a29708f30d34331ce4a7b4c6b5

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0726f285726012390ed34541e6edcc84

    SHA1

    98447f1731033451508337bd903cc37bfa2f3313

    SHA256

    cf250f6bd9b4b61a9801aea341e0a9a73942615b035acc4a56bde63193211660

    SHA512

    4926a0be862bccb6488f538abab5c1fc4f92b043edc8fc2df439e7266943bad503d426c931fe2872b9b575ed21f448291fcc5c30a2413993aeae360da1ccb8f6

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0f0e337dc27f51011babb2c152803cf3

    SHA1

    a280f221ef90c208b1e809ebcac14b539f7c3d59

    SHA256

    e8f57b2a1d26304db64995e94d635d955413b3901180e9a5f1879af3dc19c08a

    SHA512

    2088b24c1b996d5dc81d4247fa724b0ac831ce617d6fb6e9d8e2fe3a0aef15768acfc940f5bd40963719a5fb101e0d5b92e9650e7826a0209cd4f6938a657762

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Cab6CA9.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Tar6D0B.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit