Overview

overview

7

Static

static

7

nEO iMAGIN...es.dll

windows7-x64

3

nEO iMAGIN...es.dll

windows10-2004-x64

3

nEO iMAGIN...or.htm

windows7-x64

1

nEO iMAGIN...or.htm

windows10-2004-x64

1

nEO iMAGIN...or.htm

windows7-x64

1

nEO iMAGIN...or.htm

windows10-2004-x64

1

nEO iMAGING/IJL15.dll

windows7-x64

1

nEO iMAGING/IJL15.dll

windows10-2004-x64

1

nEO iMAGIN...71.dll

windows7-x64

3

nEO iMAGIN...71.dll

windows10-2004-x64

3

nEO iMAGIN...71.dll

windows7-x64

3

nEO iMAGIN...71.dll

windows10-2004-x64

3

nEO iMAGIN...nt.dll

windows7-x64

1

nEO iMAGIN...nt.dll

windows10-2004-x64

1

nEO iMAGIN...ce.dll

windows7-x64

1

nEO iMAGIN...ce.dll

windows10-2004-x64

1

nEO iMAGIN...st.dll

windows7-x64

3

nEO iMAGIN...st.dll

windows10-2004-x64

3

nEO iMAGING/atl71.dll

windows7-x64

1

nEO iMAGING/atl71.dll

windows10-2004-x64

1

nEO iMAGIN...mm.dll

windows7-x64

3

nEO iMAGIN...mm.dll

windows10-2004-x64

1

nEO iMAGIN...ap.dll

windows7-x64

3

nEO iMAGIN...ap.dll

windows10-2004-x64

3

nEO iMAGIN...NG.exe

windows7-x64

1

nEO iMAGIN...NG.exe

windows10-2004-x64

1

nEO iMAGIN...c.html

windows7-x64

1

nEO iMAGIN...c.html

windows10-2004-x64

1

nEO iMAGIN...s1.dll

windows7-x64

1

nEO iMAGIN...s1.dll

windows10-2004-x64

1

nEO iMAGIN...s2.dll

windows7-x64

1

nEO iMAGIN...s2.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    70s
  • max time network
    138s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    22/07/2024, 23:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    nEO iMAGING/niIEMagic.html

  • Size

    275B

  • MD5

    187a5b501ce769a8de756dd80d51105c

  • SHA1

    8ca42e002d9648ef6c93926da8eb9639e3deb312

  • SHA256

    24837525de978f2dd9779bd1b02f5bb205fce423d5b8688399c1b29b634f4fa3

  • SHA512

    f2bccacf592ff7bd63586a99265c29abe80d2009c02fa63ba7799919110c1c5dc359c9a98d59ab4be5911fcec0f37bbb7ea9016fbe42089f3518e69284f17cd5

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\nEO iMAGING\niIEMagic.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1292
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1292 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1836

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    04cb33f1261096f0a0f3ed5dc6cd2124

    SHA1

    8ec832cf0c84ac412b6cb74e0ae140e6c6cf1505

    SHA256

    6930cc29cc9b0e4e7d151af3053dd9f04093bcca5d5ae15c2c90ed84d2c5d640

    SHA512

    ba09401644792b1f7a4cd8c7dabe555f6cbb84e27bc359bb8268fae3fd37903d2e7acb56c092040bb1a799879744f58f5baee93c33fb1f638e006b0daf5fa003

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    85a49c2ea7d9014bf786334236b331b4

    SHA1

    f336b214399891c45e2949ef354bf386a4a8e414

    SHA256

    fa4697d855c27799b5a74b75e049d99da3b8b104e29208489a0b3f4e2c3ec191

    SHA512

    c831cd8179f5e55f7044d980ec9b45523bf9822427d4eda36f861a49696faf91496cc1acc73bedb954aa3284c1778dd3f54ece37a3ece774b3a8ca1ffd270be2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7b9668ecfd326d0e099a1d0bfeb264da

    SHA1

    5e42f6cc07a3b91459710b306bd96d4f564c2330

    SHA256

    eda2be60112ca52e372168803f0d439cd7e0df2f6376ff2629ced88ac82fec8c

    SHA512

    978b4b3e7017acda30f9f6ec72056de4f24b168b9106c70b2ea3410761f83b8b036cc89cfdb7704a380fcb9ccbe47ba33ab6e6eea81eb83070b9d54a5a2bdeed

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fdde855f421e867d5e0e0ccba5c47450

    SHA1

    b09fad68a71adbbee765c62cd7ded1e87f19205b

    SHA256

    5cdbbba38f5bd5a65dcba4afcc763d7503bb9d9e9643813a1998ae5bfda97954

    SHA512

    941acf1f7c35ac4f79a37b8ef61ddfdd4c6af46db71edb889e37e284d0b2dbb8fd6d20343133a5b6d4b8f322b87b146348211dc1e0332c32938c78a27be3fbdc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4ca4cab799fece926c742c2248633b94

    SHA1

    1b79438d0ae01e3f369c1b771db15b496304a410

    SHA256

    af01f91e2a6435fc4d7e74750b5b79bddb026e776c17fbbc9512f12ec7889197

    SHA512

    a853560ec5f14466030a90e67968084e1ef2d7754b7cae0f4041e693db7b116cee7ce63df6c21e71580e1b4bb38b90e1a4a151083a050d3b24a04e94bb1a3ed9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2a0d535203a27bc7cbb3ef4635a19b8d

    SHA1

    81cb9d90cd06ed583b997f44f38421f003d0fcb1

    SHA256

    3ae9e2885d9f79c3ba50f7d992e053a468f701e7fdccf1bde07e1c42cafb7966

    SHA512

    5f300a789fa1bad1f020138abb016f98c13f68a5c161805b1f7d2c27aeaaf1ae831ec9bb84789a2d1b16647f1851c7cde27d1171d9bbb2903dcb403d13e5d613

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7db8c93378d4d38cf34fb1f56473e1c3

    SHA1

    b1a4818f22aa762f8b277fa289b30911702406de

    SHA256

    1872f07543b67c197907ed0c8adca203b9933145b02b53effc6add69026d9229

    SHA512

    9357a9112869aa441e4e32260e2fff891ca1f6f9e74c1ac176e070a025eae12f4042313288d1fe8aade2195da395a7717bbda2c8885d99eea7fe08cd0200df72

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d6870730b5adec76fd860231a19c6722

    SHA1

    625d19f970336b92ffabb658edf13f15e2413b6f

    SHA256

    cd2c6be899bbd5dcfc01da8f1bf825d658b0a2d558ad7eb9840412d39d5b9162

    SHA512

    e9d8cc1a9f3c827b2a04f8021d2e4da643be9c77a50ea435c7e3a768c20e907de6bbe8823ed7a6715a03d6accc9890d21b34ae3d902b6fe4bf9ad60932efbab9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f047136d47d9438b2afcdec4c11654b7

    SHA1

    f31f33f0631c50e14406e12415ecfdce7dd128d7

    SHA256

    318f6a403300d00d3df3c519609411c4fd041142e32445346ad5d0fd32eb1d54

    SHA512

    835036be82501428b2f6ec875b3392f33f5cb8f8f8c2de1cfa48a3a4125897b2c5850196bf589809ad19e1ac9d878bf923e2e9074468de33c1098226bf803be0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c2697ef90335048b1e0e5053a5e4d085

    SHA1

    3728ace3be70b37da97e97b01d5cdf805f0c76f3

    SHA256

    43a7039a7297eb398bec316ddb4f45d6511781a414966c3aa33f9d3816f84c46

    SHA512

    2880fc938f1671a88e14dfa035c31012e6c081ec093059c1127783e35990f4c1cbe830810f24d15858392fd8f418ac9009bd1ff4ec265bfd4c592dc2e3925edd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0f38310b11fd8f1765c67835ccb5f5d1

    SHA1

    e12fee79444cb5159d52a6ef35357d5725b1102f

    SHA256

    3032fec56c1252f54579772c414afba7705be8a88eadbf4d063f466349ba2872

    SHA512

    28d72b5207e0ef24514c7b1849a256641c7234eee3ef3343da07c39e0cf6699f01349f2ecfada652b0752617ed6deb5a73148a6f8f0ecf3e3bcd8e01c635766e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dc88eb4d9ac05f4af23a649dca4544da

    SHA1

    88c52829e440fb2589eebaacf3e4b3d9f43655e5

    SHA256

    99e3656bb91a9567617c6e031bbd447b8b3a3b7513c92f4bbb6e4180408e0ca1

    SHA512

    1639639db337af0156fb03b4b4bc4d98ea221949f12449dcab4ff40f47207317028fa3dca2b84432b0d37667abf3a259c85beb2b536f3447a40affedf094c637

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dd9ada4f7aa9dc352e53e52f7ddfb6c6

    SHA1

    4f39b9ad928b9d5d4f652564aed9a279f21b85e5

    SHA256

    c855c66d43027b859e9e24ac3acb8798c101625c0d6ce3932efc46c0e86c2c0f

    SHA512

    333d52d19e637f92114afe38575a184ad006f2eb446691673dfc38a3a4b7e8019611225712d3cf9d64caf3c45341ccb1d246a4357a0e0a95141004ef842da97b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    55604604b0f7287cedf1f80683b3a1e7

    SHA1

    75f9581a491833bf4b94fd3cb2b9841b87b3ff18

    SHA256

    6c9e9b6f2514450b344417e0216f2d0260dcbe30a07e320f9c8524413d925e6b

    SHA512

    25d5d21f1648fd24485380ac5f9ce62c65146a7e6d127388c99e26bf957a0667bb0178cc2354125432778b3cdde2593156c86c78dc16858e6c1bc050625f976c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e7f2d0e1356439dd36c7086ae8d31ce9

    SHA1

    c99b77e1a48a4ef74e30995a34124fe4c22d014c

    SHA256

    2162a2a21e36d23985b3823c407aa1347403384b425a0b17dfe5928457153696

    SHA512

    099e67b04d4dabf781217b965e056994720b204f230d36ef0235485a29404f9e17452c87a1433190dce4e679384ccaf5a649b1b39e0703fd66421dfa17d8a37e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8bd033c9b02f82de403c0930a8736798

    SHA1

    2c39a7e48cc3165edd80a7a9d4c84bbe60b5284c

    SHA256

    ff4a5094116d8d4c06cd768c86ac0c331cff2d596328d9829709603f56a1084c

    SHA512

    f23bd17702c2f9571b6f671cf4531a70177001bc58b4a31f38ae9f2afe61826414f560de8de18898e5c05b72495306de00f636698ba8134c384e5e325e2ad719

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8292da6c775c2cc695ae28f6a1449735

    SHA1

    bef14b0176faed0e0f211f440de016847397144b

    SHA256

    4900335c0e97ce93a5080dd15c45d2735ac2f41b88d7d8a4ad30c3e7b53e7264

    SHA512

    2016f76f10410c7fb07e38e28040b54891eea3c7d7a36ff16387b123ba6b01d82cd705904e678c03a5e061f22cec584ffd8165ca87413367619b316c4e00ff56

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabBF98.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC068.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit