Overview

overview

7

Static

static

7

nEO iMAGIN...es.dll

windows7-x64

3

nEO iMAGIN...es.dll

windows10-2004-x64

3

nEO iMAGIN...or.htm

windows7-x64

1

nEO iMAGIN...or.htm

windows10-2004-x64

1

nEO iMAGIN...or.htm

windows7-x64

1

nEO iMAGIN...or.htm

windows10-2004-x64

1

nEO iMAGING/IJL15.dll

windows7-x64

1

nEO iMAGING/IJL15.dll

windows10-2004-x64

1

nEO iMAGIN...71.dll

windows7-x64

3

nEO iMAGIN...71.dll

windows10-2004-x64

3

nEO iMAGIN...71.dll

windows7-x64

3

nEO iMAGIN...71.dll

windows10-2004-x64

3

nEO iMAGIN...nt.dll

windows7-x64

1

nEO iMAGIN...nt.dll

windows10-2004-x64

1

nEO iMAGIN...ce.dll

windows7-x64

1

nEO iMAGIN...ce.dll

windows10-2004-x64

1

nEO iMAGIN...st.dll

windows7-x64

3

nEO iMAGIN...st.dll

windows10-2004-x64

3

nEO iMAGING/atl71.dll

windows7-x64

1

nEO iMAGING/atl71.dll

windows10-2004-x64

1

nEO iMAGIN...mm.dll

windows7-x64

3

nEO iMAGIN...mm.dll

windows10-2004-x64

1

nEO iMAGIN...ap.dll

windows7-x64

3

nEO iMAGIN...ap.dll

windows10-2004-x64

3

nEO iMAGIN...NG.exe

windows7-x64

1

nEO iMAGIN...NG.exe

windows10-2004-x64

1

nEO iMAGIN...c.html

windows7-x64

1

nEO iMAGIN...c.html

windows10-2004-x64

1

nEO iMAGIN...s1.dll

windows7-x64

1

nEO iMAGIN...s1.dll

windows10-2004-x64

1

nEO iMAGIN...s2.dll

windows7-x64

1

nEO iMAGIN...s2.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    72s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    22/07/2024, 23:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    nEO iMAGING/DefaultPage/adError.htm

  • Size

    1KB

  • MD5

    2eb5d0e410a37905791bfcaf246d9bcc

  • SHA1

    2b0d8cd19b32686f026d7d74a64cf436886bb021

  • SHA256

    6044d13a29de3f7290a6e805b0b143d3c4d3f283f194341b730604cc6d2e422b

  • SHA512

    9236cc5ee95c8d1069683ae6a904f3406fe8ceb4c32f4e98c8ba32bca3ec897fe9465af149f7f07a92b171100bc1dedbd36c61df90bdd1ecb15439992065f6ce

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\nEO iMAGING\DefaultPage\adError.htm"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1100
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1100 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2148

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    72afefa0ad5e7de1228fa99691fc3e0e

    SHA1

    a7216b9f7b2ffb3b01a2a0847da01bfd6c8f5c28

    SHA256

    894e6a5ac1f8fd00feb6e40f16943105015e35f079eb45df2aafffca674af9f0

    SHA512

    6e7951c4106761e5179f0422a2c78368cd99e3a5e9a8732d68d19e7f9c0a2b438b977be05a4a81f60b9ffcb4484bb2b1022ac8abe97d381ada67d1d3193719a0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bbaa2eb8c1c2dc7e30064663d9ceb866

    SHA1

    ed39d5f889f8291dc823c4ea6a25f79deb9c59e6

    SHA256

    6a3ce66e26afe32f8258b0dd11167a980526929342a9084f660b61f5580c0518

    SHA512

    4fd95cd72d0e981c6c0c3fe90378f36415b636b8e4031b96f8a4122d61ce024d3c00042f0482f3c9803e1ac906fb5d00b26da9f86c133e54030d18257613598e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8c6d371113d185234ab27b5ee425982a

    SHA1

    a5981467cb3b5a6881d5f3bc523d67728aad8e82

    SHA256

    8d3c825c1934a8d7efb178a11856536bcb9ccb4a290bd2b7cc670ac21cd1d3de

    SHA512

    fcf49955dbc63c27e704f542cd5d37335180eb11f6853ca3cc3eade408cbd210ddfea485863c28856c58d24da74ba4c42148187c58ee7d26952d533811965b10

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8cc9858b88b8ea39f63fa99b303d48c8

    SHA1

    9463672a8daada5fbde2078eada24178f16f6aec

    SHA256

    8bbb3aa3d0ced3878ca86a0f4f12db4f25123d7dd08069198c94a2291f52f78b

    SHA512

    b52a7e6bf370b03d8d5cf622c0ca1221382859d3c6b396886070d23413e2834608f9dc6b33b5945bbb9fd870349124ca80550a6fc406e40eb163e1f72293ec7c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1efdf58391aea29050258706a35073b2

    SHA1

    3412b7f339b8b1a9f990d8c13b2aea8c22927baa

    SHA256

    b2c64c409d73505aa248c2b1f777cadde287117a6a0348941016e2129e1afdab

    SHA512

    c635db4133f3ecd1743bed370300a028910e4c73da9409b9a710512b7897ca142a821af14959305b196d83e02a061ffb7dea7e562784fba94616451d17c9f1d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bb88ac55b491d870cfb9a82055b30054

    SHA1

    3d42a367281fa19de85af9e8a2c14fabb860c0d4

    SHA256

    e7d5aebce050010468191ce87d25ce4ddfe3dea347bd2fd092c4f3bffe1682d2

    SHA512

    5d4259eee0f287bda1cb4621ce7a1e7d866cbefb55288b3ee77ca47fd3c60c0d5906a4bd813c2af1570cd5d539f8e02c712a5efabc212a9789d922ad7be8528e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d82786c9c73a89d2f21e87db99f64c2a

    SHA1

    87042b0d5a5be97304530b504d0cdde079d9b57a

    SHA256

    85ba9c21a6b226ef9f817dd72684d4fa162dd16c710b182b371024cadd8fa2e4

    SHA512

    569199a3d0b21d56e1ec2667404d42651f8916d17de74517b061ad24df920391647b8d4ab9fa51e3f08b20e445d2c4113647077288a7005066abf1f2ccfa1207

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ac706e183d6ae0b6d505e406396676a3

    SHA1

    9344b2c9ceb6da7a8aecf6259a426c09513857a6

    SHA256

    17417390f889c922b09b0dcbcbc199b1ce7c48c6a2f1c1bd7a8b7025526e644c

    SHA512

    aa6db4b60c7c193cf83fa2c85a851a69fb88240a60237651aa04d4a6ce198ebde5228f53313f57bc6bec7882a7d3d260de5e12054d78d8ea4ac04b9c3c52eb95

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    982e4eed2e758415a8676fdca0ca44e4

    SHA1

    cf01d2661dbee7939a5f5b775ca1aec456f9ade2

    SHA256

    6905994582d1256f380b4ea5095595898efe952cb731024cf15d37a2c9f1c704

    SHA512

    d6efa2bf8b3abfa3689b456d338d654a9c1532fa20d1204a9b9ca57b7071de66e073b1d3349bc2fb0498a1c42741d2bdaab7a61e21188169aa2660de40cc1b3c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a2c4017f194b6326c88d4590ebca61dd

    SHA1

    dfe6a13f5ece0193c4f1f621bc88374d7c88cbdd

    SHA256

    cc6b06d46379bc90b050ed642844afa3f4cb8f7acd18b0c95a6195d06f56eab1

    SHA512

    4ac6f7e889f5c25a5b1a93ed7548e3846dd729e64e0ff1d711a320b9fdce7b0d54512b7755ab156184df4bc3cb96034085a1c492cc1c2556e515460948dbff48

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    056793357426973e352bfc2c0845c211

    SHA1

    306991d7a35cd8d37fa76f75eb64137b7fc0ca64

    SHA256

    8732a500fec7f32c8516e78f0e3c63055077aa896994b9ba0ef488f521cf739b

    SHA512

    ac189942fc4a0d76cae48c85b0d402755e14aaaabfc5b6d65672308ec098ae54a21475fccb32da2f40a835b95376af21cfa344ff944d280967fe62c6eef7a0aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7af58db37b6569aa14b530911f2cdb4f

    SHA1

    eaa13b504fe3980b3fece31289fe505ae32cc56e

    SHA256

    a19a21cfd2df87d244482b9708e8e50b244fc16b26d7f19e13e950d07f8333b2

    SHA512

    f4a594b78c8e53694a50984b89966af654810ce8a982b089960b9faba4ce73850f1139537fac98020b63a765d0eb20193fa93e7112f95adda0c6c4076e77998f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    523820ebb48afb56776ade1a0b517da3

    SHA1

    f687f97ebf1febe20fe87a344081b39e932b795c

    SHA256

    aed411d41e3cc0989a366721cf7f11f1564d413f78767f182bdd36f73231eeb4

    SHA512

    ed9180fc19caf3438bc196acac45936eaf98c7ea43a20c48d6f8256671369a40895234e254eab90524509f0f1ddbbba786768d5014d27821f81b9bea29f60667

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    803f2274e6ce439302cc96f097c83c8d

    SHA1

    8a3095e3c633df6b8c23662e3a0bbc122a827eb0

    SHA256

    49a4d6078763ce48319be3cdaf7d90c2669b5006f45ae074567978f739774c64

    SHA512

    5591564f083a65446f0a79e3c3fe18efd26f09120a402a023b1892ab9a5bdc41f979efa06d3edf9fb9ba2cf495355a69da2cffec254765209e74eb6bbe40b3b5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    79b3fe8031d4cd84d4a224f6ed97c1e8

    SHA1

    4d42f53c7c7613c2755b8b0367da15847e9b709c

    SHA256

    d26ee9d7e42c60446259412a75b1432f9d4cc71a68b2be4aaedcb1026114b767

    SHA512

    b4c9acb7226dac30f89ea35180260a522a373ab6398e2e9fd3a5e9a5d66ae7552896ca77f50447bf7092947638b51736dc34335ea1eedd76661b94f4cb35aa6a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4547d3f39a0520a8686ef09b9d275261

    SHA1

    3c35be20c0ed83fcdccf68b9bd3431b4e727cfc8

    SHA256

    9682239aff49a0c60311539257c286981445ee8ddf4f21effbc36f36d93a4de9

    SHA512

    de70049c28cacbde3e7cc803923bffa90500b8336b6fada15295cdb9ff5ac52cc894b338fb549584dd9e70049f829158dd853ed125da8fc8a5d3c71f41318278

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    27371dfb8e82ab228dba2052daeb276c

    SHA1

    40a9aa04a466c3866c1c642b2b8e8d593402593e

    SHA256

    ff72757e14ba706bf02c1cbc53af481277a050acb9557f5c3ee3029b2563cf2a

    SHA512

    110e7a5d56653b27cdf7adc2518ac622aecb958f476daa27ee2b8cdd46fa32b59481bb80e10af79ee476525605fae3582bd0d616032c2391189e04637a220ebc

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6F78.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar7027.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit