Overview

overview

3

Static

static

1

pufan/pufa...tr.asp

windows7-x64

3

pufan/pufa...tr.asp

windows10-2004-x64

3

pufan/pufa...ate.js

windows7-x64

3

pufan/pufa...ate.js

windows10-2004-x64

3

pufan/pufa...te.vbs

windows7-x64

1

pufan/pufa...te.vbs

windows10-2004-x64

1

pufan/pufa...le.vbs

windows7-x64

1

pufan/pufa...le.vbs

windows10-2004-x64

1

pufan/pufa...ut.htm

windows7-x64

1

pufan/pufa...ut.htm

windows10-2004-x64

1

pufan/pufa...log.js

windows7-x64

3

pufan/pufa...log.js

windows10-2004-x64

3

pufan/pufa...lp.htm

windows7-x64

1

pufan/pufa...lp.htm

windows10-2004-x64

1

pufan/pufa...in.htm

windows7-x64

1

pufan/pufa...in.htm

windows10-2004-x64

1

pufan/pufa...op.htm

windows7-x64

1

pufan/pufa...op.htm

windows10-2004-x64

1

pufan/pufa...up.asp

windows7-x64

3

pufan/pufa...up.asp

windows10-2004-x64

3

pufan/pufa...add.js

windows7-x64

3

pufan/pufa...add.js

windows10-2004-x64

3

pufan/pufa...ve.vbs

windows7-x64

1

pufan/pufa...ve.vbs

windows10-2004-x64

1

pufan/pufa...te.vbs

windows7-x64

1

pufan/pufa...te.vbs

windows10-2004-x64

1

pufan/pufa...st.vbs

windows7-x64

1

pufan/pufa...st.vbs

windows10-2004-x64

1

pufan/pufa...fy.vbs

windows7-x64

1

pufan/pufa...fy.vbs

windows10-2004-x64

1

pufan/pufa...ve.vbs

windows7-x64

1

pufan/pufa...ve.vbs

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    22/07/2024, 17:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    pufan/pufan/Edit3/Dialog/about.htm

  • Size

    1KB

  • MD5

    4738e9c10e361761f9c4529e58109848

  • SHA1

    1be5e37d4a830d30afc16a9a50d07fcd7392bab2

  • SHA256

    0e75c08d1834e696425319e55873e2f8d913db6d7f159741e36a2079374e5621

  • SHA512

    3ce3ca5482be20a48d8815567c05ff357fb545c49474f1df9f18a04c53770c37dae9352427268f67e4b66e2481ff38d64e3b28e02e11d24b3daa78e375859b3e

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\pufan\pufan\Edit3\Dialog\about.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2516
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2516 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2424

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    55a686aa1479b274e8230e14b906cecb

    SHA1

    a691daee451e4deab948c43df72971068b4b9ece

    SHA256

    ca5adc9d6ea18cfcfa03c75c0de6f2fab0c9510d4205d8c71d964551a1aefacb

    SHA512

    99c5bfd0a63c060a393e4a92893ae1ca42423cf31342488748188ed34b26c89bb07036d04191b6852d1b4e89ad1842255d2d44835fdca7f94e1bfc1b114b689a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ebac7dcb7f3c705dbc1ac614028dd13c

    SHA1

    80353108e673d0cef58f6e1048614729edfcffaf

    SHA256

    877a28a52e9870ff6a8d88d3034e54ce71364c0e1e97f6340b7190b6fa35951a

    SHA512

    56d33892a393c5017a50080b85b4ab973320693202071da966ec51b8eb385b229a0e6bc627fb1f87749f3c60367a575efd8c6ed403379da446e0d0f7ef31bffb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ac330e3fcf401058ef3f7632c01b664a

    SHA1

    d46dc0598eb072f5b81c5540554ce2b6681f0819

    SHA256

    d1264e4826311a5b4a29ed9bfcfe33e3497b60ecf04b5330192f5c18f309d55d

    SHA512

    90a582b6553293988ee1c3749fcae1e4d12dbe6ce5e7dd945c264e60605f5922bca3bffca7deb5417697718ebef8cb88f38283857a7231c976fcf7479447ffea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    98cb948e52a3e569c422cc603c4005b8

    SHA1

    59140dbc06e9a69ff90da1bcdbe797ab08d64008

    SHA256

    d5e61de75a1ca7f1dbf57014b4c4cc53d156d70abc6391db672907028356f3f7

    SHA512

    72f3eb1a33a8f61a13a26e9731964a93ac2388448badba8ecb6c31dcba7a0852b97c286d5c01f0d27e5d9f6ccf549ef09724789d0b625017792a9bb3fbc461f4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9f91bcecd671112feb6437822f9891b3

    SHA1

    55c86915e687a7c4377090bd25336206620af772

    SHA256

    e69cedab7baf57e576ea3c63196c34c0c0f05da79b67c472a96a0e3d7cafe52e

    SHA512

    31630e2ef06f0a0345cbcaa5d2b5a945bfac0029f895363866ed2c5dd657c01434e7dd9d3bff0991ddf0d1f21826402c234915c9b80c357e952c39788d3e768e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a560afbc9293d58d5c879379a73081a6

    SHA1

    d28f42e4831817ebb6fdb48778eaad1a79f75a1b

    SHA256

    c0bfe30d7660a0de2493a30981fa11cd8b53ffcee06fa65b6a4f6c2359301e74

    SHA512

    bdbbb837a69c49ddd200f0b187361e89936f3042f83118325249c58bdb67be7c13b2b10fc37508791718cca282435ed57227d73466f6d3ed1be5b55e8b8dcb55

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1efc3413bd0ec9c32c58363fcd058b30

    SHA1

    30b19899283b7d963c7a9e20bf63e1a5e8bc03ce

    SHA256

    eecd5e16aafbfc5731e9e5e552dc74cf0d7c9a28a4e342a64bfac778c8758165

    SHA512

    db4044faf29b5d0061dd7c473961a6a4df42d92302dd7014026f8c46b4d82986054a794633cc4f441acad246776342a841f92819bd3fb44ddd50d845a2e457d7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a166efd5435d289869f702154e3065f7

    SHA1

    9c967a87b78e55e923aba8de77c13190f063d78e

    SHA256

    6322974bcb0c3005d025f1c069164a26b5eb4974ee98e6de146eb9312c81c272

    SHA512

    07c4eb893ba91d1475ebf40dc8877eccfddf01028f9d506168e8679ca4248e57332700ec1f3d43eaf507b5b73135a69bdb9b3f014f363725014283bdc344076a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    13168786643a1a28c201666f72a7dc2a

    SHA1

    676b2335b6b350418dda51e308c23f6ab94b4def

    SHA256

    1d358c3cce66f611fa0feaf5cd43cc7641abeb7419512263c54266f18d4880e4

    SHA512

    5aae8e9d4e71ad18048bc572ceb764d85c41ee290f0a79c33fbc4db15113f5d2144d0739b0d0fb39498247f45c5a59ea58e29e37d39839b4fddf3e6f279a57c9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e168e93ba8dcd47a0e3d6e6fb0f28a86

    SHA1

    54843c07e871d2b02c78de1ac0d497fd29109760

    SHA256

    3b5d161559537e7b8dcbc577126ab74ee0b6f582db103aa06c1f4ee81137b48b

    SHA512

    dc2ae5978796d8b533f9568a11a12d835ecc95641c9ad6ac1ccb7bb036163a17f0c483ee289cb864c512d4d18638d952662fd7e96be4747d108404c4899ad4db

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d642ee0760947a91c4068a9e6966b0e1

    SHA1

    ad0802e153ecdf6b89e46f3470dcce5ff74ba422

    SHA256

    1d7341e7b61740e280c919536b3864d911298a0c4557a20e901343d69ad1b0db

    SHA512

    ac7dbededde1eacc0d0612ef695c524155e8d6b7eabd211a8c8fe67e87c3c4ab3c4112a8a5d7174dc25222f0a8f238956fd02c13be5e54f8f4e31f5fdff28543

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0178aa452786315cfaeae2362d1d3fad

    SHA1

    1e19f067e9bae6dbc4c1f94b937be7bf6ac736da

    SHA256

    1f739a6b656f435e032052d830ae5afa7447aa9774a357eba520bc965790dc31

    SHA512

    8b359c691ca6cad3ba7aaeb258ab523d877f5055b7f7dbdb51bc000f84b48625dd74f32c419b113fa6cc4de028662db2d00cf67a43476ab3abd4ca2b5ed230c9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dc33f4c31e0c41257d9e2262ec7ae031

    SHA1

    7db2dc571b419d8f6db664a470c752def2c01c38

    SHA256

    dd64335cc1d1040c8228c8b2df6e6c45b68b284383165f50f5f66bd3585a3ad2

    SHA512

    c0bb04f268c0778a15068475898ce6c62c859398878fcafea74170e3a734f405fe04535ba90925acc8c3c6e4f916ed87245e0c138d476703010564074675579d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    801d5a1a1a8b8ed1e902f31f488cc694

    SHA1

    cf890b293740734036f5c4bd91300dc419ba732d

    SHA256

    5996d48d31fd203acacd84ba1e325b0d8b0b6f7ba1be4f78b2842647eaf9d663

    SHA512

    aadf2149866d97062f3910b95e9f4f02de427546172ba83ab2360507f18b4645ca1d92a137fbb575b36e425f064b42c4314d7f911345654293298c13ebcc6da6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    269159d2f171845ff99339759a30a2a8

    SHA1

    cc1b81cff154e57ac63976f2729727e9de281e98

    SHA256

    4e9f092cde08cc1dbe5fba7ba65b9201dafb6dff11d8b7f9aea9adebda0bcd42

    SHA512

    8da9da2424ad820f3f3c0dbe69404989b6296e6966c29ac1facc7ab4f2289c0ffe40fa03d7ae017b0bdea170ea27f402b4aad7cb07260df964916edd7cebf130

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    121b61ed57281e523701452120eb5783

    SHA1

    591bb982d404b830e18e35e208a6bf64fd397992

    SHA256

    d6ea5d8cac06c641db78b7467f95483c8d071bb97bf69dce47c815e2f8c0dd09

    SHA512

    40450fcecf9b9e4d72f6cb9f31fa5435efe2765f553e9cc074c4ef60017b9fa33711817df99fbd374011db8eb76984c3dbcf1e293fef0a140f1a4aa3529ec1b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    22500da70e22bd4819d1e7fed90cb797

    SHA1

    989007efe6dd32b601aaae9622a84967e3884830

    SHA256

    fdb2b698de31d6a68a3790ea8bcae4392b386e6ed2919e361139e32b98a695a0

    SHA512

    f8b792f47b46fe9f86cc870e35790dff27d866c34433003ee2c00ca7dd9e75c5bf319af818ca5d53f68d020d8c596e748e9f45bfbb0b6458a79b60b1139ce58a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8e88c00d0d8e2010dc44cfa3fd59ce7f

    SHA1

    615a20d9c79aefc90bc7b03ec3e2847cfac0f33e

    SHA256

    2d2cd59c0ea3387fa35de76842e285635f52108c40823065b6d2fa6a691eec24

    SHA512

    a8404d9299a3ced18929a77f40a8c15b9be50d1d9a4b8f1efa2d01f89f652d142872234de06a6013641955847ccfa2650613ad2cb9a20bc8dca1004a001a7b64

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    041078a241d52737851e9ec1d944b1dd

    SHA1

    97542005ad509272ae76a5d16db7bc3d0cc5fee2

    SHA256

    68d19ef4cd1058979069635045e68855d4cc736f5fa24faad76a8ecedfd74b4d

    SHA512

    9b421c169a8b18611a0bb63d4e08ede3ce0b3114f3b979c963535a7b8207e893351552bfca421a08fdaeca9ed432072e709ca311fd525271c1bb5e3b43e35d87

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab982D.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar98EB.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit