Overview

overview

3

Static

static

1

Hsort_School/114.asp

windows7-x64

3

Hsort_School/114.asp

windows10-2004-x64

3

Hsort_Scho...ny.vbs

windows7-x64

1

Hsort_Scho...ny.vbs

windows10-2004-x64

1

Hsort_Scho...st.vbs

windows7-x64

1

Hsort_Scho...st.vbs

windows10-2004-x64

1

Hsort_Scho...ny.vbs

windows7-x64

1

Hsort_Scho...ny.vbs

windows10-2004-x64

1

Hsort_Scho...gue.js

windows7-x64

3

Hsort_Scho...gue.js

windows10-2004-x64

3

Hsort_Scho...ws.vbs

windows7-x64

1

Hsort_Scho...ws.vbs

windows10-2004-x64

1

Hsort_Scho...ny.vbs

windows7-x64

1

Hsort_Scho...ny.vbs

windows10-2004-x64

1

Hsort_Scho...ct.vbs

windows7-x64

1

Hsort_Scho...ct.vbs

windows10-2004-x64

1

Hsort_Scho...ob.vbs

windows7-x64

1

Hsort_Scho...ob.vbs

windows10-2004-x64

1

Hsort_Scho...it.vbs

windows7-x64

1

Hsort_Scho...it.vbs

windows10-2004-x64

1

Hsort_Scho...reg.js

windows7-x64

3

Hsort_Scho...reg.js

windows10-2004-x64

3

Hsort_Scho...st.vbs

windows7-x64

1

Hsort_Scho...st.vbs

windows10-2004-x64

1

Hsort_School/Conn.asp

windows7-x64

3

Hsort_School/Conn.asp

windows10-2004-x64

3

Hsort_Scho...st.vbs

windows7-x64

1

Hsort_Scho...st.vbs

windows10-2004-x64

1

Hsort_Scho...0.html

windows7-x64

1

Hsort_Scho...0.html

windows10-2004-x64

1

Hsort_Scho...1.html

windows7-x64

1

Hsort_Scho...1.html

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    23/07/2024, 07:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Hsort_School/Html/2008-11-15/10.html

  • Size

    8KB

  • MD5

    c16104c2ac9e0db6fcc91340bd137f39

  • SHA1

    461633d19d663d1074dcabae1c819061f7681407

  • SHA256

    ffa1a7cdd55eca960273869931a7ae435b736afeba6dff1a6a549504f927dba5

  • SHA512

    4ee157fe3096174e5ca675839a6634b34a2d16f498228324dbe463709d0e9fbbe40e6ba1b1076008a04fdb5a16fd5810ac5f31f5ec7152c9cc342fdc59bcbba9

  • SSDEEP

    96:3InRBsVmRUysmNPq6ljm1s4Lu8TBSwzOO+hknOpfTHR5eEeHYwH0gwm00CjM46Hh:3InICUyfq6QLOO+yGbOHw6WWnOKaXk

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Hsort_School\Html\2008-11-15\10.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1736
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1736 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2432

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    536cb32bfc137e696402ad7a32ada894

    SHA1

    320792b4a86a04f6685e13b0bc1ef63ca37d32bd

    SHA256

    4621eb7c912857865ed222c887f7f12d021a6035ffeb75a45f48da19217c3d53

    SHA512

    6cf8ef6893815ecbedf2f5afc644f6bc722f6b704992eb9a6cbbd43d11870c9a6f20d451d69c8f63e259c0a44e762bfb96489097f577a804fd8b4b1ee2a6ebf9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    0a5d17efeec12f1dd7d71b5259e17921

    SHA1

    e0c16723d88cbd1ce8e54bb91a80b3e7e7db9140

    SHA256

    4b5bd191eb673c6a15336685cddfd834b6774a2895cc326192fbea6f85cdf950

    SHA512

    4a8576ab34b9837ad9e70de767bfa75c64a90e48d08913f91c108ec7eda1688430dcb9d1b9d2e9b603cd3f47295ec9aed24375beda6c05ab1cde937ae7c4f95f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    481cc7da0283a8ed7c0f8577509416da

    SHA1

    2dd9637a9bacfb783aa80b098e780644b10fef3a

    SHA256

    645f703c54968467914064be2560b23e6e651d4c2a51cd7fbae2c1ee3a709673

    SHA512

    f4cd162246019bd37fc10ea268aa50343e84d055fdc7856c6f725fcdd0b6ffd796a80b96a2acc6039238b5aa26e2ae805e43044a4fa153314819404c45100924

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    3c627c06210edff68ca690dc9c3af64b

    SHA1

    b87b1aaee9d5580025e8388bc8103e3ca13bd575

    SHA256

    86d309be4282b55a31b8615fda8526a790a14df512286e4dd9c3880465161701

    SHA512

    93dea353af83d96a5e5d7dee43afe1d9033f865678337521fc2e0a553ef4552d3d3e1591d4b4e54da445efec8dd853d0128fb847e3513027580193ee8202a776

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    5ef361034ce538423f1415a9c99fd66f

    SHA1

    e9c3248d6e7b50c1f393268718d6c4ed69a48b70

    SHA256

    8f3cd5c983a74997826d8f488f7ba726fb5ff75ce585a60015b99e8ee1f904ed

    SHA512

    8c7d5b3762ee07c927b2e5223dae6c3850101a081abeef1136c073ad3c2b6d436c56e6163d0193968cff60928b24f52487edc47d852bcb08914924b92509f1c0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    75c6332844878e3a4bf21d2202c55ffc

    SHA1

    240322edc206c6bf3e1705e0947b02927015d397

    SHA256

    ade5cec64dfbc87f48e2be1d2d3ef2f715cf2e8e621c7622857043ab3ebfad33

    SHA512

    ceb85649af7229666485fa34c1a455f1647e8a78e3b2add85810676cf528373d652612eb5ed1bc88e878598bdabe3e9746544758e75a72eb38d0ca4fa700eaac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    fe69bcd01f75d6229524f9b7e88d1d0f

    SHA1

    69a376f51626bafe2d1b0a6f592e7663579a0ca7

    SHA256

    6eb7c11d63d36efe11279d12053a9b94ab6fb6b9bc74c56801f387613fd32b87

    SHA512

    d11810a33242bea01faa932ebebe449b627422a0e9b89f469d26d2a23bbda3022958e76d3bd489673a27263fd27cbb304f56ed8514640bd6fbd5883ee8a17184

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    77de7e5f5c445a76f2788f42fcc6fff8

    SHA1

    58173ab81e688b5b71b1c1082d025093d29e3eb5

    SHA256

    9f399a011f68eb68a03b6f094fb1cf010e138701a67773f4b20295f7dd6b46ba

    SHA512

    9a371189f403c7e33d8feffd43abb3cee0ae2c60914b35049b80e90da1f8d28c880969188eb7694e803db5988923b9bc3f3810c5b3d66f24cd3d6523d689d471

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    893ff648aaf46a9aa82931997676db34

    SHA1

    66a6e86f4132f35a1e1e11b0e5e911ac1667aa90

    SHA256

    93b9f04d44c677d8d6e208de309da2a54ceba8e61aa7e35e8d6142c105197451

    SHA512

    4a438dae25e41d0ab713709904081fe122ca8782528c8c5857aa96b9cced20a0621056f7e23f88bee35059f3d30a725dfeeedba5676214bdfec63bb89e991ff1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    f30fdb58c8b80135dc4fb71c4a027aac

    SHA1

    03fc541f752162b17c0af0347f367c4eb24131eb

    SHA256

    5693087a40fe45bb2c4fd9a618e0a8550ebdeeb65e7dae7d091ab0be8d2efe5b

    SHA512

    7bf36efa9c60ef7957ba67e45741a526be7cfa5ab7269d7583ba40ec3250aa1f5dfb388d1674070e05b82babb085db2702613f17bca96f8749573f581829d654

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    d77087fb6b145e5aacd432f2d401b71f

    SHA1

    51a4e80eec72dddf7dbb84a93d66d8f38232b73f

    SHA256

    405e7b3f4579e620e82a0087b39e66cb1dee001004050c368056aebbdcf0f10f

    SHA512

    310c2ceb714ffce750ebd3ede4f3c74c50b68af1a1cdf651965421ba70b524f5300400f1e93f3739d4f3ad1c4b954e3c528a7f8ccc6d552b46067cc97059bc08

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    5155576c898c8d2481f8ad685324a767

    SHA1

    4d5b14ea69061ee7fe3acb1bdb68f64d88e32986

    SHA256

    9be724705c6622df73f8a825bdbac31f680dba82d75efae4f4a4905062feb2db

    SHA512

    87ffd6b383b6ed7a545b2abd7ce5177a8819593acffc707b382c8c0942e1e4da0af83230dc44faa253e2b46e88372f1a302443e8cb7235c2f88515d32d123eb8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    bcaa2384de15f34ad3b248dc0522c701

    SHA1

    d6df94ca593cd2ac87af32db20a047c925b828f7

    SHA256

    527b8473c59f333ffb33937218a92a705bc5b97a095a39d81df663ba41ae116a

    SHA512

    5f04c0f763139db765d807fc40628ae0127d733e32e072a931e45416e46014945667ad7566a33ca87b7807aeae6c4d1e7254b854055d353d6ab221ced8110d5f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    7de4c2d7e7b8e6a79c9c685ad3aa17ac

    SHA1

    eb07cbb7bc207f5d2cb802411647645570137b5c

    SHA256

    823a6511b8d6bfac1f28f979347e64e5e56e5f214e4084564c40138404812c15

    SHA512

    4ce03c0334d591c1c7fb09b5a342aefbb96193877fa0db8930911dbc56140de8bcb9d7168f3460e8f449a834f8b737b8e405ff0b98dfb856aec1e3e64d13d622

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9FBC.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA03B.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit