Overview

overview

6

Static

static

3

ventoy-1.0...sk.exe

windows7-x64

6

ventoy-1.0...sk.exe

windows10-2004-x64

6

ventoy-1.0...on.exe

windows7-x64

6

ventoy-1.0...on.exe

windows10-2004-x64

6

ventoy-1.0...nk.exe

windows7-x64

3

ventoy-1.0...nk.exe

windows10-2004-x64

3

ventoy-1.0...RM.exe

windows7-x64

ventoy-1.0...RM.exe

windows10-2004-x64

ventoy-1.0...64.exe

windows7-x64

ventoy-1.0...64.exe

windows10-2004-x64

ventoy-1.0...64.exe

windows7-x64

6

ventoy-1.0...64.exe

windows10-2004-x64

6

ventoy-1.0...64.exe

windows7-x64

6

ventoy-1.0...64.exe

windows10-2004-x64

6

www/index.html

windows7-x64

3

www/index.html

windows10-2004-x64

3

www/plugso...l.html

windows7-x64

3

www/plugso...l.html

windows10-2004-x64

3

www/plugso...k.html

windows7-x64

3

www/plugso...k.html

windows10-2004-x64

3

www/plugso...e.html

windows7-x64

3

www/plugso...e.html

windows10-2004-x64

3

www/plugso...l.html

windows7-x64

3

www/plugso...l.html

windows10-2004-x64

3

www/plugso...n.html

windows7-x64

3

www/plugso...n.html

windows10-2004-x64

3

www/plugson_dud.html

windows7-x64

3

www/plugson_dud.html

windows10-2004-x64

1

www/plugso...t.html

windows7-x64

3

www/plugso...t.html

windows10-2004-x64

3

www/plugso...n.html

windows7-x64

3

www/plugso...n.html

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    03/08/2024, 01:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    www/plugson_conf_replace.html

  • Size

    11KB

  • MD5

    ab7b0e0ae2c6b2b2b59ded3c7a9e0f12

  • SHA1

    12fa135573590621add9ed6d869bab4dfe07f8c2

  • SHA256

    70c1dda4026cf56c01bdac997a652cee7eda60229dc51c9ec6d3609687a1a3f8

  • SHA512

    620721497f67d4f4346737fe67e20901aca00592067b1d9d873c28360eba58ecc806fac91d9a8332c0e8dc841dc0e10702f96d8bb09d7890bb73d1a699973a3d

  • SSDEEP

    96:Hit2petGVxQBkzoG2pm+0+pntioGQQQQQrYMEpyJJgAZKKqpqWCFKs4UbbpVMhPD:HilzO2pm+qoGQQQQQsMEc/ZKkth4wVQ7

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\www\plugson_conf_replace.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2488
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2488 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2936

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    36d6f4a6d27b517177cbc458ec966989

    SHA1

    584c132d76bb238dc75fa84bd555a7b20f4ef038

    SHA256

    62610ffd81c0716ebee5537624fd7c5ee4845a9dfadd02ad9e89db4c8bb788ea

    SHA512

    ce9e60b08d877e9dfff0d7f15d6e252df58b5e59f2602d5336b4a97a79f2c17e425315e2008a59e431fc78a8f75e8819854a4da6d75130720f22589bc62e1c15

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2a80c3e5e981e78b377010abff9b9f9a

    SHA1

    99c4ef65b87e0c5f05d562b5a1f74fa4f7cb301f

    SHA256

    0395c8d1bc002f539b5f045fbc73a08b742755cb469d872039030a3f1c473505

    SHA512

    6b8633f3987fca4e082034992d91c88710b9a5f23aad1341f8ec44a386eaf48b60a694314e16ea9d0994942d70d3ec04921bf7c2267088e3d3a873ec80c964ad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e7cc77e4cef41c19666104413de60ca5

    SHA1

    151013109ca716d799a048d287c227907dabceba

    SHA256

    125b4ca5b5ba455c1a95e23889a257b16782969b2cf8b809d7ade839a347cf53

    SHA512

    7d9052ca0fef7d1239adaafe148af9a8f8a68d2a19e4c88d03ac3d5a68e9d2a424a108cd3612fed026cfc190829a4f2d36c215d4cf8b39f44244aa13a4db3720

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    81b43c9edd50a684196ee0bcff55437c

    SHA1

    a4bc5bbabb6804c94f02baceeaa786b4dd0cde88

    SHA256

    60891fd45374ae55433b6ec71845f908f6047ef97a740a4c95e5a225cf44ffa5

    SHA512

    7dd93a530e8c54b27302240b250abe06c2539223f1ed7b91f38b8c5050ba5e00b3a8c8731ff9bfedacc640f223ec65021bdb483cf6727b11e5f9629b5b2d1c06

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    659df9c874e16423fee45c52cba16d4b

    SHA1

    0575522e1c6c2e6dcbb0c844218a451554666b09

    SHA256

    c4bddcedabfa719e2068d68329ff210caf821ef25b6757b8e55eb4663200bf23

    SHA512

    8a25df2ae8949bd6c373ab41e633dc00d0693a01c972bfe42dbc7d3404e079ce9ea9cd81259667b0524237ca6870cce2479bacf33033eceea131bd0bf3ea4f37

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    085dce92be6a4f98531110152e84f11e

    SHA1

    20f664d5e366d3360ab451645e4f5c035a031e04

    SHA256

    94180be2e040d5f7b1242ef44d84bacb1f761b9c49ceab33192c1d27cab4ea2d

    SHA512

    a0db8ded7454aef0c77af00c190822c27b3bf67a39da39e2010ca1c3f555b43fd1926cbb491a1e8f3fde1f33740c93f447eac97d5c129639c233a29b7e953212

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3fd7a647837f9e03b2e3e87b5b5b4e0f

    SHA1

    09cdd4b691aab0df15bbcc058bc646f470753673

    SHA256

    840082f22a4ad1239ce4bead3c9aaded577e3faa856fcf7a2a2384d5be0691a4

    SHA512

    332b73746515cfae7f11b09c13e044f7940805fdfdd9d650215afeee7aa4b8689aaefd6ee8089abebaac88b5c3c6fbe86074b21dce07343e39f46343edd606e8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e8b30ec1f244a2ddda4ac5321ad3784e

    SHA1

    75ec89c4d98f485d5a319647a23be25648b54d03

    SHA256

    f5896ce628de1dd20022de9076f4a60ae09bd02753919835b6e88a85d6a422a3

    SHA512

    b562774abe8719e262444e645bfdd5f456a73966a13b03043df65ed7232e7afb46a9c32a4ff40b7467f424144fb85183daf84bf77d05869bd870fab439f90d16

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    650416b14f0e472a8891bc905b786d58

    SHA1

    c35333dd98ca6bac9c34b621ce033d18fbe1e8ad

    SHA256

    4916a1c07a05b49aa267187c67fb75e17bfa0f8c1c91e6539a142560e0e1991d

    SHA512

    ccdc1bf1539c30f63a72e98aaed1bfb7e9e0e5d3ebf4b77e40c12252e87b9b0ccccd617e0a287c5f6467d18ef29f79a0415bb60b79e2d9a5ed023e602e797ecf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0080825d172d45d1f9a2d67e5c685ab6

    SHA1

    99e3b7b9b5947fc3f4248ff80ecc5592754712c6

    SHA256

    7b4ac5565362d8ca2c2e9803f652f39bd76acf4577c25790878ca6f26afd861b

    SHA512

    9e6b636caa9095ca621fa8bc7cdc712e78956493172b62e6f99608493763eb02633b60e3b587299bb5905a309a3811dd32c3a53cdd37cd6cd5c232c5af4ddd45

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eb8bbbfcd81050b9e992844f9dcb7170

    SHA1

    0a77bfd4771fbee777732e1ed401bd4f8d15599c

    SHA256

    c740f38b9a65983a822274bf2c9626cacf908a897a3719f418421f2e1232f584

    SHA512

    753d29cff738872ee3eb95e6e1780b2d4e5c6f237fef8a3cf66139b8e6a79d03e6d8aff733ea028d98ddc7ede0df1751964062dc74625e44173edd1fd28f0122

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cc1389c373d1337823ceae7277002620

    SHA1

    38fcc04f2793560dc0aed58a67cb4ccd3d37c778

    SHA256

    ac89191c84e0aa05b2fbe8a82dcd82cf6893cc04be57cd1e68185d7af443cf40

    SHA512

    41b21ea4485283c4394212fa63e71bfdbf75ae0a38e82d2b70d7d7a5997fb1619e62f9dedb69d3d647cbbf5add81e466e44886ac0cdf10c4fe3f615bc6767ec0

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabDDA5.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarDE16.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit