Overview

overview

6

Static

static

3

ventoy-1.0...sk.exe

windows7-x64

6

ventoy-1.0...sk.exe

windows10-2004-x64

6

ventoy-1.0...on.exe

windows7-x64

6

ventoy-1.0...on.exe

windows10-2004-x64

6

ventoy-1.0...nk.exe

windows7-x64

3

ventoy-1.0...nk.exe

windows10-2004-x64

3

ventoy-1.0...RM.exe

windows7-x64

ventoy-1.0...RM.exe

windows10-2004-x64

ventoy-1.0...64.exe

windows7-x64

ventoy-1.0...64.exe

windows10-2004-x64

ventoy-1.0...64.exe

windows7-x64

6

ventoy-1.0...64.exe

windows10-2004-x64

6

ventoy-1.0...64.exe

windows7-x64

6

ventoy-1.0...64.exe

windows10-2004-x64

6

www/index.html

windows7-x64

3

www/index.html

windows10-2004-x64

3

www/plugso...l.html

windows7-x64

3

www/plugso...l.html

windows10-2004-x64

3

www/plugso...k.html

windows7-x64

3

www/plugso...k.html

windows10-2004-x64

3

www/plugso...e.html

windows7-x64

3

www/plugso...e.html

windows10-2004-x64

3

www/plugso...l.html

windows7-x64

3

www/plugso...l.html

windows10-2004-x64

3

www/plugso...n.html

windows7-x64

3

www/plugso...n.html

windows10-2004-x64

3

www/plugson_dud.html

windows7-x64

3

www/plugson_dud.html

windows10-2004-x64

1

www/plugso...t.html

windows7-x64

3

www/plugso...t.html

windows10-2004-x64

3

www/plugso...n.html

windows7-x64

3

www/plugso...n.html

windows10-2004-x64

3

Analysis

  • max time kernel
    134s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    03/08/2024, 01:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    www/plugson_dud.html

  • Size

    12KB

  • MD5

    2b19fb484fffdbbf55db1884afe07e33

  • SHA1

    2fc0aaa09e1f0643a71512dac426461e4f95cdbf

  • SHA256

    1b0a7dd079a909208bdbacf3648fb6c942bc38e40a073e53edf3ca029d1048fc

  • SHA512

    2b3a1553c68a0d9fafc4b280c4866429f5c2bd6e75822fd69735be57f57d22744875ce4149d31a43131cd85d3fb67288354db5f37a5c4a7e196115b385bcad81

  • SSDEEP

    192:HiiU2I7/WQQyac6QFc9YhxQcscKKVQisx1wZo7:Ha2QuQQdFQFcehxQU/Fq

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\www\plugson_dud.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1056
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1056 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2864

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e4f32de51d201b459d614c1a1dd619e7

    SHA1

    734aed335cb3a800100c45b01aef681b2256b22f

    SHA256

    a67f50e8e4109c810205c22a2bde98dd3963aedc2b94b4421b515f5c39a4ad5b

    SHA512

    27db9310644075e419c27b5a5c1143bdd13cf4545ef3133875f16b36fbd9920c4d921eaa119fbe42569b195437b21a6b6f299134d413c6dab5dce13ca1b26d2c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b0658aacd720a5520e44c22f46b0cfe0

    SHA1

    f954e7a39250f9e6826888263d8615dc98544846

    SHA256

    fe4751171f474cbc2703a13fad3673325d64bf4fdd5b39dabffbe1d492cf0c1e

    SHA512

    f2af0df185429fb1efbd89042d788393c7db6d3c8398f8e0a8b1dbef9577098beaaa9817ebad921db9f2d78979def19ee57c55bb9f4e6198e46dc0bb894b82f0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    19e5ae7ddfd0a94d48f6ebbf74e279d8

    SHA1

    de3094acf10ab5b08b0d18be712fb429b780e0ef

    SHA256

    b58b6ef017c9be34350d19e7ff9f272b3848f8e58cc59627bbfe5080873e7325

    SHA512

    52ba0ee1f20d9e1be2328c0497322b7add187f682c00e58dc3ea0c2df997a83193f6847332dd03683d3a574702f18eaac68182281b5667d2036b67b035322f20

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fd4d7c59643d3deed2fc1a8028ea6b87

    SHA1

    15daccf4fd54ad2ce9aee4acf2a4e6f5fce00329

    SHA256

    0ac39a8f70d7013a5f054f7ac677e3cb4967a44853483da96bd7b9e68877d6d6

    SHA512

    0b2a9326272d166465fec1d302b115e827ce714b19d4d31164de7acddf32de16ed0b2defa9a2ce8e1a8c4c6c684bd085c41ad718448dee869b46a578b18e9a83

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f2f9c05a550a10cb490491eb8718c9fa

    SHA1

    cba262051e628b425cbba1dfd72a2ebf5648acf0

    SHA256

    e86b5bbef67d2e458395e408a7d04ecf49eece36f2643274e4579df27aed9ed3

    SHA512

    c5df70c707274217e3585d9c0894361541eb5667a48610964f2f0a431a826cc8164f8f445da4a5b7f0d83ef15416390b4555450bfacca0c2ff1756cc73e0ab0a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2b0f12e7c1ab078f67507ccfbdb8ed13

    SHA1

    f5e7cd48a676e53a0662156400f153a239c73d59

    SHA256

    0931c76caf1bb86e15ea173ace7535d25ccb4b8f02092f6a4c3cc328f65a11ab

    SHA512

    16b38d33f96d1e013df4171c55a1adfe39c5f50a0fdb523abb36fb45910640d1b3a7078f44fdfde72a2ee8ed7c2ac474b81a430c7b74ce5ede6926a3769590f1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a4133e0cc6b1007fd527c815d41a97a1

    SHA1

    a2adbafec6fd8b50723231e902a471682584035f

    SHA256

    385cd8c03a5e6deec50d1d3d2553158f0592cba055230a5702a5ebe6286666af

    SHA512

    3a692988978bd1dee459695297dc4be16a27b3b2a83d5104abe6ebc97c6306b1820d12b35a52938ddcdf86259e23ef2d2c174374832ec6f59bd9046f5e7be868

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4a433aeb6c21208ebb86c31aedc3c452

    SHA1

    335428d7894869850c59ef3adc2d98385e7e80a2

    SHA256

    e7fa9c0b99d400ef57d6bc8862069159da2e4a66bf1ab9387433afe2a075a120

    SHA512

    27e7e9ac6e9ceb244cdb812d50ebc936422921e2d13578b178ca115dd7c381d9826219e8258b64d43b0ee4ac4ebc909eb4459a172f59b64d7f858946d4ee0b9f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6047ff3e66dfff421ec1025d89ebc6ab

    SHA1

    ab514d395c53a6a7ea9dffed6a57c8a1958d6674

    SHA256

    13eb724a2cf264bcbcbdcf99cc00e503940e603ad0ea01eddce7f5c91a8eb80a

    SHA512

    a35c9a1e6075cb23f881d7a10c43db1cc7f60cfa168436bff884b5b43e322bd1a7df61a1bce27eebc933361c8f27dabada07ddfac281d3b625979a29001abdf2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3e7e61057f55d8c7ef2d3670896d9cb3

    SHA1

    6ba3a6982c09017d115ab95ff46ae9810d112414

    SHA256

    fec994ca460b8fd500d7ab86383df8711f12b70e03767e9c28111ca1751d17c3

    SHA512

    e11bd01022421430d18e63d3cd93a3364cc41c9d4cceb433f1ef2e5ec363ef958c616eb47982da1e2edabeea759fbd8883f89dca82034d99c32bf5efebb5385a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ace849ae744db1168d259a4d774fd00b

    SHA1

    bc41f95b72299d2687bda74b5f436190c3694147

    SHA256

    547b0869d734bcf11469246ba43816cba2671967a08146fd6547f437b1e7812b

    SHA512

    2a966066551401dd2eee2d676006ebb27c61ac15b3c8f2e8d09a85a8f35d4e3ce612e4c689a20f0260b1d6675c0846e8e00a6bb89dc3ebd5f4b37f06cce327c8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    150d867a9a4812449c2cb777b785b22d

    SHA1

    3879a919044e00c1bbc0a9d90b1a81e9d3201eeb

    SHA256

    f4a19ecab876a5d68be8d540fd4f67bbf9ed1dd74d8bafe05bcf623a13b9a601

    SHA512

    226aa0b8480c6760e3e592140049b8a0020085ca07211e944dcbba5496b937535216eef58d6e37ea15050f31002906a006a4009678758aeb66d053a81cac827e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f1071c974fe93c34a960984cb351406e

    SHA1

    ab02c4689f5f061f260905ac2544571ac941985e

    SHA256

    5abc8973e94bc4a47c8dcac8c4437be79957827d2163b1068b94b9f12bb71d0a

    SHA512

    9c2a29f2e0c2f519b8f1b8b6433a4b0984153949546d9dfa095ee250e47d3cb806fa62972122e97b70de604735d8f061ab95903aa1e62df568265f95a6152fd8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7d388858eade13492badae4e4bf6d886

    SHA1

    e656f23626825309938fb0af87e36d0e661db1bd

    SHA256

    0822d45cd41d130895d96e197f0d10a7169d091ce1ca759b744747a7671d1591

    SHA512

    78a2ddfce1305066cf73e176dcc45733c5b448f0bd37c6b8ed5b9a7da34fa9fc7be646e739605dcfe9e5a81a83c580c393d0db324b6bf03ae34f23789ad4c4fc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    39bb60a0a26ac1b69457ff2919ce2299

    SHA1

    e029645b68b814eb34e6e1c4c9517887ec7fe08a

    SHA256

    cc6c446b3af23be925c5509dc0b6cb21a1d647758bb9240c6b71b858f466b20f

    SHA512

    25f3aabd50724e59f1ad760953a72e415f6cee0eca9ab5cb2e1ed0e68019f1b9b2e8a086c2ea9203fcfcf59c06daf94b6e290da089f77946cfa63041aa93c03c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    df7f07f170083a7bf339c204e1b27aa3

    SHA1

    f76117dfe22a91e1b9cb4c9ababb8368f07d178c

    SHA256

    0ee865e0b5fc3650190cc30b6183649b5a87384bdc5adb6caf8f48b0ce79fb5a

    SHA512

    b05a775bb0cbbf14cf98d7148004592acc0eb5e4ae6c5281557720798712c2cfe0ea495981f1a4209cc4910b19489f1b7f054321d3f4803290d146a458ccb802

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a743767bc7b5c19da26a880650d4eb21

    SHA1

    772133268af891c139a77ea21f4b871fb557ea73

    SHA256

    82aa80c7f30fa31af87b4b18fdceb5489fd83bc5026b40332d5c2c86b14540b4

    SHA512

    54db6cb6a2f0f1396b87e5a1ce5b1317f6d2aba45ca3e8aace0e7cae6accc4f4ed9cd7a4803020880f05980afef9a1b4be6bf789ddeec8374c3a1b51d141d51f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB5AB.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB65A.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit