Overview

overview

3

Static

static

1

sample.tar

windows7-x64

3

sample.tar

windows10-2004-x64

3

wordpress/readme.html

windows7-x64

3

wordpress/readme.html

windows10-2004-x64

3

wordpress/...der.js

windows7-x64

3

wordpress/...der.js

windows10-2004-x64

3

wordpress/...oad.js

windows7-x64

3

wordpress/...oad.js

windows10-2004-x64

3

wordpress/...ev.vbs

windows7-x64

1

wordpress/...ev.vbs

windows10-2004-x64

1

wordpress/...und.js

windows7-x64

3

wordpress/...und.js

windows10-2004-x64

3

wordpress/...der.js

windows7-x64

3

wordpress/...der.js

windows10-2004-x64

3

wordpress/...ws.ps1

windows7-x64

3

wordpress/...ws.ps1

windows10-2004-x64

3

wordpress/...ts.ps1

windows7-x64

3

wordpress/...ts.ps1

windows10-2004-x64

3

wordpress/...ced.js

windows7-x64

3

wordpress/...ced.js

windows10-2004-x64

3

wordpress/...ent.js

windows7-x64

3

wordpress/...ent.js

windows10-2004-x64

3

wordpress/...it.ps1

windows7-x64

3

wordpress/...it.ps1

windows10-2004-x64

3

wordpress/...ftp.js

windows7-x64

3

wordpress/...ftp.js

windows10-2004-x64

3

wordpress/...zip.js

windows7-x64

3

wordpress/...zip.js

windows10-2004-x64

3

wordpress/...ase.js

windows7-x64

3

wordpress/...ase.js

windows10-2004-x64

3

wordpress/...ect.js

windows7-x64

3

wordpress/...ect.js

windows10-2004-x64

3

Analysis

  • max time kernel
    122s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    11-08-2024 13:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    wordpress/readme.html

  • Size

    8KB

  • MD5

    eba8f8e7479da1cf64e520cb6156251c

  • SHA1

    0cccea4f73677c5b7b875bdcf297b6ea2d85a993

  • SHA256

    93c069b9ff0515c904ca9447d3c9c344b20c1a1aefb6caec10f128def615c597

  • SHA512

    398fbe6a4c52ddf7023a867551d75924d393f96460d7359179e004c54b44bf9aed03a173294d64fa585f678d9063e2b5c636f2417da6b80fcdf8a556f523bb3b

  • SSDEEP

    192:6QWEAVWrD+hQUFzTg7kbifjuu/YmSXSktwLWRdR:6xEMoOFcJf4g8H

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\wordpress\readme.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2544
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2544 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1452

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f98658ccce402aefbfaa19b46907ceaf

    SHA1

    d159734bbf38f1b6f52439f8a1a4a78828cfb8e2

    SHA256

    afd14ce413904508ca4ed16b5d9a46ce7944907be1d59fbea49ccc094f77d164

    SHA512

    a7a7778d5bb99d55c4a9e0fdacc08b4b6fd73fbc98ee7cf7a1a0fe4d59e8f85b81bf60dbf8ef432ece4de8a0bc3eb860b170ab030da7f581e02e6dce83512da9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6ceec3c4ec0f4b4c9bf63fc914a74c54

    SHA1

    b71565bcafd7928733316e0f9096e88ca36a72fc

    SHA256

    6beff30a38266f4c503cd8ab704ccf895b95d2ea3fe71a8d5104d450f999e6c4

    SHA512

    225479939d95e0055a99158d3b35ab90df9c1bdb5e2c64ed7c94e5d18f909a31aa7e5e3b36f654af6b4e938113736d2f875bf67edd7fe0a2453141d9f6986fb3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b9fd608f5671bfc95c44b3b9927975d5

    SHA1

    84def6938a8450b105bd3da9dd0eda806188f97f

    SHA256

    7aa7a36d2b78c34e7d09df085a2513397d525309cad3e509249bcc85ae567fbf

    SHA512

    9faa8e51cad4f919811e545a7e5b2909a573692c4369772d2f1f210ff5a3f2064cdb3f2179007ffdad0c273be4e0315406d31e3046daf7cbbfe6bad3c99ae5bb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ef2f0904b2a186a038eb984d7b165456

    SHA1

    af4d11e3eded32a0346e31b11847bae6aa0928d5

    SHA256

    d5d31b23cf492c1e41fa38b8e94ce5b5e1a50f8304d199be2f577e8bcaa9a9f9

    SHA512

    bba53cd31e4a8c893931c3244f3d7c8b807ae12ecb7511d068918f28879d63312e617a759e08eeaee33d81ee25746cdb21c6e36dfeaa2bc10b5c71410d199c99

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dabb93c82bda41e09c5e17f60e427a46

    SHA1

    e4a02c0df3a9b4e5b372305fe4c4612e7aa0775e

    SHA256

    4ade0d2dbbcae69971d77e58204ad529c4d76d5f1d521fabcd70c30df40741df

    SHA512

    740afbd48d0c01799f530c598cddc10b2a7121f1dd3aff447fca5ddec3d9e630a321a94f8c6c029a0b59f3993ff02eb4cfb6921a4b1443a3079be43e21b41e11

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cac8b3bcb0ab7701af22a2459b13b504

    SHA1

    bd7f6d93319db2a2edeb30ed9acfb0a67cf7f697

    SHA256

    8bc4b6683cbe8553159614bfd7ab51d52be3345901e8f84265fc926939763c82

    SHA512

    fd2e4a7784d2a73886030b4e15aaf62daa6c0c657aa504f699b535077d2ee4ccd20c2a257178b1d4f792000c0129888b1f5d098b7656b9dfcee02f46b96cab6c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d84095ef41bc3cd8a9dad6f20722b74f

    SHA1

    eca0cc602124ed3b824526a103b71dcfbf39033d

    SHA256

    20994dd71ee9f671fd8b90de869bdb5515f0022f7a62cb814bf618ed04d3763c

    SHA512

    7908596ae36c4b0031717b8951d96261fcd06dd4792a5ca6d95440d329e149b77d6387d87ca7add20f61405ca4c3aee3468fb093b12b4fc50775d3f0f60ef247

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3c78e23caf932cfeea20e3c29f0749ce

    SHA1

    0cfec1e8e6fa03baa9c390f18dd0a70eaa81c412

    SHA256

    2b85f53f516ddf87bbfc30b1f80acf84874a39a613597b3f12291cff02274e24

    SHA512

    dad323382d1577aa18b5fcd1363bba1e9ed1fe8137aaa8b570b0a33745db6854fec6e466988f78225e336dac3df1e9de7ce9928ae7e467fa58a7a4358134ed88

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bc5421085dfb10dc5281c09ccca374cd

    SHA1

    e4afe94e1325c4b6f2720cffe577c659dc74adc5

    SHA256

    b0ccf47e539da572a5b6ce7db5fed4c5efa8a5e226559df03648986361fadba0

    SHA512

    8b536963e56b38f2da81026e3d49b102d0609c8c1b7b60cb62552d1a3e8579bfe194ae1c8af94a1305c07c2186b6c5b068883d6fbfc0a8b09297a80367043f1f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c5f698b90add22439c80ade154685a36

    SHA1

    2f34a04c1450cfe2c9846df34e7b3bcfc765621e

    SHA256

    68ea8ff6630a053792afbca5c3ae69fc14379b8e255bebbfca0520cdfd9701db

    SHA512

    260a82f6c6e4b242f48decbf421b719d9e7726fb625096e9eef455e5348bf90a9de95b7a252ae3e5ab20d5a84a74b599891a616718a7c8497c926330d814bb31

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d5e61bc0c67556c443ae2ddb66843b91

    SHA1

    831ba3583b510ddcb9bb8bc1726fe4637f2dbd15

    SHA256

    97925ee1e82334ade98db3e7295f39698c648845d2d291e19e1d642f81d14575

    SHA512

    f04c504d73d8897dfdf1ad4b969e43ce1b19655f6a712122541c09ee6ef9ec37a571cb626ccbb54bf8ca79486c2769684e245468013e332748a759ec9c597571

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab486.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar506.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit