Overview

overview

3

Static

static

3

v4free/Ads/_2.html

windows7-x64

3

v4free/Ads/_2.html

windows10-2004-x64

3

v4free/Ads/a_1.html

windows7-x64

3

v4free/Ads/a_1.html

windows10-2004-x64

3

v4free/Ads/a_2.html

windows7-x64

3

v4free/Ads/a_2.html

windows10-2004-x64

1

v4free/Ads/a_3.html

windows7-x64

3

v4free/Ads/a_3.html

windows10-2004-x64

3

v4free/Ads/a_4.html

windows7-x64

3

v4free/Ads/a_4.html

windows10-2004-x64

3

v4free/Ads/b_1.html

windows7-x64

3

v4free/Ads/b_1.html

windows10-2004-x64

3

v4free/Ads/b_2.html

windows7-x64

3

v4free/Ads/b_2.html

windows10-2004-x64

3

v4free/Ads/c_1.html

windows7-x64

3

v4free/Ads/c_1.html

windows10-2004-x64

3

v4free/Ads/c_2.html

windows7-x64

3

v4free/Ads/c_2.html

windows10-2004-x64

3

v4free/Ads/c_3.html

windows7-x64

3

v4free/Ads/c_3.html

windows10-2004-x64

3

v4free/Ads/d_1.html

windows7-x64

3

v4free/Ads/d_1.html

windows10-2004-x64

3

v4free/Ads/d_2.html

windows7-x64

3

v4free/Ads/d_2.html

windows10-2004-x64

3

v4free/Ads/d_3.html

windows7-x64

3

v4free/Ads/d_3.html

windows10-2004-x64

3

v4free/Ads/ivr.asp

windows7-x64

3

v4free/Ads/ivr.asp

windows10-2004-x64

3

v4free/Ads/l_1.html

windows7-x64

3

v4free/Ads/l_1.html

windows10-2004-x64

3

v4free/Ads/p_1.html

windows7-x64

3

v4free/Ads/p_1.html

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    13-08-2024 17:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    v4free/Ads/d_3.html

  • Size

    31B

  • MD5

    61d50d9ea3a9b0f697db0cca98674821

  • SHA1

    c0a0206447e88c3613afc70ecca60be1a9376d9c

  • SHA256

    a1e40f9df6732878d74fbe30b1fa1fade12b1b98dc81cd294b23e388079de639

  • SHA512

    c6940051b2595878006b39c4432862cd687423773e9d411945041c515518e9d8d7f1cf8f4f07e6540a6153d23b5e495801268958cbdfa85e14cee2f39c865c7d

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\v4free\Ads\d_3.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2384
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2384 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2536

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c14957e84b148212c401074df431475c

    SHA1

    d2b52b91403238ca68a563220fcebf14547077d8

    SHA256

    8986883f7d39d3ccc41939422d7682844b95bc83e79f319b567c4ead0acb8ec9

    SHA512

    9619fa9297910f0c322a7f2b4c428d6f7b0ae23baadb936c837961da5defbd9a20feb817aca48228b14ad8797caa45a01377398cde5b7f1c359155dafea514fa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    206f4ab946487affea71f613aed9335f

    SHA1

    5e5d5452c34442e1c6f5ecd8d35c8f4e9a1d2777

    SHA256

    12a6173963ef2ae93beddd40ff87c100a680148ba61d78a1b5087706c1309eb5

    SHA512

    ecf2c3f501d40e69161b8d486f0b0d8d1928051e1721b509430eedd813bbe1570cbb636072a685136f96d8c7b11c08416ccd38eba3482ac45252fe6dc4e22681

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8661fc31216fdc996611f86fe677e794

    SHA1

    8fe9c9713557d5dc65d420b62e2c33359f0a483d

    SHA256

    a44f0958a06282ab2e978c989a17740bbd33d4488a5d61c7a4d99bd15660855c

    SHA512

    399d9073e0c477baa7eb9e359ace84ab0cee7e151a53418fc1493601797646243f883b2fd02298e23714b66de897ba7bd666946ffc918b00a3f81220aa65d17b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fcee6c4a0d4d42c603285dc837d31360

    SHA1

    1647ed33d8c9179ac4972c89f3e3dfac8962d7b0

    SHA256

    1a077e105398959fba2fa994742516037cbc95e4a749be7e5a743efe044da729

    SHA512

    b8da426e702d0ce8a2165a89b9da3afb842054e7eabf4789a5441055152c625923219fc0f4fd33adbb0a18749578072be123cbb97be94df3fdb4ff11cb3c49cf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eec569ee0b8e1de78bbae6fed9b6a952

    SHA1

    97dd74a14f349b51f7521aa0a289752e29b99c38

    SHA256

    48f755c11430db6024c51074cd5364aa0cfb982f7ecd92e6ff608db31057546d

    SHA512

    7966f8a0a084010e27bfcbbd1eb7a7a4088c54893b11236f775b1e21f7c820a5bd49c3334d54517f0eb90659399e4ae834e80b5d8f7e566f66c4bd93cf514857

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a14c63c1e82afbb54d6d122f1b1f7a88

    SHA1

    3cb429cb47bcfefbe60f417403c057c6f5337f66

    SHA256

    e5214d263b298347d2b9a23c34b214e6dd9f3c6cbaeccbdcdbfaa90acaf2b9fc

    SHA512

    2128f39d27bde6d95bc4c8190ae27d61eb0051b78dc1ce09798eee3ab4944ea56a771e0e855426f12fb9317842d4f3de57de7d44cb4d4e2a4dd68f210a6e57b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7541fb2371a9f0041d2f7445b5dd1888

    SHA1

    3dad41d1bd030334eac198b4eaa3d632c0d06523

    SHA256

    9301bccf00498d61ed334025a86cb3ca61667399da13b82867d4cb2269b84638

    SHA512

    fb1a117a41cc5e92b7f0c2f8efe0e6227de5d63133fb2bcc5b2241fd98aac61b4475c82599978657df11bef1c2e8d467c70895acb25519301b94ad502c8665d8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1557ef3dac45a784c9b74a61f7cbb59b

    SHA1

    6e56bfd132aceed7750cd018b9c50392048a2fdf

    SHA256

    8ad8f75bb3ec713d5425a38d839fa50b86446fdede4931b3ba92fc3815d67fbc

    SHA512

    79e4b3bccc9b30dd705374e1080484f40d094a6378de7b66fde26e2ebb3b5681aba62c77fce97ba4168ff64f9f525bf4b79d9fb56883d0065859f8492b845c09

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0f8d5cec2853873a0927299c0cc7feed

    SHA1

    c903125219680462d20dbc9207e3b82befc71e3f

    SHA256

    f9a0022815be39012a3879761ed5cdeaff7f25158f729e171c7b1368454f21fd

    SHA512

    b2f9239a190f5c8ff521cfe5e549b1b0e77c3235e598139fe6370c3219d065092dcc09c32390657ac50e3faf37fd4944cd4b227417b0fbb9b2aa5ff415ccc182

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    92b9e67d592997ed366c0d9652cde1c1

    SHA1

    c6eba2af390754b90832e5c07ed8dbd24bbcd06a

    SHA256

    25e5275fb2f2d48bccdcf046184485a9c6d94cfbf522e400fd7b43a20cc6e5f9

    SHA512

    18cb76ea6fcaade4d4eea9e06b67f1d6c629172e3c8b50c9d6d523925073683e035add5df8b3e677cac7bf19ccb40aff970ad65a0dc1dc25418fedfed97329c8

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabDE51.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarDF3E.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit