Overview

overview

10

Static

static

10

apk/cyberR...ws.jar

windows7-x64

1

apk/cyberR...ws.jar

windows10-2004-x64

1

apk/cyberR...x.html

windows7-x64

3

apk/cyberR...x.html

windows10-2004-x64

3

apk/cyberR...x.html

windows7-x64

3

apk/cyberR...x.html

windows10-2004-x64

3

exe/crypte...te.bat

windows7-x64

10

exe/crypte...te.bat

windows10-2004-x64

10

exe/crypte...er.vbs

windows7-x64

10

exe/crypte...er.vbs

windows10-2004-x64

10

exe/crypte...-0.dll

windows7-x64

1

exe/crypte...-0.dll

windows10-2004-x64

1

exe/crypte...e3.exe

windows7-x64

3

exe/crypte...e3.exe

windows10-2004-x64

3

exe/crypte...-0.dll

windows7-x64

3

exe/crypte...-0.dll

windows10-2004-x64

3

exe/crypte...in.exe

windows7-x64

10

exe/crypte...in.exe

windows10-2004-x64

10

exe/crypte...e3.dll

windows7-x64

1

exe/crypte...e3.dll

windows10-2004-x64

1

libssp-0.dll

windows7-x64

3

libssp-0.dll

windows10-2004-x64

3

pidgin.exe

windows7-x64

10

pidgin.exe

windows10-2004-x64

10

sqlite3.dll

windows7-x64

1

sqlite3.dll

windows10-2004-x64

1

exe/non cr...x.html

windows7-x64

3

exe/non cr...x.html

windows10-2004-x64

3

exe/non cr...ed.exe

windows7-x64

10

exe/non cr...ed.exe

windows10-2004-x64

10

exe/non cr...x.html

windows7-x64

3

exe/non cr...x.html

windows10-2004-x64

3

Analysis

  • max time kernel
    122s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    19-08-2024 01:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    exe/non crypted/index.html

  • Size

    360B

  • MD5

    6eb00be1c3f69a79915a5099511e7eee

  • SHA1

    5d8e5a97d6273ae32eb12d10c35fc0f1da668c90

  • SHA256

    67b9aee949ea0c9afd1e408a78bda767ac38fe2386626abe844dca4c754425f1

  • SHA512

    7a3d896307440ddebfb04cfd5f8d09ad0b75a936ba6a7db3440f7ba049564e7380f26cad55a747cad111060302d907c1559e99335f948c9fba2d5b4a3c9a8a3f

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\exe\non crypted\index.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1948
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1948 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2580

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Location Discovery

1
T1614

System Language Discovery

1
T1614.001

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b0e880375871201136032c66ea65d9a8

    SHA1

    0d4ad1878de0d64448ee0071be6be74360e7cbbb

    SHA256

    a897bf76035dfdfa18fc6537e6a31742dc10801bfb3bdbf1aba8a1da8d56e54a

    SHA512

    7bcf246fa22fd3f4bf2a2d7e975cdc225b520a0dcc1dcb0698b3a6b02860adcd1cf45a1193a2892b2e92297aeb5e7c71ad64aeae8df5ed9306684b7417c54073

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3a8a3ed58bb59fb66a83a4b76cddc342

    SHA1

    d87e4026e5d634a6900e5d90aa75106bd20abd6e

    SHA256

    1dc6ca99bdb139c68e06cf8afc4bd8f5ba77c281442dcaa29c3868438a41871f

    SHA512

    882e79c882eff7840f82bc8e6e70a15330fe50989938a1220f29718f323e875c258280ea1e42a1cc3036a841f91da0146dcba1e38f6c931c9e972a11ebe731b5

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bd30df7df2acfacf886af2b192b9d1fe

    SHA1

    b97100de62ec68b219d2bf0cccaa9bedbd0fe0ee

    SHA256

    0a1836bc84316eb4a8f8e3f7bb50dcbc3e685264e70a49ff6154f5fa6b6a9133

    SHA512

    d3ae3e970d8198ce5d2fcde7fb99c6d0372fc6a93c410afddb266f29dfe91c13726e263521e2bc9437c79ac6e3a07dbbda4f8552d54f629ee25df6244dca5fa6

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    868f1de51cafe0af6f31d66a444c4927

    SHA1

    f059a3383fa004807dc20b66a26cbdd8d3e75403

    SHA256

    2f485042fde8ff7ea20b4991054e88048a76b98344b35fecc1de8e0571490dbf

    SHA512

    bed04d07271fe3c0015d69b094fab2d4940b1a1c6ea0a8fc848c7d2c85330772adda1d6dd38e5bd21d89d129ce47f36e7361af02d4ddf175af98b73091a5486b

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5dee622911d4bcd2ee1e69fd1d30bf74

    SHA1

    c424cfe05af9a6ed3baf7d5cd83523825624f11b

    SHA256

    90c6b69fda6f3fcc5472a7ddb5b05d454a7eacdbdab7bd508ffb42ea2e4af959

    SHA512

    89489e4a5246b94faf777e4b6ff79dd4774f649d89e6a23b5d61626d3ad8f5163b597fa283689eac1dcb61fb3ff9b3bb51b2057371e105302f92c9a563bfc7ef

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bb9633e83c700c4650458470ec5b155b

    SHA1

    ec517aecbb8313c7f88d43b505ac197813a9db39

    SHA256

    48c8e98b591dbb86c18099b756425d6a7152f3479850274ad4a7bf724ec2010e

    SHA512

    3e281d48c44683d9b08b793c6bee505e7a2cfc24002e86a8c930dc10769bd9349752c37b09e4498f3c5ccd58a60c64d94d871f8fc1cb61d825f929242cc1778e

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6c7d7fb129ca73102eee4c5f2f613f74

    SHA1

    24515ff304fc62e9944d47bc3cb16caf55e9f43b

    SHA256

    18174550481b5446b0ccf6182fead0c6d091401ba11f3f9395967ad1333486c7

    SHA512

    32af385f42a49698d965fc6555c61bb04c55502c4891ff0e547f53f69b2501a453d9c592f8645f7642db02293afe2b4cebe1204feeab685da7e8620e88d06b8e

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    07226d8ff51d53d660120d478fdd144f

    SHA1

    5659ba62996a4f8651b7d46a1f0e7c8e23ee17be

    SHA256

    8620a117ffd241a8263192cda39a3925d9913d1c625183624a06590d47c048e8

    SHA512

    b844043a5749d9402c4b9b97f5b10360ad59dcd3a33723407827d5680da893338b62e0b68647e26ed3493bb5451d960ca2d9f5d591143355a5d59ac884b224e8

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5a879fbffd9f2708448b005a45eb8abf

    SHA1

    6ea86eda00903db5c87802b4971e475d40ddf727

    SHA256

    c80c1ffda3ab43c626fb5103b3f2fa4c04995fd8e6cb61cd480c35bc5ab8a42b

    SHA512

    e3563325c282f740bac7ff7ba60578b8e92e29f54ddcd51dc255bf4430145ef21e3dc217a9bffe2fd7cffb35988cb5bd9e7710aeb7d857cf7765d7b209c4f451

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    85e326eaf857fb71693ae0f3b18a8af0

    SHA1

    a9bc32db6b6f1858db369c589ec18f1a99409695

    SHA256

    32459c8707351b0852d0135b7cbfbe63143e84bd3bdce68b142f15f4823975e8

    SHA512

    cc084a7cc0b55e8e3e8e7b2bf4590f24b973044d0efacfe5e4c6be21e0dc182692f0491ccb99f23d7f9dbb8557419540a19a7e37e45dcf760786a7b672148ea6

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c06b93dada784416103536285eed7665

    SHA1

    ea112f4e566e02e8cb21536a99981c0e80ece4dc

    SHA256

    829b4f3d9ead5cb75df39b8a27e23b178badeee7866f0dacb3ce5ed4dbfa87eb

    SHA512

    005ffa6e0faf1a0598c21e44bce43c32cf6072df8330e9960d9504a21eb0c987784bafd2b04d6ca3b47ab7190198727417b90b3b5725ce9fe0a9b8cbb248a000

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\CabAC66.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\TarACF8.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit