Overview

overview

10

Static

static

10

apk/cyberR...ws.jar

windows7-x64

1

apk/cyberR...ws.jar

windows10-2004-x64

1

apk/cyberR...x.html

windows7-x64

3

apk/cyberR...x.html

windows10-2004-x64

3

apk/cyberR...x.html

windows7-x64

3

apk/cyberR...x.html

windows10-2004-x64

3

exe/crypte...te.bat

windows7-x64

10

exe/crypte...te.bat

windows10-2004-x64

10

exe/crypte...er.vbs

windows7-x64

10

exe/crypte...er.vbs

windows10-2004-x64

10

exe/crypte...-0.dll

windows7-x64

1

exe/crypte...-0.dll

windows10-2004-x64

1

exe/crypte...e3.exe

windows7-x64

3

exe/crypte...e3.exe

windows10-2004-x64

3

exe/crypte...-0.dll

windows7-x64

3

exe/crypte...-0.dll

windows10-2004-x64

3

exe/crypte...in.exe

windows7-x64

10

exe/crypte...in.exe

windows10-2004-x64

10

exe/crypte...e3.dll

windows7-x64

1

exe/crypte...e3.dll

windows10-2004-x64

1

libssp-0.dll

windows7-x64

3

libssp-0.dll

windows10-2004-x64

3

pidgin.exe

windows7-x64

10

pidgin.exe

windows10-2004-x64

10

sqlite3.dll

windows7-x64

1

sqlite3.dll

windows10-2004-x64

1

exe/non cr...x.html

windows7-x64

3

exe/non cr...x.html

windows10-2004-x64

3

exe/non cr...ed.exe

windows7-x64

10

exe/non cr...ed.exe

windows10-2004-x64

10

exe/non cr...x.html

windows7-x64

3

exe/non cr...x.html

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    19-08-2024 09:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    exe/non crypted/index.html

  • Size

    360B

  • MD5

    6eb00be1c3f69a79915a5099511e7eee

  • SHA1

    5d8e5a97d6273ae32eb12d10c35fc0f1da668c90

  • SHA256

    67b9aee949ea0c9afd1e408a78bda767ac38fe2386626abe844dca4c754425f1

  • SHA512

    7a3d896307440ddebfb04cfd5f8d09ad0b75a936ba6a7db3440f7ba049564e7380f26cad55a747cad111060302d907c1559e99335f948c9fba2d5b4a3c9a8a3f

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\exe\non crypted\index.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2540
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2540 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1248

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Location Discovery

1
T1614

System Language Discovery

1
T1614.001

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7209833c2137a28bdb2583b41900a6fc

    SHA1

    a86add3aec0b108aec976a3a3d89a503ca553f79

    SHA256

    b68d16b8b7eb6c2b1052aa4ed09440b160850162b8369296f583664ba2a02342

    SHA512

    fb121e29ae94a1b57707214dc43a91717e1069b50f6484496eb774e498e538982433f31e988342adfbb40cbe8b984d6449c3ecf8affe4640b6784b50df74397b

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7e71856c72b33140a670e10b4e90aecf

    SHA1

    001f486a3c55efe386d0f6854057f01c821b8985

    SHA256

    4aadff6309825f8f23f68456cafeb93390cd6a9db0309c74f58f6f357845f169

    SHA512

    998336d7fe3c165674ebed550cc14fee261cc12cd04230b0e925fc9340a72b4cb1695f5eae3736295dc613037e84e1f2558cfddaa64b015f3b0b91acc9e9c6a7

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7a47121ae10ed83a48c00a3b9d44ff50

    SHA1

    ff787295c33019c5d4fad9a5ec0f1b3d4c9b7399

    SHA256

    72762aa919bd59849b379d4139b9f3b4482cb5dc5f15c76f5b0340bdd7a11a74

    SHA512

    8a1c579b850321b2413baf1eb106e5e2efbb7696d1ef148df39045abf5fa8dad50c5efd58dbf5e5e7a0c04fba6c937ffceec7e01f3c0f2ca8ae101d785974892

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e1a4ad6d44fc90be954d92dfcd4a371d

    SHA1

    e394bd21742c595bf17e914816dd0a89be136a03

    SHA256

    15ed94bc29420b6c8054aa99ad4a254a1832d60b1cf5a636aaa26cd507a1dc30

    SHA512

    b00b4ae805db016f9b814679caadab201ce0f8e2c9c2bd3a11fcb1a185c54823bdfc500409364c7bb8cf9be95e00ece82c01ef472ac55580c10590343a6104ff

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dd79e542ac18b3ac245bcdfa9ce6dea6

    SHA1

    93c4288d86aebdb96fb9adbeab8c760ad3948958

    SHA256

    f7ab23628e09bf78b74510bd2f5ebebb91f875163d11e4650ef5788cbacdb9bd

    SHA512

    f7189c080117d04dc135ba207f0e7bb4d83b1652c0b04a9ccf105c2fd6565e016ce4bbf89ab854529826f3fc14b12009155b2acc1af07ca4db4255c1e77a55df

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    137b57aa13e1cd875dad14d0a0239ec7

    SHA1

    3902ba06c95b06346ae87e4135ab65cbb1a3401a

    SHA256

    d335ae83d49299c7ceee92d8a8fa82d60458a9ac6217305712a4e37019c2f3b7

    SHA512

    d3295d0b7f8d9b952963455988aa5a4050eac0cd3a9b475b19708f8b7a1cc026fccbdd54b89a2b363b1f441ec0d401343d3f70caf83694b4ff54421eb04e11b2

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    95216dff28af89ef09d287415d5ac633

    SHA1

    fad90b9066a7438e2dde3a53f8baee323b5383ef

    SHA256

    83e26b4ec7aad6ef144b0fe50e585afa88227ceada33cb5fe2bf0a20e207d1c5

    SHA512

    0542ceb2c6cc0538f0738a49307a1447c694e6e75c6067b8328fc828472755e6f1b67b394578302c0000d6a0eebfe7df66fe06712876df4addb46b9b59e2e364

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e9aaa0324f1ce624ba1bf89a4506c588

    SHA1

    6654ea12a72997bb1d3779677aa702ffb39d8945

    SHA256

    b328265a666ceb0aab1fa69579827c35121e5ea153622f41e5eb52e8426588df

    SHA512

    e62c6003e0c6f2d8b74e4f624ba3e6e10aae879fd0d946388d3f20582499a03ad5e429fc47b70190a7ecca44dea6486e82cd01618daea4e036ccde0caca23bb5

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    93f6c4eb115acce8376fdc109200a1fc

    SHA1

    d808f193a3dbd873c0ffb3fd31e186a1f7779671

    SHA256

    3638259d746e0469cc64f26f22d28e7a079474aef8d07b4a189b47c8e7f6602a

    SHA512

    baba8bc5b14eeb5d977d5715478d80cbe03d7309cfab324f6c57240c6cea0a07ce0ce356d9b8a28767dadaa9b84c9614f50e314a74a9156baf66dd765ab40927

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ffc0d25e2c7f23b369aa49d29afce49b

    SHA1

    30cd7d2f8a5f9d7eb2f4cf0fcc4f5612395a511f

    SHA256

    32e3874b1f3ee30131cd635847401d09e6fe5e5a651882e57e859f933f4689d8

    SHA512

    afce16e39ef0a96a923481ac28c9d04452e3ecff9d3fe693a10307d4bb3c03860e08259a1255920ada14ea8b9f3694285e83b2705765a04dfa7d62dcf20dd85f

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3ba3ebc81cc417174afeafdecb3cc83e

    SHA1

    e209945c954f895290b1da6601e3c887282ec14a

    SHA256

    e56a09af704de45e96e9d24cc7f057410ac57922ce777416cc5b41f1c033d0dc

    SHA512

    aee64955cc2adfc2e36cbae7f5d1deb0d7524b4d41feed690b431aaaa7394ff3a6577901d0ed62f2872155f72c856561e940d3f5713cff51684cc58d67aeaa15

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    031d02890122b54e5ea09cae449b9fbe

    SHA1

    827978cced8c34dabd1e174a97d3b847d3b6e836

    SHA256

    dad083a7d63cdd5fc45ae52186393cc5d6d0d92a74715ccd76c2be79ea6d725c

    SHA512

    0c9ac05391395aab815718f86a3fd30e379f9862f995fbe2f4ed96297ec897bf5d13cda99649035ef438ae505d641fe9e0a368f2bf664da023c5134f83ea2eeb

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a10aa3a285c3cb8ce9438b47a1287756

    SHA1

    b1363ece4e5d932d283454421bd1702531c4189c

    SHA256

    7417f34f6e4f8c35f59644ed1cb0d364c162a19f58630917939758ade642d010

    SHA512

    0e290f0087df7e165e43ef3cb4a7a195d2fec8133c32f5a13a9cdc49bd593b3d48aec3ad06477d71f7c8a91ca649a6c57c98e813efe5a393d6f0c1ef960bd599

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d748fb9f7831314e9fd3ebfb34360672

    SHA1

    c3edc740b409c2dfc9bbdc967dc80451a1b238d2

    SHA256

    1d8cefb59c49f17c2c23eb791354af47be0342c702c742509297d6a163d698ef

    SHA512

    ae3d9d68a276d15d15ea8e36cbff47f6d6eafbfddddfbe650ada9677071943c22813c746fe0e868fe94d19c1afc4e40acdc47cee7e8f91eec5bcde7979d19be3

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\CabBD1A.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\TarBDD9.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit