Overview

overview

3

Static

static

1

webedit/editfile.vbs

windows7-x64

1

webedit/editfile.vbs

windows10-2004-x64

1

webedit/im...ut.htm

windows7-x64

3

webedit/im...ut.htm

windows10-2004-x64

3

webedit/include.vbs

windows7-x64

1

webedit/include.vbs

windows10-2004-x64

1

webedit/index.vbs

windows7-x64

1

webedit/index.vbs

windows10-2004-x64

1

webedit/login.vbs

windows7-x64

1

webedit/login.vbs

windows10-2004-x64

1

webedit/upfile.vbs

windows7-x64

1

webedit/upfile.vbs

windows10-2004-x64

1

webedit/upload.vbs

windows7-x64

1

webedit/upload.vbs

windows10-2004-x64

1

webedit/�...��.url

windows7-x64

1

webedit/�...��.url

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    20-08-2024 08:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    webedit/images/about.htm

  • Size

    1KB

  • MD5

    5b8280f680acb6ca9847f2bd933d2b2e

  • SHA1

    fd47320538d749b8466835c0566066b0662cdf48

  • SHA256

    b2aa54736fd87ac4a13849404cffc884b052d8f8bb55b335558ce0e5016c30cb

  • SHA512

    f529468c9857bd82ea47a1526efc43ce837585ccfe93cdfc13b1a651e0768ace16703ae1d1c01bd5648149e43c96c2e9d08867742411b8519963a8c9f47123d1

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\webedit\images\about.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2644
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2644 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2756

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2998a52c434209d3ead5715914f48470

    SHA1

    4358130731d0ff6ba8441cd06684634dbe2e266b

    SHA256

    f139e474d1d3a668c6800b59bb18a803156a3cf238c79f7732650d3d72d4c8a3

    SHA512

    4f9f34f2c6f3f8cc3ac789b357faee84c3e21eeb30675616f34d1c96bc9a726229bced213a6c2b5a9bcd5a853ea306d2b0fea5f69adddb0d11013c2c50973e77

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b0511bab98c7c7419f4b4335a32605aa

    SHA1

    b50dab27002cd8ac4b8f653afe1841daeb4249fc

    SHA256

    a138e20d52ca6f56eac3758a34815b40bba9bed41c05560a695d0a298c08e471

    SHA512

    c387a8f74a12c6f08c68fa222215506cd35797664624a36d87b46cfb0b8d7e5031474b8daa2dd5e7c78dc32c0e07c2ad0c7145828606967a0be7d5cbb421f12b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a46a9a8c1f2d50dc15830c5a618ccde6

    SHA1

    29d895575feceec5281351110206f4a6b92d068d

    SHA256

    4ec9ed42ab2437f4894ab7cdda4a5c66e9980e8f01688eb2cecc4db62fb8ce2a

    SHA512

    1afbab2dc0300fe367632c6c7b19c557c99803399a15d6021f897de660ab841077581c42d064be4197adf489212bb4a0c814d233f059cbc5d752b1b2f14ff8d3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b28d4319ffc5a0ef2404a3cc6cb2c896

    SHA1

    8ce5a1946fbcf1bc70e340653dcee285b77b2c83

    SHA256

    900b703ffd0beac19f60cf59e7d5b0427403d90bdc27fb6b309c7b9840f66e2b

    SHA512

    317bdf684a9b205d1c6e2955c6e29101804c5600864f5cff749e64ab2bf77b36c08f60d0f2e22b748c2adac6df490fc80dc4404fb99f98faab190cbd8806f9b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1423d7b46e2542353c62d85824f6dadc

    SHA1

    43b6f7490c2b93f510a209da02dde29e9f249701

    SHA256

    8a10be5fc9f0690e8eafa5b60081001757ba55c8d00f31c5f1ef4a443f0ebfa8

    SHA512

    281ea5d82b629434b6c409a8835ef97a069e5a07a5611edb985ee97fbd32d325053dabd8cf9eeef65145fdc1f0a303d48ad2d18c5b73cb8a1ca2768a356ca9ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8077cdd679eeb8073db92474cd8da0f8

    SHA1

    87fbebd80c8b767e1a0f6c0b7e24a6d9367f38d0

    SHA256

    b69c00548d6cdf0f45c40f0cdd85a69bfe52938fee34e6582216914bc6ad21b4

    SHA512

    d640c16df2e7368cc04800b2a0b10d8a654e491025ac35f420b77578190ccfdac42a70c1950afd4fd4ed53b8b78d74cf10de143a0b90ce1152be7273be9c9bbf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    be04940ffc7f12493a4d62c2859dc43b

    SHA1

    421694758ceb0502abfd0bf46b77d19b1ed2772e

    SHA256

    7413de909c87f620e4c33aaf7bb14a97f4e95e81eae2fdcb22fd12148fc3ba5e

    SHA512

    eea653881793939f4b7cf3357b6dfd3af4d4d5abc20208e9d420bf10865e896bcc3f2ab943c036019b6e1a602c7c3ad5b2a208a7049da9b9983975cab876d186

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    31768947e091b8c9c71c7eed575d18a8

    SHA1

    3128023d3b3698fbc37121f6ad0b8c68b17afc78

    SHA256

    72eb08e62d438beb0ea761ddd8c5da178e05c0e4539d70a21e908a2d854c58fc

    SHA512

    3340564dc47f5d5425bb957fdd504186a914bb4e7f66713fa448d0f157c3f5c1aa540f9e4fbc91b321f60b3016e0cd54d2afac41ccb8b82c094cf1ef14db6c4b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2F0E.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2FDD.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit