Overview

overview

3

Static

static

1

sample.tar

windows7-x64

3

sample.tar

windows10-2004-x64

3

falt4/admi...ver.js

windows7-x64

3

falt4/admi...ver.js

windows10-2004-x64

3

falt4/admi...ver.js

windows7-x64

3

falt4/admi...ver.js

windows10-2004-x64

3

falt4/admi...st.htm

windows7-x64

3

falt4/admi...st.htm

windows10-2004-x64

1

falt4/admi...g.html

windows7-x64

3

falt4/admi...g.html

windows10-2004-x64

3

falt4/admi...e.html

windows7-x64

3

falt4/admi...e.html

windows10-2004-x64

3

falt4/admi...wyg.js

windows7-x64

3

falt4/admi...wyg.js

windows10-2004-x64

3

falt4/admi...tus.js

windows7-x64

3

falt4/admi...tus.js

windows10-2004-x64

3

falt4/admi...how.js

windows7-x64

3

falt4/admi...how.js

windows10-2004-x64

3

falt4/admi...del.js

windows7-x64

3

falt4/admi...del.js

windows10-2004-x64

3

falt4/admi...hts.js

windows7-x64

3

falt4/admi...hts.js

windows10-2004-x64

3

falt4/admi...ing.js

windows7-x64

3

falt4/admi...ing.js

windows10-2004-x64

3

falt4/admi...les.js

windows7-x64

3

falt4/admi...les.js

windows10-2004-x64

3

falt4/admi...cel.js

windows7-x64

3

falt4/admi...cel.js

windows10-2004-x64

3

falt4/admi...rch.js

windows7-x64

3

falt4/admi...rch.js

windows10-2004-x64

3

falt4/admi...cms.js

windows7-x64

3

falt4/admi...cms.js

windows10-2004-x64

3

Analysis

  • max time kernel
    134s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    20-08-2024 08:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    falt4/admin/inc/ctest.htm

  • Size

    451B

  • MD5

    aed3dfdb31f179c66618fc1a2071df7f

  • SHA1

    0095a6bceb360d6d87c3b24038fa1ff21e9c8faf

  • SHA256

    fdbefcefbbfe7928031b6243e35dbcd11e36db7ff974797973ba89e94ca3ebf5

  • SHA512

    969fe17ad92343ccf78f6c0e226a213efc62352f548d55619f541c1dcd7c44e400d55ce6ecc9775e9c32ea7ddfdf9ab13b84e766e6721d426ad19ac1983d8400

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\falt4\admin\inc\ctest.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3056
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3056 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2672

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4813d6c3125f7e742e2b33757755a460

    SHA1

    1c573099c57e2575ffd30225a37f85117b7a539f

    SHA256

    4671fbe13ae0be683ca9b77bf549a365125bb486d00288b52e48c3e1d55a1a86

    SHA512

    dda3ffef87ab2814e2670970676221da72d281d6b57a039811947d9468918fb2b22ff38ec5f507ee7f50600cab5292c66a0f4966ffe955f1b9d3d700798ab21d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    398d889b5572ab81749b668e16fadde8

    SHA1

    0a6460412d8a634578409fcd12b72b94e555bcb2

    SHA256

    6959e8c5288940b2f56c1ed493ae75971e5cb2d38a9e601dc4ab9b4bbaf7dd02

    SHA512

    97ce81cb14df8a8caa5267d78725cf879c96bd0f0bd03e82228d221d583bd07695a808738ee8c9a471b88e9a8b36b9e62cd53ee0fd20e7df8302862b165410eb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    187910707ee7aecfe4c88cc4f9e6101d

    SHA1

    d4aeabb25b8b2ac83c49da6b8b847ab220f9ffab

    SHA256

    03e6453b1576f07efd16213f8bbdc0da82076ac73bd49d7433b192dd03d4fbdf

    SHA512

    71d6f1dc33f2d3ba6fcf6f6aff992cc1861cdf2a075158efaf6b7e71d8be3e1d5297b26fc52b355adce4fc07aaca34dcf6859f55cfd51cc1f16de9daf7b4592a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3093e0a15d3f0e1b7405bde447e57bd7

    SHA1

    ea9678546ebabb235e07ee4019217e5d5cbd87cd

    SHA256

    f358ad5233e74811e9b8ab4c3e5626ede7b8e4b21b475a98969ef16d6a41bd62

    SHA512

    937b1e32452d7ae8d9bb8d751dea7a6657b5ea298d4b2f95bdb375fa33aa6881d91368af9b0bec46f179e5b4a6624d8418b8e00d19e7da7ba88ea585f6c3786e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d3d21b83dcb70fcdac638505f0bbad9d

    SHA1

    a917bf326264610d711bc1d2724c17c676e6b289

    SHA256

    39a97cae4b1e7bd3019d3f20cb286318517ecd21a3ce88058284890ce6b07cfc

    SHA512

    41a1032c4ddcf5d78269d95b61e12d505d76cd08da2c382614a076a974697d016d76bc1337295b079ca0e28268fed00c7291c0aaeaeff1b735347f4761b18bce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d15abad18520c03c93fd4644b74e9bbe

    SHA1

    d04cdf5360cdc23bb8f40f012c07d1cf5ebb11dc

    SHA256

    673635c4a57a1c13a363ab4bcb98b834625a67500709061be24cce570399b756

    SHA512

    671a730c757390ac13dec78518fa81b74d86d61f7c4c7cbe305b16a67c14db07054f3af359f32571eafc103b8ddee2da3a3634d8f7a2741a3054cc5d472b9701

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5281f555cafda80771e2381b9d61ad65

    SHA1

    81cd31068173dee341b3619684844c5d858cc9b2

    SHA256

    be605112132bf7901a23477535a5751706afa1c5e3799d31264e534349bd9f5a

    SHA512

    f8b08a43db4e94ff153b5ed1b03003ec105eefef01205584ecbf98c1d1f069e7f9102a854b746db762705b3bc3406c79ac4b2d3054531743b1c935ecadbde518

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2349d3890c0e98da7fb58f0a2c9370fb

    SHA1

    43ac0928f84f0fee42dae3a6c9e27b6a18384f9d

    SHA256

    32f25782888590a48b4f087ebdf8efe49831d575d7e89ce9d7a582d7800102c9

    SHA512

    9614c525557a7ec094b5a1e8d6fcef3a1319b2d139ce40b2f7b4b2815537f2b2ed197ac7a2555a3e991256cebb1df8ac80a2d56d1034e28ce049ea2acd078854

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8f80fe68abfeab572333fc6940579d9d

    SHA1

    3c93937a838d2615e5bc31765d53d1e72785334a

    SHA256

    cac06c26e965267d562c2e09dad2cc9688111ffa7b2c2e4f39be05d18bfc8c98

    SHA512

    c691a2740bf6d82c8b469f707c7c5e05f22f91fa4aa0cd3757cd86e8e8d0eb78ed779785ed37d36b5c68d45dacfaef58cba4ba0b32d3c92bd4649e9192bc68a4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    96b6f626106e32e37a6d8e468bcd4d25

    SHA1

    0694fec1f748da380f13391cd0b540373a4867f7

    SHA256

    972552f69c4fd2ba75dc2a32d8bc5020b22ecf051caff392d3189d897379211d

    SHA512

    fd4f186adb7ba932ed231a312600ce1c879b83f13d7a10469480a4745f1da36b6a03932423f76b70c61019347de882d4bfc6c59d246d8fe5d7cc97358c9f8712

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9449f360e235a5ebcce998bcdbe5dbc4

    SHA1

    b873cf68d5fd0ec36dc0f6efad61ae912619da87

    SHA256

    cde84fad596f04a695610748151f7e7c5bd6e99976957030d42d8beed2370912

    SHA512

    3add62a93558b198bab98ae29bb91e8f7717869bf35de4af18e12e975a2ff35d0728eb8959830001f809a06ac1969179ea7e7232b2fae8d2c56b98d66869ff7f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1e1b9f78c31f14de513fcfdbb6ed5918

    SHA1

    9027921b769410170766c8c5eedae95df99186f0

    SHA256

    c4b9364f66eb1dedb1521f5aff2804598bb63e6b68374da42a212e461d599128

    SHA512

    849662992eb57b3bed0cab20fca8334d44db97fd249e7091a8f3463ded38142a6e35314c658e70a75a6ceb5226bf52553dbe2ffc68e0cc044406eb1c522b4867

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d2434556998d17bcb308becda4e46334

    SHA1

    0b4e570b6556ef598a6a81f39e6b90ca3a65fc32

    SHA256

    1e68668673bb83a6994b4642247e32522aede852cec01dafb592ef6fc12fd187

    SHA512

    cd50d833782c145c6772b49d4609e1660e37b5d85053c3a7cd33549c646ed6188afc71cc959921b011e742a6ea62782750c508f884170abd248b941810df5261

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    819936e2435afc6e06e136b1bb751dc1

    SHA1

    8e42b93a4314c59ebace4d50514aaf13c896710a

    SHA256

    d4412eafa162fc2800ff1ccdffb818261d1bff9504aea547e097f8fceb2b806c

    SHA512

    d01f1db4e9df95b72d9a55090f3b3be03b2152ea99e303a8313d52184c0dffff380208b28722a43b1b5ba98a611591949eb84585acad39d2375ac76eb8ce0069

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    def8ea796252dd03756064a1363251f2

    SHA1

    a5a1c3cd808dd1567fb49534b64f42a0ca3c640b

    SHA256

    8ca6c07ca81e3b5871f4f6b26021bc7e0f136748aa82144a0bd014ef5e95b7e0

    SHA512

    52216c4d7f843e0e3fc2082d5a97d3741d5782df3bdc89e46af30136326d4564813f9e59815013f10f190ce0b01334c3db51e504bddf1067bafb27173cc5ccbb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ea7309e0aa1dbf9ede595fd0926717fb

    SHA1

    b9d57bb4b088caf351da4138bc20cf737582aef3

    SHA256

    b3d25b8d1aa10a3fdd81cfb889905f66a0834b159e479079fa9d104e3945466e

    SHA512

    8211b80679915225963ce76cf7d5538247ec439626b9d21cb900217ad1c45f2340e4f825f7a5c50ff05eb4ec3ee2c48258aa9954f46fc3401a72ed0ab18a887c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab1A7.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar238.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit