Overview

overview

3

Static

static

1

sample.tar

windows7-x64

3

sample.tar

windows10-2004-x64

3

falt4/admi...ver.js

windows7-x64

3

falt4/admi...ver.js

windows10-2004-x64

3

falt4/admi...ver.js

windows7-x64

3

falt4/admi...ver.js

windows10-2004-x64

3

falt4/admi...st.htm

windows7-x64

3

falt4/admi...st.htm

windows10-2004-x64

1

falt4/admi...g.html

windows7-x64

3

falt4/admi...g.html

windows10-2004-x64

3

falt4/admi...e.html

windows7-x64

3

falt4/admi...e.html

windows10-2004-x64

3

falt4/admi...wyg.js

windows7-x64

3

falt4/admi...wyg.js

windows10-2004-x64

3

falt4/admi...tus.js

windows7-x64

3

falt4/admi...tus.js

windows10-2004-x64

3

falt4/admi...how.js

windows7-x64

3

falt4/admi...how.js

windows10-2004-x64

3

falt4/admi...del.js

windows7-x64

3

falt4/admi...del.js

windows10-2004-x64

3

falt4/admi...hts.js

windows7-x64

3

falt4/admi...hts.js

windows10-2004-x64

3

falt4/admi...ing.js

windows7-x64

3

falt4/admi...ing.js

windows10-2004-x64

3

falt4/admi...les.js

windows7-x64

3

falt4/admi...les.js

windows10-2004-x64

3

falt4/admi...cel.js

windows7-x64

3

falt4/admi...cel.js

windows10-2004-x64

3

falt4/admi...rch.js

windows7-x64

3

falt4/admi...rch.js

windows10-2004-x64

3

falt4/admi...cms.js

windows7-x64

3

falt4/admi...cms.js

windows10-2004-x64

3

Analysis

  • max time kernel
    119s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    20/08/2024, 08:58

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    falt4/admin/inc/drag.html

  • Size

    8KB

  • MD5

    2022e56a187da32e128acfa3e135227d

  • SHA1

    121d70462344ac98b08550c78b909493781af502

  • SHA256

    bc4ad27cdb71986aab304a30856750127c28dbfbf99c6dfa6a102a0406c154da

  • SHA512

    5176f5be405c40b8dd8e529c7541346bd56172bd385c0b4a047cf93d72927626de77338bb15e53b6dad217816a27bc5e8a28e40d0253ca0151007949884a6f71

  • SSDEEP

    192:Aly9RtjsKdTONXP7tuxu4HjP9qxj+c2l/7LsskAo1QtN2q:iitjsKdKNX0xu4HjPA+c2l/ktAo+rt

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\falt4\admin\inc\drag.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2696
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2696 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1856

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    72a724f62ec62f33bd3f3b0d7c7c025f

    SHA1

    98e5b354dab87be3fc98039b7cff889bb11607a1

    SHA256

    5db1a2bafcad000186ef3a28a135a57890bb73c776c920b070cdc50c9bf487a9

    SHA512

    dedf0c0e54b3c4d3ecea7b5af508b2bed3f7e24af0f21e36a4ff367050d1dfea7dbbe6368debae27c6864759f5729c377b3a1db31cf296b29c960bf9faf93a35

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    68442bb14c85f16c65970788ef2fb799

    SHA1

    1662210079515e04103671e52a627e2993034261

    SHA256

    0ffb692d82d48fd66c4639474254368e3735a4de09b47af6ffd5fe7caa1f2ce3

    SHA512

    2ab9712b63231d87d212c7bf7ec9fb46ed5e5e4c3650d2ab542d0a9efe9d8143bd26060f10a97c707ed2ea3126bfa7ad7dd957ba59b39dd16e5ff4ebb9dbd073

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    833f8dc5c5e9dcc458a91810c1f03f04

    SHA1

    8fb4961468d1cf274f7f1c19617bc656d4679595

    SHA256

    c1fd163e32168fb8c8d1d1d5fb15d66551eb8cc58be8c6c8ac790c94c1a6d51e

    SHA512

    913b669a7fbbb825c71c672470decb1e6da41b466c2ed71a4a3e01823f68df3342224eb54f21a888ebf7f9c72aa070f1f93b19063e679031e7224e7950cdfe7d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9cc0275297eadfbcb216f384061e6451

    SHA1

    05355f1181c38662d7f3ff56c23b8d835c28ec26

    SHA256

    d12aff9fe66490a2639f7f98cfd25d1e134918eb61b1b73ef237915624f8a23b

    SHA512

    e7c802870b6311ac8841ce7522aa49216183471ba3589814da1a529d424cbf0f02a6c64aa49f4a6fcaaf70195181bc4d5fd801312bc4e2b5956e4688e043af80

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    56933747e35a09a0988c8eaecca741b6

    SHA1

    58a4e3a522d73a77fbeb346b6f51a9a3ebe005ac

    SHA256

    607378fd172aa4f777f791334e337526ce4ca15815372fb7d37e200fcb01864f

    SHA512

    2d55a42e638d8a5e0cf9514111de36d341af71c1a42565bae024b42c01b7bc3a94db796dc7c275a306fbb626860946210a0d3460b4c0fd0e3a9d789d0ae97e84

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    655a95a7d5d4c1180b1fbbc073c2249b

    SHA1

    389a7a45414976ede4fdc9c1f020ace9aef3222f

    SHA256

    b03a664ca3c8e80417120ed4b49dfe6f6e32a3556d0d5e6073286447277ad83b

    SHA512

    6beb2aed3c1e7772898670b137d91a0df76614e7b15f1da4e135e4ab9f53189ae79f1b55efa215f5a096b0e847a7f54ea8dfbfce20c14b994c7a4a4085282966

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3b1e80dfef6747c7303004873e8a4719

    SHA1

    ba469607d27218d2eec58016888c14d816f0edf6

    SHA256

    2d3b4383f30b04fced70e1d489c844d0f0211c5c579397bd4093272d08f774fc

    SHA512

    e4843b8e5c92aab5fe7c01f788c583d1f884bfd2367e4e1ce6a5490af60f222231da9fb564d6cb23f2ed3c06f71966035a7e89e66a292e3e6f9b0282e16053ac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    22154d1e0129970fdb22e1d12c909817

    SHA1

    f1198cb692dc1452fa6a86b558f9fbc7c8296884

    SHA256

    7097b4ead86cda1da26061c786d0e16b93998412c9114a9ecd4793c5aa30d0ca

    SHA512

    2cb9c50a903f13078d2795897fdb903e32bb057940bba251135a34638b8803f97a553c62b9117d1d84290d0532d84e1bf6e3618c7d594c9d396de71af39284c0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e914882e33c23d840761b62cd081e81f

    SHA1

    3e63a06a31779017538c16bc80913ed1942400a3

    SHA256

    1af3a5ced312047e0193e7739aeb3c05ca927914f5412f8463e1868d3339d384

    SHA512

    65d2028fdfdc802f2e5a5d30a0e17acef60a07749aeedd2ca2531ace77d52a93d372f1bd4c73ede7c53e17e208da84c72220bc783af14e5216beb772ae720ca7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    09454cde569ce28ace8b4bf5245a0774

    SHA1

    af76bed59f11bb8be813f3e51b5c6ddcff8d8ed9

    SHA256

    4b901ef51ba70b0fcff2d50953cd22848dc0d721d1550e41aa9c4dacece2269d

    SHA512

    53b8b455629b2d4691d32f07fff1f958ffc7e9f06b53ab5a01484a8ceaf636ded66cd56772d7eaad5b9682d8065774f6eae7592cbcbc77b62c070c523b67087a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0f35a8fa3b20b6830ea5d37f8940a9b3

    SHA1

    f74bdd771add6ff28388e0676e818cb26bd398e7

    SHA256

    efdf3bf2590861bf93aa49d9cb3d3a615c28322f9ec32351ed4b5bcc5684f08d

    SHA512

    3d1018df5be15a24933eb8d8dba47e287539299d2414a948d1eb5bd1237133342274b5f023248b539383e41ee15ec86d88cf424b8c35e38be2b92ad5a1598fdd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    533d3d1a92da62f36e6b685b819474c2

    SHA1

    266bf2058ad8c02090f6f37f32662b5f6c952e25

    SHA256

    ce120c91263378778d6f5c56b804f4b27df8adc106af23ba9b0d8353c1d3af15

    SHA512

    2ffab4226ebd71b5678e9acb5f53cc4ccc464881e9254c02cbdba407d0631fc7b506838318297f372270d78ff2d218c4296d55dcdea14cae910c1fa2d7d4f420

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5eee3ebcc78b25711dffe74515f5bb98

    SHA1

    c954b246b9e7e721ccb70c84edb7ce334867d46a

    SHA256

    f635c4412d73b0961ee0e1d6504054dead175f12a5312833ae63b2da5515bcae

    SHA512

    941119f331cbb7e99d3e911221d34e581e3fda916bf5c60d323879426c115ba40f9ea9c68d86e2e4e666f4b6cfe75f78b2d8bd6f36105fa146e6370179fca379

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b67ee0181a7074b564fee8df7d514b89

    SHA1

    57f63ab0d0a6a9eba0292c6c8e78df0980ec364c

    SHA256

    6eefd8c0010968afa2b32cc13cd6deba71f60cf38bf82bb1b5754e031ae67a8c

    SHA512

    1ddab1be93a7bcda8796404b8749fae4c0187dbb89f41e19239c88b8529f724da47a1c58efc3767de38f097d9aa275104f1fd1fd8f8d2ba32ffb07c5bf842806

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e457ed4ae5ceca5e50d86e0fe92ca55b

    SHA1

    258b5e8645b284420f68e33165e422e013df9b01

    SHA256

    072c9c3e53328ca44d60423a16ad2d131ec277e621e1dca613ed6a2dd55552e9

    SHA512

    11f382cbc42d863e3133bcc686b93e5d2dd5e3e40b7993e57ad8aeb0ccdf7ee917f8d15e79a10f1fc258bb52dcc54ad0820c565d22648674a59de99e00374588

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    44c3be45fbf53f34a3395c7f61431326

    SHA1

    3a3cf2a68308d5f63a13fb18cb2ee243993383d0

    SHA256

    ab5ea60ccd4dfbc250fb08d0a6bf878ce3d29c670cf7b34a9d3b81d12af09ef9

    SHA512

    e81a82fe5d9271a3bf56c728804cf13688817a43c718f8fd5b346ad0f2045afaf9f24ec0cd596cdb72b7e3456a910b690fd692d138de7c50d96742b3ba97b343

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB5FA.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB699.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit