Overview

overview

3

Static

static

1

upload/admin/plat.js

windows7-x64

3

upload/admin/plat.js

windows10-2004-x64

3

upload/adm...tem.js

windows7-x64

3

upload/adm...tem.js

windows10-2004-x64

3

upload/api/system.js

windows7-x64

3

upload/api/system.js

windows10-2004-x64

upload/dat...tem.js

windows7-x64

3

upload/dat...tem.js

windows10-2004-x64

3

upload/dat...tem.js

windows7-x64

3

upload/dat...tem.js

windows10-2004-x64

3

upload/edi...tem.js

windows7-x64

3

upload/edi...tem.js

windows10-2004-x64

3

upload/edi...tor.js

windows7-x64

3

upload/edi...tor.js

windows10-2004-x64

3

upload/edi...t.html

windows7-x64

3

upload/edi...t.html

windows10-2004-x64

3

upload/edi...tem.js

windows7-x64

3

upload/edi...tem.js

windows10-2004-x64

3

upload/edi...r.html

windows7-x64

3

upload/edi...r.html

windows10-2004-x64

3

upload/edi...ger.js

windows7-x64

3

upload/edi...ger.js

windows10-2004-x64

3

upload/edi...tem.js

windows7-x64

3

upload/edi...tem.js

windows10-2004-x64

3

upload/edi...tem.js

windows7-x64

3

upload/edi...tem.js

windows10-2004-x64

3

upload/edi...h.html

windows7-x64

3

upload/edi...h.html

windows10-2004-x64

3

upload/edi...e.html

windows7-x64

3

upload/edi...e.html

windows10-2004-x64

3

upload/edi...tem.js

windows7-x64

3

upload/edi...tem.js

windows10-2004-x64

3

Analysis

  • max time kernel
    72s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    21/08/2024, 08:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    upload/editor/plugins/image/image.html

  • Size

    8KB

  • MD5

    02e3a00935a45bb933c9908dea390768

  • SHA1

    f3e3775d996184016e4d6b7efec3f12318e0adb4

  • SHA256

    c28f662ef9dc17138d6e96fc21a144137ddb1dc04328e70ffc4c7f00e1e627c9

  • SHA512

    f3533564420ed4fba6f762555a0ca9f78e6a489d890834abcfe2cdc89b72e5c3de51d8943c50bf624003565ae0629189e2adbe4f6a487f8abf5be5daf38cd962

  • SSDEEP

    192:OIUjFD+NzYjWS8+7gwC0OUuLyBK4rTsLsL6K2c:M+8D8+7gwC0OTyBK4rTsQL6K2c

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\upload\editor\plugins\image\image.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:708
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:708 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2840

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6136fce3ff0602a92f07795a59b16d6b

    SHA1

    ce7b2e9a9c964b0b3d8067735754de61d9afd210

    SHA256

    83ee9a7e6056ad1efa5054fc8f87ddb06ffdc9c00a8df978d70303542864a977

    SHA512

    f35400f349fd5399bf3750863f85cff16a66fcf8bfecad55c894495e79328d8390295e493a3cc46604ea626f46c6c0a124e90def6b91b45532936bb9ac63765d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fa5594dc2cfacfd16eadeb2a083244bd

    SHA1

    470038e68c0b0a968be7c4e405b9c5d178d97a2c

    SHA256

    948c4593f194e92c6b6d35f3d9b43d7fc03c5fd95ad12b6797eef2738ed82194

    SHA512

    adc65cc912509128c5318db659f87258189e50eeef3f58bbe13bf2b465bec02ffc65389410e8d0106a150d03ba0f6482feef5e35fc8e6a3c748f8597b9bde39c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d870e41e73c22b53ee86c1b9f4b9c444

    SHA1

    ec3ebd4ffddf67c442373662fd7632ec9603168c

    SHA256

    f96bffc363cea4d1995577cbd235d66f79c0192ebf52642ba9d1a1beaa537cfa

    SHA512

    dc11b00194919779ed9313d478e3d04ff0ef995fa151772fc43a126073219773bc350b7bb74866bcf12c04e676ac2b65ea3881a6a79c5b670d79933303288d62

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    18209165b21ab6c5f9c3d68700c79540

    SHA1

    41e2a9d553bbeef17aecc0d55c3888c90967215d

    SHA256

    116a75ad94f9f3bdae327632778d59420d0a12be91cf9014ff860b23749c40e4

    SHA512

    506bd37ec82d186d0bb318800612d0404daff13078a5bff1e9d00fcf885ce2140b7eb1840b421cabbbe5f0f0cc22b082f226fc46d7d6c081de2d8993c08bf661

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a02fc7897d302a87ca05dbb0ca07aff4

    SHA1

    40734cb2c728512089190e5182d5855f3b032aae

    SHA256

    42feca465685253e56b622d1e34b615abdbe3fd7267745e2bfe90aa7c3838368

    SHA512

    1b8c75f836192d046db12ee99eea424d5269781f626c69d8c5c20a8ba969535a534fae6f091917905cb30516521f1789f37aaaaef71cd805b57349e3a156311a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d7d2203b3e8d86fb0ca272e257623f37

    SHA1

    b88cf8647ac33512e899562ad8bb8f113c8b038e

    SHA256

    7f50861deec2ebb203cd51bb049d9502a2f09cc315f31b6165576e5c98a03c4d

    SHA512

    646fcf546938f5461244cf1f7352f2f3f8539301dd95473ba19e75175d23383297f573cef4572e42a1ed1814094abc13be3dccf59f90054cf58d9d384535a62e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5dfea126dd3c11c6901f9a3ceca1af05

    SHA1

    301e8048294a17d41a189981b8a4a3cfc0d70b4d

    SHA256

    98db60abf91f3af54d82825f6f7358b2a718ac2e8197c1be6233988fc9114da2

    SHA512

    67a8f46b4d67dd9895018dfe72da7e67fc2bef9250aa0d1bf6587ba54cf0e8418e6ddf6ca5cc1a73b0ca4129ed2ce4b6aa3e4ac5d3c39032e8e6c287926b353b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f69880bf117ebc355c1ae97e3e9edac6

    SHA1

    a6d303179eb97937aa7d21bf8230bc0bb82d5b72

    SHA256

    f734da427fbf3eb192429690cee917b252e68cf26b7b51d65ca7c846658c4461

    SHA512

    57fd91f35d234813e0a04a5d1bb1044023aad708b4aeff22bf8d4fbcd32e6141ab9998bf481d0e6db2ec13bfb78dcc773c8e1e7cd745939ff1897a9329ab3c6d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    af2595585dc86f1275f7883cb3dc7455

    SHA1

    f8df28568c228645c1d050af902b4588c4d0cbcd

    SHA256

    a17e997ea362c28378ba2f498ccd70a48060c34e05be157aeb3fdde975ddb158

    SHA512

    f07d981faa03c5db73722c749c4a3ec76c94e1e145b0de452336c0f2a5bf94bfd4c81d5bf7748c5b3ece1fd4f674ace8995d783f2736a5db99c0d832d1e39cee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    282382d31f9566e1c70d06b402e040c7

    SHA1

    ef217504a3c5df6ce8c1cf1d509a6a82621dc29e

    SHA256

    aba8dd2fe05b49518fa09756cbd9a1c350bffc7d72634701b612ce5dc02551b7

    SHA512

    afb7423bc4350be6b183fd009f1c7fe67db196340728edab838761e68db5a076323f5aa0bc2085f51615f0910e806aeccc14ba19c36c00ff181567649e6fe030

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    93ab2ae65b1fa48b2ef545a63f3e5cd1

    SHA1

    fa1148a2d9d55e424b8a97f04c8aec5ab9530580

    SHA256

    624a6cc3f86f4ad379a7d01738fa2448021d19438276d62250d11c9a22f91734

    SHA512

    f4f0240d00ac6e2f2ff257bf48bb2857946945795f087baed627998e0c66f1575966f9c60436389f3b50e388727b5425c55615c454dd49f57918bf09ef6fa2e4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bb383f9e35e9b2738bff17c5940f4465

    SHA1

    8d8aca7bbea32c4786529c16ef19e8524d9688f7

    SHA256

    00a5c7b1a39d16c59f74cd13b76e1a30b5c60ee7e8280a5fe5da05eb3bb0f782

    SHA512

    3912a438176a7f73c4191a52d4d1526a5423b3fa50d1fdf69709dca892825a251d06a62ad9bbfbbc0df22cd5a87f2ac5943b27d3e713ed1efbb29463def2d568

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7ef91247db8f6ec7dd6502f3074f12be

    SHA1

    ef837d5ffc51809213ab793064275f4a30bc5070

    SHA256

    b67759b1fa5e6bd460a7734352c428a5e178cb02d9a18a5c0fad79fe46606794

    SHA512

    8fb8854a167c9788b9bb380931af1a91988a46dcc89c68b6cf6b73c8b0868f7b1e766b423792e83d31ff4fb89f3dabc2965a6e8fda6c02761532e01d8de52c74

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fc50e95acc71795281594e79c54c6ed3

    SHA1

    0871b91cd02c75898d0e413d05d650a4246c6d1d

    SHA256

    8454e59570f407193b8ccfb2ffddac9719683996367f793c982dcb14769d6736

    SHA512

    9a654fba74df950f449982ba42a3103e9811d56628a08e81c919a7787dc6cf1b3675ef2b70f28cc6e6bdba4372dd4548d537eb08f7e299d532154d0acbc0351c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f506e0eaa8252796e391bfafae8a73ea

    SHA1

    e3c1b45b6ba29396cb4fe543e1148c83106d7fac

    SHA256

    7713ebacee601d12babab17bb420812a0348fc90c04e63979230b3fe1f4007d7

    SHA512

    cc68993d1e2af8d640d06f1fe7017ac4af00b21e239da10ed1b709ddce3ee9362436afcedf6cb974c383eb8dfba5964c8815a46d4db36e0e93d03bfca98e4504

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    75093e3235dc949873ff57c313543d78

    SHA1

    62dce294ef879f1eebee92a3e5224da652dec7ad

    SHA256

    bd7e35d69ef54fac0b18b168819a0fe6d7dbab752c7b2c63da55eca799ca50d0

    SHA512

    7c4f2b967233f822be90689af8d875b4b8af98426d3369934dac3ea7f63345850d2162d2035e979cf5ba05611ecba7a0ef464a682ee9913d251be38f1c670451

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    29f8939d5025d8fb8208ef641ae4b4d1

    SHA1

    ad466f76ea3a1489524c963bf831bb8c102b8418

    SHA256

    4f285aa8f354d6d2a63cece99a04933b16451584a52efe912fad04a1673eb663

    SHA512

    cdbdb2a75c71fa4cfdca1417a604f3eb7674b2658dbf1f37dca01057a095bc5db366b8fca8b7f2638d9d5149ce76b844139841de253b23649b3ca83e83e43db1

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab1FA4.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2091.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit