Overview

overview

3

Static

static

1

php168_sha...che.js

windows7-x64

3

php168_sha...che.js

windows10-2004-x64

3

php168_sha...ass.js

windows7-x64

3

php168_sha...ass.js

windows10-2004-x64

3

php168_sha...ass.js

windows7-x64

3

php168_sha...ass.js

windows10-2004-x64

3

php168_sha...x.html

windows7-x64

3

php168_sha...x.html

windows10-2004-x64

3

php168_sha...es.ps1

windows7-x64

3

php168_sha...es.ps1

windows10-2004-x64

3

php168_sha...he.ps1

windows7-x64

3

php168_sha...he.ps1

windows10-2004-x64

3

php168_sha...ed.ps1

windows7-x64

3

php168_sha...ed.ps1

windows10-2004-x64

3

php168_sha...st.ps1

windows7-x64

3

php168_sha...st.ps1

windows10-2004-x64

3

php168_sha...st.ps1

windows7-x64

3

php168_sha...st.ps1

windows10-2004-x64

3

php168_sha...st.ps1

windows7-x64

3

php168_sha...st.ps1

windows10-2004-x64

3

php168_sha...em.ps1

windows7-x64

3

php168_sha...em.ps1

windows10-2004-x64

3

php168_sha...x.html

windows7-x64

3

php168_sha...x.html

windows10-2004-x64

3

php168_sha...r.html

windows7-x64

3

php168_sha...r.html

windows10-2004-x64

3

php168_sha...y.html

windows7-x64

3

php168_sha...y.html

windows10-2004-x64

3

php168_sha...er.ps1

windows7-x64

3

php168_sha...er.ps1

windows10-2004-x64

3

php168_sha...ule.js

windows7-x64

3

php168_sha...ule.js

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    22-08-2024 11:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    php168_sharp_1220/upload/api/member_panel_jumper.html

  • Size

    323B

  • MD5

    736120dc93f6ab155317ddc1fde8c091

  • SHA1

    3bd9130b4a25df8ea8d1c20204952a7852865cef

  • SHA256

    2deca3b1ba296f091c7fc28ccc2f091a8f874e54d49e840e682e461f93c6aac4

  • SHA512

    3e597327a165ee173cfef87f3994a3f34054cc9f02dbf1664843e62acd85bb0b3285d2fc84319b8df1767fdbad583a171fddf5cbc73ddb22593b51a520786841

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Modifies registry class 42 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\php168_sharp_1220\upload\api\member_panel_jumper.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2504
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2504 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Modifies registry class
      • Suspicious use of SetWindowsHookEx
      PID:2660

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Location Discovery

1
T1614

System Language Discovery

1
T1614.001

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1d6c5d3d94834dff58253f90631e82ac

    SHA1

    7afca3faeff6ebc6e139885eb02a7a94ca738095

    SHA256

    da869b3cf74a34fec7108a46d01ba56ae337cddb9a5d063a060457af06dafd82

    SHA512

    ddaf2668b62296b99cf1e25b4d9b8b97c9b889b74ad31583690c4c7479c57bcdc28d4c7bb9010457eac88bbc6d5c55e94268cdbdd054be527b6118a33c7145de

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5e6fc86e2612e27334489080e10acf60

    SHA1

    dc08990f6d265cfdacfd90ab4eea128fd1233bf5

    SHA256

    bcf6dbd8bde7465d15428001073debf390df816e9c19c600019a1be8bb94530d

    SHA512

    06fbe01365e15b7f1a82de3e588a36cd60326d9fdfa51ba4e823655877233de381cb709108d24967c35868b271c73fac0d0489a962e36ffb3643a95c63f8e458

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c17693d62bfc5d7757408772d25e63fb

    SHA1

    f90d22fde970a9414f840eb2e862f44283dc1ff6

    SHA256

    42f82f3857856608fcde7a91ebedf85c6b3e92e9f880c84714c10c0b191d3ffd

    SHA512

    f26450aa6243bbdfd8421d9efa929cf8af4aa9b121d538f346a7ab753963f8c071d7d2eef2d75a23824fbb0aa2ae969e551802b6eaf64244c72744bb2fdc1580

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ded3ae72a69500f830f1e56343314b72

    SHA1

    92910657f7c49fdd25cebdfdf63579df0ad906f6

    SHA256

    7f97d57f625ee0eab79a44f777da569d7dfca203d6c3c1f1dd934d3e0b6f72df

    SHA512

    c17146a1cfcd7c373a26d3aa836cd826690bc9bec5dcc1590643c9b2e918df8db7a9e99eb785b62368238c7f20a49f31af8544a349f815b38b1a6d524a0887e5

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e68494afe1b02960a3ca9f34d56a60b4

    SHA1

    193912362df4039aeede9e859c525f5d5bb5f1b2

    SHA256

    50bcc338fa477bfb52428c8f8eaf949226859b3781e042f6a5c4561a3fa5bff4

    SHA512

    b8662911be3a0088383e2cc0898c9ad3f315bb2a1a78f7816dd59bba59232f3068c3cf5f4a05f38c62121a37b25cec4067b5eb428e22ec43ea9f1d305437d552

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cce13625ea77c57716e0372978d9046c

    SHA1

    5e64b72cfee1ec9419e60873e1b07f1693d56df1

    SHA256

    42393ea34ba61eefaf610975f14966fdc8abacf85f7fa1ae14056b8c9931db5a

    SHA512

    8d1d4a757d9693d78b2c0dc1428666a641c189621f9da755598667516a8cadf1e0bf54a8daf8d7d3c828107928bbc384588c14e2517a3b49f699d4904c5e14b0

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e251d0efaa7398c7ea705ebb327e2d24

    SHA1

    747ae5d022c27d6287f9b40f7ed951b39c1dc844

    SHA256

    ee01db811f3e64848f0b80578b97fe50b88c804229e6868a483b7ec0e45bf304

    SHA512

    be139cf5a2c289619f2621b3f94c84237572273988d01780a63bd97c28699616b043f8038299c7f5ae53b9053fd701ce03b602d466bbdea21f900c47b0288ace

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bd01dc1e2d9bfa80c425c67b6ff627d8

    SHA1

    80bd2ed0632dea075691e18ea629176b33527aac

    SHA256

    0b3462793bf6576c8cc7223831f45fec0539ea4d144569bf25ea80f7c637fee2

    SHA512

    a74742c9531e9b1a34762975d43f0801a016ea4d7e4f538f399c047e705efd6abd18f04927943c3f62d1f06302729390383a5709ec32782e36b24a75a70b9956

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\CabD7D8.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\TarD86A.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit