Overview

overview

6

Static

static

3

4.ƾ֤�....6.exe

windows10-2004-x64

6

background.html

windows7-x64

3

background.html

windows10-2004-x64

3

jquery-eas...min.js

windows7-x64

3

jquery-eas...min.js

windows10-2004-x64

3

jquery-eas...min.js

windows7-x64

3

jquery-eas...min.js

windows10-2004-x64

3

js/autotransmit.js

windows7-x64

3

js/autotransmit.js

windows10-2004-x64

3

js/background.js

windows7-x64

3

js/background.js

windows10-2004-x64

3

js/content.js

windows7-x64

3

js/content.js

windows10-2004-x64

3

js/data.js

windows7-x64

3

js/data.js

windows10-2004-x64

3

js/djsh.js

windows7-x64

3

js/djsh.js

windows10-2004-x64

3

js/inject.js

windows7-x64

3

js/inject.js

windows10-2004-x64

3

js/kmhzb.js

windows7-x64

3

js/kmhzb.js

windows10-2004-x64

3

js/popup.js

windows7-x64

3

js/popup.js

windows10-2004-x64

3

js/popupmultiunit.js

windows7-x64

3

js/popupmultiunit.js

windows10-2004-x64

3

js/popupmu..._at.js

windows7-x64

3

js/popupmu..._at.js

windows10-2004-x64

3

js/pzsh.js

windows7-x64

3

js/pzsh.js

windows10-2004-x64

3

popup.html

windows7-x64

3

popup.html

windows10-2004-x64

3

popupmultiunit.html

windows7-x64

3

Analysis

  • max time kernel
    122s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    22/08/2024, 19:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    popup.html

  • Size

    9KB

  • MD5

    78ccf77c37e220683c7647e05a10a05a

  • SHA1

    4186e533cd21d2170c6a619caa742bca8821ae07

  • SHA256

    9e057891ebe6b985d007eb0e212170edd566494266f5cf16216c23b54acfc2c9

  • SHA512

    10f594ca3a68e4d60e9ee06a3e04b5225e3c5675a4052981e73426ac4e762d260eddfb911e624bb5469e57db2a0f463fc981c9e480450db6f07de5636f6ebe44

  • SSDEEP

    192:br90Bp4NZoB2r0/Ij99Rtwy9QKGqzmBDJYosIm1nW:n90Bp4NZod/Ij9zPQCzmlJY9U

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\popup.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2532
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2532 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2116

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f4cca0b31d085fa76bf5eceb620ec104

    SHA1

    aa8b46e8de97e50a570938f877a79bb74a703076

    SHA256

    ce3cb89932d5cf44a945ddf854280fd0e579569fa01ec091348400ef87056dc6

    SHA512

    60c618d10e0edd24f447d320cbb9b566e87ea195ae49b720694fb83991b0f610125a832819148cd598f5e4a2d7ec9441319b10d641fbff0be14fdd202d8d5e2d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0f8ec341d0a17697e5d86fccef46d0b8

    SHA1

    547c7349a70e8278e13f9259c075435fda772265

    SHA256

    49fc9f566d92136f420eb18e5072ea5316b479af2c38b3550a89738511964197

    SHA512

    72da250aedf9ad31ca4c09ece00c07282029e62a0299ed2af0285a15979aff9f7524fcacdf3528fd2e847a16fe384fdfa36a3a89b0e7aca61bf14116752bac6c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5567634df43d2587d9e8c8f134e40625

    SHA1

    124430b063c8aafa4fdf5a0412daacec77c84bb4

    SHA256

    ef50bd8cc875a52441b0fb503710dfd0283ce840126e81ba454e7d07df15fff7

    SHA512

    c1ff1b17f681c9a99247ba5246f8e4ca4990dd27a30ea1a31b69904c29133b2b813023ad787b73cae8ce2a6ea2a8fd33195f8e9ebdf4cc089dfcb2b205632c99

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fed03fbed65e145d85d677d544235d2d

    SHA1

    27edb9c8c82016a6ad35ca781d0addb0c07285a4

    SHA256

    3853972515c4174f8f73983137adcebf58d1bec81329a2ff68e116cbf5f9e5cc

    SHA512

    97d0425a034902320578d79022c477fbb25a792b0bdf97d08f659fd16b961c0de3ecc453f7495a7eb5fa54837e891dd743f91087586859054518814b4f0128b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9661f0d95084578f7225e2030cf2f9e2

    SHA1

    08fff74aa678b9420442a25ab5007ba140037d31

    SHA256

    65eccc7e717efeb352239bc00c31dea17396d5653c4859695d7e5b95abb5e51e

    SHA512

    110cfa4d1d0ed7c7fcb11a97aea8970201ac115784efc1ff9324c4d588ef18ea8a46c4d60fd7ab6d7d6d96ceb5291e9b47792d097d84983883b52024aa985bbe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fe5471ba4bf30202593c5fb5c70a7f3f

    SHA1

    9e96e45f83639c7e54a7fea3258872cf5f778e29

    SHA256

    d3bd0a85dfc528c49c81f38db3ccc354d0a7fa69ae85b4d2acc29b80de491dcc

    SHA512

    9d7982a8185b359694e03df773551f1337a855b0d1a417784c6122ea105e2feb801de2474f69308ad51f8af7848d2e5c9b82c9dd0558b8fa7467b4b4b796a982

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    df8ca348aef91a905e642504ee23be6f

    SHA1

    6a2d074120fb8d852aa620350c5816e15ffe1650

    SHA256

    aa4fcd0862a84669fbb2fde6b456d6197e5292e6b097e986b505da5003e46928

    SHA512

    892febb3a8600e50a60568296c7636a45106657ac0e9bf44c7ad31fd5848110d1ba0907285d63d6fc9e1a751d5aa4996c7ba85aeee0c3a849bfa69cc720b047c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    025bfdd7927c506a2896b308f58ccc8d

    SHA1

    0b552e0f57f9e9438e91fe60b3ddbc5ad84b5012

    SHA256

    039f93af878c60e2908b779379e85c28dbc3e8d58e332a7f86a9d00ce66f5343

    SHA512

    e85fc284922a4ba217bac71abac44ff1162e50732860437d8ee63b47df0fe41fe93b8e7470b3930d3014021b9405011e230382b35cf42c2eeeb51ecb57adcf1d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab48E5.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4908.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit