Overview

overview

3

Static

static

1

b2child/AP...r.html

windows7-x64

3

b2child/AP...r.html

windows10-2004-x64

3

b2child/AP...5.html

windows7-x64

3

b2child/AP...5.html

windows10-2004-x64

3

b2child/AP...t.html

windows7-x64

3

b2child/AP...t.html

windows10-2004-x64

3

b2child/AP...min.js

windows7-x64

3

b2child/AP...min.js

windows10-2004-x64

3

b2child/AP...min.js

windows7-x64

3

b2child/AP...min.js

windows10-2004-x64

3

css/image/...r.html

windows7-x64

3

css/image/...r.html

windows10-2004-x64

3

h5.html

windows7-x64

3

h5.html

windows10-2004-x64

3

images/sec...t.html

windows7-x64

3

images/sec...t.html

windows10-2004-x64

3

js/h5/fullpage.min.js

windows7-x64

3

js/h5/fullpage.min.js

windows10-2004-x64

3

js/h5/jque...min.js

windows7-x64

3

js/h5/jque...min.js

windows10-2004-x64

3

b2child/AP...x.html

windows7-x64

3

b2child/AP...x.html

windows10-2004-x64

3

index.html

windows7-x64

3

index.html

windows10-2004-x64

3

index.html

windows7-x64

3

index.html

windows10-2004-x64

3

b2child/As...min.js

windows7-x64

3

b2child/As...min.js

windows10-2004-x64

3

b2child/child.js

windows7-x64

3

b2child/child.js

windows10-2004-x64

3

b2child/functions.ps1

windows7-x64

3

b2child/functions.ps1

windows10-2004-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    23-08-2024 03:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b2child/APP/app1/h5.html

  • Size

    17KB

  • MD5

    35d60b981b70f2f57cf753a396ba3bd8

  • SHA1

    15b02e3adc8c156d90a2fb97870e53db70e94d73

  • SHA256

    7ab5b765b8abd054459108183fa72b56f0fac8b84b00124882e49ac8940c39c5

  • SHA512

    25274cb9bafc8380e4e88042f512425fb4105444896f29a78c653aa7601aed3cdd6890aace7a33854fd953b673092552607a7f5baca242cbe8e66737a2b079bb

  • SSDEEP

    192:sr8/FTxZQSaWFoJiLm9IQJNiDlaG5AN1V:p/FtSm+OQJNiDltA1

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\b2child\APP\app1\h5.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2252
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2252 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2772

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    83c64f70c2e2f177d2eb777feab245fb

    SHA1

    38eb39ca777898438261f36bd90d9fbad9cbd05f

    SHA256

    c7d60f10f67a6ab908e54649129ecc47a3044dee7c97bdec666efd261d54a8fd

    SHA512

    fec07ecae269f28c7dbc12fa1fb926e8c3fef3ad5e3c053ca57fbaa806bbd73b5c143ec3ee9fda4d02ba4b1017e41af475b31587748b6adff72925225f88d269

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    de4d57c2b56a8695551c6b60c9656b56

    SHA1

    10d0860c5691ae875c8178c305a6372914680a5d

    SHA256

    1eeb13fd27ef670e102df112c034dd0252300526d06508f2682d9137b47bb8f7

    SHA512

    a6b55d4219fc6487f79e2a88d5cbf5d4a74fed72392df71f6249e8b3853235316e5203f4cff6338ea427017a4681ebcc3e1031db1caf2caa0db7cd0ae783f023

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f47ac4ab65345824a18e35c5ff890774

    SHA1

    7519868cc6c3da0880421d821bc0ab9d77938465

    SHA256

    45183fd0a7362fcef0981641dc3da821f32e4bdc959ced6d51e85479d86f705b

    SHA512

    3d4d272645e8c42553564c8384912ca93dfe438ef511f0f9884f432a8f8cb233f32531c0a560fd451047fd8c04bf267bb0a2c41a6d3c295a45f8dc71c6621877

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e5b15f64ea2acbbeeeaa202fc12687ab

    SHA1

    8218105d672713105d31a27aedb68794adada039

    SHA256

    3dfa34f1395e5875961a44b872d18349b41dcd84fcc7e8808863f8830cbc5e70

    SHA512

    fe7bc4c0f37cdf4bb9d2ea9b6ab6796aefb72e30a8c1b9c5c79fe85b6b41a12bbe6b11ea6c3ad2e0869a46c17a476b6d08a8a2bce9ca356684921e747831424d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    61e85e776e537daefd6a757f9db2c461

    SHA1

    46003783995583609cb5774b62cfa7900b10ebb5

    SHA256

    c3c445e4574743ac5e324786193c909e6d61239e577bbfaa198829903fa2bbe9

    SHA512

    62cafa5da1d7aec91b218b059e79d20a059b21b341e394cb38099164ad39ebd11d19d4d531e78eed7e70c153fa1be555f5b1d5c34ac47b71db9be2a14c1ef6f1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d0f6f62b8252d5ff592c2b9b3c1433f1

    SHA1

    5ebb717ee420c505cc7cc02bcc51ef7fb28e2025

    SHA256

    b04fe64d6e8783dfeee2904322f858df33a2b4fef4a4185c5ed8aa86656ab1d2

    SHA512

    06def1f1c5bcf1d38728bb3708a005a028beca4f91d24fcf94ab5ed901ce842141ec3866eb0e16d9721d491ffe115fd490a4d6fc09199217686a066639ba956e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    71af85ea8e67ec69df34dad124004baa

    SHA1

    ef3fddfdabec9d878d0dd479bc7a9fd3c42af0f6

    SHA256

    a958793edbe9ea2cb2802ccb98b00dd646f601922e9f211d27076bd451193038

    SHA512

    2cbcff2b102d0b20f0b98d30f236c883041f724a56f07f515d990c0aed022f273f75efdd2be89a0b2951beab53633a07660ae116ba9fd4a0a132b142bc7271f2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4e16e27510b8fcb2a28ba0fbc0862b42

    SHA1

    5e657524c02f9f70a23907a27a407d02022fa90f

    SHA256

    dab6551235ba0d5bc1d19bd4ea6aba545b45854cfcf0727e5d02844889d8e262

    SHA512

    22ef463b5bfffad37f74d24fcab6c39d60b0e62541299b5e83512d183897ebd88ec21618fa33c057db89294f65e5a3648f029a06bb4d45e72ffe071489b6d661

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ed428a12070ae0606ba71043383ef463

    SHA1

    73f2ab1f3be275911fa13db29c086647e4fb6c46

    SHA256

    9f94874e35357283a79ec1ea7d95d7a5474a093c186a03faeb2b101c58b5e8ce

    SHA512

    92d7336de128bda9b37a012bf77fd49e4ad38b1e4bdbe47e25ac15991e0f2106df700f375a0b02dcdfa6acd7b6e20f684b5ab6c894d8b6564eaa8088944e3bde

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5aebafb3adc25534dcdaa42340aa84de

    SHA1

    ddc502ba028432bf18bf502992772f607d0de80d

    SHA256

    78eb06b8fd3c7c22d6ddb73f8f82e73175f18610a1459ee5991f6869f5d4075d

    SHA512

    0b5a0263cb0f405c46f12a3f34abf0f2265cb80a2c32af57a1eff781ca08a1d07e0c3b7fc75788132bcd0a2332ad1102e5ad26c26a5a7ae0aa6c354e25cc4c56

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    01545b0b293b97e47218d52f436f5456

    SHA1

    31f752735ac9a47fa6b3df9c2b3219eb9d056f0c

    SHA256

    da8e2fb421f75ab7fbb36645ac97e7d9ab0eec9d442d6936bfa2c71f92885e93

    SHA512

    e3819346bf6b98193a013d982062c6e249cc1e6c2133768d48a7bb08d3272ab636a82bc4028454e092e3ed0c34384d5e565f2be72d7663be95dfd4ad48dded0b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0c6b7ddbd196079306fc5567a852c81e

    SHA1

    cbcae8b38507c582a2fe425cd67bd990d02c9efc

    SHA256

    776ee39bb829d343319666a5fb17fa0fdb5ae3fd92d243b393ab3a1d74d902aa

    SHA512

    bd8a0c06373af47e9b6408a57f5d9ca263bd8dad0e69a63bcc2b3dbc5aff219da110bd70d3eb786b0d08525c20168c3038e1d4f0221a9cfe4eb4a0b39ffc721e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    57c56ec6ddd381481e3ab964c84a7c68

    SHA1

    4e5fd48c41227f276d53bfb2c51d742e6dedb0b5

    SHA256

    f0c8b5676c48df85faf8e43821c49bd04c8877f213079fa339e197ec4b2bf331

    SHA512

    8e6337b81fac69286adcdca55f504e28780b1af9873d6091ba2f2323c649c35242b2d0c2a5c8b0c1a7089021e0a98786343cadacfa67a5e8311574bd264b7a14

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b6b9e9a02303af9f9815afffe6030165

    SHA1

    d69cd71af4adf3ad363d1fa3e56c63aad2b98f2c

    SHA256

    98ca1dded2c1bf347149be7bfefa679e3aa6bc842d83b7113a89b2bb4eb17b44

    SHA512

    e54f8dfd4ec88ea439d05e0ca7c60ff653a0fa1d92bc0b81f0216263ed477e1db7f60e90809e4ff9e5be313c5719b6dcacaff6d1d83aa378fc47c6bcd73806c3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3fd0937229999ad5afdca6866494cbf6

    SHA1

    694c668f7c7ffc1bc6702f8b3e05cde8f01a2806

    SHA256

    65ebfe9b002a6eb98272a88a583467cedc346bc73088c9a045a04f423db23464

    SHA512

    e8e46acc3eeccc28d64357fce59fe0826f2755a111b0ab43249b3c8c33f148e3160ee0efb22bd0f144d2921bbdd7b23de04a5d927fdfb458f91e1c3ead16e87c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    51619b04cede803f8e9c0ec911541f07

    SHA1

    e6431e393789564ee99752d832ca8cbd86eb1205

    SHA256

    154ffffabcd76c60cc50913ae4450981379f6699bee976974db75b79c482e054

    SHA512

    03f5f51569fb25a6e66ebb9c5a2fc2552888445fa242d088c19894423f50c458cd9127e9f346bd865a05d839d98fad94890683c37995cfed936893608f3f9bb0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b97794c838e9344ea2b1aa7e3dc81a2e

    SHA1

    e25cbf91ad8708a1cb0e1523b9246764d4ffa350

    SHA256

    bc5cbf974f016126c5365068935bc8b34f02d8fb3611f4d62ea186f8aded19a5

    SHA512

    f0e1f218e0366312d40fd27933333b1d4b16fa1cb80af66d16bec2fb8cab60bcafe3841fa52b1b449eb50cbe2bc701917c0a3be60b13eeb8c8ed905343130848

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c71452c156e0564982a2afdbc302138b

    SHA1

    f858f553c466299007a14341c12acbfd2d72f088

    SHA256

    bae1f38664e4e808a56a336b3329b4b79fbf0e34a24f0e9cbc13da920baf16f8

    SHA512

    87b7598c04765158f0d484ae18ff68b05cf1686febd2e3ef679b3e74093e314ea2438f261b7c9edfd7a9aaceea848b9cd3f12943f2f7f15f3f3006ff3edd1283

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7376082a439ecafcac553a9dc3d4c222

    SHA1

    d6dcbb58f116b6fa6db98b27bbacbc8355bcebef

    SHA256

    3861f5c56a7a87e93f3f82ccf574521f3233b8fd7f19a9eb204c7bd4a3915731

    SHA512

    55a687d5d94622f08472c6b075bb18917926f4c861af2301e5f88e4fefa27833209b5959d40582a5ba90b485dbb2c27e4614cac69ad4e78ad91a806afc5fe085

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6BB1.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6C50.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit