Overview

overview

10

Static

static

1

URLScan

urlscan

10

https://webbntuan.da...

windows10-1703-x64

3

https://webbntuan.da...

android-9-x86

1

https://webbntuan.da...

android-10-x64

1

https://webbntuan.da...

android-11-x64

1

https://webbntuan.da...

ubuntu-18.04-amd64

3

https://webbntuan.da...

debian-9-armhf

https://webbntuan.da...

debian-9-mips

https://webbntuan.da...

debian-9-mipsel

Resubmissions

25-08-2024 17:56

240825-wh4prawgjb 10

25-08-2024 17:55

240825-whklwawfqd 10

Analysis

  • max time kernel
    77s
  • max time network
    78s
  • platform
    windows10-1703_x64
  • resource
    win10-20240404-en
  • resource tags

    arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
  • submitted
    25-08-2024 17:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://webbntuan.danain.icu/

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 54 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://webbntuan.danain.icu/
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:168
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:168 CREDAT:82945 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2200

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    29dcd3f1d22c2a95ac5c4f6a17d9b805

    SHA1

    062b3b90dd83756bb34c94e6923ed8ce15e8446b

    SHA256

    54bb6ebd39350849f85f2b30319525203a066bc670284fece00245be76a0b617

    SHA512

    0a72fc0daff92ff87d6aedcc33f61a5c7cbcac5765fbdd733a85810fe3bdd78dd728dbf04b3f694f97891cb0d5bd356398afbabc1ae69e0e52f115f907798340

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8B2B9A00839EED1DFDCCC3BFC2F5DF12
    Filesize

    1KB

    MD5

    7fb5fa1534dcf77f2125b2403b30a0ee

    SHA1

    365d96812a69ac0a4611ea4b70a3f306576cc3ea

    SHA256

    33a39e9ec2133230533a686ec43760026e014a3828c703707acbc150fe40fd6f

    SHA512

    a9279fd60505a1bfeef6fb07834cad0fd5be02fd405573fc1a5f59b991e9f88f5e81c32fe910f69bdc6585e71f02559895149eaf49c25b8ff955459fd60c0d2e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B46811C17859FFB409CF0E904A4AA8F8
    Filesize

    436B

    MD5

    971c514f84bba0785f80aa1c23edfd79

    SHA1

    732acea710a87530c6b08ecdf32a110d254a54c8

    SHA256

    f157ed17fcaf8837fa82f8b69973848c9b10a02636848f995698212a08f31895

    SHA512

    43dc1425d80e170c645a3e3bb56da8c3acd31bd637329e9e37094ac346ac85434df4edcdbefc05ae00aea33a80a88e2af695997a495611217fe6706075a63c58

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    404B

    MD5

    43d5fafeb011a21c3db1436bd927de76

    SHA1

    a048836cdd54fce2b5eb495445deee8f6ede1af4

    SHA256

    f8b04b85388e394a943ec77310e078e098199c38b949c100713ce520d5ed0477

    SHA512

    a052d702c75dbc99f0377f45d8eaa80e6f434ad8b68a548403996982cf56f7bc79a7ffdadee6913572a1c583242beab59a25c97982d0bf14b30b23f60acabc0d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8B2B9A00839EED1DFDCCC3BFC2F5DF12
    Filesize

    174B

    MD5

    fd2b34efbcd42306d28644e06549ec4a

    SHA1

    f1dc152da81e50e8b67e3d743abd442b06b4fd6f

    SHA256

    68051b9f8cbc063e33cd147e5ab5cb615fac3567b218e4a843ec8722b50b8b75

    SHA512

    26767d3e561f4a651b1ebcf20c1fa805ddd1119f54d7aa0fe8ad34fb35e6167c42f193dc068a413d9dba69fc1bb0cdfa25fcea11a5ff89aaf380644e0921b601

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B46811C17859FFB409CF0E904A4AA8F8
    Filesize

    170B

    MD5

    d465d02862766fc0df512b158f2d0c48

    SHA1

    4ccb4179cea16808359454647e1580c582cb9518

    SHA256

    aac7ea5b9640d2c1882be8740f37eafc0168f5055515c4109311df56047456cb

    SHA512

    fe9324fd3ec0495b866a898446bf9b33d21566b7436cddc7b28e26e09085369cd8788158db59bffb9f6e9ad8cae70af8563704e847c4615d270b30a5e6d000fd

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\VersionManager\verED9C.tmp
    Filesize

    15KB

    MD5

    1a545d0052b581fbb2ab4c52133846bc

    SHA1

    62f3266a9b9925cd6d98658b92adec673cbe3dd3

    SHA256

    557472aeaebf4c1c800b9df14c190f66d62cbabb011300dbedde2dcddd27a6c1

    SHA512

    bd326d111589d87cd6d019378ec725ac9ac7ad4c36f22453941f7d52f90b747ede4783a83dfff6cae1b3bb46690ad49cffa77f2afda019b22863ac485b406e8d

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\TQAR3J3W\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\PWJ9MKLM.cookie
    Filesize

    545B

    MD5

    d64ee003e9848419e59e767261926d64

    SHA1

    fcf4a30f07ffec3a4f48a1e532c313e2fe8edbd2

    SHA256

    0bc850c61c87b138a504121aaa78b1f3c81a2a325f6c12599fb18b6e68836feb

    SHA512

    23a53020f7af31285df5195a93d831e35075d3e372bf19035f94f2283e19f7250419c58f31249ea204caaa706380e3943d76de2f3817bb919889b62e9d2b305a

    Download Submit