Overview

overview

10

Static

static

3

c615257b3d...18.exe

windows7-x64

10

c615257b3d...18.exe

windows10-2004-x64

7

$1/$OUTDIR...er.exe

windows7-x64

7

$1/$OUTDIR...er.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

2611067143.html

windows7-x64

3

2611067143.html

windows10-2004-x64

3

contact-do...g.html

windows7-x64

3

contact-do...g.html

windows10-2004-x64

1

home.js

windows7-x64

3

home.js

windows10-2004-x64

3

home1099482986.html

windows7-x64

3

home1099482986.html

windows10-2004-x64

3

home1259317828.html

windows7-x64

3

home1259317828.html

windows10-2004-x64

3

index1449123078.html

windows7-x64

3

index1449123078.html

windows10-2004-x64

3

Analysis

  • max time kernel
    122s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    28-08-2024 02:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    index1449123078.html

  • Size

    10KB

  • MD5

    5f05fe70d58d5058c7b0997490bb449d

  • SHA1

    13f38efe4f41f86e72726da215c9d62534148e00

  • SHA256

    8ebb146e6e3e9741f2c889baed2e96afd23956b8e71a5fd1114c46769b8c9777

  • SHA512

    b5e1eb1df064bbb8dd204a269edeffb38131abe99cb3be987d757e74e1cf467cc70a003a64ae7b8c785f7b42fa2ef5819eddf7072a2ef257d5c22faebe73aa69

  • SSDEEP

    192:klcdyhPpWsd4jd3hOWTxtkUGgYyRjz1JDC708:5wWsW533HpYyDJOj

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\index1449123078.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2024
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2024 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2832

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9d5676b1de7b94628fe8163eb2622325

    SHA1

    b5dd7ad74293210885dda6f3257869490f34ba6b

    SHA256

    9d5553d42b7f8e5d30ce5c92ad89372441c551af1f2d7f14422689003c6f54f4

    SHA512

    7ada46fa565a8c80662436eb17d94d5aab133039411b148f8e9141c9fae10db6793abb091b24e8e2ae094190b6f4dd240e5dd2b5510e9ae9d5be14b373780ff6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3e43d30ea8bac0341c7670ffc270a8db

    SHA1

    51e28b487db1495b43e44bdae7f8b8cc05bd21b6

    SHA256

    c48429bad87dad1bb286aa4383c8f34af0702791aaa6558efe350b826eb64410

    SHA512

    6642ef261ab6b7a02a5d2301c2edbf0e370e9a9d49d929063452744700985452dcba459b9f4ccce121aae48aac9aee46daaded1f5598a124c4f4e14917a3c0c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6b8173b6261dc4e4018085c35105f99e

    SHA1

    999f2f60da5251d9abf83af9e4edf07f81472e66

    SHA256

    97dc7789872423afa24a8bff03a08738c9f8f1e0f7505970e8dba46b6e367ed1

    SHA512

    981af41c4b87af8856668ef3c8e8fd97911fc76824fff96e087623d9c29783c4be3d08abaa0d8cf656f3f562463840206fa6bb626a895351a26bc1e593f60767

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    673d18ce874c9279b224bb9be3bb6207

    SHA1

    140708f51b914de1b5cbb4933afcb9e6dde02d74

    SHA256

    57814ca7458fcc497388da6a945913c6c3a29167b5d6fdbd9812c3df162430c8

    SHA512

    b23610419515629b58f90ba7509b81f96d36cf641458e38d56cd24a9bdb3411b3122f1e8b525d408fc760a8933a8c19af29b4fb6ece94f020ffce32f25c18596

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3b27f6fbe2f7553586550bdb1b3ce383

    SHA1

    cca99cbd4df6e64cf34801b514e412adb642c0e0

    SHA256

    f4addcc37502f05328ef9110c1fea39ba139fbc34c8696ffead2ffcaead55c79

    SHA512

    0b75569d84dedb8b6649262d5e88f4038a8c1cceea2501fc5fa1207425152ee0769d06348c42f5a4355fd0e93fc89e33c829d0318355a5f3ffe1fbd26553e606

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1e6eb70a27637fd56ecc036502af1d58

    SHA1

    11c99aa9dbdd84cf0b203c6cd45dc0f9cd85fa5f

    SHA256

    949f86f98ddc9ca120c862067110cf3a2ec6dca610a5635b1e3b755fb33d093d

    SHA512

    c1fe11a37fe475d7db9173a6f914079e4840e61b7575173a4b54a4f1a88edffb20ffaf6619258cc7fee3affe98091636182548f2546dc7203fdd0e8e8918aea6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    79fccd26153a6773c8ed5879d639ce34

    SHA1

    5ab389c55f093cb76d175de975b8daf13cac5748

    SHA256

    316f5bae6b3cd76dbb77d1a101a04ae8f69dd84a98f59b691bcb5fd719467f16

    SHA512

    a8528456e760d92c9828c3dd56ca226499c9eaf9c7557cbd5008665a22adf16c0132adce47b55f91cb559f7033f5ee47c497fc5f4936f980ae5458611c321cda

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ce1710280aaba090201358ebc29c2f7a

    SHA1

    9590cdda80bcb48383910c56d580d96dc0e1d3e6

    SHA256

    d3522c5a394c93c9170fcd30b7ef165634bd195dd8c7ec08e4243ccb509fa805

    SHA512

    5bc95e57760672277e065e2c99e4edcf95c7a88ed8c8e1edd2f217df8a712fe1d1e46af52da35b8e46047a8328cbb5e5a3afc7fc3f187266ca41e61adf04d231

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    18024ea603ac69c842fed235d6bd4d0a

    SHA1

    87f6cf66e23cf870a2769447f7c763eac52cfc2b

    SHA256

    db848097aaa8b7bb7a21a6579f46b813d910b65797289e0145d65b05f9b7336c

    SHA512

    4573e819d22af850183e6be2d26b7a319411ff9755d3de3451e89aa12ff0378a016b466697964e2f56af31ae51cbbf1c3300a161c7513d03c2f159fb2fc39a6e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    313557106b3f498057f76aebc52b0ba9

    SHA1

    267a213e1fd7f0326d42e1da0cf4b10e00831f53

    SHA256

    a69ade1e47a2f2d628d95f379a335de3b2486d6e68dcfb8b0081286a2ecbe7d7

    SHA512

    801a2ed0101b271f4fdb99bf65a7de70757de361f8e868534f84ae59a126d2cafbf57f0ef45bb40129dfdd575f535372c2059016ff7806fffce0cbd2d6752a13

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab435A.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4418.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit