Overview

overview

10

Static

static

10

Kalkulator...g.html

windows7-x64

3

Kalkulator...g.html

windows10-2004-x64

3

Kalkulator...ni.doc

windows7-x64

4

Kalkulator...ni.doc

windows10-2004-x64

1

Kalkulator...n.html

windows7-x64

3

Kalkulator...n.html

windows10-2004-x64

1

Kalkulator...1.html

windows7-x64

3

Kalkulator...1.html

windows10-2004-x64

3

Kalkulator...2.html

windows7-x64

3

Kalkulator...2.html

windows10-2004-x64

4

Kalkulator...or.exe

windows7-x64

10

Kalkulator...or.exe

windows10-2004-x64

10

Kalkulator...or.url

windows7-x64

6

Kalkulator...or.url

windows10-2004-x64

3

Kalkulator...ja.exe

windows7-x64

10

Kalkulator...ja.exe

windows10-2004-x64

10

Kalkulator...00.exe

windows7-x64

7

Kalkulator...00.exe

windows10-2004-x64

7

Resubmissions

02/09/2024, 16:05

240902-tjhgssvcqb 10

02/09/2024, 16:01

240902-tgfkesvcne 10

Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    02/09/2024, 16:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Kalkulator/B-517/pr1.html

  • Size

    97B

  • MD5

    946dbfb7da138cde07c227a650dfcbf5

  • SHA1

    93d662dca61af230c67ac3acc86e871a7287d50b

  • SHA256

    aa1c855cf0d8335c482d520b81d7eb9b0307fab316d896b4fcdfa74a4012d892

  • SHA512

    cb5c0085f1cc3b8a7a2f029e4b84c176ea519a3b3322a0265fb75c0f4af89efdcdfa057e9ee80e3030900665782024f3535b53c061d3bf896a419d443cfb1444

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Kalkulator\B-517\pr1.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2580
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2580 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1940

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    16e3ea2fa41e4450eb1f30b9a87e589b

    SHA1

    2d33fd12b45803da1f56c170659840b29571069a

    SHA256

    e211cd69b08914f0a58d4402ed11eb2fea1a78750d93f6cde31b14cea75fdab7

    SHA512

    bfb2f9ae67f0754cf825abe50313d591cea979b9d607ee9119e0ed95b7047694a31823ca0edb25e39d0df92fdc1ed4d9b928b585ba6517b1b3768a78bcb71ca5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2a9d3a4c98a6bac48c6389e5acf7714b

    SHA1

    cd62354ccaad7ae735be41f63ad28466d566b16a

    SHA256

    542f51118fc79d59e5c0b1229ec2fe9cbeceddaa8582ffd6b576cfc1c61067af

    SHA512

    312a830ac11daf69f338a1ed018d76e07dcd2804c92944c052a65b36223b1c39194f359f3e08409a78d9996a03f470dbc1daeb7a8744e14ce8f11ebddff95894

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d9f9a1c38c26bce11a90fbc96316b189

    SHA1

    be46d779f33c9a3c650c27ea1ce55b0ef1cc6aff

    SHA256

    c5015e4e6e26c25cfe800336053b470a713c1320650c57c0fde4bcdbc2deb017

    SHA512

    d39c72b47f1c585ab3dfde0e9773d7ee6824b860f7ce9f2e674e868d70063d31dee3c54b43e09d4636a42a7dfa1648a6b171456357458953036f3aeb9f5ba7eb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a4589008e199484b37303f32d80a8788

    SHA1

    9a9c5a4efada1d09b1acaa9010b0e1f492a06321

    SHA256

    327a0d36950fa640b06d67a045cae8e4ee6893e0d43da228b9ff33cb1c59debd

    SHA512

    d12d190e2bbdf52560d963d9745ab263f20eddb20d069efd6724083bd3eac6b92df1225e12ff9aa3476a8c0a71a99b83cc6a23b00965df797b6eb85a5ea33777

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    728db94bbf7c3e0509f73ccb82cf9d24

    SHA1

    05e49a0656ac80c199e67e0ffcae7cdcc11e4006

    SHA256

    2f727f15ab5908579d01527a14def24825886d4421a7773a429e1d54e4895d0e

    SHA512

    33c9edd65a15720135dca87631284a0c0a50ca1b74deace2505a8082236803d9938cdffe573ca015c0e3b002682fd946079a6332ce5d0bf9d48439e172bb5fce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    622c85cc2fde9460540819a064b887b9

    SHA1

    82d07d7a1714e10366e17f178446b9d673c356b6

    SHA256

    65e4983ba36cbb031d4ff8443b3d12ddb978536ee3170e94086aca5e48d12703

    SHA512

    53bbe1b83090f352112308892b9e16ed58b1915dd5288a3adcc9738301a45f5da8bcc295c990505200b3c0ce3de84dea250011e801798081545395a21f725e8d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f3db608477a18e26dc3e73171bead781

    SHA1

    1f4a39a04b9d3576781c78b76257a69e22f01912

    SHA256

    134b8ec9954b9b1979ec51f0a34519cc6b8529ae4e6e393d45ac9bd4f2671a07

    SHA512

    02c722722f378086ea1217338b6a8021fb926333d59d08784083e7ab61fd24a63e0d2dbaaa4a00419b104347b6d877cb9a6a9af9e572643adfce695e8429732b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b0a28631674027afd59fdf0e7422fa46

    SHA1

    40ad596f35ab11e9a10a74d0be0faf6bfff5854c

    SHA256

    cd4a2cb0fd1cd9ac38c82cd81c423ae04d6b5533b3d1e06f6c9fe2cb82d82e73

    SHA512

    a23cea758023e58aa64a01967ff8ce7e541e946af6ed42a0b23acde037b449a05fdf7f8b218cd7daa4e01b7d12543d309b6982d043c4a677e71b67cfa0cf1436

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6716b93eeec93c34faf554355b5420d7

    SHA1

    d339ee5583ff5693cda1432a40ae8f8aa25b14f2

    SHA256

    4f5f3c39f5ef9d6b890c9b63365a3f1f965d6ae25ed6d230431caed9e559b803

    SHA512

    c73979d9926626a4c4a88fed1635b4847ad411b075209261d08e83d8541759689f7cf727f99c898790b452a49243a77d29b36a7006d9d72476ab95a543279fab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5ed8add1aec55fc9454d2080ec01777e

    SHA1

    60beacedf901e6b8c08f7b538a8bdfe3cb81fe74

    SHA256

    253328c8dbf8865500637a6531e658f6cc9e18bde059dcb7503aa71cbd51194f

    SHA512

    2730223cab635bac146a8f0f413af31bca9f1e8f2de17de2edd2b0d80fd658789efd246b21f06b07443f618218d3d5736c75d02cd390fe2c8d8ebb6ee4d7c3c3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a4a7452a978b9a88fdc8ebf20cc7ed61

    SHA1

    ab60324df73d62aa9ae320784b9edf24448b96ba

    SHA256

    c54fc3d5ee2454d1218ff4051bac9a7e7fb1d4ced34bba97016fa33c58ecee52

    SHA512

    6f2c5cac3e892a02fee3d871e3e1ae3fb5e1c65b5ab7bbac60562ed35b5436958c1aefa96513c728057e24eef8bd401fa93704d4c3c66d5650871bdb38b483b6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7af69e92da9287feb96d12d552b9a901

    SHA1

    073646f2984a03b5486bf9b6e1cda533fff89cc8

    SHA256

    b714f459dd46784b1c888d9aee689f912e59fb5b0f77a4af54d043b5ac886e74

    SHA512

    b594b8960933ada9864dd59cf1a2968667f05f5bee4ea3122786d0d408d455a77a17fc7a9bb7f034846c7c84c1b4d21c43d16286e049aba2d8e7fb9c952ec189

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2159543a2af7c4434d0a4b907a927325

    SHA1

    a70e97c1fdd634379feaaed0f60019ace7834583

    SHA256

    30729b825791968c8a72b7d8b1355440c4d37cbab4ed1b8760d7272c68fc2524

    SHA512

    80e1a620a458d1cfac5b33e93a6b144dfcbe172b26ffa3e4c1e98e7c85a8d6f54b768a803b9cf11a6b0eaf7b66cf3df6d94c20b62974a46127771587dd39bc58

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9750161965341ebf933d4fe33e9eee72

    SHA1

    776227fdbade4347359c00032364233a3772eb1d

    SHA256

    42d409e684627afb4a603926ce44092d1bfca5cc6db22334f0c66c6b84bc7831

    SHA512

    fdd7d7e07d2834a0f95cbc3c561231e342ac137f0ab57b388a14a9d03462842cbedcc0a5ca8eb046e5efeb7297acf410566e058df7afd3ba56c1481ae6baeadf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eff2cdd8fc4563e53c73b8863273471d

    SHA1

    1fc02a948b92091a5f9cbebba3d3d08620cded66

    SHA256

    9e3f84fb14ebf6b2834edf5fbe1da0d75698aa6353d4aeed59062e502c411628

    SHA512

    19e7864cc6608ed4a5e588cd0042374488592dc412313511299d9bc3cef60efc671ba3771edde3f33af37c61bdbba1071d612f6f2e739e0b9d009b8c70685c2f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    837036783b0af6fbc28d4b0dcc29d019

    SHA1

    74de51ddd7b36c61e458f094d92414cf94e30525

    SHA256

    1d97eddb98fb78ecd0d2fe9906e2360a6ed371fe6b8ca82783d898b3b4414923

    SHA512

    f04acd95dd76a8e815c4bcd7f01201a2f560c53e5f937629fff372218a73705b9f11d1f5a3e891a580b5488d4db3224eed4f7824bc9aa6f7cc9b7276592eb332

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5e7dbd370b8ea5b446085b272f3694c5

    SHA1

    59b97e3e52994eaa31c941a23f06f4045be33650

    SHA256

    b71ba1469e06d29c898bd6c3cadcdfde6ab644b48edca003ecb26282024ccac4

    SHA512

    85d7da68540dae5bc0c9aa16bc85406af1920045b8ca0a7987523a5a479bd50bcd88542c800c6befac3964073f8f4bb9c41cc63b1aebdca84cfcb916e2614260

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    06b92a59a1c504459fe53b7b0a5a6c68

    SHA1

    4dee74de595cf4367aaed5ae9dbfad458770391b

    SHA256

    e54294c37c4c03579f0d82993154c7dd6d029ca3a9c80039cdf20b851b3bcfea

    SHA512

    f3c4a087c10ebc998ff1e991e943cc27bcbc4c99a257edd644d874195890418a7be628b813ce5fbfe198cbf280d7150989d26d5f5fab60d2650163cf50fbe348

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e84f7a083011bb1ab829d55c7a80206a

    SHA1

    8e39282c7d9d8faa6f753fe7c97e06c91b602519

    SHA256

    ff2748cea2c985fd13bed4b48b1b1650aa646418f1f8406839f898446b66c5ac

    SHA512

    edfe24c2e46074be96a2015aa7302c68e45c207ffb429ad9df4bf08b2c54180eea5265b1c1909da9d1d36f69dcb7b6b5f1d97234a30a1e44439aa07e707a6166

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE4B7.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE537.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit