Overview

overview

3

Static

static

1

yes2.0/adm...x.html

windows7-x64

3

yes2.0/adm...x.html

windows10-2004-x64

3

yes2.0/adm...x.html

windows7-x64

3

yes2.0/adm...x.html

windows10-2004-x64

3

yes2.0/adm...App.js

windows7-x64

3

yes2.0/adm...App.js

windows10-2004-x64

3

yes2.0/adm...top.js

windows7-x64

3

yes2.0/adm...top.js

windows10-2004-x64

3

yes2.0/adm...ule.js

windows7-x64

3

yes2.0/adm...ule.js

windows10-2004-x64

3

yes2.0/adm...enu.js

windows7-x64

3

yes2.0/adm...enu.js

windows10-2004-x64

3

yes2.0/adm...Bar.js

windows7-x64

3

yes2.0/adm...Bar.js

windows10-2004-x64

3

yes2.0/adm...les.js

windows7-x64

3

yes2.0/adm...les.js

windows10-2004-x64

3

yes2.0/adm...all.js

windows7-x64

3

yes2.0/adm...all.js

windows10-2004-x64

3

yes2.0/adm...ase.js

windows7-x64

3

yes2.0/adm...ase.js

windows10-2004-x64

3

yes2.0/adm...map.js

windows7-x64

3

yes2.0/adm...map.js

windows10-2004-x64

3

yes2.0/adm...x.html

windows7-x64

3

yes2.0/adm...x.html

windows10-2004-x64

3

yes2.0/adm...map.js

windows7-x64

3

yes2.0/adm...map.js

windows10-2004-x64

3

yes2.0/adm...ple.js

windows7-x64

3

yes2.0/adm...ple.js

windows10-2004-x64

3

yes2.0/adm...row.js

windows7-x64

3

yes2.0/adm...row.js

windows10-2004-x64

3

yes2.0/adm...x.html

windows7-x64

3

yes2.0/adm...x.html

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    07/09/2024, 09:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    yes2.0/admin/css/index.html

  • Size

    218B

  • MD5

    81e1d982bf67bb23723cdfca1da72650

  • SHA1

    c24b811432777bf746484080601409c1d36d8b39

  • SHA256

    b8f7bd16ab9976b802129a5108e9688f9a2ba2238d4f1c861c5ba338d46a1133

  • SHA512

    c0a8e86404ac567ca854bc63e7d1fdfae3608119e1ace9a51e2d2ff86ea890ae4e847514fce071e2a05db019a135888cb3267b98fad03aed2aba07c00c686b75

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\yes2.0\admin\css\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:780
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:780 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1724

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8cbf48acdedcee4d4aeaeccd156545eb

    SHA1

    8542512be1fba780d36865701ab86b8dbf8cea58

    SHA256

    6a35f02b0945cfbbca39ee69137f09f9011b80bfa1ff27efb03691316a4f8871

    SHA512

    e38057e20b138cbf801178639286331b69fedbfa4470da0d57ea8aecf78b7beb1bbd91cf13f18ab0cc8ad8e3677a0e4d375c81dfe04d6a275e4b4630fe440e12

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d7867a3e394a258e88383dec1d7e810c

    SHA1

    503118065b6878c67706183d73b2ba481e5b2826

    SHA256

    56a51dc20c42e69ae2fbcc2f1e516859e5458ad74b3df9724bb175b1130eb796

    SHA512

    a2c100e46151cc3e7662fac11d6cf235df56054d364c1f013bfeb338d3078c1c680144abf32f8ed0ca746ca0635c60d65b951857e3e6dd6c3b489f52865e7319

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a34212fe83950d642cfded815d6ea6ce

    SHA1

    ba7e347daa9aebe7d41344b2d8e21d5c7d0bf7b7

    SHA256

    2a99945a2789a86e274f289b6f31ed9355c558b5bea675e429797e8b77a82304

    SHA512

    9dc8c962b5a770adbfaccde743bc83d81f1602584f12f525ead2ad53527805cf9e438d7eefe218366ac8e33f41ab17a7d9a06947575107b4ace284e2f357ba11

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4e3f74332df7c36b83acd1881f7e9767

    SHA1

    28e7d07a4f42137130aa11feb64ee544bd7b4c31

    SHA256

    a03d069a0a7fe6a8427b61f5b778c8e474f5b4e1108c49566828664abdf6c4bc

    SHA512

    28ad7577952a78595c62f3d0e84b5f706b3cf91f339be5c042065d08f02d8268b970d9c2ae0d33dd6139263e8dc99dc25296aada9b0e2a81924125aa49933535

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7725cd6e5b1906934382884a0ae6898d

    SHA1

    5c74b6d4166b58125f213122e632339859b24803

    SHA256

    9746b7e00bfd2e3497184a8489e13c3eac578cc4a0c7ccfebd0016fd2ee52bd7

    SHA512

    8f21913ef17925ddef79fa768da28ceebbe6bdaeb18ca7e5e5fc34e16dcd2ff6b445d6786173259259a82d947797f1087b779a8c428928e8eab397ff75950968

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d7ae6f5f82182415fcaef4eec6f05d7c

    SHA1

    a4c44f3a4b19b984eab99118636579a715db0017

    SHA256

    59c3827e57d10376746a6bacc1b1951adae74e3f2edff147d7377e3d615cba99

    SHA512

    0ae7625bfec29fa492612bbe7c5441d484bd869c34bca1c1d8cf4af9cc198f95a82f89e4f6b624bf4ef2e79b7d67da07b9eb1c31f16b4cf72000e50da28d726a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a71554d6284ce33b20802feb948b7c36

    SHA1

    15a2757f9a1a1671202f5d220504343f61514b39

    SHA256

    0275994a386a9a0575baac1a06bb5a738b306eec4e21c6116ab769e1712d710b

    SHA512

    5162d3594fd0c4a271d6125e0145e233ac5c0919c4a96453ea55316174c110c0c9cf5d0dce4f3d4f742fbfb78939836c870ab4d647a3c47b2fb1eb4ac0bf6d23

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    27d05d9df0e4835496ccefa82bc059a9

    SHA1

    593af7f6b59af4f9bf5939857858f9c056e3e921

    SHA256

    63b42bc91a16ff9741beb7af87e0abddd638a326f3d7c78470637d2703de1cdb

    SHA512

    46cb4fb0ebc017b45487dffb4cab64e4d866d6c5bd3c17fda17446a42169b62a951c1432b1f33fcb3ee7132b649e857cae97c4c96fb44bb995e931a787598a03

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    89ab411b7f678adc976915f6ff8f285a

    SHA1

    b2288065bf07409a9025dc63b64b6f6d13626f26

    SHA256

    3d0f6bb49ecc4cf14d0a87241037cc1c1d1be9d0bef5d877b705b77d9925f5e8

    SHA512

    cccf7df7f84f0b61db53500a26a31e277a7e1b75c87ee1c8859b31ee229a6cbd161ee9ef2c44c1fa360c03be9a86e957a5209d744114d95b94e29048d8813700

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3534aa9a75dbca4c2a61d5def94016c8

    SHA1

    cb887383d48b513549e7da2a5b24211989f5c9ab

    SHA256

    635667c64862b196d6cb17b98d24e1b0fa5f0d88d4b797ac351868d2df636360

    SHA512

    09b93be7228fccec66fdc67afd8b519fa0a758e41a38a6cf91050b861facce4ced32771dca8ae9114ed183d186755ca75a7e320c07bc91b5d542ef4473094348

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    58aa8c7afc1da24f20e82f370d2c854d

    SHA1

    eb34dfc5c7d04d90e2f6a8ab53761bbfc4df51d6

    SHA256

    c31fe62c9f3315df043395161555318da61e4f4c3b20d1067dbca50cac3ece07

    SHA512

    513364a928b8b634ced98e07603ce8123b962e73826535947fdc93ac062c93d64a7bcd3c0e1d45a80cadd734bd5ebaa2238208f00c83d8c238584652c18d9c07

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    34c7e99737411b1eb813904c83e2492c

    SHA1

    160a3ec8a3a2134a4677d31a34f2f182a5d5e7ed

    SHA256

    048edb5d8567513763f6ec196dabff21476bfa20682eb65f028324569d5a3700

    SHA512

    a75f2e9ebe373212a92b3fc6b175e7a9b3f50beb0f57177aec755ae1570283c4d91444532b6ac45df06f6a026c24d0b6ca3b31a71d7c90db8b3a2053d7b0ffa7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    db6647c1f7cf5d61d9980a24217ca656

    SHA1

    d66ba6e87eb99e2067b65b0feaa9c84fd15f5a24

    SHA256

    cfc481f44c0284a895bbab54430e048f65bcc5771ae3a58b48ab61b73bb1555b

    SHA512

    64ab90f47bce1bf60646dab39ec0de6c6cfc222b4c3e84142956fdd63087e8c7b277744af31b8fe949f98b6c6fb686359c772c221e77b1db7b4260ce17b55d2a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d3a16cae89c7d07a91d89643f6b38e36

    SHA1

    d052cd4c685a1e4779a5fa089413394819497f1f

    SHA256

    0bb0a6e15f1d5f730c0629736b59d64860d65a1ac5861e77a04d3c58ca31073b

    SHA512

    fb89f32a04e71708f0f714b0cae1c83554e86bce1f678a7e9ab81a45e8a375c92fabb3aeb11fa448787437041e5c43b9963c0716a055ae72c0eba55fdbd61a21

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    be53ca073e52c40d9eb89e7a36498895

    SHA1

    2f17599699315b7274e12d0bdea3e87bc8c6ade2

    SHA256

    556a67579ce0d360526d65e4856248ddd3cd73704dbdc924d373930249f1af32

    SHA512

    0763f275f20704ca8e4c6064e86071e9bb7e814551268ca9f70fa875132866057b165a4f3b74c60e3c19fea7009384a3e208cec28ab7f5ef326bdbcebc547a82

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab7F.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar12F.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit