Overview

overview

3

Static

static

1

yes2.0/adm...x.html

windows7-x64

3

yes2.0/adm...x.html

windows10-2004-x64

3

yes2.0/adm...x.html

windows7-x64

3

yes2.0/adm...x.html

windows10-2004-x64

3

yes2.0/adm...App.js

windows7-x64

3

yes2.0/adm...App.js

windows10-2004-x64

3

yes2.0/adm...top.js

windows7-x64

3

yes2.0/adm...top.js

windows10-2004-x64

3

yes2.0/adm...ule.js

windows7-x64

3

yes2.0/adm...ule.js

windows10-2004-x64

3

yes2.0/adm...enu.js

windows7-x64

3

yes2.0/adm...enu.js

windows10-2004-x64

3

yes2.0/adm...Bar.js

windows7-x64

3

yes2.0/adm...Bar.js

windows10-2004-x64

3

yes2.0/adm...les.js

windows7-x64

3

yes2.0/adm...les.js

windows10-2004-x64

3

yes2.0/adm...all.js

windows7-x64

3

yes2.0/adm...all.js

windows10-2004-x64

3

yes2.0/adm...ase.js

windows7-x64

3

yes2.0/adm...ase.js

windows10-2004-x64

3

yes2.0/adm...map.js

windows7-x64

3

yes2.0/adm...map.js

windows10-2004-x64

3

yes2.0/adm...x.html

windows7-x64

3

yes2.0/adm...x.html

windows10-2004-x64

3

yes2.0/adm...map.js

windows7-x64

3

yes2.0/adm...map.js

windows10-2004-x64

3

yes2.0/adm...ple.js

windows7-x64

3

yes2.0/adm...ple.js

windows10-2004-x64

3

yes2.0/adm...row.js

windows7-x64

3

yes2.0/adm...row.js

windows10-2004-x64

3

yes2.0/adm...x.html

windows7-x64

3

yes2.0/adm...x.html

windows10-2004-x64

3

Analysis

  • max time kernel
    119s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    07/09/2024, 09:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    yes2.0/admin/js/index.html

  • Size

    218B

  • MD5

    81e1d982bf67bb23723cdfca1da72650

  • SHA1

    c24b811432777bf746484080601409c1d36d8b39

  • SHA256

    b8f7bd16ab9976b802129a5108e9688f9a2ba2238d4f1c861c5ba338d46a1133

  • SHA512

    c0a8e86404ac567ca854bc63e7d1fdfae3608119e1ace9a51e2d2ff86ea890ae4e847514fce071e2a05db019a135888cb3267b98fad03aed2aba07c00c686b75

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\yes2.0\admin\js\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2528
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2528 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2196

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    562144be69d5ca6318691a890f919115

    SHA1

    b73e3e4db2a095bb2dfbd97643b5a681b732d422

    SHA256

    ed91b421c8d8ff5dcabf9409eac634d654233b0d3faf56527c614d2bf8c04887

    SHA512

    f99cb94627d35cf10deaab05ab3babf95bb6513412d7f747456da7a8046d0585b61dd2434b916b535fe11be21667fbfdaee2934c7ce71e048ce616044c23251c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f88cf8b1d8741cd72b76a79df9068f59

    SHA1

    bd6921629952227463ae82211fcd10dad68e0126

    SHA256

    4ed817ff153f418755183a74786a4856ffbc393e2a777d4079728b8119fe66de

    SHA512

    8f754d977eb6ed643358f492414ec913b9e561f7b0ca8fd244a4ecaf56cf9f4bf6b7241d3b9b39c50e6a36c55aead241606614dd12135c39cc1f92a7f3172547

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8cb1df6c18a4713e33cc8e75e4fee646

    SHA1

    f56259785e23560098932a2aaeba085512d5f78f

    SHA256

    d29522e7a237944bdb1cc6e347bc27bd695a03902231bfdee0e8d233a4e551a0

    SHA512

    68dd169eb48cbad4e84213d55d03b360dd7b6913ae755e1fbcfa39846d8837401561330f7e7f8cd550a9b3d28abbbca01fe61f5f07d0c6c25d27106c7da7caf9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    04635e6d31db5394b27d497c413c6869

    SHA1

    6f4e23828831f5f0bea73e07a3abd287b55a62e7

    SHA256

    35deacbe8dc959cecdfb8721219aceb2d1361da12ec8a0d781e311104c06fa68

    SHA512

    ea75b47203e3e62a6d34f1f65ff0e57dca9b7362dded8f1ba21893686b026ef321c5d1438995409976ebff293c20f8c76362b6ff5be9996ee62838cd781eeea1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9909cfc268a192e378c7fd83a2f53bbc

    SHA1

    ace00aceae9628394f0999adb757a0106195bdfa

    SHA256

    c6daa1abb7d014da80ede7b4bd375ccb8ffaa38b26cd033ce8b519f4fd8a5db7

    SHA512

    2f4c8847b0401c8a10d5fcb85c9429aa510c3e506eec645e74b0f3829be93d06283bea6f03d0d6eda857195ac590e6d268c9cedffff9396726f94dd8f1989a98

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    133a52c343c239b5b7e554360ad1c777

    SHA1

    23ea5ed51926196a7d7379bb50a709337262381f

    SHA256

    87ee045f6b92ed660ff5f7aa6bffba0cf49d3b5c7785d2bfcbaada55321df72e

    SHA512

    1493fca6e62366f003e1875025bf4be1289c88b4d82805220aa0b052a3a000406da392f4b2ba721c79a7a72026c466b88f2a2b89d7f8ea4c253b99878abe9e90

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9fe3a9b65b77e824406d8d02c1c691f5

    SHA1

    6b17738a62949855cf668ba97b5360a9943af41d

    SHA256

    e208835dd596ce58cba1ef7eb58bd2883d8517fb63e8468a6c6c88088680e8d3

    SHA512

    b8f8b067fbe63757391b9409b21c3a441650ebf1bc2d81963287cf45a455d82d75e7abe5aff41f261416524297fffcb107d6c0606e6ac474000603b8394d009e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    70e2f26d068854b92926e40b7a2d043f

    SHA1

    cdb9eea0fa4b5c7f61693081971f568cf641b8d8

    SHA256

    1c1a08097a3246a11eb4faddb013d023d3538d33683963233feffe82ca8fff8f

    SHA512

    22f5459caa974c0e14592f9f6ec427b9bc14362d0099fd543e31e1a00c5d6842ae2a7f034a04d489b851b16ad5ec57561ad962ff0acc599b7d40128a338980c8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bee9d1889d069b51fde267bf1f2f0a06

    SHA1

    422a8428eaab9a42003ca5cf98b76223d118e822

    SHA256

    b998646271d6007e59d27c285ed977e867128bcb90f3707b861feada17cabb4d

    SHA512

    b3cca49d0fab23e2b4c479310e0c707a6cffa5971fd52774d52a8db9c127cb01c19bfec9c2e38f24bbb04695f57eecdeaa2c363fb11cd74a65f5cf976d4ac72f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ad83132f01576170fcc3c8cbe5046802

    SHA1

    4fe098cd988ae133ce1409efc942fa4da697a550

    SHA256

    fe14200bbe5c0f7f449c07674a5a129206d19b3a538b6974ebaa293e779184fe

    SHA512

    f5e269867e572542ab3595da42d97aaf942c2ef5e5b96b85f6e2ccf97970952085da906b554b0315c9951b8366a59536624861561904fd631d985b14d39039f1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    917d515f5b6f18c9badafd030fe5fb7a

    SHA1

    be672f4e545c669ef0d55dd4945671f6c3d3e21a

    SHA256

    921a755db6d6a44c9cca205434edca81eb3ed972cc63c5bbddd3b79a2ebecd90

    SHA512

    9f79d7ac772a9ab3b796d337daecbf6be8258c73c081b68728e9d5a418228edbf094579baab1f0bcae2c517f8383a6138cc7e1566c2b2855d92809357d21f398

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    507e4fa3e9f707cfa46c9e4f0618c578

    SHA1

    544a202b0603dc8bcb187a087e53c0cef68a2f73

    SHA256

    6b6436198dffc382f416f455f3d29e9a4cb8c061026edc5affeea0df4dff7750

    SHA512

    650e1099f7d01f4924b47d7cc3babdaedee590f5f17f269fc9d4daee58c52087ad97f47e7259797df4b82f77a8515d1ba998bce6650078ece4810e0ae6e9580c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6504aa9e05c74a30f196021d801207b0

    SHA1

    7f386327772a901c9f1b936a9d62e49cc46b3280

    SHA256

    889c9e0c3e85dd7e45f0c790624df1f25ea45bb0de1c80a19c8e7cf4fc427350

    SHA512

    c5e955a199a412a401e4eeeea8ade4b00cd0135bf8e1d5b6fe3a8d6c615f104a842733b4ce14af07476f4052028ac28fe3b98e219177cf660dff16bee10d681b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8e62f93cf2e9966b33e9fbc907d54f4a

    SHA1

    94654a47cb62efd5a105ef2ef4a90e86b2861b2a

    SHA256

    1bb82a9deee2129baadbde9fd657cb620df1e29334fe1570efba3c460d8e8ae4

    SHA512

    18f637f9184d91eb456c7e0411efc93b24ed2f79a9e0590c947c9c54731926249324adf6f8e0acc721fa92acf26c01ffeedc3a12e9a7db516ef8cba2039d2f30

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF2F8.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF3B8.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit