Overview

overview

3

Static

static

1

yes2.0/adm...x.html

windows7-x64

3

yes2.0/adm...x.html

windows10-2004-x64

3

yes2.0/adm...x.html

windows7-x64

3

yes2.0/adm...x.html

windows10-2004-x64

3

yes2.0/adm...App.js

windows7-x64

3

yes2.0/adm...App.js

windows10-2004-x64

3

yes2.0/adm...top.js

windows7-x64

3

yes2.0/adm...top.js

windows10-2004-x64

3

yes2.0/adm...ule.js

windows7-x64

3

yes2.0/adm...ule.js

windows10-2004-x64

3

yes2.0/adm...enu.js

windows7-x64

3

yes2.0/adm...enu.js

windows10-2004-x64

3

yes2.0/adm...Bar.js

windows7-x64

3

yes2.0/adm...Bar.js

windows10-2004-x64

3

yes2.0/adm...les.js

windows7-x64

3

yes2.0/adm...les.js

windows10-2004-x64

3

yes2.0/adm...all.js

windows7-x64

3

yes2.0/adm...all.js

windows10-2004-x64

3

yes2.0/adm...ase.js

windows7-x64

3

yes2.0/adm...ase.js

windows10-2004-x64

3

yes2.0/adm...map.js

windows7-x64

3

yes2.0/adm...map.js

windows10-2004-x64

3

yes2.0/adm...x.html

windows7-x64

3

yes2.0/adm...x.html

windows10-2004-x64

3

yes2.0/adm...map.js

windows7-x64

3

yes2.0/adm...map.js

windows10-2004-x64

3

yes2.0/adm...ple.js

windows7-x64

3

yes2.0/adm...ple.js

windows10-2004-x64

3

yes2.0/adm...row.js

windows7-x64

3

yes2.0/adm...row.js

windows10-2004-x64

3

yes2.0/adm...x.html

windows7-x64

3

yes2.0/adm...x.html

windows10-2004-x64

3

Analysis

  • max time kernel
    119s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    07/09/2024, 09:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    yes2.0/admin/images/index.html

  • Size

    218B

  • MD5

    81e1d982bf67bb23723cdfca1da72650

  • SHA1

    c24b811432777bf746484080601409c1d36d8b39

  • SHA256

    b8f7bd16ab9976b802129a5108e9688f9a2ba2238d4f1c861c5ba338d46a1133

  • SHA512

    c0a8e86404ac567ca854bc63e7d1fdfae3608119e1ace9a51e2d2ff86ea890ae4e847514fce071e2a05db019a135888cb3267b98fad03aed2aba07c00c686b75

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\yes2.0\admin\images\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2808
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2808 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2776

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4d33be0abfc4a790cb893da55554e83c

    SHA1

    ccd78ea440809f3136b52c3f1ebd7295bc739ac8

    SHA256

    6d2451d6bb093bf705d89550c170e94737eb9bb40bf79e7e27caf5e6cfaf43ef

    SHA512

    af6146b0b1a675eed6c0051609c8c9a3bcf50e0688703ba9b78447decbff66fde3d13b05bd1a635344d5a348e2a5d1eb0292cc90dfdf2fc746aec293a58f342e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fa8e505f4b26900113c880547bdcbfbe

    SHA1

    3494e68e7a153b4a5134791ab0a3e58de0764ae2

    SHA256

    b68129b6429da1b73e6574a2cfc2d339448f693547f4ac34d460ce3dd259d542

    SHA512

    8e20c1aa5bed4823896d561f3fa5e1f07c9e069ba728bc63e1c2bada3d1e9dec8563d409fe48798ff7f4b6a9a5cb1982135c25cfc57028014f6102bece29485e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3cb3d6019d9da18983b989e01c3628b5

    SHA1

    1f8daebac67f2f00456877f4fb28948991f7fc33

    SHA256

    3fd45548ab3fcb32c6c0408cfe7938a1c9fab3c870e988984426974ff441b851

    SHA512

    36a404bcc37f524e65f98ab3c1c1f5b15947cf5d034d6e6ecc7a6bd85b0b040023680cef4a6ff3e122fe6a8710a200b92c7221450784cfaaa9a84b62e1183e99

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    090a5dff8876f803a095778e759918a7

    SHA1

    42c7587937ce2a494e701f2dfe766878481ba5a1

    SHA256

    dddd3dcc8eff12ffbdf91699b8cdcf84899995598db0353aa29a6e065d092770

    SHA512

    f74afdea76917a31d818f912a37e49d8f41c6743c9be7173756cb9a051556d7b4abdbbdb7800c6123292f837dac0a53c5a5915d6ef2d3ac7677b498e06d01a01

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    24b0e7a56ca8bec7a0275f6088df717f

    SHA1

    82fac78401678385f5087bcfec0983bf576e4309

    SHA256

    1ab59119105e0dd5d817fd05a27d20fd29af5073262d7e15884a57d26731ac1f

    SHA512

    e0985f16b7758a373d711e9e4121a1162ef5462be660af12c339631fd813c056d4ea88eee7cf0ba7c2f7b28617347ab4e304d477e795eb4b75938ae7fd7cd7e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    212b0c2a0bb62eff9960707f79361b12

    SHA1

    a35a6cb66611300e889e8d6a6fa4e5d316707a1c

    SHA256

    c67b0d48c08e19024f5965282f3544fece43f4a2defa2a3d39284146fb8ce7a6

    SHA512

    079f04d65463a91c42e6babc17985968abab141739993dc729643a65f031375572473a1b139a797ce311ffb187e8703d046a4b544c0d7eeaba7ceea4e881ba73

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9685325a87480a665836a3752ec4d35d

    SHA1

    73b89a2648e840f284455e7fdc039a0057381936

    SHA256

    62dd7356bd02dac158fa469d12cd872998de06b1ba42b8be9406a1c794cc39e9

    SHA512

    60727266c58172a4f6ab13a115e185f7eb6c0b8bd01025e6f567c146b4fd1842a577031de4efde95256abde75c2cbeae87aefc0c9d3d28a2ed398b3daf3226ec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4d8e558839c9c5e31738c59f3ae3d54e

    SHA1

    27c9e4f4a532aa1969b530f4ee68356027d76d79

    SHA256

    d0a65e493889376001495192df0f8abc21a67d484feb2ad3188f306c75fca906

    SHA512

    46ca11134a5f1a664daa77d1a7c7ff1d2e10eb57615e919285748852d00aba1acced61e196587629fc119b5b9fdfa41fcbd2e376b82c55263c06226fb102342a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d8f4596ff3e47de99f43deb4d34a52e7

    SHA1

    1281afc636c8c3dba0777844655cd7934a1aadd4

    SHA256

    d6fc9fc07bc4947b6414f22aeadaca7278b3a9ed857eca3205f0d5969702957d

    SHA512

    3fa49e3879179fb2faa7178d46c8a32e67832bb89c359be5c73bd58e7fd9e4d237a7b54df9b816ab33685330faec7759a3a942698a95f605012ee203789bae55

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9e860ca139cb8df5e3a7ba449cef883c

    SHA1

    438a45dddee0b48f95738b0308c8937b7a800426

    SHA256

    a82de6a927c77e2a2361a328e94324d065a2527a66b1f6066b690c10dd2ba383

    SHA512

    3e5f004665528f936bc8151c55aa3e775e7cd9e9c4d0e4f7e3e665c43367e2500b3a18c715fd62067664803a455b5b0b1f003adc6b50693647d280a29861f1bf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    32631b6cc15e5f78585ca5360a6abb74

    SHA1

    597c9ffd41f2e5987bd8e9b79345b3659f89d75d

    SHA256

    66dcf835b799278fe3bab9dda46c0d7848ddada667214e9f705d9839f3737895

    SHA512

    0a6424823a7a3f26d09c646160be0099c870affb3768734af6835fdaffdd39d9386d1e897c1f7dc2f0e6e2f89e6553b92f978301d05a60be777c6117ee64637e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d4856bd4d9662c3990964b4649a4c06f

    SHA1

    f48528511674c0f2968877622875d8554d3851dc

    SHA256

    a79b6a8d84ff215fc78ac3cdbf79dce9de982387ea1b28d2849e4e2437d1fb50

    SHA512

    61d97a9fd9d1d8ec82daf1101fe845e5b7972c1a9b4466ae308039ab8337696eafd1b819412ba9f57e40f0c3baf08748f1433a063d7ebacb3e42e940758ab32a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1af4bbee5f697f86b6526bb5d35d0ec7

    SHA1

    0124ad324a7ed3065edcfaf89e4c5476f16a2434

    SHA256

    7bd69913e5a286afd9a4b1b6b44774e5ff5ef27dd06068c1421baefbd03f1c20

    SHA512

    da73dbf7fc810c1f7263881f58d8404dec7d252af4066b5ec08a66019a768fb8ac1f52250bd12cf0ceb0c50a83339087fffdc28229bdfec0e98874ecceee6a67

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c709adb1c10ef73493a9e447adcbbf8a

    SHA1

    e11e664bd9cbf1acfca5ff2f9ec3f18b76743b17

    SHA256

    122633972a7594d7d8aaaecde1a676f5d2715fccabb1d2e564313a6af2850fdf

    SHA512

    b550cd192fe2a2babd567676f2609c1275735e85aa68c3f40adb918b6997b737ad1cb27d77518a806fea751f9640a979324aa9e6f924fb2262f2d2082d927e0b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e3ac7a241b997719ae47acb77759b2f5

    SHA1

    9b42cc7157c606ccd141e152b986eff3780b562d

    SHA256

    fe2d2a2a5c16fc11df223750761ea7d355c33f76b3941e4fc32deec81357602b

    SHA512

    d45936092e8b29be7f880c35355f7f6e5b7f1acd4fd44b9f858f76dc3922eb10346d7a5997ecf7db18ffb31f0e89a0c00a91a7cf81039db8814cba4563d594de

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3c96488ba391875ee11666a1d8b09c5e

    SHA1

    050e65df2083608317d7df435b678fde0d5862d6

    SHA256

    167bab058cba3fa8eace89904a232ec9c8491f212892adad4b7e70c1e1d0f7f1

    SHA512

    603f4d58c87adecb7a0f2e818245e9eb2709c4eff699c6cdec1a3f471d6c579bad901f7239653853cdb328d6cfcfb48774d0a8c8f4bfd737f61e5216dc516f92

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4d93d043282623e9dd295961ac6e5307

    SHA1

    ce95427c1b45ae4ae8b39ee45b4722bac0fee490

    SHA256

    9abae0631b2522bd197c42ed4de60ce56746c938166cee1344d1f49fc0f1bf29

    SHA512

    d8079a24bb6c427f857eb8defccf2a15c0f01ff126f7b2220e64448370cac18f9a8368acc85970c9efd01c486bc83cebd7888a751c5de64c25558e86f20fe422

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a020642fca921b86f2bbb2902b50d12e

    SHA1

    e9a6a46a4228b22354391e85ca311fa7bb30c683

    SHA256

    8bd7604787b4d0ce133cf6aeb0a335f70331aefcdbb482aafe202e3d0bd34964

    SHA512

    e80b6a85a15fe7f558269b8ec1ba1dac17b5e604fbb9a5883ff195a5172031bc9ab4035a78e6cbf8c1eaf3a01856dd52a829681646152d588f078dd65e0cfe4b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    396b9d2b7fe05b48d5b8e74af4517cdb

    SHA1

    7a9b572cc4a80b9e0b4b56e08fe7f1345a533caa

    SHA256

    05b7786ddc07b054bef24003bd071892b83a6985bffc979a99f63bae6a1f37eb

    SHA512

    da66d02d99e1e93a3dcb311e1f7824afae00cd89abc5fcb1927745e6396ae73c801d1bb93b8f566e2054ed20d216fef487dcced3545f10777f0d809e2fa3c5d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d263afaedef562b2a50376994bc26230

    SHA1

    87f60260a45c9c4edf2fcb035aa38a1d0f7993fd

    SHA256

    cc4c4302d2fb69f2efc16e2384219494c2531afc43d8a99fe697857bcd61df88

    SHA512

    f26142770c65a9552b46bb70662e29721b647f868bca2722460fd90786f50c571d6cba89b800b5f1201e3087ee151e5f3b699b413904ffbab0b05145385de0ca

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab99B3.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9A62.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit