Overview

overview

3

Static

static

1

yes2.0/adm...x.html

windows7-x64

3

yes2.0/adm...x.html

windows10-2004-x64

3

yes2.0/adm...x.html

windows7-x64

3

yes2.0/adm...x.html

windows10-2004-x64

3

yes2.0/adm...App.js

windows7-x64

3

yes2.0/adm...App.js

windows10-2004-x64

3

yes2.0/adm...top.js

windows7-x64

3

yes2.0/adm...top.js

windows10-2004-x64

3

yes2.0/adm...ule.js

windows7-x64

3

yes2.0/adm...ule.js

windows10-2004-x64

3

yes2.0/adm...enu.js

windows7-x64

3

yes2.0/adm...enu.js

windows10-2004-x64

3

yes2.0/adm...Bar.js

windows7-x64

3

yes2.0/adm...Bar.js

windows10-2004-x64

3

yes2.0/adm...les.js

windows7-x64

3

yes2.0/adm...les.js

windows10-2004-x64

3

yes2.0/adm...all.js

windows7-x64

3

yes2.0/adm...all.js

windows10-2004-x64

3

yes2.0/adm...ase.js

windows7-x64

3

yes2.0/adm...ase.js

windows10-2004-x64

3

yes2.0/adm...map.js

windows7-x64

3

yes2.0/adm...map.js

windows10-2004-x64

3

yes2.0/adm...x.html

windows7-x64

3

yes2.0/adm...x.html

windows10-2004-x64

3

yes2.0/adm...map.js

windows7-x64

3

yes2.0/adm...map.js

windows10-2004-x64

3

yes2.0/adm...ple.js

windows7-x64

3

yes2.0/adm...ple.js

windows10-2004-x64

3

yes2.0/adm...row.js

windows7-x64

3

yes2.0/adm...row.js

windows10-2004-x64

3

yes2.0/adm...x.html

windows7-x64

3

yes2.0/adm...x.html

windows10-2004-x64

3

Analysis

  • max time kernel
    134s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    07/09/2024, 09:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    yes2.0/admin/scripts/index.html

  • Size

    218B

  • MD5

    81e1d982bf67bb23723cdfca1da72650

  • SHA1

    c24b811432777bf746484080601409c1d36d8b39

  • SHA256

    b8f7bd16ab9976b802129a5108e9688f9a2ba2238d4f1c861c5ba338d46a1133

  • SHA512

    c0a8e86404ac567ca854bc63e7d1fdfae3608119e1ace9a51e2d2ff86ea890ae4e847514fce071e2a05db019a135888cb3267b98fad03aed2aba07c00c686b75

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\yes2.0\admin\scripts\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2496
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2496 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2068

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0e0f139b43d57fbb423de72db51ba0ca

    SHA1

    259d040409fafb4710167aff9438f8f1538ab0c9

    SHA256

    2de6cb4a6d9f3c1e2281217faab8a1e949fc4cbeaba728e7e304c5c4d8fb7404

    SHA512

    87974a32079d79a33440776f92c3f05e76a5a4f6b8610a2666571fe47033c24386c7de94ef0a23cf0ddf24eaa924571b82f789837e255b74aa9fa4a206d2c842

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    277bcb8f9aa88010aeb6cd78d44120d9

    SHA1

    9ff78d95859d10da8df4346ceb2adae3a1d42a06

    SHA256

    0bb9befa02af33649a0eb910a198d99e27a3cb85a06f42d896625318b4615f52

    SHA512

    b69742635d92fc8a3e5391afc1dfd47fa1e063e80ac33794af01bffa5e6fff6ce6def347632e194977734a912aaa69bd579657c6609735220addd1f7f311a7df

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5ff8c4274da8561462530641df5f6c00

    SHA1

    cec24a69eb4939fc5ae4c85606461a90258f9120

    SHA256

    ecbbfcb15f9ded7ab3ebfc6d77d617a4dbc2f6b85e4d9bb2ffaee31c78740137

    SHA512

    9acb0ef9c882abacf25be1d245cc9da3ee981088f24537e4b269f2fa3eb53ec4554e0f3e0758a1a5982dad9f34f61460c000fb9d288521770f5772959470782c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2925ccc6239e55281c458b2cefd3ae8a

    SHA1

    136447cc3fc4a1d480a154f11cd388d77c16713a

    SHA256

    9fb0b5eed11cf2c63dec2a101406d4455c4c5a0d6a9505d36e298653fe1af0b9

    SHA512

    e4d797d022793bdb9194711c28218346b5ba92e15b048628d377b142abb68119d45eb656892969cb1f94531c414116e6e61000b6953f3a2eac11d9bdc7cf456f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6ec9518033b82314e06aa469e8433eab

    SHA1

    15b7db773c74493b0ed85452932ad3e1b383c603

    SHA256

    47b1e4691081b671ce9e39c95113fb9185e8c85c726c645af1064614eb20d3e3

    SHA512

    93c07b0a8a3feffa186efee9f998f07f2a82d9dbd6a963a957a10a869dbbb06cade2ae7fab06541845eb4324d9c16ffbe5ead87e45df51ac472cd34636cb9bfe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1609f6c55610465ce61dd4ab707ca51c

    SHA1

    7776c716ef852e11e0ed0aa8fcb42d9c7d6b0d18

    SHA256

    7562825a252b8bd06dcdc68031932c24e727494a2bcc941bce545603ae0e7cc9

    SHA512

    85336eac67c98b7b28c5b0cb6f840b0d4c135eb90ce50b8e86ba2cef4625559915610457bb62117b1351e4b63087ccbc5f495dd596686b8529686f16db637f2f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f62b1e4ba445e935da9bf2762bd04db3

    SHA1

    61111f3c057669abc9f507a1d971dd4c96cf88e1

    SHA256

    b5c93f00b70cb9696f9366493f02b0d92820dee103dc68cce5034282db649a45

    SHA512

    d73ffb93f35f32dc8dee95ab73dcdeb1fa7253aba6fd0e8774ad7deb855abca15c4308b0a758a26dbad55d28cb6ee638ea345b79a23ef22fab3ecedd1957c6e6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    383f0058b66abb2079186a91e9adb874

    SHA1

    bb080a302d44d2c313510aac9946044bf306a3dd

    SHA256

    3302309916e70b44cb602cc40a8c65a170a4396eb28c0cd3b959df14b5891bef

    SHA512

    4f6e9668f7191c21e9f266a69c652b12fd728b2f41a2ca343a82873839907861c41ee942867e91acd808b01551c1ad83fb5eed339757cedc8730dba14657f269

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9695f291e6845f18a97b641612a20e06

    SHA1

    6232a69210385a2deb92a9ab8f6d516d18bc5798

    SHA256

    2e915bdaa3420fc4edeb0fab65c54e7b2f51d1634cc56f99761b81d1c113a7ee

    SHA512

    eea4366362db1a4eb20fdb11f236d4adc2b4feed0bcc494e801205de9e4bce3cfa8e0f07aceeba81a7fc087fdea277bae038844faa77f47ff5be432166648370

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    735140b67ca18cc1f15216ed46376584

    SHA1

    932d03c5866cc93d602d8bb223b5a4e2c2a8fa96

    SHA256

    048dfe191649e42d278b1cc0fcd273c79a16852a0b60e8885f65e893bb84189a

    SHA512

    dab59ea70981e7114e4510b8eb940b3d8bdabf35792eb615f674f7f2c546d8245e263df72ce830a9974c99d26b9e68e1038c5cf8d760a342f91811ce1ea22488

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a34608a68ef27b304f17a5645606b9b6

    SHA1

    631b81f02882667dc7a1434c82a44ea2c030dfe9

    SHA256

    e7e768a94d043ea5278f2c1215b91550ed0d31ee9ce7d2e3998123a48e5212bf

    SHA512

    28e9471d1089fa4b5cdd75460e26a388b59e9ab45f57f74a9fda34fb95d50f7a75ae7b048688be6e2026d16a8f44ebfa930fdb0ba926155944d568ebd40268b8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    04ed7511fd4468cb1cfb7ead3423b2fa

    SHA1

    ff4c7fd2721160cb2e24c9e7513b36d46315f5ff

    SHA256

    431379f1438553fff12fa74936b3a420bebaa6fcfe6ba6601c0fdffbc9017d9c

    SHA512

    42979aa118a453a64bc85025fe029e04606d9f83f8f04545afcddf202068adb1234f5fb83d89af4e82d3f35b7b69099044cc65ca11b3bb36284972769b7674eb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4ffb30c60cb190b79de25acecfb48938

    SHA1

    67f40a6958a706f668d309f31097b46272dea67a

    SHA256

    31174cfabbec6c49eb37bcef5de4311cbab2205cbcf53d833fc06f2d109f031f

    SHA512

    5ed4424430678240653ac4e522ca6cd20d97fc12e9c8b79403e9230cb3d55cbac3f620049f90ff18002d61ebde2cdcca742df34d055d3994bb00cb455d9a21db

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    df8305fc671eabffcd4d7e53b7af68e8

    SHA1

    0bd51d4d26fc3d36531b1bdfb911a593e3aab4e7

    SHA256

    8a231854472d3f1a06e882442fadbfd84d79326b1dea6a8bb0043ed779ea943c

    SHA512

    89430b772786936950ca552e5fa5469c2b87ec420e89542ae76a19a1168e9c9d82e716c87ec58ba889828f3019caaafeef01bdad2ae542d8f8da00fccc93f7c2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    70fbba73a9cd5b2d9815f2e6c751d788

    SHA1

    5d7167ed2e392b6bbd781177d28e67088df76239

    SHA256

    21ab81b2fc9232a4888aba3053a2f8fdacc76b9e6e06b8fc093ef59e52b89ed8

    SHA512

    a7978f2d047cf1b9f001d8504b2d8e7fdfdf594bb88f4d2840702f32b07c6af703887972b6a313f17189a24c604a1abf934f6a54d0bab8daf1ffe22e7c76ad00

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dca3807c1783fc03c5d4485df0789a94

    SHA1

    cbb0897d54d5ce2e061be4f09aaac90bba71bdd9

    SHA256

    53ce270ab1ca82493a097f84da2e5caf55cab5afd965024502724e36fc74b596

    SHA512

    794e927834d637efcaa1c99c3d0710a69a667d77d6939a87070d39269ca84a441f3c104c2df7ec79573994a4ced92851094320e0c2026d708b111084afae63a5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    22966bc94eca08cd02c1efe21cf6766a

    SHA1

    3736c51678be5adf6f52b47506fe773f721c9e5a

    SHA256

    4d4ff7cd17d64ecad307b7f6761559fa6f1d1dc75b47adfab0edacc23c2d75b7

    SHA512

    f94db92a1b1116b99a853facfe47a1e2812a09e21b882752ae608e535d596c1c9b4cf16e2cbaf881605a3980c9ca248d9636968c202ab5a0e2934486d57dc270

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    93e78ab85155fcc7ae64323b39d86405

    SHA1

    f4aae692b5291ba48ca2b2dbf31260d1b4322dce

    SHA256

    f81a12530d6e0aec619240b8be4f520c510d723168697413a6f473ddc27f2edc

    SHA512

    795c9e73e173a3013e872d4a330793d09d3ae5a77466c228f4ae9320b253c2b3411124ee57aac4096397d8e7b79e3d03676d101f5b6b49d0c4e259635536dde0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    70435df1cf6d98cefe430ce6bd3400c5

    SHA1

    7dd54ecfc8ca7ea1dcc73dd8528fe8c73c2c62dd

    SHA256

    4ebfea98bbac13c72ef14bd76c936b23b3261b82bb2e8812c98c3e9f07c084e1

    SHA512

    e18f8205743b4fcf2153fc89c2220126ea22cdfe1b5f0f2e8400de2a5ac14e8d99985f6e4c6c89c99f102d1488da98762e6a34444dfc6a6d56f361bd786beefa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE34E.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE3FF.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit