Overview

overview

3

Static

static

3

YUTK1/Admi...up.asp

windows7-x64

3

YUTK1/Admi...up.asp

windows10-2004-x64

3

YUTK1/Admi...it.asp

windows7-x64

3

YUTK1/Admi...it.asp

windows10-2004-x64

3

YUTK1/Admi...nk.asp

windows7-x64

3

YUTK1/Admi...nk.asp

windows10-2004-x64

3

YUTK1/Admi...it.asp

windows7-x64

3

YUTK1/Admi...it.asp

windows10-2004-x64

3

YUTK1/Admi...gs.asp

windows7-x64

3

YUTK1/Admi...gs.asp

windows10-2004-x64

3

YUTK1/Admi...in.asp

windows7-x64

3

YUTK1/Admi...in.asp

windows10-2004-x64

3

YUTK1/Admi...ge.asp

windows7-x64

3

YUTK1/Admi...ge.asp

windows10-2004-x64

3

YUTK1/Admi...es.asp

windows7-x64

3

YUTK1/Admi...es.asp

windows10-2004-x64

3

YUTK1/Admin/Index.htm

windows7-x64

3

YUTK1/Admin/Index.htm

windows10-2004-x64

3

YUTK1/Admi...me.htm

windows7-x64

3

YUTK1/Admi...me.htm

windows10-2004-x64

3

YUTK1/Admi...me.htm

windows7-x64

3

YUTK1/Admi...me.htm

windows10-2004-x64

3

YUTK1/Cont...Sel.js

windows7-x64

3

YUTK1/Cont...Sel.js

windows10-2004-x64

3

YUTK1/Cont...Pic.js

windows7-x64

3

YUTK1/Cont...Pic.js

windows10-2004-x64

3

YUTK1/Edit...tor.js

windows7-x64

3

YUTK1/Edit...tor.js

windows10-2004-x64

3

YUTK1/Edit...rar.js

windows7-x64

3

YUTK1/Edit...rar.js

windows10-2004-x64

3

YUTK1/Edit...rm.htm

windows7-x64

3

YUTK1/Edit...rm.htm

windows10-2004-x64

3

Analysis

  • max time kernel
    117s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    13/09/2024, 02:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    YUTK1/Editor/include/rm.htm

  • Size

    1KB

  • MD5

    952a303e685294d5f2c8f6d84ffa45f1

  • SHA1

    b4f0b33412693ef09ae245558d5d15f75a16acfb

  • SHA256

    9d2df087a8baa35025fe06615c52af9d6479f83c9a69d566175eed421545dbea

  • SHA512

    6d08b65cad23ef602605a86d17347ff3906bbd88f819021abebee3c6c4a1ce5cc523413c02fb6a7b6d9fdff0f6e20c2a20c070d8c0b916ed30271903e35eb581

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\YUTK1\Editor\include\rm.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1660
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1660 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3040

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6c84c2654bf287487a0ca549cdabd1ed

    SHA1

    ff729af62ea5cfbd207b86b5e5568ebff38e18c7

    SHA256

    f630625f41fcdeb7c38fc716a2f0ac82c66d38ee23a806d6c781254be721a2ba

    SHA512

    6312f6978542fa585632bd77698b1b5cec3b0b602f84ca81e1e6c29661567ca872347973b6b1145f5501c9d922b7caa200ef2ea0aa08110de41b3fa6f66142d4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    29b7b5b9fabf1321329fd20e2b0c3841

    SHA1

    a3ba3525eda72d12a2ea025f16decf2f17aac510

    SHA256

    4d2fe0e843863768e5ae53b19b16397f76723c7499093408adb7ddf56ebb730c

    SHA512

    7722d62ad0cf6f7c62ffd470748e230be2f5f7794d6b3e2a70c1f4a62d320ad8f45939bc872baaa52fbdf56f43c629a45072987f73a587895c2100d2bdf874d8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2f4ce705ccec1185d9b08168787cb8d0

    SHA1

    16b10ca9512cac4099260accdaed9d48b9e262c4

    SHA256

    fcf4bf3a215bca5b22855c88af39921feaf23e9ccb78d52a0d6456db02c92f98

    SHA512

    b8546464babc963943f139cbdac4e982d68465f04a6700beb35974d9dd969d84dd74ccffaec6eadfecf13776b6caf2f7303ed259b7c71162129787a1c56b506b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    db163be68cfdd7b99008f459c280f868

    SHA1

    f563aa4e38dd6e37288930347acca9060c43b14b

    SHA256

    eb01654513f7924312eda146724a229a757fbad51ea3a8d7a817e7a7b1fa833f

    SHA512

    8263e30bcd786185200f782539106d45412feb2a474ccc4f493e0e99b07d38a679bc54909fb8b2e505ae687e42eee06f3f0acd3f1f8a751987dc88c558230051

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2a810fc52027445992b4567d64e14cec

    SHA1

    26e3ebc1198dcf17f9b0e4b818180705dc544f43

    SHA256

    6c68d508f2b4834707bcf5f53f7b6f6a1a158e505328898d8ab86416736238a4

    SHA512

    ac95f0d0960b6a7302489bdbdd5774021030af90ff5914c25a1eb84d974cf4558aa61d379383e570ea299b51e84841633f6a2c8d147afeea2f2b0bf517a7843e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ca287ba55099b1e0e4348151ddbf2044

    SHA1

    5c349f672fe98f3f4aae1a66192c3fe6a23eefff

    SHA256

    d66474e01229659b455a38ee4b73623099bb5578eaf75b924e32f39e1a5f2bdf

    SHA512

    6807f40f6398aeda45751dd5e74b4ea025c15e51cfbeac79b7c736fe1d93d5bcfd2b1dc981d5f9bb9ac8b6d3a6ff2dc79bccebe6f45903db8b13a30e40149ab1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0a58721e78410deb63e6a84ca5a41c45

    SHA1

    6447c789010b4516fa7f116e1c66638dac749832

    SHA256

    bbff856da3d339b2870bc6b2a5dfd23b4e4e6a46e7cd070ee77bbc2305e72da3

    SHA512

    a4c94b427e427cac3161bebf230861e0983bc58524c5d9dbde4a1952a82a467d7c84327238c209c4b051227c1b29cd5d61fd05b3676d9d9b38972789be59a570

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5428ce34458edb47fc88ab8824cc3660

    SHA1

    b0844660de3662f517dd745d24042abd575de658

    SHA256

    bc904c667fdfa23d734a5ec5087197325e8ef68e0f21c6413a5cb598d8033e58

    SHA512

    a2a44fa8e30d2cfe79e88cb5fb6bb661ad31c6fde4c588593237a915639d18d85fb780cd55e7d6b1b254eaec7b5d94119688c5649092c3883a1aef4348e53e09

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c529753613137c552612452685f48959

    SHA1

    d8448f714f389a9d10ff43f8a958db7b89c615c0

    SHA256

    ef08b7110d64c81712b05af3d1018e3bade18b0c4b8402e0dc5656df1019dd9b

    SHA512

    019128bab46d168bf5147439ccbee4d1d4a1ad1849022944a7ffcc4168edc9c71192c87fb04e7e650c6a33ae97dd80fe277732aca483c764bd0cf4f2d2adc9bb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4d53e6a3d70ecf8f732a91c66adb21f3

    SHA1

    c0834ca02beca0179fc20825ca43ee6fc9fa9d13

    SHA256

    7c51efa44e290768124057c385d61e1f216c594a56b86350b2e9b3e7ab10b543

    SHA512

    92fd5fc28bdd523e619d370b08bd207ba7cb06ae69c3eeaa73aeb3579bb15716becb91f7752d1873d4a16effd4cfaa16c757df5239147e48613f84efcc676e73

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9b9d9586b57f991fde26f52dedb69864

    SHA1

    bb63fbec0124f20d17b3c6c248d6bf474ac891fa

    SHA256

    1f0c2a70efaa5379b404ef13d36dd44d5739b1dd8115764c978362ed8a6bb56e

    SHA512

    f878ec34c9971611c2b10545f6705908538c27527e7f8683e5cf7b7f9666420475e4bc25fac442d793c024f776f06653e0bbcc5de4c6e164dcf649e031c23cf5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ca275cac5b83f3de0de992e6044a7da6

    SHA1

    13a6ef553878bcb76138f43fa209b248cd25a39a

    SHA256

    67a4dca21718a3ac5bfadd2e3527aad02077c00ac5c94cf9d347591c97c1fd1e

    SHA512

    a39073519f9768d1da223fdde0ff5ceb59463dbbbff7d859e4726c723f09739b61392b99b787cba630ad4ae213de89b2a1ba261a6fcab24fda7ff9273d54e582

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d5b59b09fd5eeafd7a8e7c615ac9be44

    SHA1

    c02676c9a11cf44ffff1929d5bf132d8f8133352

    SHA256

    d0e7defc1d96596ccc3fca06a1722ab7cfe0830704db8508f6bef6da9462d62c

    SHA512

    ef476e0ff22420f568b90088162bbd57654e9e600335c45dd876b223c018bb152a592c3644d11a8556b5044e5bf7ebc93a92947f2844936b17af9818050e6fd2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e9bf35d49541eb93c1736834133bbd0f

    SHA1

    2298531ad67d43bb099bf5686ab40613b4084b08

    SHA256

    9e36350ab6778685b1b3a2ffdcec43673d20e023ccc9a5ea734e93f457a69bbf

    SHA512

    c90d7a8cbe91bc45e9b0fc18603b46b73df2b8b4b91d774a9c65c2de99e4233450f4e010ba880d05dc485999b39d3cb16d26f6d9f9d1b09156f459eadf8ee49e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2a0b0bb1c395c843682daca0c4b1e4a7

    SHA1

    14b0432df62376f28da3d44a698a35432979f38b

    SHA256

    5d7e1bd8b365ffc7e18e709316501c9d48f3e2a8d285d82880a0953d7b464ac9

    SHA512

    5f19e1bc8dc39629427164dc90a23d1bbfc19450b3e9fac77edf47630ffce9d41e6ded38c838038f5206eaac67e05f1ef8b5ce58c4fb7ff6c50e03afade0093d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d6a3cba6e24e7d2245fb5638de7d573a

    SHA1

    134bd071f9845d767e0686111acc711979a49ee1

    SHA256

    e2addadfcd086d804cc15dfbfa864a5980d6a0282fb42300696adab67972c985

    SHA512

    a82a5f61846d463e6cd3dcc22ee99652c7d60c07fe0f9fb4be8b44c83945a16a1ff1610852c734db1dd1bb3ab2f4183bec48c1f3e9f81b16fa14ad008edc83ee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f6ea0514ee9e6f0c5ec3cd8869d1b097

    SHA1

    b6b44954ce8ab8fe0ca96d5e3d7dc5cfaa8c2187

    SHA256

    5aaee6fbd4d680b94e45bef6c0fea1a8c9954ea6249af228e0c3b6ab8a5f59f6

    SHA512

    6bd3e6c7d26fbd9d9c27ad6137911f7664defb8a3862aa7f18a2fb20e93504b21acdb1c8e7ced007c4348d1018a7fb9a1aae22530e24058ca646c353f0892e30

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    417d6507dd6abca550ad968f8f7eb810

    SHA1

    555871eb5c86874dd479a5686e018da4a4026e3d

    SHA256

    fa6eef25602918d024be9553c818223e4c575e3164c7473ed166bac33da71b81

    SHA512

    13beb94c0a3746c14f3c3e7953b07349137104530d61592fa1c1a358bc5c0f1e9502888239f87cd4a3eb2079b4b85d6912a34903ad5ec9bc8b1c928c1af0ecd7

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab1345.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar13A6.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit