Overview

overview

3

Static

static

1

org/sponge...e.html

windows7-x64

3

org/sponge...e.html

windows10-2004-x64

3

org/sponge...e.html

windows7-x64

3

org/sponge...e.html

windows10-2004-x64

3

org/sponge...e.html

windows7-x64

3

org/sponge...e.html

windows10-2004-x64

3

org/sponge...e.html

windows7-x64

3

org/sponge...e.html

windows10-2004-x64

3

org/sponge...e.html

windows7-x64

3

org/sponge...e.html

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    13-09-2024 19:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    org/spongepowered/asm/lib/tree/package.html

  • Size

    6KB

  • MD5

    6323c7b2b5370ed4712ceb87031a9178

  • SHA1

    420673db6fd9ff1c2fb7779646f194a99400c71b

  • SHA256

    6505ba3fed582295796b44a1cf9eccad72ef46d37ad77a005bad703c4a8c086a

  • SHA512

    ef3519eb36634b63c8e106c4d0bf7cf902fa74ef2f8c941c63c2a09ba7366c7b7fdaa43958290c36e13d3168ac4597d3e2c6415becdb5144c9a7113c82186c8e

  • SSDEEP

    192:PkyOrsArsJt333A2VJIZWLFxeHahH6TGYt5:PorsArsJVHBJIZEFxeHAi

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\org\spongepowered\asm\lib\tree\package.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2212
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2212 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2988

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    416830b2d3afc0077f3c83a922d68751

    SHA1

    44b1ce58a0161fdc0f5ac8615b3296151287bb1e

    SHA256

    c1cf6b5e23d9ba6ce29536bf6e54bb1f6dfe0853d43aeebe84964eda3303d523

    SHA512

    8e26abea0d7612a5c6b671c87f06d7423dfa1bea1daef826249f7b4fc5099ce887c276f0bd91c9ee6ab8b9a5fc67f4fc383351dce61e1c021e7b3dec03e6cfca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    86183578ea776d93e2aacf5da700157a

    SHA1

    e5d91fe5efceba8550289acec90816583fc1a8f8

    SHA256

    e624d5fc073c607f138eb4251d32a73c136f0fabf8bfee0c0ef369ae0b008724

    SHA512

    71c46ad8419c8085364484f61f4ae57b0a001da92b05f2ef4aeed0f9acb74ecc79329f3a8d86e864396be5c43983f1f97b513f1451829b72cd424fa57e75594d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ea635cbd803ed47496282e940c2ab4bc

    SHA1

    487e118a6382e739514d1d1a3d557260517e4de3

    SHA256

    adb37b5483d7c8c78705f21fa2cbaa181d7d684960e20478e6279719fc580cb3

    SHA512

    0b3ab1b9e362315fba625bc4da033b5964ac5cf96c85c29b5278e21eb7c63e083f62973d44a85dd9778f24d24ca88aa8bd2d0d5adea43f8d8b254d9756f100be

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    055001a70b23218be6a857f41ccc4eee

    SHA1

    172cb66cb0eacc3075f0f7c28f961e4a47774d73

    SHA256

    1e091b1c257566ec522581f967cf47f67115eb8a6be7e4cd9a2a58cabe05aaba

    SHA512

    885122e3a69d717f3d061e9ffdfa699e172ff68d68cd06bdf497fc685914214ca9fb0d08baacc2d3da28542e47ed297a55732d6a9f72f9ea7db6ded423350a57

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8ba1918ce1089cb2ea50eca114d94370

    SHA1

    ab6be6ef64b5a344466177749a30c81dc0592c9c

    SHA256

    ba7770b16d176c3c86cc9aef1d35d30e5aba103acad47247ee0b01acde57978e

    SHA512

    e3f225f3877e1e4850e962d96fa550d74dc6d18e9f6222ac27cdc9526d7f47b74f311b98c1c7906a9c9cc2d64ae33c24f2092b7097435949b7f7d12400500536

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6cdd68dc8177d94cb7e0f24006147707

    SHA1

    1ef86198a58752089cf8a9a8f910d1b300af16a1

    SHA256

    bbf54102107e05456c942f76f0f7ceffa5597a11e33dc5f7144044897e29e8d5

    SHA512

    5acad27cd375c2525242e757e75791984f7fabc27e21264775a762525e8ae8d1f8340dfe656ff5623f4b39f07d164f9e48617add79dd46fd20aae6fa4ef0641f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e47bf6aeba4904f25fba0c7a4aaa4c65

    SHA1

    7dab817ac9b83e90f61bab5e09c6f0954f1af562

    SHA256

    7548aa37170cd3fd8c14fea708ffbd754caef03f1c3e0cfaad80138e7779863a

    SHA512

    fa06d77c1c4c4fcb4f1f5a469e117c53d8e1cda40f9e78c66af2c6161a45e43c496c81ecec18a92b8cfaf0512b00b11d8d68b2bbe7851710df82ab4f281b845a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    32ad191e425269f9318693712d72a42f

    SHA1

    c535334dc7e21c69c4b8a340cc4426ff07ad76c2

    SHA256

    198c6cfaa869d01c929e33b98c4b0016192f5adac0aaefe372114d229400831b

    SHA512

    3ba29d244842bdb4a204935bd8b098053a45a2ceb065c0005f27550e79a4527403e7e904726ecf18a34123ff1518da1fd5fc7d10d9a11f2b34fc2bc1e769e223

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    342e96d3ea67c597a45124410f08e261

    SHA1

    908b135b3582187d2ab7bad11ec8bc9e6a2ed7ab

    SHA256

    38990caca7891369e070ab3489041e3b40077425ea7fee7c445c46f4d0a19149

    SHA512

    4f276f5676aec8dc3c18e2e38249773b752a1dcc5f0410719a70839e362ae132c8174a8016489f7a52fe4d6e495ceffc33929faed65a94c2e443adb5a2bc43ad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f85e551176983337fe6d8dc42cb4bcab

    SHA1

    a0faa836686813b561aeb0d4bab79c36e51fc61b

    SHA256

    0d2d21b5f312f83c6dd96add715cfaf694008ea0f710098b34eba890f6adfa3c

    SHA512

    64b0297531d012f059867c10fa74d1926bb94f2f05d79f6206d13d88cab4ad8fe11dc0cdedc082fe33a65da402e9d24df804cabf2979b91addfe48f7ea38c637

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0c64786d1b29cfa679c34e5e39ffbc60

    SHA1

    578f0125654d81b300ec45e73f3acaa5887a5cff

    SHA256

    d9258ee6f3128b77f27659a00bc75397ee4a5140f51647ba43d15fafdefe2caf

    SHA512

    a50ca194b8bac771f0f67c9df12fac74f1e6a0737ef83bbefb0b8bb2a83dfa27aba7b76ee87f2e0e276997874ef0408b27f9c30d5f1fc94cf8fd85aaaf1415d7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d37eebc00dee1e7deff5148b890a40db

    SHA1

    52f9e2418e87ed6fb466ba5d4e06a168f60fb652

    SHA256

    4e8f4799383f14da98a53114cbfd1c24d15daa8236b6e34dd5ed1ab175387ac2

    SHA512

    68dd537032ba47b754a3f166fc71596b9bf16dd9acc9d0071e19640c0602c9b5db8de3d6298494047fe0c51830d5fbf5c5feb34e2182c2daf647f5f2e3781e4e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e07d4e10eac81b576b401b39d4bd5d5a

    SHA1

    a7d0f7a155179047e32cf3491753b190bf7b84bb

    SHA256

    734e77efed25ff8309dfe96e11d0880793602fe656610d90625e91ff940bfd88

    SHA512

    439906d06b816d1dac044e6e72c4da35d6311c75f7ab46d3f78ec4011d133fdf77cea61f19d4cddc5fe148be41c29e9728d96d96b6a3b44701a3c43b358aab76

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    17dc6f81758817f531149247d5f439af

    SHA1

    d647de5d21e960797d136d646338379f63f530da

    SHA256

    9394ae31b7cace5c192fb0c1975af28c8c3b1f8a235a5722c530551d003b2a52

    SHA512

    9e478bde721b6ceab7c34cf3e29cee86df18d10da3a2dd1f3dac721938c2b7eb7c56b2e026ce6c272b54f61056ada08564bd8657110ef6a32e0ed1ff3f1290a7

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabBEAE.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarBF4F.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit