Overview

overview

3

Static

static

1

School/About.vbs

windows7-x64

1

School/About.vbs

windows10-2004-x64

1

School/Bottom.asp

windows7-x64

3

School/Bottom.asp

windows10-2004-x64

3

School/Contact.vbs

windows7-x64

1

School/Contact.vbs

windows10-2004-x64

1

School/Edi....4.vbs

windows7-x64

1

School/Edi....4.vbs

windows10-2004-x64

1

School/Edi...emo.js

windows7-x64

3

School/Edi...emo.js

windows10-2004-x64

3

School/Edi...on.asp

windows7-x64

3

School/Edi...on.asp

windows10-2004-x64

3

School/Edi...on.asp

windows7-x64

3

School/Edi...on.asp

windows10-2004-x64

3

School/Edi...tor.js

windows7-x64

3

School/Edi...tor.js

windows10-2004-x64

3

School/Edi...t.html

windows7-x64

3

School/Edi...t.html

windows10-2004-x64

3

School/Edi...e.html

windows7-x64

3

School/Edi...e.html

windows10-2004-x64

3

School/Edi...r.html

windows7-x64

3

School/Edi...r.html

windows10-2004-x64

3

School/Edi...ger.js

windows7-x64

3

School/Edi...ger.js

windows10-2004-x64

3

School/Edi...h.html

windows7-x64

3

School/Edi...h.html

windows10-2004-x64

3

School/Edi...e.html

windows7-x64

3

School/Edi...e.html

windows10-2004-x64

3

School/Edi...k.html

windows7-x64

3

School/Edi...k.html

windows10-2004-x64

3

School/Edi...a.html

windows7-x64

3

School/Edi...a.html

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    14/09/2024, 04:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    School/Editor/plugins/link/link.html

  • Size

    2KB

  • MD5

    c083d5c46fe11a1973c66ca3a308a8e8

  • SHA1

    e37323b0b3f4790f77ecfda8555706b058f04cc0

  • SHA256

    8f15e34461a3acf5308f7ecafa7125949683e415b12c97ac0075e6dedadba0ea

  • SHA512

    940a03fa8f84fc7670094e51383aa58dbea686813b0b045cc826ad6141cf7fc12f09ea2576eb2d97a083c89101f94651d31e5f9bcfbfa68c78e498c18e136725

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\School\Editor\plugins\link\link.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3004
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3004 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2384

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    35d6862f92b36e4a7e40260d41b0f874

    SHA1

    3205c20eb0157bb28c8c647e6644e28f82cb839a

    SHA256

    a040bf34cc5e2661939f3466e0a88e2aa9712e5ca0686bf6dc5cd876dab10b4e

    SHA512

    301276be18e74f9ec979d07c5525ce456c81ca79e9907a5dbc88a787d6b68519845c049140cf9fe9df52b5f53d8ee41e4a829f57a28eb281bb4a4420015dbfeb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4e2761e06fff7eab334c40744fce0005

    SHA1

    8e4128971579ea8aef3eed8a333c6bc169e02405

    SHA256

    fcfd682d2d22b406256768df7da423b8a9e94ddd1b7d4264ede3808acd66f529

    SHA512

    2587f2e38a18c1c24fdbfb8542d612ee7e7b15501ece3eb2664f41f47608ecb66fa7a59701b04b398f6f796ebfd337a72764badc7e24636f83992c7d62af1a95

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8a9e2bd0efc0a3c66dc99e0ef1fbfd8b

    SHA1

    d7db05a4e71de408e4552baa23f825e44d2401d1

    SHA256

    f4bfb03d0fe3d0bc3f30f03720fe38896da1ef3ed173be4e1f8f2ed05ae28c2d

    SHA512

    39f250fb8bf0e9f9b12424f55c30f6b1b48f0b9fdeecd6fcfd6816e68793124aa3e6c369b9d313e7bc6227ff94b029b1a548e34b0f3dddedaf6c3401f9388981

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6df3180e6c637910c02e43c73fdbf0c0

    SHA1

    f0e3e9755a52bd5f474f859ab9278c3bc3ff0f0a

    SHA256

    826fbd78d5c91bd3577cd738cd6a4e3373174f6300cfcd05ad6f45c1ff829d90

    SHA512

    aaca32d04e68291ddd97ad471a23143ef9f1bd9eec6421ff5e5ad6ca68465620eb20ed3aea374aa9307893cdb8ea8c7756fe9249810ac9512d89e13ab075e24f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5000ecb4d117847134a4b18181d531a0

    SHA1

    d86afe4522ff98d27b5e69f32287e87c65252636

    SHA256

    b15d7e0024141957b366e0c8556ffe3a5479e17be906c469011f506890c09d9d

    SHA512

    8b8212243dce19b01f5a1eeabd6c25cdb07540c4753c2d219544509fa5d638a219a66e3ec4038c1234af897d2e38b252809ce28f4b69be2eafe08051832ae75d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    746b8fab3488e6fab60c3b3549c2794d

    SHA1

    cc1219cd594e97a470c190fe659abf60f7772c29

    SHA256

    b533be21e1d2fa54c44e3c7697eb4d4f98d6200a3689f74214e9061835940d09

    SHA512

    1b54714d5dec1b39eb251961fd2434009a76b0f1a7b0ec009bf98742fd361f96698d64e9a1302320672b1cf78ff0dae8919911b703d74d6d145a20f024b2fc4e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    19f11b9fc66bf02bd7c084d98ddcfacd

    SHA1

    d3d67bb00447f1885befdecf3b7e09f7a25f0a34

    SHA256

    3164ab556c1aeb5eecb7c25b06ed55be5b74a23d4001c9bb219234366db80027

    SHA512

    c824bfb7fffd34eec98288b75713bee2db623381112d19846c2920b16547c50979786c1bff0f97d0eea6158674eb2cc897ce0bc4f7fb725db06ae49e79c2b1dc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9c58824a5b3df2ef3bb2ab4a04b066a7

    SHA1

    f343d0d80dc9fba26c7b2f23e1465f90b8f2e64d

    SHA256

    e2a5af90d5a4dfb28466ce2cfeda7c521822b288811d3c4ea9e256a842505b71

    SHA512

    cb352690d973247c7d2bec2d81344557aaa02ec499f38d920490fef11ba67ed9bcb34049425b135209662da870e6f93152a6d5e6fa82370b2ee1dd23e7337a85

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    07e8abc22173ff58998665909ef4084c

    SHA1

    3b2964d37fdadd3872bf8513e7d621e435d9a9f8

    SHA256

    e050bf9c3fbac92a7404f7caa41e27b7399f3502385240810c344184e7a69592

    SHA512

    afae3652fa6ed6850df22090acba049b0bd627a27806b38e46c2dee803aa3c0ae9977513cc9d5cacc17703beb80fb977f178bda21321956c26c585228ea9d26d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    615333b069b11cffe183616d5d3849b4

    SHA1

    61843c13e06778667b3832e4cd5fcc4d93f4ed7b

    SHA256

    ce96f7e04322da84dd0209665b785095a91371f6c4aa04942b12311637c1935d

    SHA512

    d3372313cf228f063eee2ce882d1cc3c3916b818b39150033894db6642ce740b22e02f64e9d599eafdab9f8a7b8fb6410124490782ae34506e1534f86aa51554

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0baf144d414d210eba1f995365b9c24a

    SHA1

    f4654d3ff94dc00a898b9f79803f5c8412e972cf

    SHA256

    e37e96c01a6fc59fe5e02df560db89765b17b1b61f3cf7c31c4f8f033aed1a6a

    SHA512

    544e712a44d75b60ed58d56f7168c9131f397f8d0c5815bd7daee7b0d302565840c55aa821e7bb872cb391a461092242601d855bdaafa42c91c2b02a49659b53

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3ca7014f0009c1dfa437dd0d1bc5e9d0

    SHA1

    596bc5f87ae3412cbfe1fb403f72de8eb5cd7d15

    SHA256

    67f3ef2ed2fc8a0bd0eb132885440c6346c263b67e91ee537c6f32c36df8a447

    SHA512

    115147354364c8f2c76d06bcbda49212ebccbb683ae3e062babff39ab753df857f2ddfe01fb33a01eacfc66ccbaf0a06e1c1efd6d2004e63abca4c8701acd0b5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    36703b30f198e09407f431faed669089

    SHA1

    5be52265529d29d52aee38f0f768dc4a078f6cf9

    SHA256

    8e4e3acc660e67f2f8a89e0bcbe0d40329d7a4f3a4eea2cf19062d2fd3307b51

    SHA512

    b62430bf05b52993f6a9980732c95169bbc2633d7619cb971d8a92dd6741445fe4b28c35b136a8f293ef3125e176dcf970c45d7738449a5c13499434b5698961

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0f9544a9f2b2bd997e7d3eb2bc9fd965

    SHA1

    1a1a4522597ee196b92cdbf3ce4345a432ea9a0b

    SHA256

    741b0a28ad96366f59214092a79d65100e15f5d4fe13d553ebf6976a4bacbbea

    SHA512

    fca15d42fe8f3ffdb7d143a1efc0a58142a7082ba7269d176a515dd7d7c57f7054dfea8666ae922e779d5e1a888ae051095710f5bee78c21b44b13fb0941fb98

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    41bd98643beb703899d9f4bd3b22e69e

    SHA1

    7e800c6e14f17dbe9f169e663af7adae9dd7512b

    SHA256

    e7f8725adc11330a0a8fd1b529749401b93acfb6d680d0341bd04fad9c0a5201

    SHA512

    37d8fdba0a95dc2c4ab315d02fbe49e93ce200297045326211c017bc7ed4bc2b224c8d2ff487ffc853d7408d13a6d5c4f7e690467d4e9ec94de358e159525690

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c3cebd12e64d6e8b55a0bcd964b6b19c

    SHA1

    cbaf2ad68138b0ecb546c624e6b5dd31e954592d

    SHA256

    2f5b9323091beed3e8b126a956757ae45c82fa477ce84c78a2d9d77eab810169

    SHA512

    df4305e4b29ea1593468c8205a17fa3ef52e44782ef93c40d0b9d48476f5b38e05a8be0e7ecf9b18442113e37c1fe9bd24e908e8aaf5be9c287b89307ebee413

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    72f6955757387eaf6eece3dee8a93db9

    SHA1

    5e40a76c7b1b6f474707533fd20fcb677c9f57c9

    SHA256

    4642daae0e2c1a980f33427e3d43b47469143dcedd397e614d11223fc48a6cb0

    SHA512

    0acee908d977049d8481c32dbfe23bb9ea94ce6155fcd902e00b5c3440887661ac54b84a1fae82c06cb145a5fa353e2c5b9d462c560e7a5fc08af6566390c603

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    22c6ff30069aa5247158cbea77022172

    SHA1

    61fce52092d49cf5cb4c1e121f59a8f01d6a5a2c

    SHA256

    c8f85fb80e2cbf336b97b4bf8fcb1199a64e576c552f730178112527cb6d098c

    SHA512

    fe9c34914e74c2e1d9a0f49520c1105cb2b96575498338322ee14b4c38a755b9e2a0af1cde0e1d9b90802a3804e945f6da0dd0aa7ec4ef3c177e1b648232b84d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d4b1fba3d79158e3677195625d21735d

    SHA1

    421a72250bafca2ff25817bf317c32a8f35ee18b

    SHA256

    f8b67728dbaa6db52eab0aa6640f453e101b4625ded96dea3639b60bd4225716

    SHA512

    b4f9ff59398a4e04f97236fd205b27082649346784ea749e97e61536dc4d2df6dcf038f26855745add3051550a4297c8cbd32ec0b58ed6418b4e2851b3260c83

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabEC15.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarECC5.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit