Overview

overview

3

Static

static

1

School/About.vbs

windows7-x64

1

School/About.vbs

windows10-2004-x64

1

School/Bottom.asp

windows7-x64

3

School/Bottom.asp

windows10-2004-x64

3

School/Contact.vbs

windows7-x64

1

School/Contact.vbs

windows10-2004-x64

1

School/Edi....4.vbs

windows7-x64

1

School/Edi....4.vbs

windows10-2004-x64

1

School/Edi...emo.js

windows7-x64

3

School/Edi...emo.js

windows10-2004-x64

3

School/Edi...on.asp

windows7-x64

3

School/Edi...on.asp

windows10-2004-x64

3

School/Edi...on.asp

windows7-x64

3

School/Edi...on.asp

windows10-2004-x64

3

School/Edi...tor.js

windows7-x64

3

School/Edi...tor.js

windows10-2004-x64

3

School/Edi...t.html

windows7-x64

3

School/Edi...t.html

windows10-2004-x64

3

School/Edi...e.html

windows7-x64

3

School/Edi...e.html

windows10-2004-x64

3

School/Edi...r.html

windows7-x64

3

School/Edi...r.html

windows10-2004-x64

3

School/Edi...ger.js

windows7-x64

3

School/Edi...ger.js

windows10-2004-x64

3

School/Edi...h.html

windows7-x64

3

School/Edi...h.html

windows10-2004-x64

3

School/Edi...e.html

windows7-x64

3

School/Edi...e.html

windows10-2004-x64

3

School/Edi...k.html

windows7-x64

3

School/Edi...k.html

windows10-2004-x64

3

School/Edi...a.html

windows7-x64

3

School/Edi...a.html

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    14/09/2024, 04:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    School/Editor/plugins/media.html

  • Size

    1KB

  • MD5

    57c7509123a8a45dfcf5e80bd80dd8c4

  • SHA1

    9af539192db60f02f37703f25487e4a397abb7ad

  • SHA256

    127349ea0334930ffd3a90d352659c5ce12d5e3d7bd9e3a7e12df7e7f5e6f434

  • SHA512

    2fe36517a58f17406fe22ab431e70384e68052479fdf171b371170ac98e11ecbf45f65f1626cf6b6868fd9b39b4b52b706b0dcdd2948c86c6cdf2734a706d39a

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\School\Editor\plugins\media.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2224
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2224 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2340

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    10db6c4963228b6d74509ae2486a5db8

    SHA1

    3dfd541175e1994fa7d11aa7e64e65021cb0cadd

    SHA256

    6edc880062a26dcdfeb3bd43bb05b5ab1b76c09e51c9ca8bbd284612ea708aeb

    SHA512

    48ee48dc378f1e9c8f456ab5922624a23c11a3594e341f7b742b3e1f17b1a833a7bb4f521567df077831ed1b2084a9f96db157bf94a29c33c40acf4cf80b80c6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    09bc73619b505fabc202a95c8a2c38e0

    SHA1

    91a7fe8c2778724c69dec4f6ceca876b7f7479fe

    SHA256

    1586ebfe1a59cadbb182ea05ff2ecdffef22769a25431225da9fc07baa6ac0b8

    SHA512

    29aa61b14aee9831ab2aeb08f4781bca14d8f8f31c5d1ca1eb69e2f430e97bf90a2a39b99695a3fef81110fcc52f00677b4d09447a87d1dcf2cc81f6598e121a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e2496ebe1b5b6d30377093ea09bbc101

    SHA1

    8478819149b034548f5a3016758cdae584cdcf45

    SHA256

    75683f8f5c9a12126e3ee950586dcf59903ecf97e26e2a5c2d9b41f6fd81063b

    SHA512

    a64725eb143825ce73fa879230cfbdbf6921d3db7a84375cac2ebe23c1c54ae819da9beedfff0b7b9c055e5f7daad4cd3931f02eea46def49cee14270004a210

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    34e9308a82b1bd96a01517f96f6807ca

    SHA1

    3f9550eb695d9e59de8819962ffe2d926586c229

    SHA256

    564f8dae0d918cd05b0a32e1948788f8461d6e45c87ab0e24fa54950d0675de6

    SHA512

    98568b168c4647bab1986b82b46d126cdcc4fd55ae719ebb5378ff5aaea2d77d9c765c5ca5bb22d0728a3bcdd01ae8799b60a39d046ae8440b550c1a50e2d883

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f6f842709b20dede15d62caf7770aef8

    SHA1

    919ea218c1aff586b61f23d0ed0bd5924e352402

    SHA256

    6913acb0f04272cc3306319fd6d45b8634fd51a7905672dc9d1b5673c262b030

    SHA512

    dd7c4e96d7c63656e82b50973f224380491f982fb0030880e1898d31adcd6bad289e6e1984f8ea64bcc61b8e4a8093091f41e3dfc82e4f307252524c1944c4e7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1bfcf049ef05c5970273270bb8ea99be

    SHA1

    0462517622be37510d227463f2ff8324e5a1dc8d

    SHA256

    5d0f7b69b6daaea96c67ec351c386fe9c31770ed22d6a17ba7a37b701aff6910

    SHA512

    f32fe4db91fe838060a9e153cd51826843fe230710152d57b1122ad0ed2402e469e903165dae62aebf209a9a2b6d03406ebe17878c45e1fc733c6b4b098d7584

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    453fa5cd42133a5fe996df0cb30ffffd

    SHA1

    8c9efbb7582409a13f4ed2e62e6da710fff5ee5f

    SHA256

    00f3b24e6c85c69a1aa14b3eac17e6ef9060d7e5b33365e9e78ed45e25bb0466

    SHA512

    dd8c9d044850c5abf43b87d35972be14939b63e19b2b08fe5a3aa6c70fdb4e076bd8043fc4527454b190279f9249ca1bc8a9b41c510256d7b5fa5480717b2175

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    66f28cbd01ad4ff59ef20a877c13bc6b

    SHA1

    a82a148bde6b99287ecbbf82450b9f1aaf5801ab

    SHA256

    83fbeb9e9caf665755d856d950dd599d0a352e320a79ab8ffc0e8d9b3db76111

    SHA512

    7bec1dabc848e4a06b9280f1657c94e2371514971eb596ad0f972b251caeb021fcf381ce4ed33078e2174e406215fd682893ed234853f1a0d9a844b3e56dfbc2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8ffc6afac436505b2e2340e901e684f2

    SHA1

    2d5ec03aaf2ee802fdd40d59a442ab866f78c7a7

    SHA256

    737d626f5ebea58e571768cca4f8ad6c642cae300fbda5f8905df0c9d4c32a02

    SHA512

    fd45cf41d3e704bc305c66ddfdbaf2e9e9541784b230a369fe7f91ca1c9e1eafad22dcb39c135b24a0481d11509dc10154af0fd7fb2ac006ef868d0a8305a939

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e13770045eaa3c2d0587d3b842307a12

    SHA1

    2407e50b3b81092de4fe70a2ae8174c52564c575

    SHA256

    4ae7da32b288d622345be23b792bd6a11e7c46960e53204a97a02ed6f5fec259

    SHA512

    dae58273b3b03be8b3fb750255251acb5a9bdb2b17379591a5f491913655a88e3276834662388636cd5df4ff9fca650fd29f5d440099883abf679a22ee9edb2b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    140101bb8db26dcd35ccfb8369b8490c

    SHA1

    f8390dec8f4b16dc19d60ddef8114b31af0c2b21

    SHA256

    fb46bbe32aa5508b7f327df001b9a652178b0fbf2cfc8228ccaae2b9189b359b

    SHA512

    f6263ee14a73e69ef262650ab9054a3a4d1b498052beacb4e3e88980ca2cf1ab8de8a0be7482db78f64cada79495641acc58fb86e2c053b53e5c38255148153d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    90be4ab38f904bd420c86301c2633275

    SHA1

    83b50bf88904ae5c64edd7454730358c8fbfcc49

    SHA256

    566f8cf03f910c173057a1f56401b64c0fedbd7e45bccec39a64c8066653afb6

    SHA512

    6bed8f83dfcd2547807e7de941435f959ddaa64182d47e8df4e00862f242a031892cc9913d5da2f474c57b9a5d8941af996f14d555c7ae880bf2f19562911f33

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fd5a33eab588138e966af8ed8cf96919

    SHA1

    1ee13d13b44e86917c81e0076fe261fdf042b6a3

    SHA256

    87c9e39c4659f57bedfbcde5ae1b97011037d33fee0d1328f0f40733d8abb4bd

    SHA512

    b498df9743653def0393cc6f32148dd5927083540cf9077fbef00d4df752443b003b23ec8c606a996d44727f6a0e78681a93d88bf677fcc4e7548a7ca012831f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    57690206917591bfa0c2eb90c1222ae5

    SHA1

    fb85c1cc22f8b0f81e005c1cc091788854653303

    SHA256

    a3faab5278c20127964243fcc75691c7a189e70756b4d17f3aa68a52702d21a1

    SHA512

    8bae94562143e4412fd16b9c90078a609c061dab9989c8cce137c6b9daf3328fd746eaf575853029adab794fd423df8d2fb9b0be6c59522bd8f0c4bc3ef36e1a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0e6653cf13fddc0d9c775b477d5ba0f9

    SHA1

    3b49e0f932a55fffc78268d418392ed39424cbb8

    SHA256

    bbd4739eafd25b1446ea22ed977b1c40496148cd77cb40563aa32c729e59c613

    SHA512

    1ddbe82c8501d54fa83d2f884e87a05111552ff0639590bae625fdfc237b9e22f2baba48a2044d422c42a2ec9150a10e12548334df75833c89a718afe0886a3a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4a6a06d2f4121d82571182c59dae60e5

    SHA1

    6b9c8cbc45023176bed62a066c39e71fccb79410

    SHA256

    2c03c4554d025812e4919226d9630c6ec10b910b75e5c210cf62703ccb55211f

    SHA512

    0426449df84543bf4df258cbe88fd1569d4692ae3e815a3ac64b1714451a931695fe0f1c5dae49b0d82b397976b23765d87df0c926b2e62f7bc7c6faa75357a2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a29f8d3cd3856c958c9882e9a542ee28

    SHA1

    6ab7c45b36d00e484eda16c066aa2a4f8989dcf8

    SHA256

    e8f6473b088e42a3ce9f6ddab280292319af5f84455ab95159399a85ffcf6384

    SHA512

    56dabdca739b6092ca9d6a488fe5f8002bb04e3b85de712b61365f444940665f96e911b356da8a06e8cbba0637ff64f28fd6173542647fd716d2bd0653c0565e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ef7519fb525dc0f9fe751338cefff793

    SHA1

    90a1667abdafe90719e728885f5912f680649897

    SHA256

    ce8b052058b667b0554cb1d20c34e26aa6c4eafdef7488038956c54ed1301f80

    SHA512

    ce5bc201bc3a1e0f8fe908f2eb98c0cebbf1cff6ba59be3759bb3eb6c114b538e47fae4e3f613986e3af3798ca9fe71812e383eb2157cacca3fc1a75a777e118

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8a10ac131d35b084d029da21abf02cf6

    SHA1

    76b19f8227135f64ecbe02c4b56d3bcb34d6d32c

    SHA256

    f1b04960576fa5d1f9e2c4970d3816b2a0b48cde65b6280152e73d8436762928

    SHA512

    e9ce4644ede21673aeffd458a4a681e7cbb23fa3f433657d6fe807aa7bd81349feb73ca73b799d074e6f236b714d19e561eb4cf58c62bda808e8f9a18f03fb18

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE63D.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE69E.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit