Overview

overview

7

Static

static

3

alert.html

windows7-x64

3

alert.html

windows10-2004-x64

3

bidvertizer.html

windows7-x64

3

bidvertizer.html

windows10-2004-x64

3

code/advertising.js

windows7-x64

3

code/advertising.js

windows10-2004-x64

3

code/alert.js

windows7-x64

3

code/alert.js

windows10-2004-x64

3

code/animation.js

windows7-x64

3

code/animation.js

windows10-2004-x64

3

code/flyout.js

windows7-x64

3

code/flyout.js

windows10-2004-x64

3

code/gadget.js

windows7-x64

3

code/gadget.js

windows10-2004-x64

3

code/heart_menu.js

windows7-x64

3

code/heart_menu.js

windows10-2004-x64

3

code/settings.js

windows7-x64

3

code/settings.js

windows10-2004-x64

3

code/update.js

windows7-x64

3

code/update.js

windows10-2004-x64

3

code/utils.js

windows7-x64

3

code/utils.js

windows10-2004-x64

3

gadget.html

windows7-x64

3

gadget.html

windows10-2004-x64

3

gadget32.dll

windows7-x64

7

gadget32.dll

windows10-2004-x64

7

gadget64.dll

windows7-x64

7

gadget64.dll

windows10-2004-x64

7

index2.html

windows7-x64

3

index2.html

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    14/09/2024, 14:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bidvertizer.html

  • Size

    3KB

  • MD5

    478dc4c210388dc0b850a85a461029bb

  • SHA1

    7cb3691839c2c8c71ee3dd2da2ab08c6bc3a878e

  • SHA256

    2ed0eed68cde2cf921146ad92c5800251d7644c5ebfb296d917903b375d71505

  • SHA512

    f342f00e46b614c4940173ab6ad0c07ebd556fb08cd47cd388c0fef0ec88518cded5719d11309c5a8a5c162a8c8e62c4f79e55a3202421ed479c291847a2b074

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\bidvertizer.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2976
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2976 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2092

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bbacda25a0daed3ea6a8dff62fb52937

    SHA1

    13c05f572b0aaa1e09bf79fb196137b94b3418ec

    SHA256

    39283d1c9642bcd85b6fb9d0faeb83f08196c418636a7e713840804431619b78

    SHA512

    70ccff93b21e402a815febd49dcd90a12f79584a5f474c01eb2cf60919ee8461519109d28ede60eabbab46d3e6ddc4568a48ed63fdae3a418916be214e7ac15f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2df0262dadf0190099851c67d9debe17

    SHA1

    f5280f2bce01621ff165a603c52f95794e7412e2

    SHA256

    65ec496bbe85879ef7affa4b760c60babda0b60cbe92c80d54c546fa18a029c6

    SHA512

    3f76be390185759535b8e695f258e5279af55af2d18ac269ff3d02738b6cf5130386628f8bd0b24351025b10ec8bbe90cb87d742b658d0d359914f4284049df5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2c15cfb11f9dcac245bb5924c1150d09

    SHA1

    56d40e9fadea3db74546d1b358001585902a05df

    SHA256

    3a648c27d26c98662f2f389da47d586c9fe6a4b152570cd9de66d827afe576e4

    SHA512

    53f0c4a15c3539c9e224f2d3119468375b497021a614ad2cb55aadfda471ce5ba261bd5983c005c6eb043639d08d0de8f0ba4a7b30d6c2aca5db0c52ad17e7d0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dbc435dd771b19f17fee3f01553de0b3

    SHA1

    1837b5aa20029f684958032db69b25b5a6eb15eb

    SHA256

    227d76b10bd4123c4dbfad0b3e07d03d56c83c3383535c1af38ad947852ddf96

    SHA512

    d847b545fb40435ea3d5d11f67e3a27ded5759d1d18e9bd3b015a567a82466530f2cad86071f46516eed43d34068f02075b3c0c0eb6b8734f5d709207a17de63

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    afe9c057e638c4b06a9649e3cad505d4

    SHA1

    2e884042d77556c240b423faba00a3eb6a8aaeb9

    SHA256

    f06c6b3a49e9cfa35135f9dc5bd27ab98b259373bc440ce3d3099facc8d112c8

    SHA512

    abd800303d9895e2b69bd647f205ae09752ca961db08b5874638f909f622c9c590545b2906162558f3e2a4140f591ca053dd9a6453f577c82c0c7a572ba57756

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c61c13370fc20873c0b0783fc4f00cea

    SHA1

    dd383387abe2d97bdc6344c8ac44579a418da789

    SHA256

    cb01aab34fbce3320e35869a20ab6c98b21b2e529f8ce46fcf4574b82f877d1e

    SHA512

    ab21a237c35bd54e26abe8af28fc944eecadee48d796fc0730cfefc5d96a0aadae7606328cd3db9d59fe613a496ea19a2b8855548d6a3e542dc65946519ada73

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1280da91dd549470c5ffaf2105083c1a

    SHA1

    bba4d6fce1d224f02e02598458916bb4d573b1fb

    SHA256

    2bd19ba1ec8c1f466422c34e44286bd2c86b1fd2d76c142a3b55e29205e0f0aa

    SHA512

    74986ddb812a6683c9d4d63d6a0c0f8f1874a72797178b39351b37ee928b4b096f0b184ffe68cbe18fc3237fe1323fe0936eb3dae8ebbc62264c389b4a58f955

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cd4e216f7dbd1fee487a2c864a174da1

    SHA1

    7de40af46e8b9f1353760871fd870ca75231a91f

    SHA256

    329e408f7619187901d9618d1803417515cc75b7800a5ceebb207696f02a9d2a

    SHA512

    c2c7865c8a7e553c3c9a7d57cf6186225c4a42756dc150eb97511707814b3849261317c13cdad508553e7b2bce5d3bcb4531d4a72a44a7b0709a7577ea5e4f34

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8a3afd13b6302995c0d0e4eb54c6e903

    SHA1

    f60f02f08d3fdbc9e5585f95103c1c62ec1d76e9

    SHA256

    0bfdda2ef3c3ca42fba28265c75be4915e7db131d49b161975788de4f55697f6

    SHA512

    a8e72b447529a01990bcc2c4d95382e26906d8ed2fec9eb95f0df36b141d05c6ed96fd8ac762d2c45e84cd8d1664da927045dfaa83c408f264369efcf2fc84a3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    37567115860706e9dcaa6ac8cfd71ac6

    SHA1

    c6297f561af7784ddcce7a4e9dcc68d54e3b1f97

    SHA256

    a81ec59d418d7f4d416de8dd94fa1fbed649fd521defade2d6c34af6eea89546

    SHA512

    933b613db0fa8964e29ba1945d74d16c2880479fc0ed0d55e4ee000d918595278386fd606cc27b4abb0126d79ac355dfcf727f6cb477b42cb9f56db496016649

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c5d3003ddb7583f1623857153e833d9e

    SHA1

    c511bed311163d8c1acad0fcd040f8c8166db018

    SHA256

    2c88036dd4e486f49d0ebf10de67f8b7b9db0592548683ff1b5a6f53613653da

    SHA512

    b6ef0f288f379ce0ac54dc0287a662914b8b4c4265a4814206abf54eb36886d7c5548bb378cf8f1d3a7c1f2d49b2f1689385d90c87e7ff1fe084b82fdf2d990a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0e3c783d1adf60e045f07335e685c83b

    SHA1

    b24ff9338f198c7b78ea4d1f614ba9caa3b62828

    SHA256

    767e67dcdb9bc098ea4117b803ddfbf4df1cdd937fe58c9f2b9c09be767b324b

    SHA512

    1f22ba52a2ac6ed0d08b18cdf289402f246b2da512a63cea468944ac6464a86e633b5c05c665a752c86b250f54c4aa5d08cd501aa0f8b1aea09ee988ff615aef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2ce3960db598ae145d97853b5f904aa3

    SHA1

    57de2d67571b8d1f1d1a2b170cf6a4daf3011a68

    SHA256

    86bff529df538959a30d444e01b5fbd6be4ce2a172b4e62b6032e6a82d31a248

    SHA512

    75ae47cb3d522307ac3431aa2cbb8dfa70a3bfe0c2343d58f194854e54dad16f86ad1dab4bfd8eb71e0d17e6537fd97975d5cf98e19c2a0e4121b173b886c34c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    797c20b5806b969a6ee437abcee74d1a

    SHA1

    673b5bd64d76146697d8eab6754f65acb925fb67

    SHA256

    5e15b22aaebf0da78d25241b67a23949e387940f7fc20ab8dc23667e28a46eb1

    SHA512

    e572b77a53ebbf1a486408fc6043a2c3f177507192b1deddfcb49e36d059a1da2d65c705fba883a8fe10c083e176768560fbebf82f3b65d542c8e0ec716be824

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ad93b7f1029bee4525f402ea4f99df6f

    SHA1

    7fc52381b934c30d0c3027b32e9836b28805b8e6

    SHA256

    543636d05e1272efb2c24341bd67173b21a5cdeb6f872a09190c72efbaaa591b

    SHA512

    95158b992b28cbc4b06733b38f67a59f5cf7ddbd73e6b1ca8ac4efc8125283c71d099d4938d5c7a32ae6c44a0664b88604ffb6b42cfcc0342edeb123d2e376f1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    052e8ed37c09573f6ac0e663e61be5f5

    SHA1

    0c58ab2f1499eea05c06e3604bc156a71fac344d

    SHA256

    706a78c0fab55e462fd442dfdfd1e54c0ed1f286f99badfa2be84d6ac5f08fa5

    SHA512

    75f6ec2455df8451550153f221fccff58638ef856d1cdc0bde63b608a5c35fa07a1804038c8fb6ebc214d2e329c97d1326388b7f871e4224e123d81199838ddd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    de860044cbebb36fd3a667ffc791e07f

    SHA1

    31cd805dd85bc036e0fa8cc7f695db1798fba09c

    SHA256

    d3a879da000c691c5889bf94cd3dbad1b3866f24480e091dbf0e92869fde41ab

    SHA512

    c986da6aedaae93760ca1e39b92373afb7fcdc4e4fb0d8c58f2027d8d1bb3de611849cc687e42643b35755fd4b98c6c1f80c2fd85a2c0c57be92ea126b98e3c0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ebb5202b811843c36583b935f3cf06fd

    SHA1

    9ec26aa8ebfe5a3401f57fc5f89cbdaa311f33ed

    SHA256

    45eaf00d87eae9cc3bd3726a3ce19f24362e81ebe048f2b216d5b35e8803cacc

    SHA512

    d722b41a8f4787d5e01df620fdb804ab3115ca5b0b3951b885dc0610a214067ec113cefcce799b70fb9d6025fad6022aca06ed3315184417be0cba03303a3232

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b57466fe9b0c48450bac821de5f6d45e

    SHA1

    b1631e7ce12933f05782f682aac8659cc5280f55

    SHA256

    e098057f8316b16c9a59b7b444bb9754c5a07f5818764d0df3ebf2f87544766d

    SHA512

    6c37faceeb7c49d0329f5e70951a5d1dafac2197c001d8e05641b468a332d6c1d11f1e16d9d7dda643a4d9fcad91981d20837f7b4c5af6f14597ae00d50ab8ea

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabAEA8.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarAF97.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit