Overview

overview

10

Static

static

3

ea746109d6...18.exe

windows7-x64

10

ea746109d6...18.exe

windows10-2004-x64

7

$1/$OUTDIR...er.exe

windows7-x64

7

$1/$OUTDIR...er.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

2611067143.html

windows7-x64

3

2611067143.html

windows10-2004-x64

3

contact-do...g.html

windows7-x64

3

contact-do...g.html

windows10-2004-x64

3

home.js

windows7-x64

3

home.js

windows10-2004-x64

3

home1099482986.html

windows7-x64

3

home1099482986.html

windows10-2004-x64

3

home1259317828.html

windows7-x64

3

home1259317828.html

windows10-2004-x64

3

index1449123078.html

windows7-x64

3

index1449123078.html

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19-09-2024 02:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    index1449123078.html

  • Size

    10KB

  • MD5

    5f05fe70d58d5058c7b0997490bb449d

  • SHA1

    13f38efe4f41f86e72726da215c9d62534148e00

  • SHA256

    8ebb146e6e3e9741f2c889baed2e96afd23956b8e71a5fd1114c46769b8c9777

  • SHA512

    b5e1eb1df064bbb8dd204a269edeffb38131abe99cb3be987d757e74e1cf467cc70a003a64ae7b8c785f7b42fa2ef5819eddf7072a2ef257d5c22faebe73aa69

  • SSDEEP

    192:klcdyhPpWsd4jd3hOWTxtkUGgYyRjz1JDC708:5wWsW533HpYyDJOj

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\index1449123078.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2556
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2556 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2696

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6c7bb3d088d2f77eac1766bbd7f24035

    SHA1

    b92893bfc01340eb1a8110ad9202b488c6a60e54

    SHA256

    216ffd2343ecebb2e192030a0a76aa7e7e92d78912af28a52738ed2673d19378

    SHA512

    7927f56fdeaa88c69624c06b5cd10f714d156a6483420febc5ebf23674c6fda86288c9faa640966af83f02e781cd8af68ae1514d155dfc033f4b1ca7731c9cdc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d1e1cda8ebb21a6f32c7de4699ad3480

    SHA1

    31c4269c11d15e3fbb48faf18b1aec4b18b13e9e

    SHA256

    45f27e6aba4b9c273c89e52116234967adb4010927ebd65b22f8905ee2fc00b7

    SHA512

    01feb4f11b264a49fba551e9c871154a5d56100166064f35d30a29e45678b3e5127ef6cf02e6b633ec14319b2b9e3a9ad633b5006138bf87483156fdff1a4143

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c1f56fa351c40dec787d97a934e816d0

    SHA1

    2ad31f72e541eadaa4a270f0d17d164bd28a36b2

    SHA256

    c1e243b6a85375f7e75e34164ea8c9ca18ca31c91d4ed100e3aa4082e12dc8da

    SHA512

    6b7db75c9f6710270c717a65e014b158b367c069e918dc6875671025d8af24a47d2f1964cca6551406d0e418d94740f04dca319e260685521edaa43a2b76d92e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    64a85fff63a4fe1f138849da838e6940

    SHA1

    1bf2671b70d822c106350d24ae688033b3cf8bee

    SHA256

    a01b8e9b6b55fd6b9fcc716b640146cbfde27f0c224c801bfc4d2d33f81ddeda

    SHA512

    c4d779803f3b926a73f66bab26f874de4d497b84f9c5f798a1c71887f850febff0b0e3aca29d8eb6597d85165bff750498f32a740d9313bb6d532cc380984c1b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    37091a85148fb839d5d4eea471007aef

    SHA1

    8e9b5069c0fbc2b960c2a625c931d38b8bb08938

    SHA256

    d3e1bbd2b2bb381cbbc21f0703ff3ee6fee80aa1d7a23da5c8b92ebde4e24260

    SHA512

    d271fb9b02028d79bff4027fc36db39c301de2c02ecffb4ab6c577f6f8a573709b1004abc964939b7427a20d81cc53c40c1f232e383163c941e67fef840f8e47

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e311e84c92db11a01928a0e4ef8ab088

    SHA1

    6e4a9a2cc0f95bdd31378bae7824a0d024035ed5

    SHA256

    daf717fb66036f30a78968660bcabe4027e4bb258bb10174999f7776f199ecfe

    SHA512

    6f0ae3f3f9cd2c2f1b024676f890421eca2d8f303b103a94dbcebcf7cc5305870e838e6db32504b11d81e388294d2942c804c5b285af2596da0c71d4e4b56ace

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1524ae05a3d5e4e3978d4632edbd881b

    SHA1

    ce495ed8bb1d3478c48a3da307280c28b46bb292

    SHA256

    eab5c848ac5a37fddc3b6c8aa8de89902191c0be6eb69dea7a86b613964afed0

    SHA512

    228a4e9126c9ca7fe1e86216a241f5e2321930fd09a7a58a5b06f637634f66499dbe0aac5c2e9c058a18a094d3aab61c6a5489363c9b3249e33ba971b88c9a4e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    284c7455f506ad14c87ec3a2ef711c3f

    SHA1

    0a1c70c100ad3a2264afb4b86e77fb6bac8b1575

    SHA256

    574711e76f1d4e152457c1320c6f5e6cc2c95b0a96ce02e7e05f60674b01f375

    SHA512

    5d88c5794530ab1e7965a82f7e15afbd4e56a68f7291a77579335aae8fc07afb5f07ce3933f3c2430250bf1f2d1af5dccd94d5590e81c20727958850fdc7f9bb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d64931b3da016b4847f0458f441a33d9

    SHA1

    04e3516e564e2536714657eb9da0022e80ac9359

    SHA256

    24963d37a82b32f54604ceccc1f4fe8e7a951b2b9159dc2c76b6198cb93a71a3

    SHA512

    16f743609c0fa2753beb67d68a6e50f3e2eb61c961f1513c5bac66aa28731425a31578501bdee2b01301baea41a72c3de2ec0bcdca9967f126c680dec2fcef4e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b39c13bdcc611e806e3ddadfdbbba30e

    SHA1

    047854a53758dae96292ad53d653fb009af3c8bf

    SHA256

    4c7ed038a679e0482a32d518ff150df021a9961a92b551787c17359a6c93975d

    SHA512

    0cbf869616aa63d81086b7a77279d1f41c5e8f1878b4c94f8db84575f3401cdb76fcaefa5319de4040176c5c34930e286407b015fabd5f6b02e93ad70deefbf3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    68fd5204535d907e1a22e80f43b0c803

    SHA1

    388e3f5cebf7577a368d34654953956d0f014390

    SHA256

    57342b984edd1a52e5262983ae2bcca92446fbcde9855e7d4240ff308329210f

    SHA512

    5ad3869e58b215dc683554b42944724ea4157b7f307db08ea0e21f9e9372a26e2b264c2893230fa0a51a41a089a9bde422e493e1ac0fc09688441b6c917bf247

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2b8dcf5dec7b6b3bbe35f1491aff9cc8

    SHA1

    dae9f8a2cbfbd4be0f0bf0756db0444993ee36c5

    SHA256

    e867fc4549dedc98b9827b82453e42ba40113227447062927b6beccda9d296e4

    SHA512

    7c0e97e6e19bcedf7e996013ea52f3d3059798e04fb18f24c138a37c179f65220fe34ecfa4a1dc26921f76d5d7e95fc813b32e0cfc67547e6bae4ec9325ef64d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    285c59e7e499e55a0766afd4a1db9eba

    SHA1

    c644b58c25c2c84eabd7e03b811a6eaa1249a563

    SHA256

    90300bf8c7f1870de9054c6a5bc421d7f21705aee06b98c00ca81379ac425207

    SHA512

    d7d49f266c92166950d49c2374b727f74b95ff7f5281faa901ac0885af6a84a409b18ba07294c02f34a26b52fe4d20b2ca65c8ab7f4fb6bd43c1ae9b85f11184

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8519b2b2691f24e3708f229378a82194

    SHA1

    8f827d32b552b651ca265ef6ab8ddb90c548a0c8

    SHA256

    32dc1b3fdad311328451ea882462122d004d75ca7257d04a9b326d14bc8e6d9e

    SHA512

    b829e5866fd762063b2e692eae3462344fca7a4edfa65c1fb46eb44681d2349f97e31551f496870de97a4df568b5c39d465e605a78a381417ebddeacb68ae674

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7da9ffd98915ec67197069a4e65cf43d

    SHA1

    8b9ad73ee4bec3f6ca6636c60180508bf4f85721

    SHA256

    e75a50d8b083aa1bd78d89b45704eb6d47707a1a47289a5d3a7acc4c9fc4b4c3

    SHA512

    21f727adabefcd988cc22d4180b4056bc4be65df612a67e19492a47b8da3aaf8b4108c9036213142cdcd0e0b6a353835ff8435aaea84f5e588e48d080329e546

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    47ba998230decfcc2b65386595ee3fc4

    SHA1

    fe2ab06115e25c2e537cf506ee4a1927d1ad9473

    SHA256

    524273d36f9bd5d04e4acf65008df8eee39249b8d45be9e67d45581be386fc13

    SHA512

    175941cf4022f8bb796dc8217c2521682ccf2b56855ecf0aeb253153a62b47c2a529f89f124f954757554f775741cdf66adba325054936808c54de31a778e649

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1829dae46f692c9494e6535c6dd6c3b5

    SHA1

    0f428b091464707267758804d95612f85e3d829d

    SHA256

    ee80a4ecc2c24d48a9106194cce21ebfab00b6667ba2f80d418c905149effdb1

    SHA512

    ff64fca2ff2c5399fe1337154ca47a399d1e82551c6baa2283b95d9ea26be2e54f093c896799c73d0207219e6c04ca2cef3a5b155d547e59bbd4d47e21d8d8ba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    37bf444eb0be025cc1af053319ab9ba7

    SHA1

    d36385eeac183b42271a46f957c36aefcdaf426c

    SHA256

    7e2dbe2319b7298e656545c77adaf9d353faacd7ac27c48c568659f4f26822b9

    SHA512

    c03f5a0a711b62726c1cf42aa1fe9d50c055375a40d055b31c24c139eaa513456e3c8239cba9912cdd2b21ffaca4a68f7fa5942f758d60477e23afb50ea3fb92

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0b33a18d80cc2978e79422aa45de2b6f

    SHA1

    bd3c94f41ac2523ecce7c81967c4bc13e85f1806

    SHA256

    7d8531fd57b4d0cbea62f573d56f8d435d40d3d124f0e7e23974e2cebbbd40cd

    SHA512

    eec04202ec644e41d30f283ba62e68a647f85fa7184746dd7eea048e37da99f9e378e32eeca13674953f7ca81db012489c8327262656a053a75153496ed250ce

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabCB1F.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarCBCD.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit