Overview

overview

10

Static

static

3

ea746109d6...18.exe

windows7-x64

10

ea746109d6...18.exe

windows10-2004-x64

7

$1/$OUTDIR...er.exe

windows7-x64

7

$1/$OUTDIR...er.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

2611067143.html

windows7-x64

3

2611067143.html

windows10-2004-x64

3

contact-do...g.html

windows7-x64

3

contact-do...g.html

windows10-2004-x64

3

home.js

windows7-x64

3

home.js

windows10-2004-x64

3

home1099482986.html

windows7-x64

3

home1099482986.html

windows10-2004-x64

3

home1259317828.html

windows7-x64

3

home1259317828.html

windows10-2004-x64

3

index1449123078.html

windows7-x64

3

index1449123078.html

windows10-2004-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19-09-2024 02:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2611067143.html

  • Size

    4KB

  • MD5

    250d3404348dcab3d26c3f5d945b2817

  • SHA1

    abe992ff2636ae70367a893cb289ef741b9850fb

  • SHA256

    4faba6277b74fc4f8c3fb5810621d0efc7262435b0b737cb685c8a0db17d32ae

  • SHA512

    2e17e8f2f1fedb4f7583275d15bdb777a6e0b7900ef3f5d665b2e10696f021a3df9df1a2ad6df99c8c35c0639ba6604657cc07ff6977dfe53639694f88579795

  • SSDEEP

    96:UQLHgGzwHhGoPxnxMLHkNLMcbtDALLPTBD:UQTgyXoZnxMTkdbqLLPVD

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\2611067143.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2384
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2384 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2316

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3ead0343675354ca4186ba9e9de7bc27

    SHA1

    d17889f46a041a6026a1138d14418e7813cb27a2

    SHA256

    b294adeccd210b11bed3a9e36bda660f7825e4bb4d9f6c1e0fcd8b36002dd1aa

    SHA512

    d38e005764253cc9bcb0cc03c408aee11921a32c790ab243c39206d94da6d3ab9e9d9a5eabc5935d4143e5a126cd46f940b331ac8aa4e37c55d49ff893fef83d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    383f3d61370116cff1a43b846f12f5ea

    SHA1

    e439309f6258de4f13b8826bacced19d7d640c39

    SHA256

    190a09078aa00edf953753f4ca6b2e988631790478228da4c005a0b6c6ea0a4b

    SHA512

    02db52171a9e17ed0a9d5cddbb4863666ceba54f5b3e19781a92d663b43d13f1751e0127c9b04b508575b9ea9f4b4be1797662483a9b792fa1971cd6566fac4c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    94e1932f27e8a9df79fb5c69e74fa58a

    SHA1

    5c4ff119afbbc701f99c9b1ff59c967e4326e073

    SHA256

    ef56ab6dea8e273bea06eec0284c72ae869b581462b587dd4d599b595f52095d

    SHA512

    474e177baf4ae0b0c4ddf2c4357d694f6c24c5763669736095d38701e94485169088a7771336cbe45106c7830ab75d4a7216f5425b9c613c660d3ce07b62a7a9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    de2cc04b6142a19833c18f41bf2f33c0

    SHA1

    1f19287435568cffd06c9d33132481aecad6efbb

    SHA256

    66fdfe5961ae3bc178f79a9ed92ca7b86b876140d9f3c7d6f5391b077e43e162

    SHA512

    110d9c2fe26d94f8f92704a9f2b4a5bd58b1d784114085c7d9e695955c97c6e026a82aca7d69e3ae01af7334cb3cb662a4a227544207a21db227231c27e4a50b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2e72001403fa4dd248c79900748ee265

    SHA1

    27432e1ac0d4a17b75c0d688deaeca74b8030f7c

    SHA256

    4c1fe70ded488be4dfe49ba16e5de737f25985b31be762556dfab6d842e2c672

    SHA512

    66a31253baf06f265bf5e2d247290b065a6c52951e0581d51d528da9d9c3bc91c02364e2e114419967965118d806204921e18ac937dd371e298fcee7a2a4324a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8980c55831705261372006f7debf56a9

    SHA1

    e2109d0b6726aa2f81f7369d4835bea543d4649f

    SHA256

    43145ca2fc2913d7ca3464f797389f14468f297f29ee824ae2ff34505b9e03ec

    SHA512

    321fa66338b80546f7ffa8ad692a67ede81a6a5c9be9647ae7c17638d3ddec9d2e6c4b90c48c39a323a2d3a104e7d6434c489c5321a771d294ef1a82348fab3f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a6a4c644f1fa146ffb3653f372c36d98

    SHA1

    d2e18dde9beb1a5340236829d677b86d0c130dfa

    SHA256

    c0ab3da44510237df6cfd8568c526cdb92e336e88884c5a69f760c34e366de97

    SHA512

    65ae657f99e3ce9416359d65c97dae2111ebf10ff8c393301112af22d504c329656a9f4300fe9793a1946fd526fe73a9bae07fdde066f52653a931bf2e179f6e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e729393e0aa2e64fa53604a0d986b918

    SHA1

    c8fc15c630bca6db2dcd86163750fccabf7d33fb

    SHA256

    be24ca083f041ff4d141aab0632ff983c811957716099cfaabbd9c6cbcfa59a5

    SHA512

    bbcb054022e2b89c9a87593a5123dfadfac66487210f52288cedd611e94b5fd3cb48e3b600663af6b8d6aba1b8558b24425814775bc362f1b5fe8cc2a25d174f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    49c1407947ac6d0ed3403b38b96a1d89

    SHA1

    acfd8d15e191103558e8f101822446971e6ed3ed

    SHA256

    ced729aea0567222c0f055d979d2639b85973e1939a4f30f9a7ed042da75b10b

    SHA512

    34eb29e9ba8a9973e398ea211d437294c6a058a5ca7fda1031ee49784015762df59f4e4b97e5b3945299d6dc766de1999da70ecd6c1971072cc8ed1d97e505a0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    39a833b89052a596438d781647e3d901

    SHA1

    deb08f2c9156ad0a1cbbc0b7183dd7fb7cc818bf

    SHA256

    96dfad7d884ca7968b164b39075ab378cf0ba332a6a2cb4cebf98dc281c99457

    SHA512

    3edc9fdca4324abcd862b02801cfa526003dd3e8cc2a7ca13b3a514bc938cd1e1741ead91e9f4a3770efed6e5f1f37236b3d72b851ec934cb87cebfa544d2bba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    054799690d87a83ece5377fef0de595a

    SHA1

    77f4b1abe8a0378d698f06c15cd68f0a5ace9f03

    SHA256

    9703329184e6e32e336b3c6c77012e5b9f34804fd529dd535a973b6508104cd4

    SHA512

    d46c6def44f6f9a6de755b6cd3465ba1294e42dfa0461f34d1f8c030c5bf9ab6444a770826ffd2edd2f4854d2c2efb24e744d2564ea5190fd710a747b2b9169d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    79a5abfbe6e372bd787b6a5c2d93058e

    SHA1

    bfd5711f3b0bfcbfc3c02d40ae933a3eb0ffd7f4

    SHA256

    f3a0980f8d0bc370e3a39534668b799a9c0b0615084240611be53950509e12e6

    SHA512

    3d639e6fb2f8c579d0415140ddb82d18145e099b8bab095cfe0d6a54c8c324ed074300c7bbd131d07bc954b683a09c2e9d18957b4317be6328de5d506953791e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    20636017ff1e503c0f55a876b6834349

    SHA1

    ce95ae9d3ae4922cc39741ca46da4af3b5a1426c

    SHA256

    0ec73495ee2e41cd568ea86178c4855e86db33e13acce4aef7081943099a3ace

    SHA512

    6b37e19b46a1bb215b4301678f13c2f2fc97f2fee7ee183990871aefd12ee66feb5e8ed0ccfa19bab4dfc1386ca50e3df6dbb294f1705b126321ad92bb2d0aa4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d83ca76a9e4bdaaa717abf858fda6ab4

    SHA1

    392dd1763c3c59e0ee5f34a5c1ee6485c060c2ef

    SHA256

    0ed758623fa9c6b1dda89975b42c476c9c50f53f05a60bf5687794f4462be9c7

    SHA512

    0a1df272ca39135d3f76b13d012a062a867efd78cab64d4971462c2af6bbbedc30060561a13df9dd67b77f2ad91df883845a24fbab76498b83e535654a2fa614

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c490c62dfd77f1b3fe5b1461590d8838

    SHA1

    3ac5adb6c7bb9ac9886ebd4f8c7d824bed610293

    SHA256

    84ce377c7cb32b9a9ab8a833d75ed5306a9deb0084789064d9eb9f0b0dc11db1

    SHA512

    c6a0d95ac0fba05ad1b7a7cf1283fb2c26a372850ec2fab58047ca97fff1c0f82d6189de4ccc33cfd7d6c45c543af766d948252fd6ff37c83f01636c52a950de

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3c9aeed1a9ebde185aee038446aa2118

    SHA1

    e65de2b1ed5be4cc54b641fc29e08331b78daf95

    SHA256

    1efa6c8b72d4f354436f9b740f6f3d985dfeec986187db373fa102fbbfc3cde2

    SHA512

    9920c9e6ebe235ed142ff311e069aec512b349f1f46e11588b32f0fb835e7dc63acc90d2bf1f5ea17d96c22ff66c0b045d3843b9e760d51fc3b4ac16d61887b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5d699fd01896ad23c79a88e2a1bee97d

    SHA1

    adc52fbd9c281aeacf0c57bee927a0a7aa342b9c

    SHA256

    6ae0e43334aa5e7f912dd2d026e26a5b160ec9b8d51bd95f7996402220aa885d

    SHA512

    f749d057f6bfc9ab183809fa582e65982d9d6953790d0ae370ad35e941a775c6da069c0ccf9f8087a0ae999826973525d3b5632c05c41c895c97eaffa16d36d3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    51e19313d80c127b7dd561ab6de3e87e

    SHA1

    1829c301c5223060d7190b46632177ec8f6f948d

    SHA256

    13474d3314945ed67916a4f669c898f037277a62f6de42a271bf3a72e739b43d

    SHA512

    4d1e309de2ffc8ad32633bc14b6745831470176b9682f78f517c96bfe1f29ebde9a7d708b9b44dfb80748561d232cf21a8d2b848aa75e3f28f083fbdd12f064a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6fe0504a1d379da0dd7eae832d258e9c

    SHA1

    9f475bf2d9c66c8c4c8d4e4dca6df8fe6bd43b1c

    SHA256

    5bcfc348157c4836cda33affed79140879dc3cd266d54cbbde5e60c9edb06752

    SHA512

    ba60098833f17fde34a8506f22f439d55f4afaa3e5f46742aa6b71125ce6c726e68daaf24ad848230e792287210d3a6129fe62352973c149c4f719bdd8d6ea20

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    be34e32a8b24d7a3c2ee662f33ef532c

    SHA1

    d057bc2ee5a8c9cf6967eb9d0a5ec78de1365392

    SHA256

    6b8f95e83ecaff86b4d544317583fdaa40c0c81925ede16a06b8017a39426eea

    SHA512

    015045630eab277262064933ef68fba93fa312c19e5f4be0002924794f8cf1e8f9eeff9f8cd89520b1eecadd4439a3b1e6b1554d589e25bf508a25df74921437

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    10628e76dd114fbd48e77b96e8fd56cb

    SHA1

    4253fdec26cff154996dafb8682ee114951a1fa4

    SHA256

    5858627cebeff9243acda6eb667f1b08c34656ff440a543cb56061858dd91732

    SHA512

    7bca8669710e3fa5d29ee39c6184acd80473cf4fbd0eda25292f18f95a2a818a6be7c384e0060c969bca17b8df400d1a8d0a3ed08e1f09ba7e056612107ba0c8

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabBD57.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarBDC9.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit