Overview

overview

3

Static

static

1

account1/l...m.html

windows7-x64

3

account1/l...m.html

windows10-2004-x64

3

account1/l...ep2.js

windows7-x64

3

account1/l...ep2.js

windows10-2004-x64

3

account1/l...3.html

windows7-x64

3

account1/l...3.html

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    20-09-2024 10:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    account1/login/confirm.html

  • Size

    2KB

  • MD5

    d0b0d84e67fd701a0dc2e16e4cbf464f

  • SHA1

    f4a4ce8e72c491afd112c8c2ad09a0a3be73dc18

  • SHA256

    7a77971a586292cbee0dca2e294515675b28eed3ae2f84c87c95124ec2b99e15

  • SHA512

    c8fb29d8d6103e4de8db5b3f4a18085fe4e31275a43c58e05cbcc80a871a9c3c1ad7067567e807629035275467a4e75353d40eae0878eb57d2bf6bb836b68292

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\account1\login\confirm.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2232
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2232 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2900

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c954e4c5a5d5a5f4100e7adc5fa90dd6

    SHA1

    ec9bd6534bab55ddf73ac253d48394de3704bc11

    SHA256

    490eb536f604c326dc820e6ad37a16acca2bd20f9b602f98379914bec4fdb695

    SHA512

    2c28681418952484f5bcaf63cb08cc5c7169bddd1e9e8bfb06a03adf5423eb9e5cbb37379e3cd9ef448f82a2f0b06fee61df7f184e5c3051492d1fcb1fb9a0f8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    73f5a6f65bed93c19ab3c93eccde3a0b

    SHA1

    d4f522d2af1cdce616534101aa5abd16efb4b79e

    SHA256

    490b8470d3cfc37f62aee73eb22c751ee13f6c40b3af6dc318624fad7eb62e66

    SHA512

    1f42582ceb2807776f684c167f09365e525c82a0bc225b9b8564400e68771118a3a834c2e081231f0dad6c5416497232d25422746443f31c0748477107071bef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c158d9e2a27645f4e7ae2383d0650ecb

    SHA1

    1d86173fd2270528f4115061e947c578b170af6a

    SHA256

    1c5453d40aa199808819b5ff9915e931351d3e6bfae2ff8907c35de0d4e1f876

    SHA512

    cdc43ffdfa83991ed92aed8d46723a8f68d1504c690a0792c6892080907e1a66f997d5efa114235929ac0224f8d353e43c042231f59aa809ee14cf5cd32bf402

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    85738a963dd07517bc6761dc5ff48c11

    SHA1

    c6768c499ef94733c483774a83116ed37b6dcbbb

    SHA256

    c4f88fdbfe3abf5a7505dcb231066208991749f26899fd788361fc8e172d90cc

    SHA512

    e9a2d35d34189be019946b239f9e707871c3845f55d2f45722d3940656926f773259b73c8013b8b042a1ff4e426fe339e2f01a9fddc5528bf1d9798bde8579e7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a60c9e994aa61d674e8ed222156a6158

    SHA1

    94e1c1b9020d1a1d39196eb6138718428e62631b

    SHA256

    57a6635cf2eb4664b5b297147c3c43db2fd91b874a114b6ad27a43fb4e5942ee

    SHA512

    64c3d23b96fc480c68fcef208a0da933df9e5e5bc8a2591d73eb8aa7306e3297805782a35d893567a6adf91864769deb3ef09b34cf15d8f7d3425398e42ce741

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    702fd1dce2503bda211bc29fcb73526a

    SHA1

    b1c0300ec9e6ad1c61a72ab6bc8f27fb95701736

    SHA256

    def0dcb875d1ba6ed7785574f0ad4f16bc24ad3e653932692d8c957b7b94774b

    SHA512

    35fdf1f8e2d8078b1a7c67776f802cd0cdb6cebfac035a0c9d2c90abed00430c9d5356d6f67a6a4cfc2674ecdc360dbba690f7e5ab90f2eccd9db22cddc1e49f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    deebe0c7ae6224ddafd27efd8bf7d2f3

    SHA1

    75bbebc1a0c714d5c1db4653a8f485d1bd84104f

    SHA256

    36887d782ea5fba1bfbf61fa39ec0d447334130d391dac39bc131f9fd1b8443e

    SHA512

    a8b9ce04c06f2ee69edb29d01f5ca2feda1c2f6341d311bd8f1fc6e410533978863333e75159f367877bcb691de605708d40060fd704fb206bd9179c40bdb51e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    007a61d942b84036984f1babbad0fb89

    SHA1

    8c5bd9507da22c79e924dced8cfec85f41a3250c

    SHA256

    711cd934847d4084e8034aa84cc724e7cd6aa36de9b0f314c2eb91a144ffd1ae

    SHA512

    52d280e9387ff49503dcbc91894e226ba921cf9c73479bfb50585e83759f9680914f13e41f3151db9dfeda98c820a1aea0de31a943f21af4fac712526c187b21

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b975ebc32da91c06018e08b445c5f3b5

    SHA1

    d06f6c650bf37379bac96180752d3c074d431b12

    SHA256

    552884b7ef4cdd64faa9f96ad8e187d308c25cdd2feb694dfa7e13be4e6c7a63

    SHA512

    68704f8bb9e9a6399654d26c5a41b516a745c1c4beaa4138daf667a1848760e1022a89e553748d562c80f2cbc4ddfb2f01412aa3975dfe4eacff415ec03a0c34

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0d5801a4a94e9643aee5339b48285455

    SHA1

    0e840113a3ebf655d4ff2876eae725e59dea5c56

    SHA256

    2dbea55933bf7b86157da5bd98a215dcecbc0bd8d4e9283731bcb37aa07626d3

    SHA512

    80cd5d5c5748c93820bcaac87a033b4ee1e2c70ef1ab8fa06bf0407f5c5be692ef05a2b135577e4f22127c7786656c5460a397a3c97d087ae29858ff6f422320

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    966a334487f0ffb702d43b0809a5a762

    SHA1

    c3d8ff508471c0a8f8f30e431dddecf25bb79412

    SHA256

    377f059bcbbf78562386aaded5912629563361eb71df4b66923b5dbe257ed47b

    SHA512

    1eb928bf52d0858b3c571b331ccdf9e95983ab839172400e145fdc69b0dcd59a34463c1f904ff635f6b9732f61493a93c8873288d671e9026a1b20349ac807f3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    da31c482e1396f1b710f2d58d4d84c7a

    SHA1

    6aaf0ad83c8cf396aa51d36eb50e6c485f5d8299

    SHA256

    5c16352d20c99188f924dc8d94f4ec801130d045b3791ef83abd11fe41aa945d

    SHA512

    71b669e8ea518c4dfe1ce40f9e0b830bb396692130621d9dbbbf4c84c28e939130cc721cf75528018b8baa633e528282e8f54c5264a3be82397ce6469fc9f325

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8cb9ef4db9e1eef35eb32bc48caacefb

    SHA1

    c6aad0bf787f811cea59e3c8f3bd455b90f3e3da

    SHA256

    918528fada7538dfda08ceb52ae047c15e04fe9f203a577fd2a1c8e93180612b

    SHA512

    448ee1879c34d434a359a28de695a56ab35635362c8321d7d0cec461d9a8eef97a1201df331c14d526c93715813e390b64b7efee4a400df8e7bca66a4a12847f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    da399a40721af9b1852f1d46d2f060f1

    SHA1

    d39d9940ca75ed7b03e2734394bf654e23709f5b

    SHA256

    211021c9c114bbc1412c1c727906b035eeee9148aadc25371b649f78cc9d4153

    SHA512

    84e248ae18b6c901083261455d0e69a78bf24c4337882c4b0434294096cd1d3b38e1ea4fa85ac3d26d55f70762143e977408e223263e49ae2a4f00608551bcf4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c88bc773c97f8f827d49ad4a1bc2af9a

    SHA1

    53a75c4dbea2fab1d9c97217269738f4a071e901

    SHA256

    c2712876852e10325f68368433b541ac86b07c3676e574cec728bd2e33fcfa31

    SHA512

    1be34ffbc716ac4ccebd0312ffda66ab0ba7cb98bbc9ee54f5e4a75bd1f193e62a3eb7256c2a0b962fbb991b0a7ccd3ad1e737c3ecd7744fb5b81b263838de55

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    48f23420eb9a326cb38275c4a50434a1

    SHA1

    bd60a75c91207ad7dc279cad6d62a57fe9ca7a0c

    SHA256

    7df244c2ac433591a087f4cfd4399b475de71575b18e9c8880d65d6d3e63abf8

    SHA512

    07abe6e5ab142985fd1bc58e5ea75dfc1c79872bedba03260d0a4690087c1c87a0ee5fb2544036e20c69bd8c201498a516214cc6b7e7926f6c70187341efe552

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4f01140759c2ad9f2e3b4b4f2644054d

    SHA1

    148005308bcf64318a630df6c9ce6624b3e36cb3

    SHA256

    2341c9d1441817f39766a806766d4c1a0d909abab93e118f3c60b8592873f166

    SHA512

    002137c507b74d3b23db834630e8ed1b838427facfb6e8828ab8b47504fc20b2349261f89c1270518fb64076757e38dadf38fb825a7df3fe83506d4b06482c8d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    44cbb7ce1ca114312d180b23d1287e61

    SHA1

    2e0c686a29872ccf9b0a6a13d19ca08190eba625

    SHA256

    b39f5a57029db085fecd8d90468093e50ce32015b5dfc17a204d6720e5283e3a

    SHA512

    a23be9a05e2b818ae582650d819dcd664fa377ba9b7759c4e5991cdb1a7ad2efe14b9e258223268e06755274c5bc63eade2a5f107a9a19fb7f5c9dc44ddb67c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    33fcfdefb3d7197c8ce0c5847c9346d5

    SHA1

    c15e104185097fb47d3fc09cbb2a3b88b9455df4

    SHA256

    141d2f53321b3ec8a2acb365924eafa614ee9c3bfabc6b1fc83488ae5abf202b

    SHA512

    0c3a31db17cf829460081ffb6859e8f92588737186e81ac72caf299f1e3820ee087d9f3ed478e455a130d82e357060a8ad635dd70ab3e8510103b7de1ba63c30

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF183.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF203.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit