Overview

overview

10

Static

static

10

BidvestBan...re.exe

windows7-x64

BidvestBan...re.exe

windows10-2004-x64

BidvestBan...ed.exe

windows7-x64

BidvestBan...ed.exe

windows10-2004-x64

BidvestBan...el.exe

windows7-x64

BidvestBan...el.exe

windows10-2004-x64

BidvestBan...on.exe

windows7-x64

BidvestBan...on.exe

windows10-2004-x64

BidvestBan...re.exe

windows7-x64

BidvestBan...re.exe

windows10-2004-x64

BidvestBan...ed.exe

windows7-x64

BidvestBan...ed.exe

windows10-2004-x64

Swift-Beac...ed.exe

windows7-x64

1

Swift-Beac...ed.exe

windows10-2004-x64

1

Swift-Slee...ss.exe

windows7-x64

1

Swift-Slee...ss.exe

windows10-2004-x64

1

Swift-Stag...ed.exe

windows7-x64

1

Swift-Stag...ed.exe

windows10-2004-x64

1

Swift-serv...ed.exe

windows7-x64

1

Swift-serv...ed.exe

windows10-2004-x64

1

Swift-slee...ts.dll

windows7-x64

3

Swift-slee...ts.dll

windows10-2004-x64

3

demon.x64.exe

windows7-x64

1

demon.x64.exe

windows10-2004-x64

1

demon.x641.exe

windows7-x64

1

demon.x641.exe

windows10-2004-x64

1

index.html

windows7-x64

3

index.html

windows10-2004-x64

3

index.html

windows7-x64

3

index.html

windows10-2004-x64

3

swift-bypa...ts.exe

windows7-x64

1

swift-bypa...ts.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    76s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    19-10-2024 02:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    index.html

  • Size

    3KB

  • MD5

    e9c0e5414b847b8e3706709cfefd0e43

  • SHA1

    882484283af5fabab3527c6c549129b847b86e85

  • SHA256

    c44a16ab709f1eb785eab59e792329f774975ffeb5ce123148a5e55c634b8269

  • SHA512

    d2cd992f5f6897f25e2e488633e528497a88194218acab69a9c01d62459bfa61b8746f070edf13549e6f0299736885ef86ac59351256d0491ed7c0eee005b2b8

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\index.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:392
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:392 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2296

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f72016c0cae7b1d76cc718e8ae50a0d4

    SHA1

    144cd895c91e5822a51658a5f76ae5b2d5d7b0fb

    SHA256

    5b50f3528b3086338f227f8ef0c8c349f8a44738ace865c295c6b18dcbcac1cf

    SHA512

    1174a80022fa35fdc79ebe86e3018c56122d6fa22ca50ec13c6606a4b89dc5a9c41cb90c2251cec49205675f7e83214dfeb441fa9e024afa55676a7d81f267ce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eed13cb767e7d6510fd8cbaa6b9565cc

    SHA1

    963c6d7d778efdaf9aea44c3c6d70ae4ddd68411

    SHA256

    844aa1a33fc4d84d6a5c85224e1fa4a4488399c078ca76c65cc20ba5aaee37fe

    SHA512

    5e093cf36602e36da56ea1112566b9bf273aea95be15989e6b8cbb8ad6273e2230d2d0c6cd228b98e7f841b9e0e16a14d88c563c44f12d8425a06107409c631a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    12c18cbd8f013ba55d6b9101f8d1ff68

    SHA1

    9e4963573d16b51818080333149e2d0036ee4989

    SHA256

    eb1492b00693f425fdf9eb14d9ba316d804a7a624740b78e8b36f351a403f3b4

    SHA512

    37dc89c862c4b6e12058adbda3e6ca1c3cc09aafed06f882d17850a8833050d979a64b83a90bada3a9c2880aff1557a58a26630fd47724e6e625e38700d53232

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3858b406ea3b45ebde8e3c5a2310cdef

    SHA1

    de1ef8df311310389397baeceec725182598e406

    SHA256

    14917e7152f7c0ac728fd3d155058e5c8a782658ad36c95b033dee9680a829a8

    SHA512

    3b6a1dc98271a5ae249b0bdd21190b3853e17358063c56d2520c841d95fc58eb272875bbdc01474554d7e20b81c78c21fb0595c7710c356ede6bc8bbaabded28

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bd91c09b4927228716fe191beb868e66

    SHA1

    a8e0bfb78050e870e884bd1bcbd494aff50b1797

    SHA256

    1359cb6b4a4caf5577ed2f3c6f8a416ebce14594ce4ad0b79e134478c5a05f72

    SHA512

    15a8efb5952c708d68e1108b673a98c485a11209b59734d69a2c4cd45aee8a93c0cc3df428915615e5ea3a15d0eb6a278c341c4883b3227627786c3108363913

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d0b52660bb8e480d3d3d8aed064e53cf

    SHA1

    bb32cb4ca60247476b2d8d60f78bb6936f9591e5

    SHA256

    cd23d43795f4101a6425a4a2b7c72659bcd35e73960fa5e924ab7c72731aef29

    SHA512

    97e1925b819c06e26015a2832a73ba058781693bab26d1f5724a94f6c3ae521c11329cb4127aa2320922f40c42f868c857f649be3896cdf109e85b80ffc35b83

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    95970934674bb7c804541ca2055bb779

    SHA1

    d5e20e8952fca9417ae9853aca178d82441310bc

    SHA256

    3dd30f9422648a3e0669786625dfa343ca3f619da2bc7033d5f31a66b2a9fa3d

    SHA512

    fc9d9c162cfa67cb1a85f445e085da8ecb98fd7b0257ea0da4eecbdf69b1753b9ce876b3538f845a8060d90a2364103db6604d5d582fa26953ef983647d067f1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8d6582c356c31dcbe36a2e5b900a8739

    SHA1

    ae649321c4f5dabefc7d8dff7d19b2435fcab2e5

    SHA256

    83041599044972bbd29637e83f097150fb783bee5bb9d03cf4334ed43684e7f9

    SHA512

    72483bd40ff737bdde0bfe4d32c9f0a31b2b37d6c5c2eeb2d9c4a54fe043df11ff92c414b95b7742b6df2174b3be1dc0ebe6c1580e428b73d2d5651763022f25

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8f16eb9bbc8d328ce5427b144b3d46df

    SHA1

    5403ea9a77d04634a02123800d555f008062fefc

    SHA256

    e8d2ac57a858f569dbf7a28783c7e0f1e3fd428f0d281f16cd9f53af30acd409

    SHA512

    35f28a90730a5e575a5712242297bbd098b6b70b5c46c82cdb368c6c97485563d58e931802b24f2648a525c9b4f07d8a31aefebd4f073a2b29ff3011e62ee9b4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4059ed989f6ae3a0d980065e11b6427a

    SHA1

    8565006eef4a7e60f550447905231d2e3ad7ae28

    SHA256

    166251a6ba3f13593258cd7392b3937367fbfc8e5f7fd6dbba6d730cc3e38a8f

    SHA512

    502cd32ba5da87d0c8dc595ba9c64dc1ce3475bb544b231e6c5959ff3e9c4e8d287954b7034accbbd306850d7a29b9c46ca481a00ff7f601e7fe6ce7a0894647

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f327002dcd22880778e886101f1249d6

    SHA1

    c08d1e4b680aaad568db99135e2c520571aa2f12

    SHA256

    e88647ad6dcac4fbcae126bb689efaef353eb79a309c3cb5c38f16b53c7d3598

    SHA512

    bd6cab7eebd3be333c2fe841a8d51a72c62487f07da28d9e79e4bccc476d10f45674a4b14cf193739936dce736a86b3d8c7e0a6f3a23cf776a8324a3ac54da3a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cc54cb23523ec3936e624b9e9008576e

    SHA1

    8e3bf28f062714eb2bdc9b1265cf69687000cce2

    SHA256

    cf53fa3eb6b23b1dd8b20a6a49bf605595ad426e3793fde0be28ad08d89315a4

    SHA512

    e912b4d2a0b7208c8a14cb7ece0074b5c6e777cbe839a2fb7c261930b344c202bf5f707e660122a8d59c313703d13c29a7f7069f38b9033ebf82f7e706faab33

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    39ed8b291ea5d487910304e3239a0af8

    SHA1

    977f6d449faf8588d99963d5666336e24841df58

    SHA256

    c6380edd9b7134bd0d193454135a1cbbc651fee966eb442e7c0b6a556701bb32

    SHA512

    51ff3eec73965abdf486ce74757572faf7db901fe3557504c55f68336cc66e88e372d48d3d5fd649a06ae1086d6ef030e7be5d431ce135b657d18b188401d1e2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    04031f54d378292788f9c27e1a31bb5d

    SHA1

    6f51cc9d8f9527c1806bb688b0acb91b8d15b26e

    SHA256

    0c46b2f65db597debb8f9421963e2fcd1153aca217708f9e412ae148fd2526b6

    SHA512

    869fce999ccbd7cab567be313a37b0baf6a435e393fceb2199146275143da8981b1b1264f61c5b4943825d0da1666e1c9351003ef5b0d6cb03299598351d3906

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f7aa88fdc5343743d853966c204bc58d

    SHA1

    f092e0d2a2f660011f6e4142e4f08e57713cd836

    SHA256

    d2c6b901026eddfd1142df04ebf19287f79e8450f7d08f0f7a303448c8b2a6ca

    SHA512

    c21370a9ac4f39382f889c99775fa69cb603ae68f7e19f1b183da198f49e9bdb4f0826a9923cec65a03b7f50741bd873714eb6af55f8a092a17e8fe25a6a6a05

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    550e95c45a4d9a210a20c414ac4fed08

    SHA1

    8ea6fdeb389bc6107d86312e6c824ec8d75d6d22

    SHA256

    cd0f7586983294a643d00d7e05ad22e017961bc0a98b318a76574351698bc9ad

    SHA512

    5a46e167aaf178c2f789225a2112eaee6dbeb441a8be921682b6f71a1860aebd71fd68e0914a400525fed6bc81ac3885e82c20e6f8fcf4bdf8d6167345007001

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ba67c238143e3436c15980b15b98fb5b

    SHA1

    52205bd7be88e1656b7ecf23990b04814473b326

    SHA256

    f18629d9c253986314c22f08f0630e2952f36c0c9698c6e585d2ac62fa72ab91

    SHA512

    997d5d09dba1c48f10d5e8d20431c37c1a5d87694493fb784d831759f433c6b8a9e896013ca5934e50e9fefdd87c6cf5d3dc539b163bf9911cd37180ed1290b5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f3188d8022ad30db68adba80bf41d1ab

    SHA1

    5e5938c789d3daeb57dddbb6ba4979bb3f16d419

    SHA256

    9eaeee73afb624b2f79c25e3267bf3b8ec38268e28783f574e98333781ee63a5

    SHA512

    290d4c80eb28a19b6330c99f1746e5ef1674ac9f3e601de2900e8d16ae29a87a584b079448e8f1322c0cb12e6c7841961179559d2e30d29d56646052b01601ac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9eb92a08a7be9d53fe35afcbdc415b6a

    SHA1

    788d9c97ca657cf6b7dcba3b8a72e019e51bd701

    SHA256

    009d6d55f25cb7991a81f7b1b7103c746f648f0825c58a6ae0193b2981184ae0

    SHA512

    8eac2122bae31a349420fab5f477f5707eed39ea57c624244f5dbcaa43bd7b80f19ddba2267faf71f0663a6a0d0692b926a2b4e0c5563f4db46c4ba9ad582382

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab37B.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar101D.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit