Overview

overview

3

Static

static

1

Heylone-On...x.html

windows7-x64

3

Heylone-On...x.html

windows10-2004-x64

3

Heylone-On...6.4.js

windows7-x64

3

Heylone-On...6.4.js

windows10-2004-x64

3

Heylone-On...ing.js

windows7-x64

3

Heylone-On...ing.js

windows10-2004-x64

3

Heylone-On...min.js

windows7-x64

3

Heylone-On...min.js

windows10-2004-x64

3

Heylone-On...ipt.js

windows7-x64

3

Heylone-On...ipt.js

windows10-2004-x64

3

Heylone-On...Css.js

windows7-x64

3

Heylone-On...Css.js

windows10-2004-x64

3

Heylone-On...Xml.js

windows7-x64

3

Heylone-On...Xml.js

windows10-2004-x64

3

Heylone-On...ore.js

windows7-x64

3

Heylone-On...ore.js

windows10-2004-x64

3

heylone-te...t.html

windows7-x64

3

heylone-te...t.html

windows10-2004-x64

3

heylone-te...g.html

windows7-x64

3

heylone-te...g.html

windows10-2004-x64

3

heylone-te...s.html

windows7-x64

3

heylone-te...s.html

windows10-2004-x64

3

heylone-te...r.html

windows7-x64

3

heylone-te...r.html

windows10-2004-x64

3

heylone-te...o.html

windows7-x64

3

heylone-te...o.html

windows10-2004-x64

3

heylone-te...x.html

windows7-x64

3

heylone-te...x.html

windows10-2004-x64

3

heylone-te...rap.js

windows7-x64

3

heylone-te...rap.js

windows10-2004-x64

3

heylone-te...ins.js

windows7-x64

3

heylone-te...ins.js

windows10-2004-x64

3

Analysis

  • max time kernel
    147s
  • max time network
    155s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    02-11-2024 23:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    heylone-template/index-slider.html

  • Size

    30KB

  • MD5

    fa548c4c3a3898470f9256ca150d5823

  • SHA1

    9533dda46fc06cdd71108367620041226a11529b

  • SHA256

    5cd95ad2024cbfbfdaaf2168995e4212623de5b3f875df043b62c852c1fcc125

  • SHA512

    512eccaeadcf4af67e9d8ef4bfaece746c80de430b06eb380fa5ccbd81573b5f908ebde0d12c68ad291f13623de0ea015285f9b1223a9b0176a803215f7ab5d0

  • SSDEEP

    384:rjtD7SJucCsDThS/mZDctLzz0hEUUlzeRwb1:rJD7SJucCqhS/mZDwLzz0hEUieRwp

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\heylone-template\index-slider.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3004
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3004 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2072

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    826775ea4baad5dc39476233c3168519

    SHA1

    96b46118a39771b6b70d13f52f76a99aa93b50d3

    SHA256

    72db9e394876c636468650e43a3a7d962d9ae23d0e3a089e1df142aff1c24673

    SHA512

    07727b8a24ff83f659822a84f77c34ee4c62c42c72a33bfc0b69776037ffb6b7d763207018a649df0e9c616e9d17325d521abc37e0b65520f3b97b84f4f58558

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    be30110b262cb670c5a22d8239b2ad6e

    SHA1

    47aaedcb6ee64d8322c565ef3df72dea6abc1264

    SHA256

    454df5a7d6211e107ca6431f22b53ff6a338babc9bf6eb7a62870ae0f9e8e434

    SHA512

    a928c431245ec5b94fc09658cc0460c6063467d04a8c102a4ceb8903006860c7b41b8e0f4ed7d3f6bd166cb8f4ac344fd3b703a6db467e71d9cb674136235a09

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    917242d60688b6f15d75baaa461b3ba1

    SHA1

    a2b808702e1c27b984945b2fbc6ea21eae642c4b

    SHA256

    ef4cd1306e3f23170cd9229352b2895b9069e0fa3a181c4a7890c674901bb38c

    SHA512

    714d68db3874cc0e340533952ef7a407b10394a2e72e1f09c5cd964b6ac5e1bb91a85e2eefbf81a044fce99f1ea1b31353a636c77748d3f3e18063fddec0c8e9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2f3a95100ffa41102b9e306d71c309f1

    SHA1

    b606f5495b48ddfa9510b293c59eb1c636f2a973

    SHA256

    41f9498700576d14b2aeac30c2d9d759ed0287af8a924889da13fda142e6e73a

    SHA512

    75be0cec27cb26751375baa533efc0a8d6243821acb7b1b6706fb51612d5b7376ec94130bc00bac61339ea725e40f271ee3406ea93d0921344206b3261cd1232

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    27b1bb3846a338c438b85bc3968f7e8b

    SHA1

    38d7489bbbf08772b2ee69fe616e266210ccbece

    SHA256

    d1a595dbdc503ea5b30308430bdb5528129a45fad0c0404870b05ea196413009

    SHA512

    26da41242167307da453e6c62e328d529c708f98ce89c23315844db0e5da496504b3b1d1cbff4cd37d40866c8d15f97c79ddd648bf75d7a6301db8fba5d56b0c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8b5ce83e6a462f141e49fdd4f2dfda67

    SHA1

    2f7c19a76812b899defe5975c098d76ed772aecf

    SHA256

    41dae2e2f6669cf6b7bf970a4efccd3c4b87f95b41a540b93b6d7e744b984990

    SHA512

    57ffded980624ca05377bb8ed77e7d9a27b3f855cf110bc55aad7334ee8499f2af93601f8356ea0219687749c3a0b425ec6ce8233af6fb3c17f3bdf450e1d10c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1bfbead23571d57547ea0dca303e49e4

    SHA1

    71de146b749a923d3333b00090b113a62b0f3605

    SHA256

    7e3a7b58ff6430ab4328698219b1fe8160d074ada159fd96979d469467dda5b2

    SHA512

    cb982f17d025059eb68ddaf397bd8e7366a7ee40304f7a181a0879094cf0de5d18cf2e440fe7b0e38cec42bfaeb30acb5af37097069b5c4f099a9d0d6b328688

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ad2f8b5d00f77257318d981cf3311e57

    SHA1

    c189e07e7dca37280666e87665547207cf3e5fd1

    SHA256

    523b19b0b45362c8521529f3b85f617321a384d175cf1b4bf9eb23630745cdec

    SHA512

    33349d2e69f472a5f95251a8807f78dd4bf102a2a1c6cb19cf1e19af10ce6b3892d8477a8a9f24fa0519fb4f1429dbc867d7dacf7e6f9b2464c1d502887ff2e8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4a5ce83c4b0715ddc62a8e74c76d800f

    SHA1

    3b0756ee26d9c6564495465d83c70b8ca11e2bdb

    SHA256

    d25ce30c2d71493818377f34ef7cb895397c568488f9443063d230f4df3510b5

    SHA512

    bb313c0d7439f9ce4e32ac1d1beb76d1b3e136263ec094198d8137976c6819b6f27444e6d013a6f6c82e45f0316610063b0e6ec657838222d8e43cc75e5c18a8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d83b09a50ff2e28361908e5a5eaf8b76

    SHA1

    3b6620cbbd97fcd72c9b4dffb7c2554649d7d337

    SHA256

    0031fdb7a5c985d29edc02433a2a73a4e8f2c775bedd9b02cbbc3ae0cad4e0b0

    SHA512

    af1d1127d21236893e1d545e363ff6f5a71c8ece658b93223a14e877f80f58b139b01a59f6f645f765c12ef81037c6648b0f26921e8b277ba5f77c3afad71de0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0645688160898552d5b617041a44a27b

    SHA1

    876fff8730b39f4da1122a5e5d515d4b782609cb

    SHA256

    284db8b10c19e0499f1ee9cca6669aabf3ab5ccf007b7341aa1244378f3ed149

    SHA512

    21f77501c90155a3ae2e68f32acf0bb15c623c0e7c415dba6a59d7bcc51ccff178886d84f5619daeaa829710c6963a4db819d0dc7e3778c686c2295fabd71a03

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d65ca14528c5a84d97fd3a312efd0fcc

    SHA1

    1707a14bbafe0663c520b56d4ac1a29c99bf4e44

    SHA256

    d7280dd2143ec03ebafcea47bcbe0527327c82787d6a1bd66ee4ef2072765dd7

    SHA512

    1b719dfabacfeaf671e40d669ca53400af553bf913b88153cc0ac0538896a04643343b5c69bfb32828a4c52660a39e6a617e5d682665680299ad37942b6f9f4a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    557462b65b5f7ef44a5561f4db66a3ed

    SHA1

    4de4d03c8f870738b9c3592e85efc9c5027e5b5a

    SHA256

    51b3956e1d8bb594821e39fe76716caf33912a869980d59389a2cead7be5e377

    SHA512

    8c6f4894c3a2057036da7d686e4fdeab518df7c388919561b1855cc50c55577347f7ec4d1d730845dac26c0c96a5c3e41169bab3b00239d290da09f93955a227

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    65e81024e11572d84a4d609a58375918

    SHA1

    b6b642ee2c2ad2273199ec77df216b34a5ab974e

    SHA256

    a3c5d409f70ab6ea873e17a8f80636cfc00072990ec7f303e1c9c4e7dea020ad

    SHA512

    9cfae2d8fa05e0c005cb089167aac8dd874171592d49677d4f907fbf2cbedb531e6fc399ab2f6924397fc18f9229416260f0bc2fc3075eba03093c0454f175ac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    19b5962e23fc620b7dd56cc5fd93d838

    SHA1

    c1a6e3a2351d12ac4f76d64b225db57732b1120c

    SHA256

    7de4bfd9ce3318fdce9527590bb49aba46cfdec73e67e078c6da526c8f1d6a2c

    SHA512

    aab3372319e51b56f309c5f2573b9768988db1f7cc70813ab1325515a2fcb00e6d3d048da59c84bd9f0ef46d2e13e8c0ae438cc123c5fde60e69b0feb9b8e130

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1f318f3f3c0704b49c7b4345577a12d2

    SHA1

    9a8a8251df653d20978e450f9658d67e6ab20fbd

    SHA256

    2fa12e2a18121305a45a40abaaf1ebe575f688e1012d02ce557e8898e8a854ea

    SHA512

    758d53141aee433f515b24cd3cfae89fe19018b5ab3b379444e1d018571f4599fe68a9d047fd1563a45f8a5cab27c6de4b5df19de97f1a195f9e8d6e5bc2855c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    950bdda56b55d50690283e8c62f5e947

    SHA1

    949af23e664892c68671924ce63ab02621ed5ad3

    SHA256

    c4103e9215900294637d9b6f993ed0a41b6c238fed2ba95d9ffc925839de4e4c

    SHA512

    62bcbffbed0b2ed545ca649938affca1a800ce5575663095ef526bb41f62218273b783441023eb21ba7dcc114e65a7eae0bf5daa788b2a9e3325ffbdee67c05d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    73e85fe52ae045d81b54183c04a4be7e

    SHA1

    11e96148a1e0a4214677a886a11796193a20c885

    SHA256

    40bb05203d3f774b7456c291cd911ef39b6255a5f4d1f292a0220ec2d7a5dff3

    SHA512

    90fd2b4e1b99ffec670a00e5141a5766a51d827531dec661b67cd77fa17304f707fedff94eb985f5a2343c60c1646dacda098f61efec43239bb386ab455bf350

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8P9TO0C6\400x320&text=IMAGE+PLACEHOLDER[1].htm
    Filesize

    167B

    MD5

    0104c301c5e02bd6148b8703d19b3a73

    SHA1

    7436e0b4b1f8c222c38069890b75fa2baf9ca620

    SHA256

    446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

    SHA512

    84427b656a6234a651a6d8285c103645b861a18a6c5af4abb5cb4f3beb5a4f0df4a74603a0896c7608790fbb886dc40508e92d5709f44dca05dd46c8316d15bf

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2962.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2974.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit