Overview

overview

3

Static

static

1

Heylone-On...x.html

windows7-x64

3

Heylone-On...x.html

windows10-2004-x64

3

Heylone-On...6.4.js

windows7-x64

3

Heylone-On...6.4.js

windows10-2004-x64

3

Heylone-On...ing.js

windows7-x64

3

Heylone-On...ing.js

windows10-2004-x64

3

Heylone-On...min.js

windows7-x64

3

Heylone-On...min.js

windows10-2004-x64

3

Heylone-On...ipt.js

windows7-x64

3

Heylone-On...ipt.js

windows10-2004-x64

3

Heylone-On...Css.js

windows7-x64

3

Heylone-On...Css.js

windows10-2004-x64

3

Heylone-On...Xml.js

windows7-x64

3

Heylone-On...Xml.js

windows10-2004-x64

3

Heylone-On...ore.js

windows7-x64

3

Heylone-On...ore.js

windows10-2004-x64

3

heylone-te...t.html

windows7-x64

3

heylone-te...t.html

windows10-2004-x64

3

heylone-te...g.html

windows7-x64

3

heylone-te...g.html

windows10-2004-x64

3

heylone-te...s.html

windows7-x64

3

heylone-te...s.html

windows10-2004-x64

3

heylone-te...r.html

windows7-x64

3

heylone-te...r.html

windows10-2004-x64

3

heylone-te...o.html

windows7-x64

3

heylone-te...o.html

windows10-2004-x64

3

heylone-te...x.html

windows7-x64

3

heylone-te...x.html

windows10-2004-x64

3

heylone-te...rap.js

windows7-x64

3

heylone-te...rap.js

windows10-2004-x64

3

heylone-te...ins.js

windows7-x64

3

heylone-te...ins.js

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    02-11-2024 23:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    heylone-template/index-video.html

  • Size

    30KB

  • MD5

    1847e9481e527fdcd217601a23dfe696

  • SHA1

    ff9a874585dd4393d516c4160da725dfd1c114c9

  • SHA256

    fb84d3a7f7ddc014b9c46feb48aba3223aa45cc2aca144276ee834d614329c44

  • SHA512

    aa3d2726270ad40754de890e5a4f7847221e366ef3d300ad3735f757aa0eed940f46781d5e540d6e4cf492adc86c3feef4a9be11269bc9d7192827bedbc806af

  • SSDEEP

    384:rjtafb7SJ4S3sDThS/mZDctLzz0hEUUlzerwbc:rJI7SJ4S3qhS/mZDwLzz0hEUierwI

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 53 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\heylone-template\index-video.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2720
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2720 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2608

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    be0f58ad1e625e9f1df7752ffd12d771

    SHA1

    ab99037b7431f1ddd593e29d37dd18e1a62bb5ac

    SHA256

    234ae0b5968795bb719204052f80aaa4dcad4b6132658987a2cb4eaab127b800

    SHA512

    1d334a31ee528d976dcbd06b557c6b80e514d39992053c33188486083b22ce6fe0d5ad30fc5d185a6e208f309e9adccb86fc62f1bad9445400e1821913022d2b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f9851666f3fe4f5d6f8adde77973f6b7

    SHA1

    a87a58f962fae2ad9462e4348135a0bc79cd64ee

    SHA256

    8d77d97d7221bba62a05ad0d4596766c64d24ec6c852983304c3d28f8347dd0d

    SHA512

    70c8230d97865e8cb89d47b2fdd1e7cf745fdb03e06701ebaa971b672f3cdcaf1e4019a75adda55397d1a6bef06ca7c4aa0c1ce049df2da2552ebcfb4a556be6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d16a018cc0ca5adae274366709e2461b

    SHA1

    1065059d53a9f2c062d72b232beb97d08da4a825

    SHA256

    091aec7ac713894f95f5cbda8f50195484ad83084ace4c7df40a7768d993ab1d

    SHA512

    f783f2d97106019a21c6e19f59b0b8cf9f70cd71b6c23130864ae92f02995cddbe92114e8f7413ad56561d2bd2c042a68be4c7111456b2f10cb95705aed3db39

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    498d166a998500e56844b1ab528a40b9

    SHA1

    33d949d6c13974bd6301188e0c99e123f929675b

    SHA256

    622f5001539aad113176c453bc4f514a32bc89ecdd63e66c04d7526dab9b9456

    SHA512

    ed493b8cbff40e5c9d686db0674c9a08897813cede7893258f6f58d1cb1e3832a503ecc48516e0cf5c2472204d89897f73cc45805babacd3e5254b023c8b1838

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    11152cc30df7e4a21695ef8b8a7cf595

    SHA1

    7a7ad93e36730d2e6e0be78a7aa81b6d05bf773e

    SHA256

    1b76487c84a20f55c9687e2b1a675d978b4f0ea106b74e485ec3460093f99088

    SHA512

    fd7c35ffa611161aa4e531a75c50f9ae8e7f68de5f2bb06448670ba115a474ad0ab2b86a0e5bab192aa7c7b3c958d6f8094719f16dc74d6d79f798a61ab317bd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dd54293ad49fa4d82f74d3b185a47434

    SHA1

    539831b1db79bfdfade4faa0983e0b4595847de9

    SHA256

    da9ebaf820801241ffa3256f811e8238c4fc76af1541d997d4467cf38843561b

    SHA512

    1c4b4d2d481f88e45cf7684e100b11ead4cfe168c2a85aba85e6597ca414828a5ead0783cc33f137cff20bf0a38814b8f5e283f4bf95c53c802a597041446a35

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1a7cee64e01cbeaa9c21adcf23303ed3

    SHA1

    cf8fe6d13c32a7f69afb35b949eb7d426e49b826

    SHA256

    76059e99939ddac94dbc77da06f01cff29ab2bd20ebdc8ad01289b9d95daee34

    SHA512

    fd1a37218070c07ecf4b6bf7e229122f89217e252575024e610ea77e8315783d4d907ad28c26d6b9c033c01d05b63337e692ecab7e0f4df4973ab633b25aed65

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9e66abe0f86e71661edd3ab500f1e1d2

    SHA1

    4a3df31164d3a2ccfe48863fcfa08572ba56d506

    SHA256

    73ad9151fe13f2e75381d4d2c7486062c6c290f05c2d03096143e6943df252a0

    SHA512

    3bc004db8c89af07221367874c2c908280cb05c960b36483b9fb5a22d4b0c3c34762b34dfdab22fa84f19df61ec493169f8a514d0554eb2217ae15e89fce3972

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    09bdbab2a617cb4cb50576494cc544e3

    SHA1

    4f29128c644ed042e272f6e4180f6b0468e9ed94

    SHA256

    9d05d48951f16d0cc0f901534573d4085b88e24d9b10c72e524ee42d56423a08

    SHA512

    3bb2402e49b4559f04c445421415446c965771b097cd7d152171adcf0860f1ca2191d54b161b5c7e833b02d76089e94ede017715ab3705b48d586f45b934d2f6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d5e21944e92cdce4f1ca225e2c95ac91

    SHA1

    b9d6ed8854be98ef58e42bcfe3bc5c7903ccdbf5

    SHA256

    03c7ff1c35b6a3110a9410ff83809c8a833804a59ddbae0a2ff813389953d16f

    SHA512

    e3d914d1cd672622e6afdd5ff26e976f0033f504681311e108f83e349ac124c3414e80a7ed539e4a0e76367fccd994ad4ce79db087c57510b79c1b8943f385f0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    79c265a6ddd5cc963ce8eb6f5f52dbb1

    SHA1

    7cb8e2c576a7850e799f3707664237d52a72d88d

    SHA256

    9ac7873020fb35c1309b2480632c526ce33e9acf833685baff52177b8e5f4a9f

    SHA512

    24e93dd86a751a51e8ca4d39d3764a536c15eaac3fea2e895f4e4451e217dd59b51e6971598b3a5c16230b07a39ae07f968c843ae71ff583e637a662759a6fcd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9b6c39c29e22b4d674711f356d5a6db0

    SHA1

    7849bead29d6bf81aa851e37f89f6f515ba71373

    SHA256

    c5f88fb34267b00121565c07f8b9ded7a2fc9100c75b5bf85c5c15baa9bab50f

    SHA512

    c497fe0d862a99b187a76b42dfbeb75d98e046d5e9a7006d8d9edc6235b6eeb10a293844cd7d80577d7dbdc12423c05c47b2ed31d143e5aac8187254ab6e07e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b9a5ccb6d198249228b1037ebb267034

    SHA1

    5f6a9f6f3710391361e965452a29bc55a7e8f6d3

    SHA256

    9d8848de162852064ca6685cb34f8f410caa16d997851cb06b6d0fa94b467769

    SHA512

    394d9f83ec2e354705e9f79b5cdef7ef8b8f400d6a3152ecc2cdda722b7a767bdb71c033d26b2d16a71ea06ac73ec539a982c1726d14cb87701274fda7d3d356

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cba113c9b8b815ea5a548ba90465126b

    SHA1

    90fa78c386cdd02180ab4f8b940a2029ce81b0fa

    SHA256

    9fc5f6ca7d7ac5a74fb605465f861717859f26a021755e485d5bda06af03ce20

    SHA512

    3bb25d872d481a3fe61f6f6509d7c7e6bf2c9f9ba1e5191f583c91c4bd3797faf86bbc04b0f20e199621f647657c50a3d733daae065e2a3e9e35029a37fb2240

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d63a873575f92fac5ce9eeef96c8b93b

    SHA1

    9286a910b7ebdc67c1a377b0462040697ea482f9

    SHA256

    62a7a44662335c4bc062458fb1cbf514e57c81ffb85247f445c14042f353dbe3

    SHA512

    4d65e5e108e43fda6d31c9c5749a85687231c057581c50ee8423bd8ee4a95f0b8875fd119947c653891873f87b2959e279922f1f4eea53cd1bf8b032fb26ad11

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c7e10ba06cc425fa30684e0c6434bf3a

    SHA1

    b6b2566df2c2f3ea4a2308bf5d8e480db023877d

    SHA256

    6100f8b64add837a4703a81d6af900088814190b04d213d91763af0716badc0b

    SHA512

    4f12bde5f1cb3c84b9ee53334539b10a60fd49e82e0bd79d6f9f7058c3246da06f9f6b06c1fe56ca788daec1bddd3391a210dd7433a48e566849f9b2d2245f97

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e757dfa468047850a9ae2ba1e353cc97

    SHA1

    6afb64b8abe161bbf540bd4f825c6e3b66f9a542

    SHA256

    1e431deedbda3a6711eea681c15acf7f0b84d26b7665192d9df22547ec83f8d7

    SHA512

    95e0e7a8a820db3bc813eca03dfed9138a6e7ce9fe88a341a573b9de2f471e8e83dedc64d2f3ef3608a490f492e2aacc1a278541d5b545c03b859af7760be381

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c9c5c027ea23569a6118ecf5f0c10bbe

    SHA1

    6075dcf5af29d2a93e19fa05739d6ca94539eebe

    SHA256

    19eb648a42d095c3ea5991c8d7e7eebcac38fa53a5dce24227145bcf36b48e45

    SHA512

    37670d47d02fd4848a02bdb1ba1b929bf6f96ebe1d309846b4672c2fb6bb4a2d1acd039f204dba07e3be7a7003dc031ef36182cf8f9b463e9d8868af2a22fa2d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    23f275bfdd2a6705e8e1ad77de794949

    SHA1

    ccc4bed87af841eddd87b7ffa760e0c5a4ac5a04

    SHA256

    a015a0e3db9189b7ecb932ba6428c1d8c08e3df979bb5a0d2035429deec96133

    SHA512

    4f6f16a4d5bd6b764c8c82291eb6938ec90d0a90926e4e46ab97d3f41d822d6fefbf61bbf0eb66c8be7e7a152ce22e5b9b17da4c43b43ac53b934f9ee0e75eae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    46eea8b68f2d43b7c8718bbe175b76bd

    SHA1

    d5ec8d2ce5a409477e937f7e4a286e5a89685288

    SHA256

    b6fb45daebc6eaa8c3f3b595de9d98d49a97ce93119afbb5a690947217f1cb01

    SHA512

    8bfdb5dc5aa4bb0add2fd03fe98e996095ca458e0c0971d873a86d8248b19c5f81a194e4a3c9b0cf4c05718b11f945715d81de3b162b5c5b056203e8d33cb6a0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    acc78caff1a77a90dd2f8ac854f48d54

    SHA1

    ebfa217bd4773baee44e625e271d349494c9d13c

    SHA256

    d97b839028d9c997f168060c7c596eeebaafa51275f191d01aa3b712a54a6aad

    SHA512

    15efb44b3eea2392da92146eb17b0b5b9b5c0bc34b7f1676f2e21e18a8c310828c6db609f9729956baec37a39fc1f2d7112552994fec6dca07c031651cbaddc7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    9b28b65f06046548989713cbd472575d

    SHA1

    4a699bdf2a3b4f5000edc4e41b7029e56ec2eaef

    SHA256

    6895f0858f4529bd6b031168fddd18b315548b487af82c56f26fad93d80e293b

    SHA512

    c9f640f6aec33ad947c76ada4e548e4e7a0256627b3793d95f4f8e2c7b7b4df126bccd06930129a402ec8cc62aecb1747e562e2514f116ee04275259f550e642

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BH7MXJPM\www.youtube[1].xml
    Filesize

    13B

    MD5

    c1ddea3ef6bbef3e7060a1a9ad89e4c5

    SHA1

    35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

    SHA256

    b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

    SHA512

    6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BH7MXJPM\www.youtube[1].xml
    Filesize

    229B

    MD5

    1d0fd07f7fee1aff43416119d53675db

    SHA1

    4104cd5895dd7b332824f36f2e55045359bdd9d8

    SHA256

    08a17a7b311a0b9444e8c730e5c2fb891a0e02b555d7f8bd647a08bff60291b0

    SHA512

    c7f22134c86d030975e6f8becc8502e924722e6d9f33cad6fa6a28f5705a8c103e314f5d417010b7989ec0585270562cb432e079b08c49b682532584860ea9e8

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MPUI9R2R\600x400&text=IMAGE+PLACEHOLDER[1].htm
    Filesize

    167B

    MD5

    0104c301c5e02bd6148b8703d19b3a73

    SHA1

    7436e0b4b1f8c222c38069890b75fa2baf9ca620

    SHA256

    446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

    SHA512

    84427b656a6234a651a6d8285c103645b861a18a6c5af4abb5cb4f3beb5a4f0df4a74603a0896c7608790fbb886dc40508e92d5709f44dca05dd46c8316d15bf

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab84EC.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar84ED.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit