Overview

overview

3

Static

static

3

asset/admin/ads.html

windows7-x64

3

asset/admin/ads.html

windows10-2004-x64

3

asset/admi...n.html

windows7-x64

3

asset/admi...n.html

windows10-2004-x64

3

asset/admin/foot.html

windows7-x64

3

asset/admin/foot.html

windows10-2004-x64

3

asset/admi...o.html

windows7-x64

3

asset/admi...o.html

windows10-2004-x64

3

asset/admin/head.html

windows7-x64

3

asset/admin/head.html

windows10-2004-x64

3

asset/admi...n.html

windows7-x64

3

asset/admi...n.html

windows10-2004-x64

3

asset/admin/qita.html

windows7-x64

3

asset/admin/qita.html

windows10-2004-x64

3

asset/admi...e.html

windows7-x64

3

asset/admi...e.html

windows10-2004-x64

3

asset/admi...e.html

windows7-x64

3

asset/admi...e.html

windows10-2004-x64

3

asset/admi...n.html

windows7-x64

3

asset/admi...n.html

windows10-2004-x64

3

asset/admi...s.html

windows7-x64

3

asset/admi...s.html

windows10-2004-x64

3

asset/admi...s.html

windows7-x64

3

asset/admi...s.html

windows10-2004-x64

3

asset/admi...s.html

windows7-x64

3

asset/admi...s.html

windows10-2004-x64

3

asset/admi...s.html

windows7-x64

3

asset/admi...s.html

windows10-2004-x64

3

asset/admi...s.html

windows7-x64

3

asset/admi...s.html

windows10-2004-x64

3

asset/js/conch.set.js

windows7-x64

3

asset/js/conch.set.js

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    17-11-2024 15:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    asset/admin/theme.html

  • Size

    2KB

  • MD5

    0588f0f8f71101d4835841fe47a83f2f

  • SHA1

    656b72689a9697281968c40eeebedc29cf6a125a

  • SHA256

    748b919dfb3fad0265cd0ac1bcb518d3e5e64e16290bbd5025079dc46015ff39

  • SHA512

    2fe6a290783d61cf046d004afff12521499db4a2271a6a7d0ecdf69a7bf8563ed116a905f38d074e07cc805d5f1789c9bd17dd9883dc670b67c3c0150f040111

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\asset\admin\theme.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2848
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2848 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2660

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    17a375af279aae66dc01402498b0be31

    SHA1

    28349badb25fcd9270bb2e8abb976ba38f2c115b

    SHA256

    dc48ba5a7a0dc61774ee84092610deff6a9ef57c8bee8680ce7c93fe12c0e2d5

    SHA512

    00bace2bb4f3ba96bbd291dc68d35447e0980afd9141aa2dcaa66737b247e99ba9cd1ade6b5ca6fd90e24298fa6eec84142bfc1ccf0791c78ed8b8083cb1456a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    391fb75799ab7b75ead571bdcd3fddc7

    SHA1

    0d92d5f3da5755c133cf8691ad939628030bde6c

    SHA256

    40caa12d5d8a00f5b62c7e033f422ebe6531cfebec09b043d51f4ee07c79328f

    SHA512

    5835fc1721a089b91353c327f0f8bbca4bdfbab73548771cf53e72481062c057fd35a215042b11df836f58eab748c2e7cdd3907ea8749063c93b8d8c36495fde

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    51b08e24177c79d54a94ebdb2983dff1

    SHA1

    ede1bf5852714893678640fdb9bdf9d36ff69146

    SHA256

    65fa8d1fd6e08c849f516ecbb02281a1e8477a22cf5367f4cb089ddeb6bb8117

    SHA512

    3147bf8b51db8a2156375e964d9293492aceb719d9f45cfcca73c3b0118f1b4a0a52dc220306a6d40355114eb0959e3dbc901c6828b0a831c39596f85f9075d6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e6b3d44eb942c70f499d7af32d656ca3

    SHA1

    85afe027401feec77cfcb018b565edd161bfd693

    SHA256

    20976519644a3d2f70fd62dd5a5dcf992a21cbdd2cd26f8d118d21f121578d26

    SHA512

    19d51b82c5d592b91ac3745974283ce4baa721846dd564254e10db36501779f761798e4fb73083daa0ca4b17c38797d00b14c553cbd9b3a0d3ddbd648f0adf40

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0a51e98407d998e0cc177c9f4852a304

    SHA1

    ff9df63542303a3c55d55bf1123d158379f8a90b

    SHA256

    951e57ed95412c0df3771373d64775ff51d8abfe1f614684be5297ba87b5d6fd

    SHA512

    a2bcef9309e45d9c382b77686f12a6d5ce5972940eeccbadd1a0a2d44c5cf7f38de1ca9f2b08261c338beffb16557f3c87be27e08154625650bd858c53302b72

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b5ee9e750393551071963825c8d7c3f2

    SHA1

    17d862d8e4021855f0dbab06a119469734311370

    SHA256

    efde3c7af68711e850fb9f51ab991b6d05b1c69125158eebdc65defba7213dff

    SHA512

    35508137839726650c2c45d9b08ab14286fb256dd72d2639b30574e12462713e173c26e531f332602b76a840545ed4ca3ee73045b2ad5a25192076072d3ecb4e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a84fb1bff09905f2271d208aa937c06a

    SHA1

    909b359ab4db7238411608eb0f138abb1cea2aae

    SHA256

    90c94a34c77ad93a0a89aac3723a63d1df8f41fddc793c13323897b44f82af59

    SHA512

    dd0908a1010c211c8e3241d809dd0a5f85aba401e26765b7a89f620efd2d863f220d96189346b84ea6fd3c8f9f7f4bf0d7c588433e189d6270629a6a064d414c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f549db67f33d7a3f3685ee18db81244e

    SHA1

    216b81bfd916a1de8942a35061849bfdb9d903b6

    SHA256

    a03995b803a6d9da2af1a7948af949ecd7313b81f5d3b826a2bdb96efcd2fe36

    SHA512

    c4195825b294d5081c34e6295dcaeaaba2bd7e39d648178022861c6c34848ba810ee4a11a107ce4b22667745c7028db0d71bedcc24d1e92181abbed6fc853974

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d80dc70fb580145a8f2495552e5bf72a

    SHA1

    20905bf8c2c5bd71b64f10fdd9c3224fb4e18b42

    SHA256

    2ffc68b3b2de65f31e878d5dae158be082fe6887292fb3055cec392662b66e4b

    SHA512

    bd1515c2dc86d91ab2d32096282da49a08951990e0afa727897eab4f1cc3a01b7c7f87e7997bd53ee66b25ae1f44010ca9d88700f9ea89703b75ed3869a25074

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e65de23cef325692f661e19e3c8da0d3

    SHA1

    a432496e23c0bde72ae8beba9968ff4d0f066222

    SHA256

    7fc31a5776564196ddfc601b4a3265b720c6e92d47e6988fec8563074e5671bd

    SHA512

    b1215c89ddc5be1dee808743c90d8eff0e986582c34fd832d9777b51489fa20b6111f52a1caa7c8a008c796084f6d9e7c0d67926b50c4f2c160f15bc45cc07b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f35d56feb6f55d8949de384de5a4ece8

    SHA1

    8764213b2e1ea6ef8a5ad9e7ad83c9b124d7dfa4

    SHA256

    c20d42eb7fcd733484e3384c933c0109467d19aa381bed0078df5cf3939e63a8

    SHA512

    348e84b71aa3a7bec60ab9951840c6c18bd7470cddbdfee27977c83bf9bf8f75ba6d097770cb7d5fe33070987f23b31649224936aea9f1f9c056a552f5615cf2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4ce7680810bfe077a15f2827ba0a2ea1

    SHA1

    f795e8ae79f0a6273e60cec49f65c15f64139938

    SHA256

    76cdbdb26b88259d13a08ed3578f65d9221de445d30df31a6fb114b3144fa5fc

    SHA512

    6759443f3fd930518d28ef8c955b1b49b2af5424a4c79eef6c613bade2d277999d82e7b48558dc27c1fcf71267009ffa174b9f1789578a227378c3192a702226

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    20f82d297f81958c3c9e6e69ac7cdc1c

    SHA1

    99d4fd0f9e15450fd40012295d7b4cf2eac6ad8b

    SHA256

    7eff54a0beb8f139f997ade4b5d2e865d0a042aabf3d87dabad3468e7b44c91e

    SHA512

    1093e9f0e3fe4900f9d7f5ef9b4b3ac38e1ea8054844fed7da2bb356187b8d440f4696f2862e32918423d3df7eab65dd1a725f403bdd8300d28499526f1e5f30

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    09043574f4592de7260911467a0225da

    SHA1

    9ece980cc6318ae30d88c081180395e425db51e4

    SHA256

    645fba39c730cc2ab9580db351f92bc260ee5c1c9a7be2eb45a415138db2fc46

    SHA512

    fcfae93b7ad97d48658c7fe7a3f757a191e7d6f159cadcf53110a37e4421ef034f40e338ea96a5470ffed8fdc75145b5b56f4f431ce2f22dbe15909a964692cb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    83fdab0b0989d19425f5781a89c553e8

    SHA1

    e70b4b7da915db886f906021014bb5354a8b9be8

    SHA256

    b1d350e989d327297ee9b9485972c946b983ff070d2452f88248e54379096aed

    SHA512

    57f8fefc3a6e4049ebf3dfbc6bc31a6931176c33f6653bcd691afe0f51a0189538be42da46548879f1458882f8e58956bdc80aa1915f5564cd1f05e7579d0a63

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a8fa271b7b9542980701bf9b87b942a2

    SHA1

    3dc8fcb0e3924f3112c840ad39967dc670294023

    SHA256

    7d715eb6921c5234fcc869ed93e6588ca4fb876613dca968052e90d7929175a0

    SHA512

    7ed779d4fb98d5d0dfd4107604c35bb7e57409ee80a58aa90dba03df843fcd78125e00693405eacf866ba2c2d9cf13258c0b257ae9cfa72d74e190e15ec715da

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    44b5d402829662273111bbe25ccb6481

    SHA1

    b66a04db173445650cd53dfa92fa9b8736bd1296

    SHA256

    8649fa225ed2fea53a56d59d45ce12d18d204e4267f7d57f4c53609313b942dc

    SHA512

    12d6c1013603722f1d66e373d12616e27e7c103d20c5bbe0206ef7747506ed787b1c270ed8fa483d210789e58075f1c5829990b9c6d32147c41d0a047ada2170

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    39b8f1ff2a115a20af4ed75847cbf15c

    SHA1

    59c6be77f02ad5dc385fd257ddd5fc7a6b0965e4

    SHA256

    e6db0702400a08ceeeafbc17716bcfcbfd6972b525585126be5687e43c1bf70b

    SHA512

    91f182ae197492f721a18d387dbfa40f52694eacc75a317a3968db687035d555d773d2024ceb4488efff5ca8931faf27e6f9e3b28fbba0c57e3d8062ee276479

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF8D1.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF9DF.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit