Overview

overview

4

Static

static

1

custom/about.html

windows7-x64

3

custom/about.html

windows10-2004-x64

3

custom/header.html

windows7-x64

3

custom/header.html

windows10-2004-x64

3

custom/help.html

windows7-x64

3

custom/help.html

windows10-2004-x64

3

dialog/dialog.html

windows7-x64

3

dialog/dialog.html

windows10-2004-x64

3

dialog/js/dialog.js

windows7-x64

3

dialog/js/dialog.js

windows10-2004-x64

3

node_modul...mkdirp

ubuntu-18.04-amd64

3

node_modul...mkdirp

debian-9-armhf

4

node_modul...mkdirp

debian-9-mips

3

node_modul...mkdirp

debian-9-mipsel

3

node_modul...rp.cmd

windows7-x64

1

node_modul...rp.cmd

windows10-2004-x64

1

node_modul...rp.ps1

ubuntu-18.04-amd64

1

node_modul...rp.ps1

debian-9-armhf

1

node_modul...rp.ps1

debian-9-mips

1

node_modul...rp.ps1

debian-9-mipsel

1

node_modul...rimraf

ubuntu-18.04-amd64

3

node_modul...rimraf

debian-9-armhf

4

node_modul...rimraf

debian-9-mips

3

node_modul...rimraf

debian-9-mipsel

3

node_modul...af.cmd

windows7-x64

1

node_modul...af.cmd

windows10-2004-x64

1

node_modul...af.ps1

ubuntu-18.04-amd64

1

node_modul...af.ps1

debian-9-armhf

1

node_modul...af.ps1

debian-9-mips

1

node_modul...af.ps1

debian-9-mipsel

1

node_modul...DME.js

windows7-x64

3

node_modul...DME.js

windows10-2004-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    21-11-2024 08:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    custom/header.html

  • Size

    814B

  • MD5

    224dc6ec231801e3f95c3192c24f67fc

  • SHA1

    14a85bf57af9396f3812006dcd63b6f07dbe189d

  • SHA256

    98e887b5c9ad4a527f442fb086d69035e60512e4ab2e80890a4fd98924edbd52

  • SHA512

    36cc993203c15abf9d0928f86dbdab474cdd4c560348eec348598589ad97e9e2ff14385e7449294524a604d034952189e15ce087e9c9223740cfd36440863d6b

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\custom\header.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2464
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2464 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1780

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cb8a94dc8f78d4196d2e8cb565064662

    SHA1

    cb1f93a8ccc8aaeedbb641bb8531f53f115c30aa

    SHA256

    bfcf4d2574f975f4e2ae610d97fa065c16028199797f2140c982d5431ac6d380

    SHA512

    0901c680d4f2c6902ee0101a1da4f4010ce15c47caa3e10d2ebbb9a18cb805c3c2ebab800a92f2a9eb8359db1855584289b8246d25f48c3d55add05d3191fee1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7afba214d15b0fbfe83acbbec4e44d6f

    SHA1

    e8eb0f38c35364a5cce20903870734a484603719

    SHA256

    5ec45c2cdcaa44bf2b2c067cfaf7dabf310e1660d62fd36d8bea4d2196904692

    SHA512

    e0051fad3cc9ed4f826306fb2fd310cdde66e96f960b6b24f16e625a6780ca7fb81931bbd1c4f56662ee04a57008d16d3fbcacdee09b82159cde0eb279d44956

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9c6fb13230df0856c8be70a65f703dd5

    SHA1

    c5a9d620bbf7545607f8e28be975572e95b9885f

    SHA256

    52b83e55542bff8c2eb1200bb944bd2c3d47430de0888b1574582960a34fc9b9

    SHA512

    326d0d309bfe280bca0564edd09fd17a4ef82e463f00fa230fe154aff92f220a5259f6e7439600ce0121d440f42f22d31bf7c6fb5bb1ef159a9f5732c4783495

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    afdd21f2a1b819309cab067ae5d6f687

    SHA1

    8980ef69b582516ef5152a38eb17589755d8c5d0

    SHA256

    e21d84316f854dad82ae121e100e2c96baec3d1f6f7b1af1fa85b5dfedfe4305

    SHA512

    cf2acb8c6ddd308e217cdabebb277faa6ad08179387cdfdaa2f1d0c269107bd5855018ccc9bc90b61590291ce200fbeab4a44d72996ffaae31b79368d774cdeb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eba9a5ce022f0b823c75afc2b161c6c7

    SHA1

    8361797fd40fd29fe59920b00a92b2802257b839

    SHA256

    c371c28400ed3ea7aa91e6234b99b3913eb2a4081582fe3e13a5041c9d96cce4

    SHA512

    eb1fb3d5624ecc0efd502d6d3e0cb2627fcc9e4581597d01d9a909d4f58328d9067b16c39b76142bb8dbb308c76f4a4017e0ebc84ee704badcbfcc7b968ca321

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    700c1f36cefb6a7c2c3c8822a3a59bb9

    SHA1

    b344736e7d80751ae8d7ce1acf721717b51c27c7

    SHA256

    c5c710747fd08639e615f839453626220aa501a647b7cf9e05fa91f28a801f07

    SHA512

    6fb3dee6f3230b2ec2c2532f9ed6e989c17aa81bd40345d972cc35ec01e4168ae1095164b02d3751f6897f746a216c4a5ef4ffb517fea93326385e95536fcf19

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6bccd701b24cb4e8529a7c39d98f4754

    SHA1

    585477015ae70c278e1602755da24b585619331f

    SHA256

    87f6ad37c56c2097a9fd851e03147be6aba37ae53e5cf14bf6ace38d86497909

    SHA512

    e9182b3f0a8f5b44c8dd27b00de613353e6e5891620d1bd2963198dc697ef5292c4d7f3ae9d741140f8b359a6810720afbc5e096355e77e582af89c68476ec15

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    274bba4f6586f7ce767a8f308e30133c

    SHA1

    803bcbb9defdc674a03459b5ab843c3a10611046

    SHA256

    fdaa0713581f07fbc80307bc680d0d2ea918c99fb18670cae89d516d47dd971e

    SHA512

    8b6f2bea447b9c9223521b1931290190bd1cb887529ff66083b60ecb7859a0bbc4d1c3a9fbb418013ceb58e1a04366e222fd65feffcb3aa9a27d887b87bfadf5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a294c0a0d8c6595aba7d58fa3caa8169

    SHA1

    a31eff77cd279fec13f0dcddcd8cae0634233ed5

    SHA256

    96d7a4f23ccbef8baf33d30841853100f5f141337636449e9f196512bb418113

    SHA512

    cd134a91476400c1e5378ac40e0e2220d335ceed0c2a3bac7b13c632ebba69c64d048d1da57a32092f8ccdaec73b3690c66472f18a7408bd2344f7f985093678

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9ba0e62030212ee14e1a17ad9788836e

    SHA1

    2babf01b32d367810697a862f0d502d8967de867

    SHA256

    b6adb4c9480aef1d6606c320b35bf4bb7a799e5db134f809e1385e32954ea8f3

    SHA512

    16573b2ce22a74067c9bc1a19bc59f1944d5567a9b468a16c48922495770f8e5c086449e54ba7147f5d27a6f3473af7d4c6b109c5703942dd7f44daf88197f4f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c808dbe2c84cb96f66c59f0690d60484

    SHA1

    14321519dba2eb16c959d3ef0106c10d2e51eeb7

    SHA256

    095415d3b1721401861307755bfc34abaf412187532cd7fad52a335e75c35886

    SHA512

    44180e0a04d3659bee50cf27bbaf34c54a2acb09f749d3e72b86e4c4f8517173239fbea4734115b051e5283b60ea93796af3aeb9a4f48baac3778dd69ed55018

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5441485b92b9d54cdb864c71e3fc0e4e

    SHA1

    305f6427bf8a3c3b3095760dd75da220065c92da

    SHA256

    ba01049e781d51ec441cfc90611afbad6d83cff236820245788e6e3aca0ffa17

    SHA512

    adea5e82377cc396a8507bf4c530df42d709ddd5b46bd00386ef3d45352318359f633a81dc39bc30c6c3629e2099bd7eedc9bfed7141a2f1c41c8d2e58c0052a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4b92980bdf0bc7bb7cdd5fcb2bc499b9

    SHA1

    7f8700dc9a284e4aad49c93a8fdda8ce991e42de

    SHA256

    0bc28a32df7efdb6b1123ac6bd8bb0b7d4852038c2216612a961b1781991140f

    SHA512

    fa50f3ff946a855af110930cbbd6d4104dc1641924847595ab022f6d9eaf56f4499f67c9b5853a6c0f0fa36cfbf1ba21fe271d8f5d64c40c2462852cda26f3b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    00cb829bcfb54bd82358d1016d5ad310

    SHA1

    f8929b38bf536aba6ab901f1f1720d763fee9dc2

    SHA256

    aa1646ae2f2c05c71f096db32472c9b394c561098e023d82b33790a0e13d16be

    SHA512

    ea4aad2f1f901b1b383dc4153fa5fb919a270358bf7f29ebad1d23e8d54e8b3d9345b3f3adece22531f607d352b17a102d165098e2d38ba9f4e384c6b98d077e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1a8bf1006a5301e15fe8a33755ce3bf6

    SHA1

    d3f08de07b76befd86830416fb8ec343b53394e8

    SHA256

    d4e1cbd0071a409ef3ed8ebb023b1a1cf76a33ebbdfb25556e5f59b42a93ee29

    SHA512

    c94bc2a36362fa95f7579eb57eec695532c275ec7ff78961c2cbf3e9328a54f0f8818f7a7cd1771ca73448347f60882b9a20b5269fa81b8dae9c47702d5ec8ba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5ba957a1911dcd0e6fedbc9e3451eac1

    SHA1

    fe73f95dbc17a7d5157d707f9840a8539d5352f6

    SHA256

    e8e56654ac400002e90918450e1190bc62aad12a1505e722ef051ed9d4f8a7a4

    SHA512

    ef0f43a5dd5e608bbbd31900b8c59aae0ac5873c5ad301e988a60d11a50951b3048a9ad5fa4c82c3b0c0527917a364ec79bd1e01fb64c78b96abaf05c444d5b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9b4a68bc40435e0452e9ef11f1ee50f4

    SHA1

    7e7b34193d7a9c253e7a62412fc9fcef49138981

    SHA256

    cec473b6976129f9f14b95a3ebba37f9f775bc8ade75749976567b3d42048557

    SHA512

    455e7ded677f1743b9f58c45942ae9881437963a96153709a61ff21cafd3421189df61f67169d5d0e86206a28956f18e6257a40a79be9abd3094c887b17b2fe7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e76fa33bd8cace75f42f53d7649b63b0

    SHA1

    4f4ceaa442356d2035bea07723064be3e5458c62

    SHA256

    84d5993f7e08e8f698ef64ee4e86cb4b747be6e0de5703670062848a7d1b1e79

    SHA512

    e550cf487a2c388ba1673a95df61d5f88ff0707ea314934baa3a6ac1af982304252ea9dedb1189f3c0339d09d2508c62b9d87236760dd6faa730f968d02c4d2e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fae4df1cc69bb3b8996c1b378e924a93

    SHA1

    327ad53c5483feb2393f30db608766b5d7fae001

    SHA256

    7d3ab8d0fd6d617e53b8461771ede23d850549745b767be65a1d2f28fa8f0e16

    SHA512

    f5242598a77b4c8040cfd96aced89a315a21409418fa30f513fc8c02a617404194b9af18695e3e8f93af23a97d6a2951e81692505c83e91a163315a53cd87f26

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9263.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar92E3.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit