Overview

overview

10

Static

static

10

Win32.Mars...nu.exe

windows7-x64

3

Win32.Mars...nu.exe

windows10-2004-x64

3

Win32.Mars...PC.exe

windows7-x64

7

Win32.Mars...PC.exe

windows10-2004-x64

7

mars/panel...n.html

windows7-x64

3

mars/panel...n.html

windows10-2004-x64

3

mars/panel...min.js

windows7-x64

3

mars/panel...min.js

windows10-2004-x64

3

mars/panel...min.js

windows7-x64

3

mars/panel...min.js

windows10-2004-x64

3

mars/panel...app.js

windows7-x64

3

mars/panel...app.js

windows10-2004-x64

3

mars/panel...min.js

windows7-x64

3

mars/panel...min.js

windows10-2004-x64

3

mars/panel...ker.js

windows7-x64

3

mars/panel...ker.js

windows10-2004-x64

3

mars/panel...min.js

windows7-x64

3

mars/panel...min.js

windows10-2004-x64

3

mars/panel...min.js

windows7-x64

3

mars/panel...min.js

windows10-2004-x64

3

mars/panel...ker.js

windows7-x64

3

mars/panel...ker.js

windows10-2004-x64

3

mars/panel...min.js

windows7-x64

3

mars/panel...min.js

windows10-2004-x64

3

mars/panel...nit.js

windows7-x64

3

mars/panel...nit.js

windows10-2004-x64

3

mars/panel...min.js

windows7-x64

3

mars/panel...min.js

windows10-2004-x64

3

mars/panel...ore.js

windows7-x64

3

mars/panel...ore.js

windows10-2004-x64

3

mars/panel...ced.js

windows7-x64

3

mars/panel...ced.js

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    138s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    18/02/2025, 17:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    mars/panel/assets/css/jquery-ui.min.html

  • Size

    279B

  • MD5

    3d94c5db6219640112a01c9f126e894f

  • SHA1

    042b019ca257c1c8f979ee8c2e13105ee2d92327

  • SHA256

    d36921d85f158a051daed4dd44ca81fc98a4b707c71f0b587a3e8df8d683f5a2

  • SHA512

    74da9160f3a50e944a922a209dda4d0a2c4b088b646e57fdf7d2e707d70594d280c89855acadd09ed4e0a1b37fe9b7d758ef7e00b3fc5290386ec1163a853f83

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\mars\panel\assets\css\jquery-ui.min.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2308
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2308 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2388

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4c7b61bac90929cfc75db0e2198ecaf6

    SHA1

    c1c89fd5f89cd3c022a5a3a04f3076a421b41e15

    SHA256

    e5e5e39a8d864d0eb371e18e682e3e15f60fd06b7ed25d604abebe60996004c4

    SHA512

    f23d9ebc6dce3ec5513497e9ded3955cca59d6823d153ecee49c63174eda741985e0c3b3e1f59f61b7b8c27dfce6791e2007c77777ab0b61a7f67d72d1586137

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a852e7b3b61697552283649c19ff0c9b

    SHA1

    dbbb193a2da87b73aea9a14e187963d7c053b611

    SHA256

    91fa1313006afc1314341d484486ff09ed06fcdbfe4c22c5f3afedec9c47b643

    SHA512

    65d6ab9679dc9e8144af3f0ec3346be03d86aa3f723cb21a469898e6ff380a636ae24a8ef47a04e26f44ea74488a0f63550b053a8e193494ac40be7d35300904

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    694c3244c76514a69f0f3e3a59fef0a6

    SHA1

    37c8943d7d217bbdecd14da2855215dc2a1db70f

    SHA256

    e3701c507c048efed687ee2f81e750b2ff0800cd7f2a884b3af576d87198dac1

    SHA512

    3896e1cda7d188995d717db198c3a206c987dd6698dcaa90b5443255402e46d5ce244a8b93327e4ecd75fefc10b37a66e8344288ed4e124a5d7df9c9f64db49b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    38e2b065c90b8a72670fb0f1053e93a1

    SHA1

    5ccd7d7c0261085771ab3c6e9005fcc62d658664

    SHA256

    a8611319feec9dd7a62c0654c72bf4a65fdf37019080f251d7a1f6135f071ef9

    SHA512

    6c5ce9035927e76d8ab66db59445681e14ddee60176225af7154a24f4d46a540beb434e02b58785a7089cec924d37d8b67bb62612c0f2bc30beabd38cb5fcfdc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0fbdcd8a3755f1c03e42d1484959e90d

    SHA1

    b516cae020375f41376a6b90dc0a667bc860c25b

    SHA256

    3f0f60e56bf1cdeb42755c0d16bdc3ba1adaaeceb30e5fdba20030f65656808c

    SHA512

    a48c65fcd5a50905ae4c4e87c78772c7680821c1ea992417c810458ed71c3947585d9d278f1cc2e9db3861a443ad2943d6f7d6d560720f9c8283516fed1d3196

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    076a48159df2c685756cb8e69298c2c6

    SHA1

    b12d9a1f286dfa09c320511ecc9327b38cf72c40

    SHA256

    d6dc768048f613cceea8d6001487077232dfaf074ce6e0df6dea400c8b720752

    SHA512

    c61bf4b3b63b7cff7bdbbbbfc2ae1f99e2694bc5cdc4272908f53bc7b7640ac5ea46101e3882ea60bc0ce408c7e38605422574324ea067a45f5446a2d3527559

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4b1b1f38913701f4ba49d6a53cc21c11

    SHA1

    5121c93a29ccf284d9e060a2f6720f5ef9117e55

    SHA256

    590a80c7703564d59e45be8f6639270af3edc2c72d27e3b04c17d675e88c529c

    SHA512

    6381359521216219fee8034940ec63c7c33b8b609324446a19902e0a2d43493ab8402277586c8d1d356a5119fc61a23eec853f03ca33deac1d6f298240748f2c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5695a6e4a9653f3f6ff407d076e94744

    SHA1

    bebab7c33dd9ed46ecdd03f2cd207cc6a3a435a3

    SHA256

    ee8bbfb4e0f294169f0f988a5accf4779e911d7040d9d904c8a23575d2492b26

    SHA512

    080bab6038c0f2cb2a36ca7e3883e05f905b04758ad8afe59ba3030bff151b149d4c75b3e0bf9987cca363ba6a3191599f961c559a65cf8bf6edeb46ee956fc2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    242a2f7e44d9f029fb6ab7d75707c4e1

    SHA1

    f29e87a6cadc1b76ab09a127ced79ca0ef2937c2

    SHA256

    46bf8ed702a764aecaac0523434a7d5a4ae9cf2a54b1e2acf28e56ec89bd9146

    SHA512

    099fe54623d049b53e4ce898e8b6f33822bbde5fcf5302616776c192421d64be649c3761a1d37fe57ee8b1fa89dc38b69a93a478f5590edb19f3c6a95037b689

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f37ec0d9bab03782a74f6af431e84478

    SHA1

    aadf8fe9d16defc54d76b7a396e35678b8576864

    SHA256

    7336066e215daa53941d7db87e280f78f04708f70ae4a328fa33d58594ff51f0

    SHA512

    38331116e6084d7945db9c95974500807a97c199fb7a6217cbf38095c28c17187b26ba219ba1f40da8ab4f45232dc16f121d0d2c8c3f7a21fe78ecf96247e2c9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabFD65.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarFDF4.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit