Overview

overview

10

Static

static

10

quarantine...K.html

windows7-x64

3

quarantine...K.html

windows10-2004-x64

3

quarantine...C.html

windows7-x64

3

quarantine...C.html

windows10-2004-x64

3

quarantine...24.exe

windows7-x64

4

quarantine...24.exe

windows10-2004-x64

5

setup.exe

windows7-x64

1

setup.exe

windows10-2004-x64

7

quarantine/ht.exe

windows7-x64

10

quarantine/ht.exe

windows10-2004-x64

10

quarantine...Yj.exe

windows7-x64

10

quarantine...Yj.exe

windows10-2004-x64

10

quarantine/pic5.exe

windows7-x64

6

quarantine/pic5.exe

windows10-2004-x64

6

quarantine...m.html

windows7-x64

3

quarantine...m.html

windows10-2004-x64

3

quarantine/random.exe

windows7-x64

quarantine/random.exe

windows10-2004-x64

quarantine..._2.exe

windows7-x64

3

quarantine..._2.exe

windows10-2004-x64

3

quarantine..._3.exe

windows7-x64

10

quarantine..._3.exe

windows10-2004-x64

10

quarantine....0.exe

windows7-x64

10

quarantine....0.exe

windows10-2004-x64

10

quarantine...r.html

windows7-x64

3

quarantine...r.html

windows10-2004-x64

3

quarantine...g.html

windows7-x64

3

quarantine...g.html

windows10-2004-x64

3

quarantine...t.html

windows7-x64

3

quarantine...t.html

windows10-2004-x64

3

Analysis

  • max time kernel
    11s
  • max time network
    19s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    18-02-2025 19:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    quarantine/BSFiC9K.html

  • Size

    162B

  • MD5

    1b7c22a214949975556626d7217e9a39

  • SHA1

    d01c97e2944166ed23e47e4a62ff471ab8fa031f

  • SHA256

    340c8464c2007ce3f80682e15dfafa4180b641d53c14201b929906b7b0284d87

  • SHA512

    ba64847cf1d4157d50abe4f4a1e5c1996fe387c5808e2f758c7fb3213bfefe1f3712d343f0c30a16819749840954654a70611d2250fd0f7b032429db7afd2cc5

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\quarantine\BSFiC9K.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2128
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2128 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2480

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b1e291c79269702de4b96a88a081d9f2

    SHA1

    d22f5f1f0f3e23bef9296472c57a4edc44bccb97

    SHA256

    c19427c61ea1d7c00befa0f00775fbce3c4c3e56d9d0aebed1ba5f64591f41aa

    SHA512

    4b39d5cceb4a0ab0692b8ca55a3e14396861f54ab989679a457c74c5c02c782ed15ec3e5ae304f5cc827554f991a8c233280e4cef74d7ca448d02d89b53adf75

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    06bed5430c71db1a29d3f4b8996fd936

    SHA1

    09b56ae0460322dcbe725e051271e6f2b9b8f68c

    SHA256

    223a8aed7e31ce53be1c76d0163eaa72889107ab96ac4c8e6015e6db16d7355f

    SHA512

    3e48d21cd5515ef35b951035a373b1a4f06a2705bc735f815074df6f668369b728a4f145d47fcc51384f50f079b5602adfdc61a98cdc9c27e347be6ea412d811

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    075db4a096273b511d6808cbf311aa67

    SHA1

    c0ed1b107c7177f35f68de5cb6e5eef5008220ef

    SHA256

    fe2efd6889c85fc1d7440de0ce2fd75f3d54543844d2c5abebb133fbbad04b6d

    SHA512

    7faa7c137114c00923dd4ef719a1a3d6e5690a41206d3c3968d1bf2e65e9c5dcad31446003111e44a4dc8c3e63d063167784627a9dcaf2c19d2c64ff2392877f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d6b4cbb0eebdc95345bcef220c7eed35

    SHA1

    1b680088d58cfedd53f1db2fbd02d8a6cba013a1

    SHA256

    053a5402656bd3adf18d3461e504650d3180e2d9ecf1299741a91564ed21a757

    SHA512

    ec4677ef84003a1901b92cbf3b719ff9a73a67c8b5ac878afe6b55496ca94effd1896ffdc23cfb682b0c2456b76f9c7cd9cc6cf79d45adf8d1fe5fa5619a7b52

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    01c1e3e4b07b90aa58a979eff43fb71a

    SHA1

    f4261450fef2b30fbfadeaada75c494be9bb1fc2

    SHA256

    53f4c0ce6c53b1a7e2d7f044ced033b8eedc60b91883efa2b0e3f050de5442ec

    SHA512

    4584cd0bffc6ac1ab4b4657f00435c9ca41ead627505afd9e08a8797c1a484141b4ab3b273b27389c0362d51b8fb9b48513316af7095e044caef7fbb5b0ab74e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a2b85f387c834f8ab98b686fbb860fdc

    SHA1

    f010b3b81c76e6043538b4361cf313156e55809d

    SHA256

    872f204a0409da2575cc21f992659716cf00f8bd9a807481dfa52e2040a6fc79

    SHA512

    1526eeba6afdec2a9457f4fcc9f77dfe38becb29f68c5aea044eb8c9dc54ec494f317e60288d7aa5787db3b780cb95328db44de36d7a94d727466fbc0a60851a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    58cb7b3a21e87b826ff2f25b0202b323

    SHA1

    0e3e473a557687d02115d194cdc72ea3063b29d3

    SHA256

    8b301b336d242515d3a9626cf1273de74cb9f65653bd0df7c55f634f8f6e4b59

    SHA512

    8869c7bc8976aeea7fe6d0a4b50fb6e5b6b66457dd1814afd2c84eae0573b3c3893e429162a70640a0ce4dd4e28f0a67534d1fd6eaca5133fa972905684c7757

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    93fd6027f7bc11e4b1b8d0e6c6ff9eae

    SHA1

    b076b3ce1207097eda9a443e2917ac5dfaa3a252

    SHA256

    92095a0be953d727d08e6bbc5ffc56fa7ef316d4de655a57b6017cce6d821ff4

    SHA512

    5a325e1a150ee360960d4b1b61de1690ba3ca87b8913b823919952faf3f750a0cd90d5b267323db8903bac798a77b7a41bfe8b00a2ca6875e972487460a1b669

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab98B8.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9988.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit