Overview

overview

10

Static

static

10

quarantine...K.html

windows7-x64

3

quarantine...K.html

windows10-2004-x64

3

quarantine...C.html

windows7-x64

3

quarantine...C.html

windows10-2004-x64

3

quarantine...24.exe

windows7-x64

4

quarantine...24.exe

windows10-2004-x64

5

setup.exe

windows7-x64

1

setup.exe

windows10-2004-x64

7

quarantine/ht.exe

windows7-x64

10

quarantine/ht.exe

windows10-2004-x64

10

quarantine...Yj.exe

windows7-x64

10

quarantine...Yj.exe

windows10-2004-x64

10

quarantine/pic5.exe

windows7-x64

6

quarantine/pic5.exe

windows10-2004-x64

6

quarantine...m.html

windows7-x64

3

quarantine...m.html

windows10-2004-x64

3

quarantine/random.exe

windows7-x64

quarantine/random.exe

windows10-2004-x64

quarantine..._2.exe

windows7-x64

3

quarantine..._2.exe

windows10-2004-x64

3

quarantine..._3.exe

windows7-x64

10

quarantine..._3.exe

windows10-2004-x64

10

quarantine....0.exe

windows7-x64

10

quarantine....0.exe

windows10-2004-x64

10

quarantine...r.html

windows7-x64

3

quarantine...r.html

windows10-2004-x64

3

quarantine...g.html

windows7-x64

3

quarantine...g.html

windows10-2004-x64

3

quarantine...t.html

windows7-x64

3

quarantine...t.html

windows10-2004-x64

3

Analysis

  • max time kernel
    13s
  • max time network
    21s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    18-02-2025 19:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    quarantine/xB2HL9g.html

  • Size

    162B

  • MD5

    1b7c22a214949975556626d7217e9a39

  • SHA1

    d01c97e2944166ed23e47e4a62ff471ab8fa031f

  • SHA256

    340c8464c2007ce3f80682e15dfafa4180b641d53c14201b929906b7b0284d87

  • SHA512

    ba64847cf1d4157d50abe4f4a1e5c1996fe387c5808e2f758c7fb3213bfefe1f3712d343f0c30a16819749840954654a70611d2250fd0f7b032429db7afd2cc5

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\quarantine\xB2HL9g.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2124
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2124 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2276

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c14c3b3f39c1a8c42c5162abc80a9b1a

    SHA1

    451addaeea83660e3833e6050aa8c8fbc8d9f763

    SHA256

    13700c7012176cbe84cb15ca03e081929d389c60d775eae4b9e67a7ccee92594

    SHA512

    d91a2fb57a4839c017e5c7189567084244c855eb79bf261402a06b60a62914c867ca274b48e51d81a06bbd88d8344eeb19dee5135ea4d9de45e0730fdab708cb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b5c1162b6a9538a73640a447b7889971

    SHA1

    a65e6ff59243389dcdadafe4ac81b505f41c1e25

    SHA256

    45591ec0115a992f4221da5bda212540c1a4a604cc50a38ac0d6a696a89ae6c2

    SHA512

    8b324e5aed31d46d8f07dc002a1c0e708064c575c5ae20aab3a8069e14968ef074e6f2fc644c6dea059a3ef3af195cc39f89a47c70ace00a4671c096938aa452

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    137a8b46cd5788e8cdab631e3f72fc0e

    SHA1

    44c54db6e900f4cabd7067639ab7a2bf9df61e90

    SHA256

    f836e268a55fb9ec37a04a34cd695e4bb647bb010b27f34a40e50bdbbead8cab

    SHA512

    99e2492b70d8e43db141b4ea0401bb5ad0ceb478c7eadf3385a0add8253d267019c46949a4ec3d51fc7114283ba8760e75fdc787de21ddf481d2740853e00913

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fa324639698eedc82c30c131e101209b

    SHA1

    91ae570be4daf0a996bed59e6934d233305d184f

    SHA256

    a59a2fbffedde0a7550e38572c490d18dd8e7fbe31c25192d58a593064e10335

    SHA512

    1d330336897b2a3ba29db72ab93a517e09a4e7ae39a2ad2fa6a587285d3ed7850ae7fc1781a1dddbccf436d0068107aeaee59c42415f88a5b67488f3e2858a4a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8762f1b2a892a9cb6826680e5961f6a9

    SHA1

    068c8deb2ba771d8d4186f1c56759dd46c3368c0

    SHA256

    fed4c5b7fe86985b048e74366eb6feaec41dfd12a7d86f181a487cbdd033693f

    SHA512

    19535e34457eaed408f4fabd2d0c9e9627adc54fd021c75ff03832c337a2a422c5d78a22b268ce38942f72cded4c703f577f4562195391c4d814a095d87fb08f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0a799d032aecb2270aacb196e655db1c

    SHA1

    41bf4411a4c1a2bd45a0e44130a97f6781221678

    SHA256

    e23530dca22047595c6662879af2cdec842d761043fcea6eae5e77d4eb2917bc

    SHA512

    9b23582db24aa9193d9fba1644cc48ae3f33e835cf7177f31a1a9005f16bf0aff58473afc81a2ebc3ae2151a5358505d56f174169d94e7b775e70bc209c60150

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    507616b4d68b7d87192f74bc68397194

    SHA1

    8393838bf0204f586c5fd1a931298e3e98245667

    SHA256

    e79285192613c756d451761173bf0e4c9660cae6d3907e7a14e05b684a0a9dd7

    SHA512

    ab90a1958f28c661729f6087480c6448c5f1d056b0b380381512da897a192b62587e9cdf6df07deac693b267bc3412c9e6cc86e3dd7f5e3d4cb85465b5aacda9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    39c4527357cf612fae7874ff6f51e8d3

    SHA1

    3b94eed93f96efed7570f4abad97bf337738f291

    SHA256

    85b4a613a7771b4b533977040ed6995229ad9468159c3f31f6ca3fe3dbafd151

    SHA512

    40573aadb6aee1e8ece0a1d7a4850d3bfefa2a4de77bb55321d4f477dbd43f64ac883b7c8b2c5b2b8bc81e06d19c9a3944b3291b646e7a02866ad8b03256f42d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF327.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF869.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit