Overview

overview

10

Static

static

10

quarantine...K.html

windows7-x64

3

quarantine...K.html

windows10-2004-x64

3

quarantine...C.html

windows7-x64

3

quarantine...C.html

windows10-2004-x64

3

quarantine...24.exe

windows7-x64

4

quarantine...24.exe

windows10-2004-x64

5

setup.exe

windows7-x64

1

setup.exe

windows10-2004-x64

7

quarantine/ht.exe

windows7-x64

10

quarantine/ht.exe

windows10-2004-x64

10

quarantine...Yj.exe

windows7-x64

10

quarantine...Yj.exe

windows10-2004-x64

10

quarantine/pic5.exe

windows7-x64

6

quarantine/pic5.exe

windows10-2004-x64

6

quarantine...m.html

windows7-x64

3

quarantine...m.html

windows10-2004-x64

3

quarantine/random.exe

windows7-x64

quarantine/random.exe

windows10-2004-x64

quarantine..._2.exe

windows7-x64

3

quarantine..._2.exe

windows10-2004-x64

3

quarantine..._3.exe

windows7-x64

10

quarantine..._3.exe

windows10-2004-x64

10

quarantine....0.exe

windows7-x64

10

quarantine....0.exe

windows10-2004-x64

10

quarantine...r.html

windows7-x64

3

quarantine...r.html

windows10-2004-x64

3

quarantine...g.html

windows7-x64

3

quarantine...g.html

windows10-2004-x64

3

quarantine...t.html

windows7-x64

3

quarantine...t.html

windows10-2004-x64

3

Analysis

  • max time kernel
    17s
  • max time network
    26s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    18-02-2025 19:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    quarantine/xclient.html

  • Size

    6KB

  • MD5

    307dca9c775906b8de45869cabe98fcd

  • SHA1

    2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1

  • SHA256

    8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c

  • SHA512

    80c03f7add3a33a5df7b1f1665253283550dac484d26339ecd85672fb506dce44bd0bf96275d5c41a2e7369c3b604de377b7f5985d7d0d76c7ac663d60a67a1c

  • SSDEEP

    96:k2J/SNi/FLQVTLKCGWz5ln59Jy0jRdoMVZTdI5:k2pV2RKCxDnxyTMVZT0

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\quarantine\xclient.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2408
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2408 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2584

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d75dcb45f58bfbc2b00a82238e69e890

    SHA1

    b4acd503edf16565e817fd408ed3d775f779f5d2

    SHA256

    be62fd7efadc1ca2e169fe832a95bbce1d05a0806bbbf56d87658834a9ca4159

    SHA512

    ee024e4e68f98dc19031e736eb1714ff0594a77e17bd0e67ae58ecdcbb4183c777d181bf2c3abb583c63e56f639ed94ca894a80c381f2167123b7efb5b8aed2e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    460fadedb4c128437334a5b43a25949c

    SHA1

    33727c9aa7546624b3b24dd0124bd916a47cf89c

    SHA256

    4de2bf4ceaa225e020f8d68769f2a958b68323c4d842303b5184247c0fb986ef

    SHA512

    577202c4640c6d29708853ebccce94a6e642af2a4fb27df17c6dc442c7a4bcb6d531427d630b72a007df776c2e8c1918c3fa6600d942de6be4ff8167bda18b65

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    76757a2527e6d6a6d65327a16484928e

    SHA1

    7d81a3188d0eee22645df969205d41e5c0608644

    SHA256

    73312691235913c5ceed7d08cdedd6f8cbbcf0e44200713658725f2f64fc161d

    SHA512

    e630883983a376834e12602da257ec14db844a33fe425c9300fda6ce32aa94b73f9663902f82a1cafcf4da2d8fa8487747d3128b511cdb09ee70c87cec08b798

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    113ac686e14198deda978f978b6fc958

    SHA1

    786575fa5c1a01c59ba062c8975a2f030c6585be

    SHA256

    9bc7bca791894dac741eebd53737a8f78895dc495733faaf09dcfaf206f5f593

    SHA512

    99ce74ff568ad5c4ac8d1b689850bcc05705c1d6cca75fed8b17cf4caa06ca9469db7a44280fb28e1eecc08cb818c0a9fa163c9c1d015903c503334df4a289ac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ad3753f380e60f945dbb4825e9eebdec

    SHA1

    1d6396263343770f51cfb2cb955ce6ee9a3f549f

    SHA256

    7870e94428f7bb5557f97554b25d7789a56d25a9bd431a57206662354a771fc3

    SHA512

    8ae8b1393482cdaf429a5c052019d948f93f0177acd356e35f5150bfb465ea3be93ee461ccd8c1633db0ff2558396697c46f96a9c8c8bc2a6d91c85a7fd6bf50

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    366a473b5bf3329250715b18462b9eaa

    SHA1

    32104e39714a99b130af77807dfc3b088eae380c

    SHA256

    7e8abd0f73cab2a7f177db8973f1e8c3f5aac0565d199441713376bef451e642

    SHA512

    fdc7e6b2a0e9380e1a6718bf5719d13a23e7f63e2e61ba333657644096b1df120251619c29b8e39b1a90be340475a71c2453dd3fc43a3a418967f91aebcfdf80

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    990914b0861e0d0281f56a371165908c

    SHA1

    4ccbe0f8e4c5f08bbe216ed53361542dd6f4e522

    SHA256

    45ef515860c00214832f3b2dc652e36ee5901e81e5e0d1e79d2b190f010010cd

    SHA512

    37edccd0d4717e7578bb237445f35df88878db3f3afab9a62d5ff27b7bc07ba100f47f23daddae033c44bdbf3f565396e39160e3de386707352cb84461001dd2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cb5debad91609e291df0eef72d1508c3

    SHA1

    2883afacd3b9f8ff3ba3a4f8f407c86e3f946475

    SHA256

    f3088f62d287e12337fc33953da3301a7dc671660ddacd5fe6d3a81eb960b9a0

    SHA512

    6a297bcacb871fef4f0722d4c1e016a9b3d6abfc0b8eeb0eb32386594245371007ba0bf034b1f90d6c89658633f26256eb2f0aadb06e211f356f96b3ec1bf122

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c26b921c9772ec9a7e3424ba75c19984

    SHA1

    0174c83bbc3571cfff531cc74d1fa07756849f82

    SHA256

    95f0aa9dccbea51a23f2ca0e4f62084e615a9f671de729753fbd02c3561c992b

    SHA512

    c2541b02b886edd78c6421a274a63197af814b02817d3dd6dd6d783a8236a05165832016edaff0a95f0ab8ed365c7e9defcc9940a684ac53960ec967881ba4df

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabFDC.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar10E6.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit