Overview

overview

10

Static

static

10

quarantine...K.html

windows7-x64

3

quarantine...K.html

windows10-2004-x64

3

quarantine...C.html

windows7-x64

3

quarantine...C.html

windows10-2004-x64

3

quarantine...24.exe

windows7-x64

4

quarantine...24.exe

windows10-2004-x64

5

setup.exe

windows7-x64

1

setup.exe

windows10-2004-x64

7

quarantine/ht.exe

windows7-x64

10

quarantine/ht.exe

windows10-2004-x64

10

quarantine...Yj.exe

windows7-x64

10

quarantine...Yj.exe

windows10-2004-x64

10

quarantine/pic5.exe

windows7-x64

6

quarantine/pic5.exe

windows10-2004-x64

6

quarantine...m.html

windows7-x64

3

quarantine...m.html

windows10-2004-x64

3

quarantine/random.exe

windows7-x64

quarantine/random.exe

windows10-2004-x64

quarantine..._2.exe

windows7-x64

3

quarantine..._2.exe

windows10-2004-x64

3

quarantine..._3.exe

windows7-x64

10

quarantine..._3.exe

windows10-2004-x64

10

quarantine....0.exe

windows7-x64

10

quarantine....0.exe

windows10-2004-x64

10

quarantine...r.html

windows7-x64

3

quarantine...r.html

windows10-2004-x64

3

quarantine...g.html

windows7-x64

3

quarantine...g.html

windows10-2004-x64

3

quarantine...t.html

windows7-x64

3

quarantine...t.html

windows10-2004-x64

3

Analysis

  • max time kernel
    10s
  • max time network
    19s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    18-02-2025 19:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    quarantine/ORaMflC.html

  • Size

    162B

  • MD5

    1b7c22a214949975556626d7217e9a39

  • SHA1

    d01c97e2944166ed23e47e4a62ff471ab8fa031f

  • SHA256

    340c8464c2007ce3f80682e15dfafa4180b641d53c14201b929906b7b0284d87

  • SHA512

    ba64847cf1d4157d50abe4f4a1e5c1996fe387c5808e2f758c7fb3213bfefe1f3712d343f0c30a16819749840954654a70611d2250fd0f7b032429db7afd2cc5

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\quarantine\ORaMflC.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2124
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2124 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2460

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    93182cce99f9b2948f30311cbdfe1ad2

    SHA1

    aa6d353331ce919f77242c2810af7583e93e417b

    SHA256

    baaa4d6ebd136599a4fb82653770eac08e54eec1d294b9080153450eb690c37e

    SHA512

    29da27a57a5e9f903513c67df1ca3044cbb32b1ad99b7f970b390bf922514bf9fc3e62c94d64ee6063210dd2c146418695b5cf9f6c2ad5fd412a1934aa52552c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cc82df4ae69439c83d715534b54ab8f2

    SHA1

    9089ae71596bcd111f6bbedc401b50c6fc600006

    SHA256

    3b708a253fb5d45b036476eed1683ed14689a550473a89d1eb46e341cf602f44

    SHA512

    de55dac7fcd5319e8a6fad178f1587eaf9a2a4d8233642af6dadff5a8686d1c600732cced523acfc26152da006c39946e2479674bc76e76af51b863eaf474ff9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    77b431567cdac85496e0bf8c753976e9

    SHA1

    c09a7cabf25de5c13d0fe3c52f619d6017e4b857

    SHA256

    de581f3d217533a8b31afc737fb49da0f0c445a40ff57a13909ffa0c656c5259

    SHA512

    b60f58005fa1f4fed22acd6e432b276978b2040625e276cba1b2f7c20e0e3ab8ffb618690f2f55aaed79ebb5c00ed35fc0de618db9a2db3d6748d2d6cd54233a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    19d0d2ad4c69b09fe19ebf4a902bded9

    SHA1

    7ffc7a48080c7df3ac7fd1f18828f11eaf4cd69a

    SHA256

    f1d9b061bdfce412881fb09f0651adb7017a80d8b3c7e9d2bf2f0ad73a04ee0f

    SHA512

    17d7242765590f2bf7a7ec2b6274106e34fe4c6e1f0bedd93bed2b2211f072157fb8315d14fcaf6fbfa4ea6e3258ffb9ac2829dc47d21e830e39ce7b36ef2960

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    baba28169854c1d90e5af1837daa41e0

    SHA1

    d7bec27969267148b19067a1c2752d120f1dd524

    SHA256

    5833117b726e70b791a36aba7f4e58a5cf56edef371486ab2b06f452da37b10f

    SHA512

    a0335cb46f7d80b52da5aa5b3f5df308075d3e48d5922b95c07ab29e2a5e0dc8d8c1018bfa7a35fc813f7befdc7eb5e76ffdb2cd25f14d4c4a1130d50a6dad66

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e2f61e2f6099eecba3cc851b9df73e91

    SHA1

    6ebcc3cb7378b81b5ac095405d6ac2959d5b9a3a

    SHA256

    9fa4a2eac7d7445587abe75f8866c727ad3a9db40a40e3f296f87d6c48c4ee7b

    SHA512

    66482ce20ae5e68d94ce7151fe48502438f435d6a0d56cb64e9e4c007c2fc530ad7b83d078f49da0fd7ad48c65a113d93dc802840c46665d973b93e93994c4cd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    61b6ff7609c5a5c11feaf7eeb3398d01

    SHA1

    4d13f23f965458ff7684e2bce82eeec218709fb2

    SHA256

    82531e60778e5073187ed5545f06681f1ef2a8fccb005ffc8a81f69e3f5fb890

    SHA512

    01a049acb89b2b9f507e2c58e982d7fe5299feb4d65254f7da6038f575595a656ba4d79526bba316beeb98f59401861327e944f201cbce4618d39519f7a6d175

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    24b23688de3ca69c5648bcedd7c45a37

    SHA1

    b475d566462e7b203101f74cbbbdf63dac56d9f7

    SHA256

    25b35debc75b9731c2969c7ac8d29a2c5a79ba2126567ae1126e5f8dc007fa18

    SHA512

    93aba6682be500affca3996e3e33d739bed80189f3e56411e1ffe5cb72ddbb9bc1803067e2d21bb21c4da8e8442d30e2a89a597bc6de29c4a3204ab8bf4b4316

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    28ac9353ee99a1b4fd4a3767e3914287

    SHA1

    7fa8d24c7e69e5245d4a4f2cfeda2f7388074999

    SHA256

    7e8905851f55152926a8d829b55029349ba8dbcae364beb4ea11f80ca99d2d4d

    SHA512

    b6881cd6b4b8cc8083d48350ff730b34cb877733a34f6f76ede385c2e6a760b5a16c7cce6495e7bb46afa7b239fd396368399e78cec82e40017f3309765c6b56

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ca0fc6fa7df15c91c0140becffe04ae1

    SHA1

    26c147bdf25892e02f2fc1fb06895c1a2a6590c0

    SHA256

    9f515f76a32b651ddbb38846e1bbbab59958d6711199366a6d848dd8e09302b9

    SHA512

    c5fe3bfa59e6dc4230efdb3a5c388263177e335da6a77861a7a15a2029e7a5ee6cb7a5af17689322db5eb68582b3f11e439f1eeb68e026c426c1b0013d63a156

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF133.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF1F3.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit