Overview

overview

10

Static

static

5

quarantine...Ab.exe

windows7-x64

1

quarantine...Ab.exe

windows10-2004-x64

10

quarantine...Jz.exe

windows7-x64

7

quarantine...Jz.exe

windows10-2004-x64

7

quarantine...8M.exe

windows7-x64

3

quarantine...8M.exe

windows10-2004-x64

3

quarantine...0.html

windows7-x64

3

quarantine...0.html

windows10-2004-x64

3

quarantine...n.html

windows7-x64

3

quarantine...n.html

windows10-2004-x64

3

quarantine...y.html

windows7-x64

3

quarantine...y.html

windows10-2004-x64

3

quarantine/am_no.bat

windows7-x64

10

quarantine/am_no.bat

windows10-2004-x64

quarantine...ad.exe

windows10-2004-x64

10

quarantine...Y.html

windows7-x64

3

quarantine...Y.html

windows10-2004-x64

3

quarantine...t.html

windows7-x64

3

quarantine...t.html

windows10-2004-x64

3

quarantine...2.html

windows7-x64

3

quarantine...2.html

windows10-2004-x64

3

quarantine/pic2.exe

windows7-x64

5

quarantine/pic2.exe

windows10-2004-x64

7

quarantine/pic3.exe

windows10-2004-x64

8

quarantine/random.exe

windows7-x64

10

quarantine/random.exe

windows10-2004-x64

10

quarantine...s.html

windows7-x64

3

quarantine...s.html

windows10-2004-x64

3

quarantine...mz.exe

windows7-x64

1

quarantine...mz.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    90s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    26/02/2025, 23:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    quarantine/imfsCjY.html

  • Size

    162B

  • MD5

    1b7c22a214949975556626d7217e9a39

  • SHA1

    d01c97e2944166ed23e47e4a62ff471ab8fa031f

  • SHA256

    340c8464c2007ce3f80682e15dfafa4180b641d53c14201b929906b7b0284d87

  • SHA512

    ba64847cf1d4157d50abe4f4a1e5c1996fe387c5808e2f758c7fb3213bfefe1f3712d343f0c30a16819749840954654a70611d2250fd0f7b032429db7afd2cc5

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\quarantine\imfsCjY.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1268
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1268 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2904

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    41e25769df61590d65ab348d00070a76

    SHA1

    859a2ce2b0a1694558b2248fc169835a79167eec

    SHA256

    547f0746c5c6f42ad0d86b25130408382bd5d1a18bd3378453df7c2b06f559dd

    SHA512

    f3081050569a2b7270044386abd264a72d768717368eaaa17f51438070b95226f261a81bbeae72bfac8483018f37d50bede3eabbff4d40948ca01ef95bd7b4ef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1d3d542813d5cc253767e10a54c94caf

    SHA1

    e8283157e5e63e37024d757efc44b214b9cd1ebf

    SHA256

    701225ede54aee2f53f8ca8ead03bddc027731eded8f822d23d4c8ddf7a8b1ce

    SHA512

    62208c1a56a0c53cfad45254809dc7dd462e4559e8596faf1e720391230ad6ad9ae9b237df102186206ec32d266592d05bc86dedc58249009063df502bb64626

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7f67868e5f213626b0a2b4d1f291c7c4

    SHA1

    44d95bd4a417a4d3bb4a51214f186c79ce699497

    SHA256

    f135d08cfd6c09340cd191e831b56469bc3635d944163114c74e0320889d2ea5

    SHA512

    2274d05f0be146718515d110e746c562d8ba830b6d63464593d2decfc051d73c04f925d115a6db24c566720b5cf85e4c1bcda3048347ed13f54883e83c7e489e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    61ad19a336b8d7517d76611d12341253

    SHA1

    1c5e457d780e0851d6227cfc0f87d8754db15468

    SHA256

    3efe3c8db583c08adfb303934be9a506ea73b5bf516036c4b86b3d28bb944991

    SHA512

    627836bf8e61ae73b26657befc096b86be9a977a4407a47b06fca49e9578010a88550bba70aaca49e47c98dff4638a107bceda5bce5fdfd43a5d29d0d421b9c4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    252c7f06b51f7445e02ea235c5aa6320

    SHA1

    23b1706aed751de6a28a74a80a1a07f5f34a7476

    SHA256

    c97ee628b47bf8aba12cdee4757cb2488a4401b9967b08136a018f9c829ba1af

    SHA512

    a7dab346c88004c47bc9c447896ec018c5aa7c45caac2e602877ab12053234019cea00b188356618693eed94f8119e8aa40263ee9373dc669062426637b54c1b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2c3066d4ee42ae6818586ac8e5fa73cb

    SHA1

    8c8d4019201a03e5f229c3d393925dc3b0d75982

    SHA256

    479ddbff1fc776e144cdc27324efd25ff145e0fe3bf810aa16bd9ff0d5da106b

    SHA512

    4a2faa3fd6598633885d5ceb399da96613bd24b67137097abb32f08e316992ffb0d66057000875129dce691561e44d40a48879d92198e3b3a0acae526c71fdc6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a6b2dc49dda314745a1eb7386f1db948

    SHA1

    929510267096fbfffd9de695ddf7a8f306e18459

    SHA256

    11a402830ce22d5262014eb7d3b63bef4401a16a18d52c6f7b9b46cfaef3f025

    SHA512

    13eb1f477e64c0bfc00f09f403132373e42d8d68141dddf71f0ebd5bef4acc860b250a4c84c42e0e699549a8b2fd37790d9a5a991bad792ca4d06e229132b85d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    74d6f818a8ee868b805c3150db7b202e

    SHA1

    c5680e4c1f0d15fc35a85f431f875348e00b9c42

    SHA256

    43bec25a2409e9e72d90210652e30f8bc5af87392e761f99e29612733eb83070

    SHA512

    468ec373b565ce5612ea6e4aecdba302966f0989a728177d2b8f05ef9e95b4bd645abe368524a9eead7fb618ed202440c9bdd272403e5a18776d7ed3ed9f2642

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0f0d56d17be620a29ae3d7a744c66db0

    SHA1

    98fe169ee27bf727b99f7460736f694cdeaec8ee

    SHA256

    3d0e83d8bb92245a2b8af9b8376a19fcf337aca14b6a0e8b3fec4093bbb8e10e

    SHA512

    11b352cf8ef2b6ddae4756c75c08a835e1970291856ae81670f530b361a88f281fa9e9c6a21cc208b0db7a3c8ab4461097fd7dbb336dcfc8a0e43ac95a024f9b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a51a7724ec10acce569195f13c2a6375

    SHA1

    f68fe782f27ca62727cc3b92ff738f67305173d7

    SHA256

    3d3842eb7cffe5b4ab15cd93d8ca7e2578a3e4e3473bbdac7f728bdc642b0dad

    SHA512

    aca36893d06b770f6447f65437a8e413a78194c893d9ee584d61a80594ab775ce8e202eb46029d96f302b7c6f9954c3fed5ab984912066fd5ca1ce6177575a79

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3014a4db4441054a9f855084bc34749a

    SHA1

    8d4cb94f20efef927f464407e6946de934748aef

    SHA256

    2f9debc95fb56eb879ab98ddbc457bfc9c2dc79b533bf08dceb71c71e6ad5cfd

    SHA512

    ee898bc30a7f02af6a898d488974f6bf8da65639135ff7028fb86346abfd3fc0dc5ad712daedc4e9c2287a3f62b523b0ab0177db93e83beb4c80e01b1d136f7f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    618a7bc75348bd0822db78498308f443

    SHA1

    a5364c63caba42c96a35fbd07f6b1fd132b74954

    SHA256

    f2091af2c7fad71c5f318dd442634884ec7f04d23404018d61952960ad73fa67

    SHA512

    a13bff76daf6c7da90080587a2ce57ac373ec1515a8d79477b9e9dbc286bc038b114a123b83c42bed5529251099b3084267bdf59f324be5c3ec72c1de8136658

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    57fea08146178e608a209293ff1be0b4

    SHA1

    f0cbb7ec3528952f8c7f9bb9c8d3394d61f3b0ee

    SHA256

    bd73c4ff12884a0f4270a3b91b4b4dc310d9336e9ceb1ca71bb9c0a8372e86c0

    SHA512

    8cf055fcf6d984dc758fe6420b577b02cb540bd455e89e50f0bac24000ccceea177f1599e5acf88e85e40617c30305f7d737a206d065d4a3970822d17f792fca

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8BDE.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8D28.tmp
    Filesize

    71KB

    MD5

    83142242e97b8953c386f988aa694e4a

    SHA1

    833ed12fc15b356136dcdd27c61a50f59c5c7d50

    SHA256

    d72761e1a334a754ce8250e3af7ea4bf25301040929fd88cf9e50b4a9197d755

    SHA512

    bb6da177bd16d163f377d9b4c63f6d535804137887684c113cc2f643ceab4f34338c06b5a29213c23d375e95d22ef417eac928822dfb3688ce9e2de9d5242d10

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8D5B.tmp
    Filesize

    183KB

    MD5

    109cab5505f5e065b63d01361467a83b

    SHA1

    4ed78955b9272a9ed689b51bf2bf4a86a25e53fc

    SHA256

    ea6b7f51e85835c09259d9475a7d246c3e764ad67c449673f9dc97172c351673

    SHA512

    753a6da5d6889dd52f40208e37f2b8c185805ef81148682b269fff5aa84a46d710fe0ebfe05bce625da2e801e1c26745998a41266fa36bf47bc088a224d730cc

    Download Submit