Overview

overview

10

Static

static

10

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

10

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

1

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

10

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

1

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

1

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

1

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

1

ฺฺฺK...ฺฺ

windows10_x64

1

ฺฺฺK...ฺฺ

windows10_x64

1

ฺฺฺK...ฺฺ

windows10_x64

1

ฺฺฺK...ฺฺ

windows10_x64

1

ฺฺฺK...ฺฺ

windows10_x64

8

ฺฺฺK...ฺฺ

windows10_x64

1

Analysis

  • max time kernel
    601s
  • max time network
    367s
  • platform
    windows10_x64
  • resource
    win10v20201028
  • submitted
    22-11-2020 06:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    index(9).html

  • Size

    119KB

  • MD5

    33b72c6dc00dd802f5e2d53cbe5c613a

  • SHA1

    450ed8acb15133ed843576e735cc171e77c6fe53

  • SHA256

    027bb852118f95abe8945905a2ceb945b2051c14418f0f47cb9db097ccd97a36

  • SHA512

    fb734e720d5043f887e0a8d66b01cae4a3c5028712a28452406cf0d1d629e2c4205d623286f8aa193b5d269ae8f545d860ae0a65cebedf77e6a887dff7163370

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 49 IoCs
    adwarespyware
  • Suspicious use of AdjustPrivilegeToken 4 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\index(9).html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4760
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4760 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of SetWindowsHookEx
      PID:3480
  • C:\Windows\system32\AUDIODG.EXE
    C:\Windows\system32\AUDIODG.EXE 0x40c
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:4228

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_D9817BD5013875AD517DA73475345203
    MD5

    ffc04cd305e33221116feebf2eaa50b0

    SHA1

    6aeecd1a32ce6655a43e6b35cb2d0cb45876c9d4

    SHA256

    e0215011ac1136f278389a2a9b9572d9cdbb704f4a2a6d4b9cb8e99eba316de4

    SHA512

    ecd09a4db7f337f7b4b767edca0615262af8785c3dd85e6369037c04eda0865c59949a406e6e016ba8e893e7f740881be22909aa472ea6fd1c38aa3902979a01

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_D9817BD5013875AD517DA73475345203
    MD5

    55be7950fb164321e4519ffaf4dff491

    SHA1

    0b7ae41fde6bc4f85c78cbd4dc881ecb0f1cf65b

    SHA256

    20cb128ead7c086f0f26a008dd813bba8bb0326e2f7f79f16436ec7f69cf6cb5

    SHA512

    9c076dbfcbfdbbdaaa7837dcfcd94d8499231150ca5032513ca5b5d155fa01a4eb24f85a7e740cc277843d81a6239ed2f4d306b18c518ac9389bfc3c4218ee27

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\HWYFXCTE.cookie
    MD5

    97baf2121bca95ea3f5453fb88363889

    SHA1

    f41716b5109ac98cb26a2c6cc8a0ef5b38999e3f

    SHA256

    d6fcdb6b05265606b90a09e5c15e004739c371bdc6a4c309ccea2e4f76f84594

    SHA512

    6f9e0e84ea92e0256a26c49a207dfb320d45c960a1a66be8c30d271f11d85e74b253a531e2a7710479150174ef9017192a522412f8c8577822d724c52714a092

    Download Submit

  • memory/3480-17-0x0000000007C10000-0x0000000007C20000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3480-7-0x0000000007C10000-0x0000000007C20000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3480-16-0x0000000007C10000-0x0000000007C20000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3480-1-0x0000000007C10000-0x0000000007C20000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3480-18-0x0000000007C10000-0x0000000007C20000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3480-8-0x0000000007C10000-0x0000000007C20000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3480-2-0x0000000007C10000-0x0000000007C20000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3480-11-0x0000000007C10000-0x0000000007C20000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3480-10-0x0000000007C10000-0x0000000007C20000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3480-12-0x0000000007C10000-0x0000000007C20000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3480-13-0x0000000007C10000-0x0000000007C20000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3480-19-0x0000000007C10000-0x0000000007C20000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3480-15-0x0000000007C10000-0x0000000007C20000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3480-0-0x0000000000000000-mapping.dmp

    Download

  • memory/3480-4-0x0000000007C10000-0x0000000007C20000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3480-3-0x0000000007C10000-0x0000000007C20000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3480-14-0x0000000007C10000-0x0000000007C20000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3480-20-0x0000000007C10000-0x0000000007C20000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3480-21-0x0000000007C10000-0x0000000007C20000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3480-22-0x0000000007C10000-0x0000000007C20000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3480-23-0x0000000007C10000-0x0000000007C20000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3480-24-0x0000000007C10000-0x0000000007C20000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3480-25-0x0000000007C10000-0x0000000007C20000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3480-26-0x0000000007C10000-0x0000000007C20000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3480-27-0x0000000007C10000-0x0000000007C20000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3480-28-0x0000000007C10000-0x0000000007C20000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3480-29-0x0000000007C10000-0x0000000007C20000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3480-30-0x0000000007C10000-0x0000000007C20000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3480-31-0x0000000007C10000-0x0000000007C20000-memory.dmp

    Filesize

    64KB

    Download