Overview

overview

1

Static

static

notification.html

windows7_x64

1

notification.html

windows10_x64

1

Analysis

  • max time kernel
    119s
  • max time network
    143s
  • platform
    windows10_x64
  • resource
    win10v20201028
  • submitted
    13-01-2021 14:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    notification.html

  • Size

    22KB

  • MD5

    1ab91be4118ea0ae1ab1a71ffbcdc434

  • SHA1

    81e703d3614316c915b8b708cd2a078add50a575

  • SHA256

    cf7c2ec3495d54c3cdebfaeb1c88d03a8198c80e0e1c1d1b6b24200574f66469

  • SHA512

    0b3beba6bddb7a23d83fad103efc1cd8eab9c35554a5cabf5f94a13e054e8c863214c65a56266ee325ddd1b5f0e132e63662c99f118abf76b4b96fc952c318c8

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 49 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\notification.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1316
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1316 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:4020

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    MD5

    a36b44d5adb4041932847abd904a977a

    SHA1

    d26d17290820c64c4139b4677633df29ab51c6b2

    SHA256

    9cff6cca3aa67e7e5ee897b37889577e1cfb2b68036849202a11b33d9cba569f

    SHA512

    4edf5ee43ed3045b027027ee8b4d16595c7e4945eb60d24ea4d37ecbbb9e1333e01cc6a0031af28edcf26b686287f1ad4ae2093853ae71a1747c428e78d0832e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    MD5

    2eaf340a5b4167198eb1332b754e73ca

    SHA1

    c55c3e6b8f5ff83bc6c1d679b6e1a3c7a289d121

    SHA256

    c0e7637974a82211cc013432fabd32972facae8ba085705d5b39698177b52870

    SHA512

    5056393419262f1720235b06a348ea5833020dc00573cee85ede4d7619bc3359f1344fe36ccb712a71fa7b0ff6e5f24b7436bb41269cd4ee2c520cabe96adbed

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\93R3XP2A.cookie
    MD5

    adaddc0c7f1dbcf04f58c875a27d0dc8

    SHA1

    a86d00923e927d9b2eb7be7337297962130fcaf1

    SHA256

    5b726e7ddc515924a41bded23b6285c3ae4ace4e42cc3a0b58a21bf9d9142954

    SHA512

    794b74cf9785b74c89db2b4de3237afc8ceb8b2c23f654ad4e0491b14ab53f525ac6d763d6658dbcfad8ce2d82c1c907c798fb86bdc720efb12c4368e0621dbd

    Download Submit

  • memory/4020-2-0x0000000000000000-mapping.dmp

    Download