Overview

overview

10

Static

static

Invoice 022.html

windows7_x64

10

Invoice 022.html

windows10_x64

1

Resubmissions

17-09-2021 12:32

210917-pqlqksaegn 10

17-09-2021 12:20

210917-phvnhsffe9 1

Analysis

  • max time kernel
    91s
  • max time network
    150s
  • platform
    windows10_x64
  • resource
    win10-en
  • submitted
    17-09-2021 12:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Invoice 022.html

  • Size

    556KB

  • MD5

    b022401fedba19e737f284793a8bddf9

  • SHA1

    4f20afb60cf4b1eb09b24159cb5b900a9b7f9274

  • SHA256

    ae0a8a3162473a4799d22b293c78181bf93f3b6116350b8fd47adf98e37e5a42

  • SHA512

    ec137d00e353c8b5d6748253a7887bf4fa51ab87742fb27a747e09039a8d1db951883b95821b93563971c0408162198aec5b0207f8bd5ebd8d13209d1d1742fe

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 49 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\Invoice 022.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3996
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3996 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3164

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    MD5

    ba796ad39a270daee3aed71fd9f76b4d

    SHA1

    b63dcf1a6e63a7d79858be62dea7dd3fa067cf78

    SHA256

    54fb4e4493b71c73b5264023bec3f61c6f24896073744f9e24a3fcde791076f7

    SHA512

    8768394e532a473e3c01b89deed80b2a3dd72a201061cd98677947d187cd01274cb19e179ff48a85a3113df597c3d81d1aefca7d63b4933ffe94fa82e48c0003

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    MD5

    7696f8e50cc7396d806a28bd07efcca9

    SHA1

    a9c19ce6742cbc3c3c7eee12dc1c6947c0dc9f6b

    SHA256

    fad79c6ff8063e56ef1319370016526d0dd1d282f1dff2aab78ffe03ddc89de7

    SHA512

    665cde3af507c1d76f78e5ca503fb6c6b34797161acc25e52d91378d17634dbe7b71bd850069aef2506a2dadf38e9087b7d3ada9300bbaaf2eb511ff0808a10c

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\CVKQY2EM.cookie
    MD5

    7d5e422756de7a3c0d5daa41a5d744a6

    SHA1

    025a9f4a60c5423d1aa3894c28b01d1122c5be20

    SHA256

    f260029d43da443e9612061a888163e260740d26d59e5287ede90b5276f140a2

    SHA512

    7429097aca9f2dbde1c01cffb471841fe854079378930d632db5dbf743ea28ee5246dc64e12a27123f9ca1f92fe98f868cbe8cf6403e11b9e7e774411ed44438

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\UYYZ58L2.cookie
    MD5

    2c8cc95ee8064d7e60018fc02f1a2c98

    SHA1

    e8c74c9b332ba7768f12533f1e8a7cd44d146d72

    SHA256

    7f98e66cb615bc427c40fe568eeb66458e27b46fa6781275105f3c510ef11052

    SHA512

    c6a047762a9a57214998f4a137eea7ec9bfd1a7ea8cc370c46dcb8614cec07a3bae6d4bf219a9961bea494025f79f702521111bd608c76c83b176a67655ba318

    Download Submit
  • memory/3164-116-0x0000000000000000-mapping.dmp
    Download
  • memory/3996-115-0x00007FFEB52B0000-0x00007FFEB531B000-memory.dmp
    Filesize

    428KB

    Download