Overview

overview

1

Static

static

44460.6828...t.html

windows7_x64

1

44460.6828...t.html

windows10_x64

1

Analysis

  • max time kernel
    119s
  • max time network
    151s
  • platform
    windows10_x64
  • resource
    win10-en-20210920
  • submitted
    21-09-2021 15:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    44460.6828835648.dat.html

  • Size

    146B

  • MD5

    9fe3cb2b7313dc79bb477bc8fde184a7

  • SHA1

    4d7b3cb41e90618358d0ee066c45c76227a13747

  • SHA256

    32f2fa940d4b4fe19aca1e53a24e5aac29c57b7c5ee78588325b87f1b649c864

  • SHA512

    c54ad4f5292784e50b4830a8210b0d4d4ee08b803f4975c9859e637d483b3af38cb0436ac501dea0c73867b1a2c41b39ef2c27dc3fb20f3f27519b719ea743db

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 49 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\44460.6828835648.dat.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2160
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2160 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2620

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    MD5

    0062794fa62b22c483a3dbb6515f1770

    SHA1

    7d6a2f0ac48b2521fd428011b26d6313758ae9b5

    SHA256

    65d41a45837be14e343d8dafb3d154dd9812d2f166045aaa9c3c5bb826e0d581

    SHA512

    a122486a139cfaf509f5ca29e51999d32af906c1e676b5d3f9081e3ef84e26e6e33f5c38384fdd82e4d757acb33f92cfb396581ca68883b321e28a9e5035ca7a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    MD5

    d398119a1f4691cb47fe2b9bd28c48dc

    SHA1

    3b4d88d8757104ac8efc322afaa8ac55124b96e6

    SHA256

    b1ce07f2a6d55cf08a42e83c2d51133fe49be6b72ed96121e8cb871830d4f78a

    SHA512

    d4227d81d3ee1cd3dd3b0592e3cdd85002fa3a99595fab0c764cd6ee37d97a834d49971dbf40581e9409e4e6c3447d21de6759f9f39502a5ea6c8da88e536836

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\IB9LKRGU.cookie
    MD5

    73f0d7bb0d260717eb1e2e33369c6734

    SHA1

    b51d174325e6c38c398e940eb5a101295e8ceb73

    SHA256

    99a9dcec03cc6ace075d1dd8745ea7d5f30e6a44fcf83275b69478f7f160a90b

    SHA512

    1228d2867c003a7de66cb803db479e0062778279384eccc88564815320c210b40cd82782f8b61aa4c2c401ca7b59336a60105a05a16aa94f583cbc41f87ce4b7

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\JOG84XTP.cookie
    MD5

    55c7fe7b47e9be0b220ffefc21676bef

    SHA1

    58753bc8d1af358be840a84dffc685369b8d5e25

    SHA256

    b2836fbf98c6e631311903d622270527373972628f14bf6f19ec8c67c129cb00

    SHA512

    526b06f7e908ef047cacfa4a3806c1675ae52bcf51cf1cfaf7c570520a81a084a5e95f3f4916fddae606ab39c971537473343afae09ad38dbb340ea5921b3589

    Download Submit

  • memory/2160-115-0x00007FF96B070000-0x00007FF96B0DB000-memory.dmp

    Filesize

    428KB

    Download

  • memory/2620-116-0x0000000000000000-mapping.dmp

    Download