Analysis
-
max time kernel
126s -
max time network
160s -
platform
windows10_x64 -
resource
win10-en-20210920 -
submitted
14-10-2021 05:00
General
-
Target
test.html
-
Size
56KB
-
MD5
3eb461097e8ce9042f5ab4110845fef7
-
SHA1
bc66662b79302d508ac99015c0188d5e47858782
-
SHA256
7aa6f5034f66394bec9d7f6b91bc3561fe18f3ee724b73456672f80aa6d8a4e9
-
SHA512
96eb66ab6afff48e8e85e77f52a217844658ea298eb69ca3e6d42b9272e5c2327fb1d81d43739be8031d4ac786d67d04820f711b3aa104bba6b8d8fd0d9193f6
Malware Config
Signatures
-
Modifies Internet Explorer settings 1 TTPs 49 IoCs
-
Suspicious use of FindShellTrayWindow 1 IoCs
-
Suspicious use of SetWindowsHookEx 6 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Program Files\Internet Explorer\iexplore.exe"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\test.html1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2428 CREDAT:82945 /prefetch:22⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776MD5
0e7076d6b1e84aa724a64a4be6cbf7cc
SHA1bc48c9a6ddbeae7ed1b9a6f7a5d98838205ff6fa
SHA2564acfebfc4e9624bd192b338789d23c58deda34aa8de8db5a82163a38f818d0d7
SHA5125f292e3e95eb259aacab30d9d2e6c1f1d7299b7de0a90e9f10db7d14f43035bf8c007190cdd28159ea6adfeb70f8086c79ab7b8ab4fab3593d30020f51f4c358
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776MD5
9777312a01f8174393c91d2590c3aaf9
SHA1b50731f813e035fc29d69063316ea7f361671006
SHA2566f0d8826a0c8d0d31e842aa29f769e0f3d42a32972ff76ad618416a170909364
SHA512e5f964497911cd44b1bf2e1aae84a0b2b44c49ebcdb51f591cd521e01f15152b1a33f20249a3ce640fa7270c6de0e678ffde008d9ea078ecb4f76100b6269d1a
-
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\P5JILURT.cookieMD5
9c6910f3a5b409a097725c55b28fd407
SHA117e0bb9adbd289b6eee4a1c5f173c9c2247ff65d
SHA25668448e23728225e364d28160e399c6e63e84d1ba1e082c6596775f476eecbb73
SHA51298204aa964c4f8271a203199054c8eec9457a8a356aef2fec817acade540fc1e36b1f95e39ad29765eaa068594971987c789e14fff002b2f69f526744bd17bad
-
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\S4ZY4W7X.cookieMD5
b9617459c8153254e4cb60a93d2f76d4
SHA184fabc124de21fb50e58dca639c6f0dcd85863cd
SHA25646535ed460de46672a7f34060bd76c201603389379c5549633efe35eb73156e0
SHA512bb3d6701a3f59afed002c87960244352017c3f279012f283e8be1817c20c6fb07f3232d5560743aa4377438db01988b3bd8f0e46aa8b69574c06d0c6d411c42a
-
memory/1216-141-0x0000000000000000-mapping.dmp
-
memory/2428-143-0x00007FF9AC260000-0x00007FF9AC2CB000-memory.dmpFilesize
428KB
-
memory/2428-150-0x00007FF9AC260000-0x00007FF9AC2CB000-memory.dmpFilesize
428KB
-
memory/2428-123-0x00007FF9AC260000-0x00007FF9AC2CB000-memory.dmpFilesize
428KB
-
memory/2428-124-0x00007FF9AC260000-0x00007FF9AC2CB000-memory.dmpFilesize
428KB
-
memory/2428-125-0x00007FF9AC260000-0x00007FF9AC2CB000-memory.dmpFilesize
428KB
-
memory/2428-127-0x00007FF9AC260000-0x00007FF9AC2CB000-memory.dmpFilesize
428KB
-
memory/2428-128-0x00007FF9AC260000-0x00007FF9AC2CB000-memory.dmpFilesize
428KB
-
memory/2428-129-0x00007FF9AC260000-0x00007FF9AC2CB000-memory.dmpFilesize
428KB
-
memory/2428-131-0x00007FF9AC260000-0x00007FF9AC2CB000-memory.dmpFilesize
428KB
-
memory/2428-132-0x00007FF9AC260000-0x00007FF9AC2CB000-memory.dmpFilesize
428KB
-
memory/2428-133-0x00007FF9AC260000-0x00007FF9AC2CB000-memory.dmpFilesize
428KB
-
memory/2428-135-0x00007FF9AC260000-0x00007FF9AC2CB000-memory.dmpFilesize
428KB
-
memory/2428-136-0x00007FF9AC260000-0x00007FF9AC2CB000-memory.dmpFilesize
428KB
-
memory/2428-137-0x00007FF9AC260000-0x00007FF9AC2CB000-memory.dmpFilesize
428KB
-
memory/2428-138-0x00007FF9AC260000-0x00007FF9AC2CB000-memory.dmpFilesize
428KB
-
memory/2428-140-0x00007FF9AC260000-0x00007FF9AC2CB000-memory.dmpFilesize
428KB
-
memory/2428-121-0x00007FF9AC260000-0x00007FF9AC2CB000-memory.dmpFilesize
428KB
-
memory/2428-115-0x00007FF9AC260000-0x00007FF9AC2CB000-memory.dmpFilesize
428KB
-
memory/2428-145-0x00007FF9AC260000-0x00007FF9AC2CB000-memory.dmpFilesize
428KB
-
memory/2428-146-0x00007FF9AC260000-0x00007FF9AC2CB000-memory.dmpFilesize
428KB
-
memory/2428-148-0x00007FF9AC260000-0x00007FF9AC2CB000-memory.dmpFilesize
428KB
-
memory/2428-122-0x00007FF9AC260000-0x00007FF9AC2CB000-memory.dmpFilesize
428KB
-
memory/2428-151-0x00007FF9AC260000-0x00007FF9AC2CB000-memory.dmpFilesize
428KB
-
memory/2428-152-0x00007FF9AC260000-0x00007FF9AC2CB000-memory.dmpFilesize
428KB
-
memory/2428-156-0x00007FF9AC260000-0x00007FF9AC2CB000-memory.dmpFilesize
428KB
-
memory/2428-157-0x00007FF9AC260000-0x00007FF9AC2CB000-memory.dmpFilesize
428KB
-
memory/2428-158-0x00007FF9AC260000-0x00007FF9AC2CB000-memory.dmpFilesize
428KB
-
memory/2428-164-0x00007FF9AC260000-0x00007FF9AC2CB000-memory.dmpFilesize
428KB
-
memory/2428-165-0x00007FF9AC260000-0x00007FF9AC2CB000-memory.dmpFilesize
428KB
-
memory/2428-166-0x00007FF9AC260000-0x00007FF9AC2CB000-memory.dmpFilesize
428KB
-
memory/2428-167-0x00007FF9AC260000-0x00007FF9AC2CB000-memory.dmpFilesize
428KB
-
memory/2428-168-0x00007FF9AC260000-0x00007FF9AC2CB000-memory.dmpFilesize
428KB
-
memory/2428-169-0x00007FF9AC260000-0x00007FF9AC2CB000-memory.dmpFilesize
428KB
-
memory/2428-173-0x00007FF9AC260000-0x00007FF9AC2CB000-memory.dmpFilesize
428KB
-
memory/2428-174-0x00007FF9AC260000-0x00007FF9AC2CB000-memory.dmpFilesize
428KB
-
memory/2428-177-0x00007FF9AC260000-0x00007FF9AC2CB000-memory.dmpFilesize
428KB
-
memory/2428-178-0x00007FF9AC260000-0x00007FF9AC2CB000-memory.dmpFilesize
428KB
-
memory/2428-179-0x00007FF9AC260000-0x00007FF9AC2CB000-memory.dmpFilesize
428KB
-
memory/2428-120-0x00007FF9AC260000-0x00007FF9AC2CB000-memory.dmpFilesize
428KB
-
memory/2428-119-0x00007FF9AC260000-0x00007FF9AC2CB000-memory.dmpFilesize
428KB
-
memory/2428-117-0x00007FF9AC260000-0x00007FF9AC2CB000-memory.dmpFilesize
428KB
-
memory/2428-116-0x00007FF9AC260000-0x00007FF9AC2CB000-memory.dmpFilesize
428KB