Overview

overview

1

Static

static

44542.3874.dat.html

windows7_x64

1

44542.3874.dat.html

windows10_x64

1

Analysis

  • max time kernel
    122s
  • max time network
    152s
  • platform
    windows10_x64
  • resource
    win10-en-20211208
  • submitted
    09-12-2021 09:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    44542.3874.dat.html

  • Size

    146B

  • MD5

    9fe3cb2b7313dc79bb477bc8fde184a7

  • SHA1

    4d7b3cb41e90618358d0ee066c45c76227a13747

  • SHA256

    32f2fa940d4b4fe19aca1e53a24e5aac29c57b7c5ee78588325b87f1b649c864

  • SHA512

    c54ad4f5292784e50b4830a8210b0d4d4ee08b803f4975c9859e637d483b3af38cb0436ac501dea0c73867b1a2c41b39ef2c27dc3fb20f3f27519b719ea743db

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 49 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\44542.3874.dat.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2628
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2628 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1348

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    MD5

    8c6d3540121a7cf9d0b8a790b06d82eb

    SHA1

    57eeb1af7988b33f11ddafab5a69593a7cae3e8c

    SHA256

    fb3b6c1777c056fac4519902fd051155f7c33c380059cc3c0b910e2ff35475fe

    SHA512

    a36bd84ad6991e8d574b04f3fba33d2dd3f13713dc45d24abcfe21e2d6d0980cd5dff068403afb4fcb618f45217ac0a1b32381a21c1163d3cb823091382fa5f4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CCFEED7EF3CD3BBD21329435542A98D2_1AACC2445B848FD7F42E6377EB140BD5
    MD5

    efe73b08b0fc682a7ae67591b335cc1a

    SHA1

    82653095d46a02c68f8f6628a08db04ab2b278d5

    SHA256

    4f9f924099586dafd250a6adc0d77d7de3a7f17e5c602dd37d7bcadd91ab87b7

    SHA512

    1c46b57f89705e049509723cbf6a60fc751a9e087ec88bfbf0fff1889b608ea4adb3f444a16b781ea845dc7eee78d0ec198c46aecbc973da67df11ea09736505

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    MD5

    dc5e86fda2d77c46b58cb2d3cc8fa118

    SHA1

    0aed1bc02dfc65de1d18368a2cf50d8470880210

    SHA256

    3df38be981aeb7f61cad08f77216e317db7e6882bc987727eb5b795c550065b5

    SHA512

    a0886ff76fa077707301f4b13eeef4ffe3f8abce7bb922e872338eb5457af31ab13976ff1757d592235780b8c3c7d9f8d6fe97cab7bb5a26b4a0e6ef3e88e6f2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CCFEED7EF3CD3BBD21329435542A98D2_1AACC2445B848FD7F42E6377EB140BD5
    MD5

    77f5833a44e6a6455b5b11429b1cf253

    SHA1

    9d2bd877cecb31b887d81214b309e63d66620c18

    SHA256

    ea811c552dc7999399bfac17cf9e4cb98d3a38c4a1111083755eb756d8080f36

    SHA512

    9fa07af6b1b9103355d5d018b82afa11b14ed9d6e5889f27a50fcf85641b02f1a62efdf51abcdba6aad5ee9ee7dccb02eaa0a7735c51c7386e8ed014a6d5e3d4

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\Y7FMD44C.cookie
    MD5

    d7527877dafe8db39b58297b60eb4323

    SHA1

    0bc2112ce1fbf8c5d5eac104e3989830379216cb

    SHA256

    3eaf287ba79aaae0bb445c0fc5e875dfa200a9f694a9677e84e26570806313ac

    SHA512

    847bf288088d13b0c9cc305d80c1b589aca877e3aabe7bdd4ab1b5f05753d5477bc3896cef3d9cef8adeb3f13e277c0d5b0fe94bc03a80fcb537ecb32b61c7b0

    Download Submit

  • memory/1348-141-0x0000000000000000-mapping.dmp

    Download

  • memory/2628-146-0x00007FF8254A0000-0x00007FF82550B000-memory.dmp

    Filesize

    428KB

    Download

  • memory/2628-151-0x00007FF8254A0000-0x00007FF82550B000-memory.dmp

    Filesize

    428KB

    Download

  • memory/2628-125-0x00007FF8254A0000-0x00007FF82550B000-memory.dmp

    Filesize

    428KB

    Download

  • memory/2628-123-0x00007FF8254A0000-0x00007FF82550B000-memory.dmp

    Filesize

    428KB

    Download

  • memory/2628-127-0x00007FF8254A0000-0x00007FF82550B000-memory.dmp

    Filesize

    428KB

    Download

  • memory/2628-128-0x00007FF8254A0000-0x00007FF82550B000-memory.dmp

    Filesize

    428KB

    Download

  • memory/2628-129-0x00007FF8254A0000-0x00007FF82550B000-memory.dmp

    Filesize

    428KB

    Download

  • memory/2628-131-0x00007FF8254A0000-0x00007FF82550B000-memory.dmp

    Filesize

    428KB

    Download

  • memory/2628-132-0x00007FF8254A0000-0x00007FF82550B000-memory.dmp

    Filesize

    428KB

    Download

  • memory/2628-133-0x00007FF8254A0000-0x00007FF82550B000-memory.dmp

    Filesize

    428KB

    Download

  • memory/2628-135-0x00007FF8254A0000-0x00007FF82550B000-memory.dmp

    Filesize

    428KB

    Download

  • memory/2628-136-0x00007FF8254A0000-0x00007FF82550B000-memory.dmp

    Filesize

    428KB

    Download

  • memory/2628-137-0x00007FF8254A0000-0x00007FF82550B000-memory.dmp

    Filesize

    428KB

    Download

  • memory/2628-138-0x00007FF8254A0000-0x00007FF82550B000-memory.dmp

    Filesize

    428KB

    Download

  • memory/2628-140-0x00007FF8254A0000-0x00007FF82550B000-memory.dmp

    Filesize

    428KB

    Download

  • memory/2628-122-0x00007FF8254A0000-0x00007FF82550B000-memory.dmp

    Filesize

    428KB

    Download

  • memory/2628-143-0x00007FF8254A0000-0x00007FF82550B000-memory.dmp

    Filesize

    428KB

    Download

  • memory/2628-145-0x00007FF8254A0000-0x00007FF82550B000-memory.dmp

    Filesize

    428KB

    Download

  • memory/2628-115-0x00007FF8254A0000-0x00007FF82550B000-memory.dmp

    Filesize

    428KB

    Download

  • memory/2628-148-0x00007FF8254A0000-0x00007FF82550B000-memory.dmp

    Filesize

    428KB

    Download

  • memory/2628-150-0x00007FF8254A0000-0x00007FF82550B000-memory.dmp

    Filesize

    428KB

    Download

  • memory/2628-124-0x00007FF8254A0000-0x00007FF82550B000-memory.dmp

    Filesize

    428KB

    Download

  • memory/2628-152-0x00007FF8254A0000-0x00007FF82550B000-memory.dmp

    Filesize

    428KB

    Download

  • memory/2628-156-0x00007FF8254A0000-0x00007FF82550B000-memory.dmp

    Filesize

    428KB

    Download

  • memory/2628-157-0x00007FF8254A0000-0x00007FF82550B000-memory.dmp

    Filesize

    428KB

    Download

  • memory/2628-158-0x00007FF8254A0000-0x00007FF82550B000-memory.dmp

    Filesize

    428KB

    Download

  • memory/2628-164-0x00007FF8254A0000-0x00007FF82550B000-memory.dmp

    Filesize

    428KB

    Download

  • memory/2628-165-0x00007FF8254A0000-0x00007FF82550B000-memory.dmp

    Filesize

    428KB

    Download

  • memory/2628-166-0x00007FF8254A0000-0x00007FF82550B000-memory.dmp

    Filesize

    428KB

    Download

  • memory/2628-167-0x00007FF8254A0000-0x00007FF82550B000-memory.dmp

    Filesize

    428KB

    Download

  • memory/2628-168-0x00007FF8254A0000-0x00007FF82550B000-memory.dmp

    Filesize

    428KB

    Download

  • memory/2628-169-0x00007FF8254A0000-0x00007FF82550B000-memory.dmp

    Filesize

    428KB

    Download

  • memory/2628-173-0x00007FF8254A0000-0x00007FF82550B000-memory.dmp

    Filesize

    428KB

    Download

  • memory/2628-174-0x00007FF8254A0000-0x00007FF82550B000-memory.dmp

    Filesize

    428KB

    Download

  • memory/2628-177-0x00007FF8254A0000-0x00007FF82550B000-memory.dmp

    Filesize

    428KB

    Download

  • memory/2628-178-0x00007FF8254A0000-0x00007FF82550B000-memory.dmp

    Filesize

    428KB

    Download

  • memory/2628-179-0x00007FF8254A0000-0x00007FF82550B000-memory.dmp

    Filesize

    428KB

    Download

  • memory/2628-121-0x00007FF8254A0000-0x00007FF82550B000-memory.dmp

    Filesize

    428KB

    Download

  • memory/2628-120-0x00007FF8254A0000-0x00007FF82550B000-memory.dmp

    Filesize

    428KB

    Download

  • memory/2628-119-0x00007FF8254A0000-0x00007FF82550B000-memory.dmp

    Filesize

    428KB

    Download

  • memory/2628-117-0x00007FF8254A0000-0x00007FF82550B000-memory.dmp

    Filesize

    428KB

    Download

  • memory/2628-116-0x00007FF8254A0000-0x00007FF82550B000-memory.dmp

    Filesize

    428KB

    Download