Overview

overview

10

Static

static

10

5d581f6860...0.html

windows7_x64

1

5d581f6860...0.html

windows10-2004_x64

1

Analysis

  • max time kernel
    4294212s
  • max time network
    173s
  • platform
    windows7_x64
  • resource
    win7-20220310-en
  • submitted
    24-03-2022 23:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5d581f68607843dfb1baf59e9ba5568501cb0b1bdb4893b4692604467ee3a8d0.html

  • Size

    312KB

  • MD5

    1ca6e7e11c73312fc5e1e11d8507dd3a

  • SHA1

    bbf500bbdbb9a94998ba4eeccf2b26a2a77c41e0

  • SHA256

    5d581f68607843dfb1baf59e9ba5568501cb0b1bdb4893b4692604467ee3a8d0

  • SHA512

    089898653dfd0a305751c7f825b8dc77234888b0e79d1091080e68062e904ed41ee95c4378d36786c847bbf9a80b0fbf403c37e289b9f5ce8c5036a9774494b9

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 30 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\5d581f68607843dfb1baf59e9ba5568501cb0b1bdb4893b4692604467ee3a8d0.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1076
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1076 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1320

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    MD5

    168e4b61a156def6905716b33f149704

    SHA1

    876087f6b63044c93e9af21932574bc808f209ad

    SHA256

    79e7164077c2c25bc128ba7eb21622f6a6b91ba89a231c2908a8608fdb4afd3b

    SHA512

    193e43eceb68fb49f722665371412c2e09650ca081ea161f392a32b77158713c572cd176f8611b77b8e526221c25a8ecfee8476d21ab869819afb07821e4d885

    Download Submit
  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\JC9YA1PJ.txt
    MD5

    22f10be71612eff1b0bffebb0b969295

    SHA1

    a38c432b40bfdb0c527be8a9bbd2eced538fc403

    SHA256

    bb588bfee7c9e16fca72591aada54e725caf1904a3c13af1965f15b3d9fdbd75

    SHA512

    c91a656e9ba571a0e9d4699527be6dec9de26576ad50f6fe94a11b7eea419e898c81873e125291f64640be1338cead473cf8930a5973b2187e35bad0893a2304

    Download Submit