Overview

overview

10

Static

static

10

002d6cd73b...e.html

windows7_x64

1

002d6cd73b...e.html

windows10-2004_x64

1

Analysis

  • max time kernel
    152s
  • max time network
    181s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220414-en
  • submitted
    02-05-2022 21:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    002d6cd73be0b3d90ab3d83cc71452d9317500043455d5195874fe2fc2e5833e.html

  • Size

    82KB

  • MD5

    61167dc68fc29f9698f02ad296db5c58

  • SHA1

    69d73b794125990291bf260d9461640d0fd62516

  • SHA256

    002d6cd73be0b3d90ab3d83cc71452d9317500043455d5195874fe2fc2e5833e

  • SHA512

    228551523c2ba23a5d619f9dc290baa65d4964122124dcb61951863d217561600b08a3cf55df241f8cf32298aa637354009747e41ab0f1c17616f620b6f66a9a

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\002d6cd73be0b3d90ab3d83cc71452d9317500043455d5195874fe2fc2e5833e.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2528
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2528 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:4528

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    0c86bf02fe6962a29a4874c45505cfc1

    SHA1

    3f4a2d3c0d936af0c3b4b19f3ff7327d8b011a41

    SHA256

    ed234e2f9d2e12aedc0930860a169129ee0256f5710be997efbf11bce7409626

    SHA512

    caff37c0d8fd2f841a108a37cd752ae426f1c9e7958b901a7ab67b70be4c327f38b288156e52493688c7e67432d0b98bf95b1a0be39e0abd79d3fe8e74487561

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    434B

    MD5

    62d65a0931d34259af5c4953546e4526

    SHA1

    f3e093312c1e29e52b8c8c2ef95709e25d30d4e2

    SHA256

    bc66590bd2b959ee6f452a70a3b482270e55a24c69a19e9cf322ec787fcd832a

    SHA512

    82027dc046076a57453e0b95f31d9e767cbfdeb8252e64cdb41cc7bc5b1594bffd65c3a035d02bf2b8d5a33e0359fe7bb4f0747acf0600426e69c09351ad248a

    Download Submit