Analysis

  • max time kernel
    113s
  • max time network
    117s
  • platform
    windows7_x64
  • resource
    win7-20220718-en
  • resource tags

    arch:x64arch:x86image:win7-20220718-enlocale:en-usos:windows7-x64system
  • submitted
    20/07/2022, 21:21

General

  • Target

    year/new.gif

  • Size

    55KB

  • MD5

    3d40d2ea33910cac01857c3d541328cd

  • SHA1

    0749f5dbcf8d1fcecf40a1391e2f592f8aff9c48

  • SHA256

    75993e8ba0fb1780589974b49ad638c15ba38a7da6491367e77d868dfab462aa

  • SHA512

    fddcb274f362ce1fe98c478985530925887a71b468e03e1eb1c5a1f5a76cc5fbe09cada944b154079b4e5a8b69d2376d64bf908274d88bf3376c4c6265c39548

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\year\new.gif
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1444
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1444 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1016

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\T8IIUSTN.txt

          Filesize

          607B

          MD5

          90d8af9b3e37ff595449e4374a9d4f6e

          SHA1

          35a8d2603e2921e0f307236f3905c067823a0684

          SHA256

          1246e48d8cbbe254ee1b760e9a065da585e7ee65a4253a21eb1085317bce2179

          SHA512

          06fc9f0b2696f23ec14cc872d0940b982c14f358652fe96656ed46b73f544c80857b2f10f9d905f09ac5d0e03a449774b6f3c655d72e7560a92f0806789e3dd3