Overview

overview

1

Static

static

Fatura.Vivo.html

windows7-x64

1

Fatura.Vivo.html

windows10-2004-x64

1

Analysis

  • max time kernel
    69s
  • max time network
    147s
  • platform
    windows7_x64
  • resource
    win7-20220715-en
  • resource tags

    arch:x64arch:x86image:win7-20220715-enlocale:en-usos:windows7-x64system
  • submitted
    05-08-2022 07:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Fatura.Vivo.html

  • Size

    96B

  • MD5

    7e41be563457d6038687186692eb52f8

  • SHA1

    fd4ade2d432fbd5f0670238cedc3deef7034d364

  • SHA256

    627dc49bf0bab971d202383338c17f06c7416ebf9d1ac3d602114a6b398a1feb

  • SHA512

    a42a7be4d37f3c255c2597e32a5ac350916a36acf96ef3b5634449a9e83828a0f424d6e18b49596b3e6c1a17c51a1f38deda3fc0984e0e30ea9d1264f4f81db4

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Fatura.Vivo.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1672
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1672 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1264

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    340B

    MD5

    8b97368f1af1cf4d633e9f799017bc79

    SHA1

    5188e20a38a5724d2bc0de41f36620e0c4864b16

    SHA256

    5944f4d8671cee48d8b84ec2d5c1d64ba24408848f47a21a0caa9ad45573c578

    SHA512

    4ba641139f1ba99cf64ee09f5e779a3627930907ebbfeb47dfe492c69e412461b711cee4a79ceed12ee7b655748621ffaf7f1f5cf6f085c7534dcdf7e0f2e6e7

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\3uhj3kn\imagestore.dat
    Filesize

    5KB

    MD5

    b5602450ac453c9c1f0185f2f7653a76

    SHA1

    325c7fedda61d05bdd68482bcda7bad0bf7564ab

    SHA256

    d7eb23222def3b02f75ba0adf55f0e843e0e9666428e4a865e52b1efef68e6d4

    SHA512

    36372242610732f83d326ea6ea15d611218222b70e9b863b078dd168b5c7fed43e40d96a649867d42eb3597bb7b5883a2827520d62879c2fc420cf7a23f38f23

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\3uhj3kn\imagestore.dat
    Filesize

    10KB

    MD5

    5f4e24c24846f146458442125e90af05

    SHA1

    1ae20815307733dfdb2ae23bfa8f06d9d5a3259b

    SHA256

    7b772aa7f0814c0c9e232fac12acff2f8f027cd80e06666bedebf5f3f47e558d

    SHA512

    c4389610290a5a010179cad282fa677c7764f6829415e93f2beca7c8f5f21ec39b16ff46dba2e3730555878e91cf4a17b8e4138fda5c545de50f88826612a219

    Download Submit
  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\E6KWZYTD.txt
    Filesize

    606B

    MD5

    19e7e3c73e7bf234fb2f57527fdecf47

    SHA1

    555d9e1ef524e2dfec0545ccc53eed7b1098c863

    SHA256

    d85f276a6f0c245223dd4464d284daf79f82e014d8dfab075f54deeb85ce0dac

    SHA512

    09d7cdfe578608420c98861d64fc9b02d38de2deefb9e1ba2d5b745a5626eae72b8b476f65da15bc0ac24c4b9e15d55bd6845793f805c59871aac7a63e366ce1

    Download Submit