Analysis

  • max time kernel
    136s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19/09/2022, 10:43

General

  • Target

    3a1d13185f1df2f3633fb8dd19970ee6c202ae932ce48ab96a2be78002fa60a5.html

  • Size

    29KB

  • MD5

    eae2175aba55d9084c72c3b37b472370

  • SHA1

    4503c4d233bd436e4225a76ea3c9da5a64d0abfb

  • SHA256

    3a1d13185f1df2f3633fb8dd19970ee6c202ae932ce48ab96a2be78002fa60a5

  • SHA512

    43f579ef259fbc015a521b0665d4e24a5f97648d0f7735cab89ff4d35cc296e91dde79d157f384c09af6e6a4005ad36856033c84a92fdbe9a2826b7149d14298

  • SSDEEP

    768:ZnmFobitaW4Q449PIYH46e2csWgOaepOhOTSz0DHkE+auauT:oFobuaW4Q449PBH9eXjgOaNhxzgEFdT

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 33 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\3a1d13185f1df2f3633fb8dd19970ee6c202ae932ce48ab96a2be78002fa60a5.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4788
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4788 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:4920

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776

    Filesize

    471B

    MD5

    520071a63bb5e2038486cd0ce14055b1

    SHA1

    752cfb61bbe3ae1e2c2609c53aeee510661a59ed

    SHA256

    f8a989e9cf1fe0f0000c795537122a3c727e3b570b66582bfb62d9bbae4b20f8

    SHA512

    6f0131c9e0943c6a13d52a7525e1c592c95db868bf2dd21a8a37254150a239748985cc31518d0c4844bebfc5613feee6857b5debfbbbd6ed4539cd5e494ebbb2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776

    Filesize

    404B

    MD5

    8f6ef77da759c9a664a2321bc4d18dda

    SHA1

    f77927bae2a02ad308a84427f3583b8e34999246

    SHA256

    b8e9f470bbaf65ddd3c1db288e11c465a68ef2a8c0d7e393813e2dac9c25e6a6

    SHA512

    69a9566c7f61a8fb1bcabc94f78f17dbceec64e46a120990a10e3fa3c96a2e130a206968f86cce5f60528b2d58a7770264d963cc65639b9cdb2afa175f0c4c33