Overview

overview

6

Static

static

winprofile

windows7-x64

6

winprofile

windows10-1703-x64

6

Analysis

  • max time kernel
    133s
  • max time network
    223s
  • platform
    windows10-1703_x64
  • resource
    win10-20220812-en
  • resource tags

    arch:x64arch:x86image:win10-20220812-enlocale:en-usos:windows10-1703-x64system
  • submitted
    23/09/2022, 22:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    159da9373c6c34e826209e5314ff4267a8460d5d9293320679fd55832fb99825.html

  • Size

    606KB

  • MD5

    c8fa3c8d38befc5c96b4b25e9209cdd8

  • SHA1

    057625d4cd8bf04ddaa7131b1136a155fefa9de5

  • SHA256

    159da9373c6c34e826209e5314ff4267a8460d5d9293320679fd55832fb99825

  • SHA512

    b176c6cd0073289550aa7b3a8e93f2fe1265dc10fc19209d826d3b9911e25a4a03d2a0eb867947039a27fb5ffbf4c7a0c9ef0f247133e2e4f7f6fb50fbdc1e62

  • SSDEEP

    3072:aClpGTetRqXXwR8tAuwRuuV3iV1ytRNNTbWCUkPDlJtLn6CVhJc7MwaMyFeqmqD4:aClpGTCRqXARbRVZSvLF2RPthZdHMb

Score
6/10

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs
  • Modifies Internet Explorer settings 1 TTPs 49 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\159da9373c6c34e826209e5314ff4267a8460d5d9293320679fd55832fb99825.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2124
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2124 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2396

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    0a8ccb22b686f8477bd7c0815474980f

    SHA1

    4a8127d2f3e3840737696dbbbae0bdaea33da790

    SHA256

    1792128e4ffcb7422d38888abd7879f2958acaebddd325a27a2144bea963e825

    SHA512

    53cb292ad44cb41d9f1e68d4b532a0fb6396b74a86edb2c95033d27620f60b58b6c45ba97291f8397a07a6556952f611901b88bd1983027197555983093738f9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    404B

    MD5

    bab4c4034cf00d269e9fb175bb3a9a75

    SHA1

    d890413092eccda4464dfcd2709434b3af041fa0

    SHA256

    2bc1e24f9185d9d9f658cdcbd8ac5c1e3c41040715ae8344ff850cda5e68082a

    SHA512

    7aed2bb052ffc464c281194907c7275b4e1aa1930bab85c52c85d49f1112c6e48cf10459c5c6217e572cffafc9c7c4341625fc252a058a3897c36cdbc21bfe2e

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\GG4NP26Z.cookie
    Filesize

    606B

    MD5

    74831c994e9da2c92ce44430523da63c

    SHA1

    627153e34db2998a5f1b2c87c160f58d09ad92d7

    SHA256

    a432657be6343bba9aeb605041eb27352291c856da758f4bbeb6ba99024741b4

    SHA512

    da0f60ef9bda66739555611609bb978b4e8d9deac3e1acad513dce18f0ae2d5e64499ab97affd86f59c9dce85f9679e1308ee90f7fbebbfdb7c7d8c1986196f0

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\VVOF925H.cookie
    Filesize

    605B

    MD5

    8811ab77f0e3e7fbfc368c9a21a16843

    SHA1

    f8d693cdd91d3a8e7560edcf8ea17a02d769f484

    SHA256

    40a9c0db91de945eb06af83a8aa3fab35550180b5ee064da9984f7332abf21bf

    SHA512

    11467f95121ec8fe13959dc86eaa8f6edaf783e2c8e7628f85f2f12dce3366dd039392c70e7ec582bac4848ffdfd1eb9fe8379f2516c418b7f74799380d1961e

    Download Submit