Overview

overview

1

Static

static

vowrmd.html

windows7-x64

1

vowrmd.html

windows10-2004-x64

1

Resubmissions

29/09/2022, 11:21

220929-ngf83abfbr 1

29/09/2022, 11:21

220929-nf245sbfbp 1

Analysis

  • max time kernel
    62s
  • max time network
    122s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29/09/2022, 11:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    vowrmd.html

  • Size

    33KB

  • MD5

    e36545a48d5d045d4dde3a75c278d965

  • SHA1

    dcbb57d30d0d1da29242f890d3eebf35075202d6

  • SHA256

    f25a3a892bca7dd631cc1a685befd80c633c10f0cc58401c8fcf370a03321e55

  • SHA512

    2ce09116da7e7381f17158407dba70b8e845c93161c1a6b2a74bb61359e2b72c6f3637912e3e368371d6d4e0b148df8f93ac315e8ab94923a1e99636866ec7d7

  • SSDEEP

    768:cK21tlXT2sfSKsvoqSeUZbnBWNGOchEeU417Y/8YNAT9Pj:chlXasfSq0GDhwN/8YNATR

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\vowrmd.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1368
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1368 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:4496
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1368 CREDAT:82954 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3916

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\103621DE9CD5414CC2538780B4B75751
    Filesize

    717B

    MD5

    ec8ff3b1ded0246437b1472c69dd1811

    SHA1

    d813e874c2524e3a7da6c466c67854ad16800326

    SHA256

    e634c2d1ed20e0638c95597adf4c9d392ebab932d3353f18af1e4421f4bb9cab

    SHA512

    e967b804cbf2d6da30a532cbc62557d09bd236807790040c6bee5584a482dc09d724fc1d9ac0de6aa5b4e8b1fff72c8ab3206222cc2c95a91035754ac1257552

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\75CA58072B9926F763A91F0CC2798706_93E4B2BA79A897B3100CCB27F2D3BF4F
    Filesize

    1KB

    MD5

    c5485e7777f67bc0d7288dc0b53382aa

    SHA1

    13278a1eda6b3892ddd0da74fc376a3f75e4b5e4

    SHA256

    393038457f2ca6c28d2caa03b713fa37c727d00efc3e5a65f1994ac537da22fc

    SHA512

    fbf864ed95d042daed983e045a89875dfc595993e0134646bd6a205007929bb0d58ee88cb1f42df71d4efd55db7f50458291bb2c1690d16d284e04ed5c62a7ea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B66240B0F6C84BD4857ABA60CF5CE4A0_5043E0F5DF723415C9EECC201C838A62
    Filesize

    1KB

    MD5

    ae9c8eb52409ba8fc17ebd1506ba262e

    SHA1

    1aadae8bceffb2f62e04b3d5839219ccaf96acf6

    SHA256

    92a291cd825c8ea40ed58d56fdd1c56f1f1dc73861ba5398955eeee963a6028d

    SHA512

    f5a25b9a75f5946007d338fb57a9999cdc5b5d3a5f51a84b1ed93d86cad9a39c818429fd4bb578382e6cccc67e467b97b3e7ca61961872c1d41ab72d73765708

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BAD725C80F9E10846F35D039A996E4A8_88B6AE015495C1ECC395D19C1DD02894
    Filesize

    1KB

    MD5

    bace5d2475633aa365933712be665e51

    SHA1

    991f234d22f692dffe0977b0d3bfc80c795283c8

    SHA256

    7013cb20a1139f40e3b206efa951ec0a58777273f86c89700a38a1fd37f0ae4c

    SHA512

    50772de7db76ed5f364b63f6412d4f311f3fdbd97196f6c246e7753db96a76928df4a20c6fd3a271a8d1f52c935d4cd5ec87a7ec1387f661ffb57e4cba66f0b5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\103621DE9CD5414CC2538780B4B75751
    Filesize

    192B

    MD5

    d4ced6373be7498ff13e7e23ce0d2721

    SHA1

    e27fb3b11dec2e3b43cf39e7b15ff4c0ec3303b8

    SHA256

    0abcf12faf4453eda964092431be2b9b755b96414db6755e4997259ad645e444

    SHA512

    63077b3076053a1186a67bb3ab9fff0e38a93c316420ce3449fff1aa568a79418f2acc0864727682249f81a064a0eb986e125280e1d47e76a5722325541bd682

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\75CA58072B9926F763A91F0CC2798706_93E4B2BA79A897B3100CCB27F2D3BF4F
    Filesize

    442B

    MD5

    2eb28aefd20ea2126ebc5e83b4609953

    SHA1

    afe6cebafb767b93b09ec786928ef60d873d9ab6

    SHA256

    2dd328602ff748ec103ef54940ba4172acd6f0d89b4c7c3404f11d630d2b9527

    SHA512

    65fc1b2fda64d79d8b0105511d66924280f1f9a577df5e3e7ab9a23ff707d617835367c168a88d2b7cd2a82907b084d16fbb87a934751003a04cdbb8813589d4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B66240B0F6C84BD4857ABA60CF5CE4A0_5043E0F5DF723415C9EECC201C838A62
    Filesize

    458B

    MD5

    446d44b3d8abb7b7a98f1e1b6fbc31ca

    SHA1

    a73152b360c77ded3cf80a3f1e59f89509e89897

    SHA256

    b83ef0cb04627b54c1146ca775c1d02d21eb43091a5084d691b82bc05c7adc6e

    SHA512

    8e063c50ca53007a3b0f8d8d9970b2abb3181452bf8d9640ee976891cc4a3605e186a2ec0bbd4e5be1686c188408dc548cddfa79835c575870b68a437365d14d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BAD725C80F9E10846F35D039A996E4A8_88B6AE015495C1ECC395D19C1DD02894
    Filesize

    432B

    MD5

    7f5d508217f1ff19937d14851d67bfe1

    SHA1

    808c419e2d12fde5016bf55ab523814923918c82

    SHA256

    d473cc53b8b80343b8ef1d2ffc1224d6818baebd106451591570e4e334de3b37

    SHA512

    fb599e2dfa40cdc52adea250ddcc7d2884e3a0d8bcf692bf3d4a612ee6db3e4beda13aa7ac4aa805d1d9eebdd1a3054499ce21c0bad8b5903f6b6a3e10ffd152

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\ru1r3yf\imagestore.dat
    Filesize

    1KB

    MD5

    67bc3599cf90bfa4c0ee75bf43bd82d0

    SHA1

    0615a505314389dac3eca3313b0ac539a001b41b

    SHA256

    6979f8698466a71273d3d1bdca1b2864dc66b9d37e9a56c1dfc31b8dc9042b82

    SHA512

    61f35e8f7699592b6ee4604d5008692de1ac21d5e1546bc2ef4f2d8f30e64aa2f82f6ba1460de3a5efe06a3718cea4a5a4c88152e8c499de8dfab10ae9b54dbf

    Download Submit