Overview

overview

5

Static

static

♬ voice0...3).htm

windows7-x64

5

♬ voice0...3).htm

windows10-2004-x64

5

Analysis

  • max time kernel
    68s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    23-11-2022 22:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ♬ voice0989876_3-2(3).htm

  • Size

    178KB

  • MD5

    46dcef1896d3b9c146baf0bc12bfa969

  • SHA1

    9c5193836731c38f4b2bd61096e8e175d0debf9b

  • SHA256

    ea5e17834b9a7675f1856bcb0a7227f7dbb25a46c0f50afdc491b5fadafa6127

  • SHA512

    9600abd9efd42f55062f15cc8dc8ef3b49dea878b40c6ea34f980871cf8a3f235c0231729ac7222d4a1e127b306103d42556c07f0cc7310d176b5c707ea99ff3

  • SSDEEP

    1536:TvoqwrUP5DHU7c7TcDEBi8kNcuSE+LhI/+fENM6HN267a4xopKD9FMN8:ToPgPRnI2fENM6HN26+IB

Score
5/10
microsoftphishing

Malware Config

Signatures

  • Detected potential entity reuse from brand microsoft.
    phishingmicrosoft
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\♬ voice0989876_3-2(3).htm"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1416
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1416 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:936

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\82CB34DD3343FE727DF8890D352E0D8F
    Filesize

    7KB

    MD5

    f739b394d30d392d8eb28922bf5a7e12

    SHA1

    78124ad341a0e03ecbb7660011409767e6678fef

    SHA256

    4fff638b8a8f8004eb7a6f5d71ba702373ece50bbe85f499d00d09e7c86dc543

    SHA512

    48cf40407485d1a22f728220a64dc15e85cf051a44104019efa868cc7fccdefcfea2169eea8fb72be819a8c67892aeee72fd22deca31b8bfbd3f8018e55e215f

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    3dcf580a93972319e82cafbc047d34d5

    SHA1

    8528d2a1363e5de77dc3b1142850e51ead0f4b6b

    SHA256

    40810e31f1b69075c727e6d557f9614d5880112895ff6f4df1767e87ae5640d1

    SHA512

    98384be7218340f95dae88d1cb865f23a0b4e12855beb6e74a3752274c9b4c601e493864db777bca677a370d0a9dbffd68d94898a82014537f3a801cce839c42

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\82CB34DD3343FE727DF8890D352E0D8F
    Filesize

    232B

    MD5

    a3ac33884fd511449b76bab2689e2109

    SHA1

    e1541bcc07e2549aac25ce89d68df17343f6a0b5

    SHA256

    7cb31fa2d3428a20aa7a12b53b0bec4f0f4fab5725d4cfb423f0540a14ac3611

    SHA512

    871c53b005e8772519005234b3f60acc2b93c7dc8abf1f68c65abfeab3bd4349d8cbcd148c8bcd3679a77d7a1acef62fcbbec6a801d031a2cbd173cf6f0eabf3

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    292404a1abdf26bf1e78941f6a9fa534

    SHA1

    e5350544797451129ea2cb713e614d5defdb19ae

    SHA256

    b541bf6098ab4818eddc9cb30c0f74c97bf6fafd23729fe43254ba47d2921456

    SHA512

    96c8315e6dd3d22c9c85f19c56ecb7be1e6813fd292f1103ca9a0d4bdd2b55eb9f94ca573b143a2a48e93a9a0669ade5a6cc2945ce3e06042855b6702fc977e6

    Download Submit
  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\4YKHHU72.txt
    Filesize

    606B

    MD5

    d4b232cb972a60d315501f40c7a2194a

    SHA1

    4565c5f277a42c18679fe8e27967f53171810529

    SHA256

    b29120349e0e5c504b3b51a9ea5f3c867ccd890c3b8e29b3ede61cc07dc96183

    SHA512

    74792c54ce5faf74fbea293e95aed3e00eedcc602c8698e3cbcf3f953a23411cecb82abe6e0b180971d359cb28cfbd6ad16bd3fee5203b70814ef450eafffa09

    Download Submit