Analysis

  • max time kernel
    102s
  • max time network
    181s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    24/11/2022, 06:17

General

  • Target

    7cb54c37b7eb67731b539e285a9bf7248d67d39aa4fbc9f515ff969ac724da9d.html

  • Size

    1KB

  • MD5

    9b05919cb99b21fa5b231300f635dc7b

  • SHA1

    2da5648aae6d9e1d810440b8a82ac0ce638a106a

  • SHA256

    7cb54c37b7eb67731b539e285a9bf7248d67d39aa4fbc9f515ff969ac724da9d

  • SHA512

    74898a73796c21b962f8d5d9a241405a924c7aa3029ca45ad0653f9a60b0f8a7a6688f9c32d550e7d51bedea9aefaaed74516f53228974004a9f2a2357584491

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\7cb54c37b7eb67731b539e285a9bf7248d67d39aa4fbc9f515ff969ac724da9d.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1520
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1520 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1076

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\S1P17XP4.txt

          Filesize

          608B

          MD5

          54b9dfa171e493f51d3e71f84d2c9cd4

          SHA1

          4650ae41d1526a44acda42ad25460ec58eecbf7d

          SHA256

          014be1160501a2830879473f99b1be764c84686a8901e10809af0d513a389d2b

          SHA512

          67fd15fa196b7dd2dcbb9d7e2cfdca46e614140e1be37b8d2c44478c77425095ccb4a5a72507b83a4c5dbc5e6f62035afca8214230420ffc8fcfbc11a61c15a2