Analysis

  • max time kernel
    152s
  • max time network
    174s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05-12-2022 08:08

General

  • Target

    49895647200497b8fd913349a6ba75b9de1eae64c3d064af953d4775ed755f70.html

  • Size

    3KB

  • MD5

    7e7645ebda53cec0156a2a306d5d4dc8

  • SHA1

    ac8fca2ddc2029f0c64951f5978d7ac4b561ee6f

  • SHA256

    49895647200497b8fd913349a6ba75b9de1eae64c3d064af953d4775ed755f70

  • SHA512

    715e4cc25a7f10b0232b8f8dd464a4e1dae1ef77f761a77ed0b4ad2091ddded3e557f28ac2153f0023d177248f34c23f6b5994c07eb5f595045c2e7ad4cd3a97

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\49895647200497b8fd913349a6ba75b9de1eae64c3d064af953d4775ed755f70.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3252
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3252 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3856

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads