Analysis

  • max time kernel
    91s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23/12/2022, 12:24

General

  • Target

    email-html-1.html

  • Size

    2KB

  • MD5

    77b07fbd1c907566b5f0c101b2b0f29b

  • SHA1

    7f74e58348c42a51d08ac04ad4a4b6931cc9630f

  • SHA256

    bc904b4da0b57ebc91170bbc8e8a0bd3b57d10377c7bf2158eff4def5c378506

  • SHA512

    75fed4876962250727eee7888163ec12b450333fd8273e51751a41c95be3d3d318c038c8edb25cff5d1e246b76f562be78cc739a70dca1c6b86270d4ec4c18b4

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\email-html-1.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:696
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:696 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:4212

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776

          Filesize

          471B

          MD5

          35b6b5a1266ffd7f45cb92dc368b2f1f

          SHA1

          8c6a245e00c2f517086b7db9a2c24e876cc79f85

          SHA256

          94904b4d34cd577e29be5042bb21d65e685047f3591f3051c2c9850681d53ccc

          SHA512

          bce75bc358fb0bcfba3c071e86634dfefbfbcd9c3cb1057d4e4693b0b19318ca0ec837e8a2d7ec9308042a71f49650cec395bc6a054d12e7da7564af2fccbbae

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776

          Filesize

          404B

          MD5

          aa277019926df4c2d324f99c66bf942f

          SHA1

          c1526958eb6af38cf41761a088d99dcc631844b0

          SHA256

          81b32041b4d911fcda54ba1ad53eac107d4c1d12406f0fa24dcbd356065e4820

          SHA512

          3f8c0ec175b072ef595b46f69ead7a11ff8dee0ac43d222560013212d737f0e077b3f521ba409cbccfa25e1fa0f56eb2913dd4152eaf8f9c3ec9dd619fd0cf25