Analysis

  • max time kernel
    89s
  • max time network
    153s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    08/02/2023, 18:19

General

  • Target

    http:///root/sample/abfd0c69bc1e9977889137552c3b5b1982b87bd6

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http:///root/sample/abfd0c69bc1e9977889137552c3b5b1982b87bd6
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1736
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1736 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:692

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\TZ41WI4V.txt

    Filesize

    604B

    MD5

    6b06f9e6290cb904f12e5336fb110d5e

    SHA1

    42515dd7f061348ad1b33a1415d8de5d5a66f606

    SHA256

    0bbbb4c59ae359440cce854b509cd1498ac98527ec011e5111ae2b466ae39782

    SHA512

    6d5103df50431531a875dd37f0d44f20ad39d2fe33a3b785e4a181ed96119a736b0ce23116cbdc0e885553cdc3eb2367614117be7397131c5d2eafc55ab802e5