Analysis

  • max time kernel
    165s
  • max time network
    280s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    09/02/2023, 02:08 UTC

General

  • Target

    http:///root/sample/43d36bf1231948821243269da51b105f30919291

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http:///root/sample/43d36bf1231948821243269da51b105f30919291
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:756
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:756 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1908

Network

    No results found
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    753 B
    7.6kB
    9
    11
No results found

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\0XD081JZ.txt

    Filesize

    608B

    MD5

    e52b77432a14cebb4d2f9d3cdbd18f95

    SHA1

    e4bfb6c654ca9d7e73d6caf8178a6215c027db50

    SHA256

    290258137c36b29a39a8fb756f979dfb0d353f05e6a0bf951d94647552665eeb

    SHA512

    615599cf0168b780e3c019172660df452e769699346f2f262195c492a091f83e2d6d9d277d1b4f9a2aad8c73b186cd9960d9defba22eac461e3544490d1da8a9

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.