Analysis

  • max time kernel
    97s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    10/02/2023, 11:33

General

  • Target

    http:///root/sample/b864c01c73c3a8834f2ec96bca3e5797a7d54a0b

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http:///root/sample/b864c01c73c3a8834f2ec96bca3e5797a7d54a0b
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1980
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1980 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:604

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\S5SBRP6N.txt

    Filesize

    608B

    MD5

    ec7bc04b89700eae6f1a455a82f56b9b

    SHA1

    1af5565274f501c91679258ce1f8608a84e2c708

    SHA256

    dbf039c1bb3e7d82f274b12f4367c4b1f633353d9df22d94af80df2a81eec9ce

    SHA512

    33108c03c2b41b2b7be60e54a35c8b30e87e67b197363b92f5ea6fea608aa1c18c81c0e478c6bde0aca0aae869856fac43e9d4b226c371879eba000bb6da5d36