Analysis

  • max time kernel
    145s
  • max time network
    213s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    10-02-2023 12:13

General

  • Target

    http:///root/sample/632d48ea03eb75bf8ca9c1a89a27d130b59a24cc

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http:///root/sample/632d48ea03eb75bf8ca9c1a89a27d130b59a24cc
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1492
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1492 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1676

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\LU2ZSKJ9.txt

    Filesize

    608B

    MD5

    f80ef983c043f0f693abf3a5b2bdf880

    SHA1

    d56e26774b562c0076f937335b6dc7decfa6f927

    SHA256

    6a96688ed0e4f8f2c398b7d82ff2dc029a0a8d763aad853b6c38aa3691191582

    SHA512

    9df6c4580105261cea880a3cdc837b39754577e78ae03b59f4877dbe2304b75ad35e645262f98f208c2abdc8d9e93b81e5c07a1cfcac6abe44e2a97851528e6d