Overview

overview

10

Static

static

1

word.html

windows7-x64

1

word.html

windows10-2004-x64

10

Analysis

  • max time kernel
    100s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    27-02-2023 18:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    word.html

  • Size

    710B

  • MD5

    2fe163e42526330097fc39697fe1d2e2

  • SHA1

    648582952f7383f26f0200c08c67997fcf0a0caf

  • SHA256

    a71e874d64e95028dd5667f3493b23c43fc57402dcef42dbcbdf15360928f86e

  • SHA512

    84138bbdf2e7dad0c0a322077f31bdda2ddfa8361cf7d27d6992f3067f9a56ac38a1b7aaec477bce47828f2e559b27007ac212f27c809245c7e2d88dec83d71a

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\word.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:924
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:924 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1672

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    def07f6f480aea20e532e39f553ea133

    SHA1

    df42800b3e94e54242b6a6eac29e9026e8cbfc41

    SHA256

    dfd088e57432391e938bf41da78376db7221fc62090e80e80e713f447ca09773

    SHA512

    bb00d0bf0bbd12ba9b769fabe62c9ae2e975cf880dfc83b40271934a50a019b50b3503a8e1dbf277df9b623e27941d2217b2ecab2f6c92479e1a26a438f50acb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    20c5318c030ddddc68ca2f929606a4e0

    SHA1

    10233e080e12fc205d0292407b7ab4bf5c5ff4c1

    SHA256

    32c0c8788487a3d356d22faacc88d3a899a2a58f7ccd34a31f83e5716a74bdd0

    SHA512

    5c2adf931575003a5aba117fa14033d6212648d04479711654cb5ddf4a0a7b9cffb57dc2ad5eb033e2dfb6c593f9c7691d1a608b9e02012eb5b10d9d5b3bd3fb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    58fed046d76bedde1adafb5a228d00d2

    SHA1

    77b459ea59f85a36af89d0b180d3d7c698ffcd36

    SHA256

    111b605e225be62081d08dc2457733b1f115cda3fced27ca0c48a3ea56c73b7e

    SHA512

    de94613295dbf43e30937b0f9aca8db266430f9e3b9fcf5ff3ebbb06aeaa8ab84b7b2bc49ee2e77d5a5bc21eb8b302d3181f8dcd8ec90405973a0965239623c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2a162fd2a636dcbeb26389edd58e0d37

    SHA1

    358e8396362f6e072005769270b494ed9e2d3933

    SHA256

    66e0a747259e9a6e1cd70f043df232145b7b40fe8c7f5b6a8152c97d6cfd9cab

    SHA512

    c8b311798a7e3948d4751897556ea5166a5945d974d76467a62d8453b30d736256171254143032dbf9b23112858f21ed4c8c147b3b3a3352ce231ad3d07f6cef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7ade6d5df72973da3dbd9b9ecdcf839d

    SHA1

    cf95f8f292b8f65fbee81211be9bdf9119d05fb5

    SHA256

    69c66791df96aee1c5a6c7ced7c298d6f9af7f3756e3af0b8630ac252792cac2

    SHA512

    35ede2967b206d049abda3dad45387a34363ab521ce13f5c57cd46cfe0615e877384686e675d2a368b24872c8d5b7a355f3060acd7ed2beeaf75392735ca0ca3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e93933a6a8f35ba30389da553a2280db

    SHA1

    9682e7b0ac00a39c151a2818a76a4b6809bf23f0

    SHA256

    aa94bdbcc20a0860a3063b1d431cd592704bb18246203452d854978815a6b9e9

    SHA512

    53acee93694d2a64385f68eba1c6c10c221596850d9eeec3e85bdcf50ad07d8d7f483bf513d5cbf252b54cd7d3b6306ff36e74e99a871cdb555fcc18c3b0de01

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e7d902f1d8e01f77fd4fc1a4ea596a89

    SHA1

    4045d3bc1fbd9c83c448509a5feb9bd467fcd441

    SHA256

    feb17edc01d6a6406b21ccfa81496e54fb02a27c1f9d0b5485e26dfe917c4f1a

    SHA512

    5a718859571f482aa6d5646e6dc29c4866c70e3a2e9ed10a14b59a56f6b5f8824171f37d9fc8099ded0922dce3d5fb1e08279e37f2b988a1ea16e4832ec3ffd9

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QCNSQOTT\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab364E.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar376C.tmp
    Filesize

    161KB

    MD5

    73b4b714b42fc9a6aaefd0ae59adb009

    SHA1

    efdaffd5b0ad21913d22001d91bf6c19ecb4ac41

    SHA256

    c0cf8cc04c34b5b80a2d86ad0eafb2dd71436f070c86b0321fba0201879625fd

    SHA512

    73af3c51b15f89237552b1718bef21fd80788fa416bab2cb2e7fb3a60d56249a716eda0d2dd68ab643752272640e7eaaaf57ce64bcb38373ddc3d035fb8d57cd

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\ATAGBAB3.txt
    Filesize

    604B

    MD5

    986d9a87ba96d9c666a5c31d02e163c0

    SHA1

    0652b077301fa87c88bd9178f456a2760838d229

    SHA256

    c69a902aacb1827a0ae8395d94d08c588be276f24fc50bec38e0e5546e7aeabf

    SHA512

    d09081b002160c4f848dd435be19af7db2690e98dc9e95df953470a2b5b6056ebc6a633a97f08972480a7fc44f5702cef9058719adcbcff8292c1c35dfd50409

    Download Submit

  • memory/924-54-0x0000000002D80000-0x0000000002D90000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1672-55-0x0000000002DF0000-0x0000000002DF2000-memory.dmp

    Filesize

    8KB

    Download