Overview

overview

1

Static

static

1

winprofile

windows7-x64

1

winprofile

windows10-1703-x64

1

Analysis

  • max time kernel
    144s
  • max time network
    195s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    04/03/2023, 22:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3345bb1fa5d344ff20b572a10d0500f4810fd68fe56a9686aeb4acefc3ddd0d0.html

  • Size

    9KB

  • MD5

    bdf5718837b21906b7a154e0e8f49060

  • SHA1

    4c9cbcb11f494cae1637b07b7762575874d254cb

  • SHA256

    3345bb1fa5d344ff20b572a10d0500f4810fd68fe56a9686aeb4acefc3ddd0d0

  • SHA512

    17d7f155eefc46b153b473db9d5731476ca43700a8e294494b27798481e35667b5181443b305b7925e849c45f301d3abef906e52fd67156e54a80d5a4f9a0051

  • SSDEEP

    192:ILlg+wuv13xV1cSHYumold7IINNMkcIk+Lx4AgCXtTHxxSZ1yz:I5g+3v13T1FH6MtIIPIIZLx4zyt6u

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\3345bb1fa5d344ff20b572a10d0500f4810fd68fe56a9686aeb4acefc3ddd0d0.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:928
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:928 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1116

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c595bd03a69f9592df5fa5dc40609a84

    SHA1

    c904a9c0b77329317e0f927d68234befaa412c38

    SHA256

    93958d332b63f3976e2539da6ef5781dd1d9abc5313c443f7886d3e035c36bd7

    SHA512

    f0cb8350cd0e02b226fb64b026dbd1038fdf0b3f76d68363644b6de43376c0f55deeea7b94ed0c26d9d9211cbcf223c3993ee72dcda291efcd3e99bebb36c7de

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9017145189cd6710c6810c34e4df3a71

    SHA1

    ed0acbda7958dc405f096cab39b6905020662ddf

    SHA256

    78af989921d8f9330653f208fb602894ee4f40b123e694e14944ecf9c5880fdf

    SHA512

    86f459a3cd4b4ebe29bf52b4a114b2ba7e76ef3e4db04704b986332d3da782e940def5515d53d78f4befece485bd2bf4f334731ccffa34d5bb23777140c7fdf9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f563a4c3acceec860fc2f78f2179d838

    SHA1

    8d57e63c6dd63f3189c114b3fe5cad63a3e5b636

    SHA256

    cf7c675c4eab47a581d1659d53735cb669130b4f7f6c5651a6bd69a760f5b12e

    SHA512

    58a56ac1279ff1e08e8ee81e8c6e27f82c1719481489afa4eef82b2c1758525d2608ea4831e6069490c869be5a6340fef9961d076f4a6eebaeb5174e82fca689

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d4bc57e078ba90072625dcc28483d41e

    SHA1

    06c0ccd46763c24aacc6c1f3452648f0b7c91678

    SHA256

    a6ad14a476ce164e4e9a942469be12b0449942f668da07e492cca35b9ab45618

    SHA512

    9bdb03cbf4e6c8428a68ad8b7819c111cae847ef9befc7261c69f3ad99898e93c50e2fe95571f1eb601b6cf1f00e7105d7b6a937030ec6be87e6c01483f87d14

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    21afbdc2fa745569d82fb680613f40ba

    SHA1

    86492e8e4f4b0e27ec00e6510c20224ab4e65442

    SHA256

    abc5c8986f33755c5e3d19dff2d0b0413534dfcfbee8a459caf49fa9ab5cb523

    SHA512

    3cddc911dc0993ac2fcc782ca0abfd22bf3559393ec456e0f566c20e28313618053e288801ddb27c902cceb87677c1ac1c62bbcaa9d08a23387bb8f2dd8b35ad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0de1e74cfd992a57f158f1beb655e288

    SHA1

    80c55e83717262a1f008b98d204d28413ff86e86

    SHA256

    a811997627824d93c8f8050b871104af326e7d722e8e171f8c7719f1c16ec9fc

    SHA512

    b4bebd4222aca89be6eafb7350abb7bcf3b48123d55683d4b68561b2b766365364beefb1f6f60491e0503505eb2ac57db2550be5f4dfc288b7eec0742e17f216

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bf7c2c646ee4ed1beb4b5c7fec38c56a

    SHA1

    bab85f74b471b0fcbd2932738aadd3e00b7fd894

    SHA256

    42dbb1ada59cfffd2e72b662e53eada924205d4b67590e823a10ada34671d221

    SHA512

    8c38a5fe4dd287665e6b46875ccb39ff73c42fe5bf5ef1518f2bf78f584562f6cb39fe57bd4c0b24a50578bdcd05bab3f5a717e947213db154f5e75ffa122985

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    769ee6b02e2da3e2fe5bf0a07e22c43e

    SHA1

    84cf0213b6d1e4675d234244af7f422abe88f695

    SHA256

    3ad6e17e450d7b67779002c380694adafd5ce4cb3568e7d1ebbd281290e74f2d

    SHA512

    595735991302fa9f721e284925f8cb813927d19eee62159cf53c41d48cacbda1780b7996a6e9f3e41912b6749905e287eb248b31d9fd09872ab4c64d80f7e810

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c9c858afbcf6e4ac375bd6c5e7821e1d

    SHA1

    0b5b0b81d776596cedb902309af2eaa11845db2d

    SHA256

    8b7c0601a8fd8b590eb6907a4b9019b4729c4089ed1abdca898698b7ef974c66

    SHA512

    0750014f5a7d999e60263777ad03767af908bed4f4cd0c78c5be46b589d5dc9fb0923a83f3f19daef9fa2ac53db5c55339ba3d4fa9328ac2c774cfdb439b21aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d8b8bc8e390656fb7dacde70a3fd38c9

    SHA1

    417ae5beb8f44f7358ed7b942808520dca987244

    SHA256

    cb1c98d14b4d4f9861db3d46e54d6e4253ce6216e03d047345a4cf1001e73ce4

    SHA512

    54df11411a91acd5bdf089e6d3146c8198f73d9237894353992118094e00b137f3aae39b4ee49b15ca1cbeb9d99b4517aad370b26fd3374d30854c65257871f6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e46c2b901a2f2c29f7614216dcaef366

    SHA1

    99640ba71cfcf0bd27ec2879709cf037ad2cb842

    SHA256

    e6f6dcafffef8fe5eb4a32792b09ca124bb49618f33520c01a06e29a3b2b1318

    SHA512

    92fde1bc2e9c8d6403d3337d598439bde2a306acbb90811e15ae6e6b7527ea0521d5cf99b8dd3bdd7d18d16f1b1ea754ecc9e8896b19fecc1de8bfbd3363c54b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ffdee8d81e9c79deac53597e523efa33

    SHA1

    9fd73592bd3bea17e2f05db48568833ae7470e41

    SHA256

    1e8b2c4b3b8d56d3cb80d606cac263a0ce6db37e5d1b471978f900947ff64f13

    SHA512

    9a5de3d48c9686721324481c65ebbfe1475f8dcf23719c9ca9e5b6b24fc2f7dfc85e4d2242c1a10583224db0777f2b030b42bfa81fc96e94bdd52d07a4c26650

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RYXN1WWD\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab456D.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab462A.tmp
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar456C.tmp
    Filesize

    161KB

    MD5

    73b4b714b42fc9a6aaefd0ae59adb009

    SHA1

    efdaffd5b0ad21913d22001d91bf6c19ecb4ac41

    SHA256

    c0cf8cc04c34b5b80a2d86ad0eafb2dd71436f070c86b0321fba0201879625fd

    SHA512

    73af3c51b15f89237552b1718bef21fd80788fa416bab2cb2e7fb3a60d56249a716eda0d2dd68ab643752272640e7eaaaf57ce64bcb38373ddc3d035fb8d57cd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar46DC.tmp
    Filesize

    161KB

    MD5

    be2bec6e8c5653136d3e72fe53c98aa3

    SHA1

    a8182d6db17c14671c3d5766c72e58d87c0810de

    SHA256

    1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

    SHA512

    0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\83LUXOPU.txt
    Filesize

    608B

    MD5

    6285b9f657d2ea88a85f5657dfeab9e0

    SHA1

    0d1503d4dc3c2e9399e0bc686693a4a059644595

    SHA256

    e43290ceccec9464e6874d0aef31a1b5fbeeb20ac662d066caf0c53a78fc3214

    SHA512

    ae69fea409eadaeee5b3427a4e9cde8854afce1faeed2cee52182321264c9d2bb1884e81faba9ae07fa08a3af617be16209ef0088063a700c93af300d99528cb

    Download Submit

  • memory/928-54-0x0000000002890000-0x00000000028A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1116-55-0x00000000028B0000-0x00000000028B2000-memory.dmp

    Filesize

    8KB

    Download