Overview

overview

1

Static

static

1

bRk5tD9Q.html

windows7-x64

1

bRk5tD9Q.html

windows10-2004-x64

1

Resubmissions

10/03/2023, 13:00

230310-p85leadf96 1

10/03/2023, 13:00

230310-p8v2zafe4z 1

Analysis

  • max time kernel
    97s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    10/03/2023, 13:00

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    bRk5tD9Q.html

  • Size

    689B

  • MD5

    4b2d244b4311d042c32cda1d2660466f

  • SHA1

    d757ca21ca6cca159f2082cd8c6071f3b7e4cd17

  • SHA256

    171e447efadde777aa8987ea2870fe95b25665d842b1d8f5e5b9169314e5227e

  • SHA512

    dc2fae1e789909b254aa976d4e64208c5e55a64305b0343f17d9ce664e9bffc4fc412a51e9ef1597abac139ebc8b2e9d9ccb13b727b536eb6d4cb5cd2dc18886

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\bRk5tD9Q.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1148
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1148 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1232

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
          Filesize

          61KB

          MD5

          e71c8443ae0bc2e282c73faead0a6dd3

          SHA1

          0c110c1b01e68edfacaeae64781a37b1995fa94b

          SHA256

          95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

          SHA512

          b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          c6c4b181c9652db1e4db989963681b56

          SHA1

          8b357f3c0852c45d0d508db335ee5243ab22a5ac

          SHA256

          a511d4898cac894003520ab307ee071176323e32e75c299df19cc3dae92d4947

          SHA512

          fea2bbe101194d44904d61c9deac7815d01ee338ecad95f65e84f6642c0783fc9503bfbd8e4d8096b4008d9f9ca0f0ce9d328602835877a485351a733a2b5962

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          22b2a5a4d738adf195310c4decd057b1

          SHA1

          dbc368f8d4c85fb7e0f0e625c01c44828a0da223

          SHA256

          02549cd64a82b0c0cf0820872fee9db0740649558530ce1e38cb6b87079ef01f

          SHA512

          2fd3a46c7c076002e98a09ea88079b3ee530fc57564fe8c4a5ad402cc80a525a22142a2911ad5a4ce63db88f13e061f596e0d6102b42668fe6b842d193afe6c6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          15fefa4c5825ff0a42e1c3ab2e8c39d4

          SHA1

          d5a43747fb8bcb431075a56743164f09a675b58f

          SHA256

          f178afdf2d416f71f11eca9d906594c0497c45c796280709bd52dbe83c0b8717

          SHA512

          f7aeb8dace51e4768c8daf2ddd7d2f5489f65ed0c0e516d277c7e082f70533cee3dbe316ff12d67ff84514ff14f8373af86738140c0fdf0e10881035d9929921

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          65ee6a873c42afd358aa905cbea5c7f6

          SHA1

          37fa778d444447292d628baf2cf7773c49b94c94

          SHA256

          ebe6b748eaab4792df64f02e689779a57dc2974b4cbfc965b57d833e698e5bcc

          SHA512

          efe9e8dc6ff00338944c5d384cb2a0ca2ba27620d67da86dabbc3b5af9cd4c43697dafd2d5e8bd775d44ccfefddde1f06e7d378c24f772cf57577bfa79eebd95

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1b0eccca130c964356f69af99a36ca95

          SHA1

          8b6e0bffa798d1c38ec6c83eb05060fd786f77a6

          SHA256

          dc6368a368c60b0280d98dc0d5a0f08790122c3e4b390193092b579525b9b813

          SHA512

          965e4f175996f26872882af0347561d43fae704be2a00fb1779e619bb7335cc1d39441eeb7d01e4e29ae83b1521aa2a0aef64cc1b97d1fde428ef75800302548

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a48a267b97fae1bd8802eacf785bbf9c

          SHA1

          ba7bdf7b66304bff7c2eb1a8e8b82f9e42e7a021

          SHA256

          6e4f4ef7af6a5c3ebaf7c24f568f435d12cd7912d15f748bf1474efe8117f65a

          SHA512

          1d4985677da3c0289854eb480f2008bb84ccb50b65a1f84be051e5d2bd98ede9c188936be7775a61602b9b8569e1be8aad96e7d4e82defc3088ad4485924696d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          2014bb25db617cb56c2f68dc5e20f491

          SHA1

          b64c57261700b758925754e15e0e6eb20534bb5f

          SHA256

          ec9a88f53166b990e05bfca9bfd6ba3e1495a191191229b2c21d8191f89a8fef

          SHA512

          696232b0aa71887261e866026ebd6df45e72af6a688693b43a8177df33083f47a60dd1bfc9def6bea036691d2dd4ffc07576b09438ab75fa6b6251f5646ca0c9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a0de7b047ec62c5ae14ebd802b31c200

          SHA1

          c17b6a17948c4f30d450a43f6e625014a94e28d4

          SHA256

          a609b3c7198fb012d0bf862be7c54cf51b538ab2ce6a64c368191d7d3320d436

          SHA512

          5d971378479c0c8f704f3c236097fb1c7e109f587a161bf62862f51b0b5ce00fa51518a8ea6a2d427561bf826fd204e89eee700aae4dbd5ca39ff4c95278a5bf

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UOYUJSME\suggestions[1].en-US
          Filesize

          17KB

          MD5

          5a34cb996293fde2cb7a4ac89587393a

          SHA1

          3c96c993500690d1a77873cd62bc639b3a10653f

          SHA256

          c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

          SHA512

          e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab4BA2.tmp
          Filesize

          61KB

          MD5

          fc4666cbca561e864e7fdf883a9e6661

          SHA1

          2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

          SHA256

          10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

          SHA512

          c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar4EE6.tmp
          Filesize

          161KB

          MD5

          be2bec6e8c5653136d3e72fe53c98aa3

          SHA1

          a8182d6db17c14671c3d5766c72e58d87c0810de

          SHA256

          1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

          SHA512

          0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\USAQE38R.txt
          Filesize

          605B

          MD5

          7fa7c930cdc6106d07258d605b5d3b3b

          SHA1

          75b3c9928a8bba75900c4f3964f77b01d4d894b1

          SHA256

          9af918d7887682f8fda68cbe9d70a4307432b75986ab24904b8f1894c585be59

          SHA512

          df997e54c44df9967fd41bf91f376b8939182e7c8b191007284906a9eef929d9b2db5f52d3dcacc9e5567d4e2ff41fdb17f038860ba68fd7bbaf6ed11ad90d77

          Download Submit

        • memory/1148-54-0x00000000020B0000-0x00000000020C0000-memory.dmp

          Filesize

          64KB

          Download

        • memory/1232-55-0x0000000000480000-0x0000000000482000-memory.dmp

          Filesize

          8KB

          Download