Overview

overview

1

Static

static

1

XLXKR.html

windows7-x64

1

XLXKR.html

windows10-2004-x64

1

Analysis

  • max time kernel
    100s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    12/03/2023, 07:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    XLXKR.html

  • Size

    9KB

  • MD5

    a779c4bc46b7d625fd4f67858f0f1d04

  • SHA1

    d1bb5bcf121570475e5ba13b3ddb3d9f2cdcfe8a

  • SHA256

    0efe65b70729a35b71b8cae4f61a77f7488346c9d41581037b80d28fcc13d873

  • SHA512

    4cca566f64ac7fb8df81d38f84809fcf6cac6191c859ec1f6e9a6755027b1383349b1f497b0c442c3906385a4b0b102b049a5677dfe59a2e3303b7f56ad7c5c3

  • SSDEEP

    192:ILlg+wuv13xV1cSHYumold4IINNM7ucIk+Lx4AgCXtTHxxSZ1yz:I5g+3v13T1FH6MKIIPa1IZLx4zyt6u

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\XLXKR.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:748
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:748 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1492

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    df09ea3101e6a614f9ec7f0f09fc5217

    SHA1

    7b4f87656cb36139bd2408742d9b67ae00a423e1

    SHA256

    7acdb048210244a64ae48b2846445d4e17c65af11374d717f7734afc419e8e0f

    SHA512

    2ba0d3cc294e42da13008d5728cbc2aafcfe1682380f6dc16d54adf149193d11f6535295eeccdddd77f8828f4190becfce269e68034e960234c9a785b398f7ec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cafaa00e070946be46e736c6b4f30013

    SHA1

    249e2d29c5b9f5b1e73b8a6735bb47fc673d8742

    SHA256

    0e51370e8051a046a18c9e2718b89383507e76a3498a918d5428b4987ac4eef6

    SHA512

    1cdc11e5a5bd8eb7cfdf2852112387f464304251f054ed67d95345e6f19cf211cba93c2b66e5a44b417c3a9f35c6a65487ced78aaefbbe8d1ec3204dcabc8914

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8397d93347b9a093345822f7ee719717

    SHA1

    2f30357ce24edc0037da4c5c494250975aefd68d

    SHA256

    42e18b54891f7eaa2b202dc5f5ab70b12a4b62b832e2fa2b8ff5336c39fb961a

    SHA512

    136bc2a7b3f59348fdd9bec6637a6da6810bd0755885b16a428901f0d3ebcb58c5b86257001198b630e02b0740ba707809a5940e58e173ea70884eaac0ffc5a2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2b139b8d4927071d074d0f7c387ab59f

    SHA1

    0f9f7077391f620ac03822fb90a42d47d2fc2906

    SHA256

    22f971549dcad8e80fed2e1d44448ec044d4fb01315ecab5433a36a5455c7630

    SHA512

    300043048dfff7e6dac51f1f86aaefb11c94ca7a8e6e3f7af590687f4cf1b3ca935e3cc85fd50fa12a69c1fd07a416d01047b0c412afcadd5e68ddc937be43f4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f7d96cceb92ce36d06cc29b7477d04b8

    SHA1

    71eb869241f043b98746c74fae65c7068070f691

    SHA256

    0d3b3fc47fe37d35a4b0b3510f8c8b1dea95e9f3302c033db7d75fc3fd795a84

    SHA512

    2ffbfe438a39b47a09d5ba332deec564eded761b9a80f11578b9d5a5954ed5f3d925c1c6566b4d6c4a786dbbfdea8222306607711b579fe82aceac9b5724bf21

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9e42c368afa171877959360d2f5c7eb9

    SHA1

    e08d3571fac5471d016e4b8f6ec0ae7a02c0cf04

    SHA256

    99b78b161802415d8724b193344029b482826514c43461a0f7162e12939257a8

    SHA512

    70efda3f51c743f540e0a6e6f9e951ef5c140b410765b458de70d58b232eb52857ba75afb18bf37c77638926b42deed73ec4dd90e6e8d6c78dcc3d2cb60f899a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b070c79d9d907b96a539328b3eb8003a

    SHA1

    6f1a42c1172010ecebd2b06561f84ade21203149

    SHA256

    2637f3fe1ef7e5cc855611fd9bd7053195463c313f50cd563c07304ccc339fd2

    SHA512

    299384f9921709fb92e33356818f84540c178466df81024f255a124955fc7f3ca117ae9e204347214a13bc338e13c1b89a780ac6104cf496c4cf3eb568c2976c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    decbb51fb477355e24fb769030e0fb92

    SHA1

    fe0002cb9f3ceb617f17607c5bed4200a59e6adc

    SHA256

    e6d71a14aa1ec4656ce6d32c4ced22ef2b513722ba8e83da8e98c4e3331b957b

    SHA512

    d642c65a7bda947da18a4f73672bf349e3f154c72a3af3450d7544580155e9b6f4de586b33725cc555bc78efcba3e8c926d7946ede6d32bef397068e30a80139

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    136a50e12b11eb2bd7f87ba66da96987

    SHA1

    5b08c63d5ef52523c1004e3f3bda9e2948c2d86d

    SHA256

    972454cf0cc311707956d819e6dab2ba35f0e4389599869506132a83643f0c22

    SHA512

    c1383b9daeb0be31cb2b6b0d5e65e8cd349eaa9c2a29ec8dff44758fa4670c42d40581e3fcb2ff455a097092df21905a903d6e3aa9cdf86ea3fe6d59ab14b787

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    628fd19cf12226a39752d1974abb7ae1

    SHA1

    f61553f846ea4eb7045205dcbcda15f7a64a0626

    SHA256

    9ca1ed48c6987359dc0e6714ace7b2152d78a797f986758d58797518dd5c5e1a

    SHA512

    67d01bb89beb0563d8496fe197bea312d508a26c0a1d0c941389bf8f4ef1f5d95aae79c8878eac223419243fea6b531c974a0b001ec4337d55640eefa5065861

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UIC7WQYE\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE39E.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE39F.tmp
    Filesize

    161KB

    MD5

    73b4b714b42fc9a6aaefd0ae59adb009

    SHA1

    efdaffd5b0ad21913d22001d91bf6c19ecb4ac41

    SHA256

    c0cf8cc04c34b5b80a2d86ad0eafb2dd71436f070c86b0321fba0201879625fd

    SHA512

    73af3c51b15f89237552b1718bef21fd80788fa416bab2cb2e7fb3a60d56249a716eda0d2dd68ab643752272640e7eaaaf57ce64bcb38373ddc3d035fb8d57cd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE79C.tmp
    Filesize

    161KB

    MD5

    be2bec6e8c5653136d3e72fe53c98aa3

    SHA1

    a8182d6db17c14671c3d5766c72e58d87c0810de

    SHA256

    1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

    SHA512

    0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\RP3JJ4SK.txt
    Filesize

    608B

    MD5

    979225b88033102d9c7f68a964132591

    SHA1

    5fbf4f512c49b535c48c0b022c8338b69c241471

    SHA256

    0938ef7238d0f2b27a9d511fe91048dd47729bbbed4456aac37a29ae7cbf9854

    SHA512

    884f8d11419f9b41eb6d29c361c5144739e6bb46dec36104b217dee8744fea7f5b8c2dfc29e677b8613309ffa97f0408512a58d501b97edd38ce2a00537a537f

    Download Submit