Overview

overview

1

Static

static

1

winprofile

windows7-x64

1

winprofile

windows10-1703-x64

1

Analysis

  • max time kernel
    164s
  • max time network
    226s
  • platform
    windows10-1703_x64
  • resource
    win10-20230220-en
  • resource tags

    arch:x64arch:x86image:win10-20230220-enlocale:en-usos:windows10-1703-x64system
  • submitted
    13-03-2023 22:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    84ccfcfd4a43da5a07e66e6306626f83fea4edfc75c2b779a8f12b5caa6f350e.html

  • Size

    9KB

  • MD5

    dd3bbab8dab95708a15b8ed1ff31d41f

  • SHA1

    2271fe21b2542a059789ec86686dd1381e7dcb7b

  • SHA256

    84ccfcfd4a43da5a07e66e6306626f83fea4edfc75c2b779a8f12b5caa6f350e

  • SHA512

    28d0644351672be84c4a8a91655179ed7048dff8bca2ed73b4e2eb1ba08bedbbf1e89f5de4eb72da0ad2a239cbdc06d2c264ffb952351c0cc563dd030b3a1547

  • SSDEEP

    192:ILlg+wuv13xV1cSHYumolduIINNM5cIk+Lx4AgCXtTHxxSZ1yz:I5g+3v13T1FH6M0IIP9IZLx4zyt6u

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 49 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\84ccfcfd4a43da5a07e66e6306626f83fea4edfc75c2b779a8f12b5caa6f350e.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:708
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:708 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:4952

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    5528fe7afebc49577116e8333f39200f

    SHA1

    d424cd5feb6fc522386ab83aa132fef63d9411d8

    SHA256

    37f33f4058c9cec8a4489f45257c399db7034cd1cac90d5930963fcdf9245226

    SHA512

    ffb517a68365bdfdcbb48b42b4ec31c1e3ed0d9b29c1744ed3fcdfa74c9105acb1c3eecf274707cd034077fa7a70c972ace9532aa2aa4c4669183eb2cb4adf0e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    434B

    MD5

    1b7c528a9130b48c1c76f107a6417ecd

    SHA1

    a83df5ceb3c3835f2fd48095978754c4cb5c07b8

    SHA256

    b1fb03ce4671e77e22fceb175e75def91d4b33ed7781c629dbc3de409de854ae

    SHA512

    080c14d8149faaa07feb203c42f0a97888502e1439a3207fbefda4e06a26a09bd85a0ea0ecb4acc70f9c9c9332280d7fc00c862cb157211c0f33c0796d226da4

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\TTLFUYWG\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\HKP2DZ39.cookie
    Filesize

    608B

    MD5

    4c5ccbfb52f96ed2cf6aafa7fdaf9b90

    SHA1

    599d18ede0108ae64a173436ea74c5e96e9c1632

    SHA256

    cc00265613961ab766ca6e1f6fe6cf8869e058efe6c009b02abec3d0045f6c4b

    SHA512

    68c217f070f8f7d317fcc1a34ab1c659048bbee33d89c997f14c11bbda75c789fe5bef977cdb57b6ea368afd3247cbbd68c977f71427ad35628945c82712e443

    Download Submit