Overview

overview

5

Static

static

1

Operation.html

windows7-x64

1

Operation.html

windows10-2004-x64

5

Analysis

  • max time kernel
    150s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20230220-de
  • resource tags

    arch:x64arch:x86image:win7-20230220-delocale:de-deos:windows7-x64systemwindows
  • submitted
    13/03/2023, 08:18

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Operation.html

  • Size

    114KB

  • MD5

    fe8ccaf00d5ab728a6143073156bc48a

  • SHA1

    99cb6002281a4cfd8dfff89a1db854c1b304da45

  • SHA256

    908cbce6e14f749f970609f96d7c611aa6332084f3aacd808c043574e2b6597a

  • SHA512

    3dc45dd21745d07c0872d1054ff988113580f40bc591bc7d9f48eb12c8f033f60d1325485c6a0e0699384f4fb02b15f099412d7407769c8d33f1c4dc27f67871

  • SSDEEP

    1536:o34DMseuTZZqHZSyEwVWmukveF6XcDh9TZojZKAqdRKZLhSrwPK64X:o32le05w4mukO6484PKZLhS36c

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Operation.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1660
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1660 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1768

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
          Filesize

          61KB

          MD5

          e71c8443ae0bc2e282c73faead0a6dd3

          SHA1

          0c110c1b01e68edfacaeae64781a37b1995fa94b

          SHA256

          95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

          SHA512

          b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          123f230921f8ca4e019a58dce570b9a0

          SHA1

          edeff5873617058d9e42268ab1dd55223bc7b2d2

          SHA256

          d5afdd414a58b871f680a1fd964576c2ff6f79f5dd367b8c349b6e99fefd781c

          SHA512

          3aa78762a88daf0ddaf6b4b79882523e8efee19e0d448827b72940ff332296aeb9cc8989bb78d3ba55a0249913931f2d9a34dfd9eb2850783280923a364d4750

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ac801bbae4f7b84df567d5013dbe74ff

          SHA1

          59d80ec00f8a9e3b5081cf56d54dd52f003a5d09

          SHA256

          c9cd7178e904aa1706eed3dbeb0521b2282c32dc581e622cc480f323344a4488

          SHA512

          fa0c9c5222d845493583b3b78a539f9f6965e17d6500dc1a7a1e1793710542cb1ccaac8f2577cbb700294ac88562bcab02a9e4af4dbd53cd2dbaadc7039ac167

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          d373acbafb04f03751ef958311e9610a

          SHA1

          54a22e9f6eae54e0435d45d0338c0ad2dc10d386

          SHA256

          19d5312adb41f2a87ab29c74bdf75e7ebae0afc8e580582845319317d56b589f

          SHA512

          044ab260b293fed04e8e17245619b381c996a407aec1f268cd2a54f2b7a274fb693d6cee6cb2fcf9b7262bae216d15b4ae1e4318733646ce1cab04f78d8f1a2d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f539883db62619bf444d365d892fc2e8

          SHA1

          ff48e4925695a22453194efcf50b957ebe7172da

          SHA256

          b592132be155712d1393ca42569c8d5022b3c2a491a2e66a8d80c366a89a432e

          SHA512

          a9fb9f611b282710290fbba4f336bf79f0eda3c26ccf687ae05aa161b7581522e63074e82fbfb4fcbd27713c208d7ec3489d77eeb61aa4f84dabdc9599bdf1be

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1061e76741aeb8384f434e227f1b043b

          SHA1

          826f97159c3a69bbf9ae396e248f9907f6c99f6d

          SHA256

          5566a5cf9623ce1948e7b6d54e9c497ef9f4d0c03aae98c3d0e95cac83614970

          SHA512

          c32eb3d10ad977d2b35030ac743d01e2620480004a68a01f9adc169615711f38dbaf65aecc6720fae54806fd573889ac6f3cfb6db34b2575976c534bcf76da6a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          71609a01d27b2177ed25063a9327a6e8

          SHA1

          eb123e50e8ddc28f917c67acf612b7f928e0f20d

          SHA256

          4ce7bd9b1f1f4f20688000392dfaf106f419cb3a325ac9a84805f92d9a8ed971

          SHA512

          a712fa6e0c316513b11ac963765783877f996b9ac735e071747cbdcf6c5609cf16bab6fec83fb1394c33b9d4472db24af0d5337c61923ad16364f9535cbd4833

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          2b5f072614bf708031b1d533b744514d

          SHA1

          bb7cf97cb3cf1e7e6eed358ba1cbf62f44cb7118

          SHA256

          67ef98da3261df09ec1eaabec646383100d4a8d6201d6b2df7335df09094ee07

          SHA512

          5c4fb00284dd19b82513b9164396a0fe0b7e18dfb0cbdd7b1d18050624ce0705d4399229b4237ede1926063f3cab135aa7d350e2f446543714ad1273c99796e7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          adaadaac992876cd43039914cde4c4c9

          SHA1

          52bb56adb1e9182b143677cc37c7f5f6a94d8708

          SHA256

          de6a6cad2a5cdb2da357a5a6de17fcf73b0b7c9b82f0da57f1f65d874d9c17cb

          SHA512

          8cb7306ebcc38f042569cd054ca112c51c2b6a2df2081ca3ce87f7001af15f4efdc23f4a4b765f24b1d7ec5f30bea569d9dd5c33397ed088d644c867f05f3d72

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          45c9dc10ad1f03125810c3ef65490a89

          SHA1

          0322babfa520a7a6697a1b27f45713bd9f01bec9

          SHA256

          fdfbcefc6bc220371cdaaa9ba369dcbd94208d6a69ae6be5c3f172bb9d870d89

          SHA512

          54791fc3da8b8e4ada614e9510a8d5107feaceed33961e33643098431a15c59e179f6c8ecdebad6a04c0f3b934e7b1264d73266b3b390fc0fe8eeb6c624056a3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          8f92a254c64df1897dc4860f486f5420

          SHA1

          a3ce63b8c044341dc6295cc66d8ff28ad19cbafb

          SHA256

          4540fe7b2019a0fb836027607389e77c75fc1e76b80e951b101feb457dea916b

          SHA512

          efb1cef81c7ac72b7f7694b7b1ab3dd783d0489c7eb0388064ee1a77414fb60922d593780e22549eef6b2af0271aac3cc43b1e33826e4b7630f14df2b6bad5e5

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ACT9UUKV\suggestions[1].de-DE
          Filesize

          18KB

          MD5

          cc5361b5fdccfc6830217e2eb9972dd8

          SHA1

          e4a1206d9190eccea3e6a116c954d11da0aeba66

          SHA256

          afd57b0b6d8166e25bbef7cbc97522677c11c9a930fd4d4a204d1b7ae6258492

          SHA512

          ef63961bd7f0d3357d352a8f9c8ea57d0271e0fb664b1be179c38cd2d559bbaa4864f64f3521f26f868cc074f97994e2658c6d652021a39dc5207d45411691bc

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab5FEE.tmp
          Filesize

          61KB

          MD5

          fc4666cbca561e864e7fdf883a9e6661

          SHA1

          2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

          SHA256

          10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

          SHA512

          c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar6321.tmp
          Filesize

          161KB

          MD5

          be2bec6e8c5653136d3e72fe53c98aa3

          SHA1

          a8182d6db17c14671c3d5766c72e58d87c0810de

          SHA256

          1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

          SHA512

          0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\ZSZJRQB5.txt
          Filesize

          599B

          MD5

          f5bae1925a0ed322011197febbae1e16

          SHA1

          c28b98af2c1a3a2178f912fca5a17b9ae8c66d49

          SHA256

          494c13b4d11d9d566ec79c50fa4109283013a2b6db2d9f0a48282dba8f42123b

          SHA512

          dec105a8cc85074f677b861932223fe3daddaba34d57f7a7949d19199502f3ed75dc3b44b4719d4a0dde2fa351127813d60daaec569673f086c951b1db6455de

          Download Submit