Overview

overview

1

Static

static

1

.html

windows7-x64

1

.html

windows10-2004-x64

1

Analysis

  • max time kernel
    67s
  • max time network
    71s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    13-03-2023 18:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    .html

  • Size

    128KB

  • MD5

    a90e2b88dfc68c74d7893005f8d2720f

  • SHA1

    9e55a265c6a3c9d40a8be981271930c2bb367c51

  • SHA256

    cc5280e585799761a740846f54adfba822d83863c536a7f067460da08d0f64a6

  • SHA512

    e86e0800f23da52e5c95cef38d8ced958c26d225cc3dc8e8811e691dccd0af13f97c66b5b864a0c9b5cf4c1dc253f6957412159167dc7fc1fd9d1f113653599a

  • SSDEEP

    3072:RDA34QgFmlIcbF139o8rmN3YvBCHjJMST0:RObF139o8rmN3Yvr

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1868
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1868 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:332

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    711589ae95b43f5ea87cc8ac8b95a17a

    SHA1

    8cb77dedefe9d44b395c32458b6c19ff07bec6f0

    SHA256

    9d5076386b910e8fa08f58be764c061fb2de25e5ce1f220f5f08b24cf4432066

    SHA512

    5f8b6e34c2b8aae9f5e92b62f2f33d9ff38b3db1440f9a8f540d3c7d9055848ddbaa3ebddfbbfe664778d304a5caf1082de4819840e18df582eb9d006d635c31

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0f2e9c4c31765e4576145b418da0263e

    SHA1

    d2fddf81b4a4bfeb7112931017d1bd64ff7d23dc

    SHA256

    296caa48b6b5137457c6fabf87018c30edf28594882e337147643c109fbd27c3

    SHA512

    ea65663a44d6e0e2b511cf73e783411a4e1bbe81ae9b218e0fbdca38869b721b5366b6df21ada8f604c94054246336874a3bfa8500298b874136a04572a60480

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    79f6a4d9231bbf0ca7b836b2d8f5fd2d

    SHA1

    2e0403cf40fec21133a1907a717b303c67405b05

    SHA256

    6b6252d7b295aaf46ad12bfc9670fc97f850fb9019ca3838821c253bd6652c71

    SHA512

    f4b863775faeb48dd2e9392b0701c42e22960cd6eda425f7fc6372d2c7658967db4c293a2c09611e7e5f55288d92c4cd5fa28559b2109f97469b868e1f910114

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e1a250122fbd91167f3369c09be2df1a

    SHA1

    09459453e32ec3c86a2f984560d36801751307ad

    SHA256

    9360b70b4184ea4ed99c8289865ab0e179cbdbdade34fc7f89a81c4c4cc4049a

    SHA512

    9540cde7889a3e9b15a98921d4f65dbd86d5acf556242c130bb89f749dddda5058a606249c47d31a6d207e979b0ca451e343606445c44640b4484ce0fc777777

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fe0e8cddb08ff88f9656fbb56044b60c

    SHA1

    02691af3e7dab6292c5c2fa78863166a80b6127a

    SHA256

    fe4b008722b7faf5fa46a396ffb5a87e4e70ffe1591f7012b83327f6071740e4

    SHA512

    bc5a393a4162d8dff8276faeaed23c95d1b6c3d15fece8933c35bf0d3beecfe8ef1109018ed75afee77ea7d6fefe86ebf048582439463ce965cc11be119dec05

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    461a5bc768ec4b07d4fc8b73ee14461b

    SHA1

    69f3e7b21a75193c8b79898b7bd8ff66288a6f30

    SHA256

    e6cd6c6e96935bcc611975c95a8eba9832b5c93bcbcc6e26368de3c5867c2094

    SHA512

    0259507f4880af72624e56cf524d22e42008428b0ba77322cdb0ba0cd381ac6b3315f29656d62fae6dc47a0ae38fe8552ce9b87ef27275818190f70628709291

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dbd2db08f47dee283e377be10b31dea0

    SHA1

    f3af5b35c48e5ee8023af0c2110e41754cf81f40

    SHA256

    08560c1feba8cb206bb0181dcd8047ca8caeb5209a91a5b32612c61f474567bb

    SHA512

    c7fc590390dc1d92e605702fbcf41d30ff01768711cd78778bbad6b8ceffa598c9a148141a4664ebdd6690deea0bd8ba8d4d0946bcc69bb75c40ffe761c7a201

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6DD3.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6DD5.tmp
    Filesize

    161KB

    MD5

    73b4b714b42fc9a6aaefd0ae59adb009

    SHA1

    efdaffd5b0ad21913d22001d91bf6c19ecb4ac41

    SHA256

    c0cf8cc04c34b5b80a2d86ad0eafb2dd71436f070c86b0321fba0201879625fd

    SHA512

    73af3c51b15f89237552b1718bef21fd80788fa416bab2cb2e7fb3a60d56249a716eda0d2dd68ab643752272640e7eaaaf57ce64bcb38373ddc3d035fb8d57cd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar7164.tmp
    Filesize

    161KB

    MD5

    be2bec6e8c5653136d3e72fe53c98aa3

    SHA1

    a8182d6db17c14671c3d5766c72e58d87c0810de

    SHA256

    1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

    SHA512

    0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

    Download Submit