Overview

overview

10

Static

static

8

52c03506-a...92.eml

windows7-x64

5

52c03506-a...92.eml

windows10-2004-x64

3

Electronic...23.zip

windows7-x64

1

Electronic...23.zip

windows10-2004-x64

1

Electronic...23.doc

windows7-x64

10

Electronic...23.doc

windows10-2004-x64

10

email-html-1.html

windows7-x64

1

email-html-1.html

windows10-2004-x64

1

image001.png

windows7-x64

3

image001.png

windows10-2004-x64

3

Analysis

  • max time kernel
    100s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    15-03-2023 05:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    email-html-1.html

  • Size

    464B

  • MD5

    8a31892e98b300cee0769ad98c37103e

  • SHA1

    b759b2c575e43e4ca9ba992cc6a5d98fed618276

  • SHA256

    1c6072ed4159e523f44ab7192ff79b6ff43f3cee987374be128613f0a0132a34

  • SHA512

    2d4684acafab479c39b7414b28e3fbcc7c4220f5c939ad400254cb75e8b5f36612dbbb972ab16ef460154c53aac5c745e10b785f59eb07ea42aeab352356b84c

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\email-html-1.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1132
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1132 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:968

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6185d3c4d8fd929b3beae8e9f8a256df

    SHA1

    ccfddf0c2eeea1f0ffcf5f6d661d741b99fc5b48

    SHA256

    ebc26a78d0b69a1148a06f24e1b28f9ba798e8b773b0ac176a1c08a4415177cf

    SHA512

    2d31cb1e5b6e2fa258bad3fb3f55cc833f3f014a9edd13a48f6a62a4fa216685dd6077eaf43c75875b8635f457895b688e4e989562a194159e7521dcb25f3b55

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c6458b1aac0a1e284f90811a5a6329ed

    SHA1

    4cbabfc7da02038a3512bd963f9ba73ec9fd02fe

    SHA256

    444ec33a4449de090e5a144675bd4ebebbe59d9e604ce2b0bf6b9c75fa329abc

    SHA512

    d756a867589931cbc6911afba9d2be3fa419fa87ccacf6ebb6250a2de7330165ba6d2c7d889afa7b946333acc26e2c2194afcdc6b908f47736d182fa13bb4aa7

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ffb7245437e1a472f66229b6ed243683

    SHA1

    e63bda1df8b3a02cd57546427c47b0f97f8b262c

    SHA256

    d03b925eea9f9e4fe98a90fe43e307b07e5518edd946b5ef6e52ada32264415f

    SHA512

    f352567530ba0a6592ff6b19a2edb564d9ba5c9e1709f423557cf8a28175a5a9eb9b655070cfdb56dd07ffd2cda835293943afb11c781de3d3484f305e123967

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    48e029440b6a5888840ef9f4a27723af

    SHA1

    a1dd3c6482df2f31c0d086e0b00f99ad53905b83

    SHA256

    716b4d223a6650309566765e3b94a41c59301340d95dbd21f3e028f2777822eb

    SHA512

    9d277995dcb42ba9290e3340fc46f53cbdcc5cf51eea4d929028fdaa9631f44b76c5b37224c15b6001260702a2776041a09822981d6cadbfa874b7d39b09bee5

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b5072bd096b6eaf0d35b59169db2b123

    SHA1

    9c8a96cc2b05c3b6b864ef5b12b73dcebd579f76

    SHA256

    d9002ae0f5bba331cf7e916558b7de62e3db8f56bf283c0e8cb903bf04681bf1

    SHA512

    553b950b332fb905bcd32b6255067e1910566e52883f0f4ba2079906e363830c0a247d7a06478f56006258b73711cf30813c403d7d6caf4562b9d8a3ab80c089

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e982072ec1d44015cf8078d8921f4f52

    SHA1

    4b27ea6fbb31668efdacbe66dccd22d04c18773c

    SHA256

    e0670d8b8dc52148ea08a7f75a4085410d558ad86a0941711d14923a402400c8

    SHA512

    8abc7f4fec3bd5d29614eac42a942826887a773645f9a59b20ab3fdf8ea9d92415c9e17e25669af36e7f724d6b22b16130ccecbe612fc1cd294ba3994e778f56

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    94a68fe5629467c0e50e71aa678c7ef8

    SHA1

    2a6fb98c619d6a21d39333ad5753e7adfa391c5e

    SHA256

    70b43afb5cc6b48a5cf76b3a3047578bdfca0aae0cc4f3c59bfe6df9e8a92c67

    SHA512

    3551701aea7ad2d26c1a24ecf8e471f26eef35e615d807d9320b98b8d0d240ada0f884bbc23a9bcc1303a95b153dea3976f7e2d3b36d26a73ebadef21428aca4

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ACT9UUKV\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Cab4175.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Tar4278.tmp
    Filesize

    161KB

    MD5

    be2bec6e8c5653136d3e72fe53c98aa3

    SHA1

    a8182d6db17c14671c3d5766c72e58d87c0810de

    SHA256

    1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

    SHA512

    0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

    Download Submit
  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\21XAWKEF.txt
    Filesize

    599B

    MD5

    523658ef67859ec66bd168782225242d

    SHA1

    4480a89b3a54860f0a7dc77ac9e2c8942a177dba

    SHA256

    515fe2ef5d03226797f0dd8498b4ea88e1fcb189827a880b5cbd3e51ad30a0b9

    SHA512

    8e21dd27198e07d13cb7d22659b05be72a32b762c16f7604c5af66129d303e1344ddbd98f6a92f182c02c9366b8ee68d16177435363f4400b93c12c743ea39d3

    Download Submit