Overview

overview

1

Static

static

1

sample.html

windows7-x64

1

sample.html

windows10-2004-x64

1

Analysis

  • max time kernel
    147s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    15/03/2023, 09:50

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    sample.html

  • Size

    80KB

  • MD5

    f56b9d9bb137f7b0378b9d60ff57a132

  • SHA1

    5f922a723f6d6a7ff6875517fde1ac0a533fa3c3

  • SHA256

    21636b99cffe19eb8442bf5502067d4c9507d5a30924a4d7863f95c956132e78

  • SHA512

    601670f534341835fe1faf75b4f1829a1d4770e0ff0b141a448103bc0995ecf30e6f6c7fa6fa3100682f65facfe0477b90fb883fe7252e29f361422e8c194434

  • SSDEEP

    1536:XTQiCiW9rqCO3j5lLoYZycwu6wQZhcDlWcLsUl:XTsiW9rJOT5touycwuxwhcrLsUl

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\sample.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1148
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1148 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1232

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
          Filesize

          1KB

          MD5

          807ff9efa80e87b95dcfa33b6ce1a62b

          SHA1

          4b1516d2929029e299564f9985f2670f3ee07ed4

          SHA256

          a0967f857736ccad3999cd9fefea0bc27249691eb2f1f1a28d3cc4f433f692a6

          SHA512

          11a7c0ed698a24a9b34709e6620af21e16b5afa050bd68f43c5f1f1fcba4d98c5468272fc333c55a58e7b30d4e05210eb8859bed887a2d7c1922ee77f38bf882

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_28DEA62A0AE77228DD387E155AD0BA27
          Filesize

          1KB

          MD5

          9a7645c2708a9257b56b604b1286511d

          SHA1

          c82cdd8c60df90c1cbdc85171e23ee675da48aac

          SHA256

          97c263ff723de0b180a350a9078aad1991705f77d27c2296b566cad6bb2b419d

          SHA512

          5b7bb9f34f32a3f2162f39e51408e8b77f835d42693f01a3d5b74d95744e96cee0b725e3ed6069cc04de6d380d0cdbce69582df7cdd081dacb2e07bd9c0d015b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
          Filesize

          61KB

          MD5

          e71c8443ae0bc2e282c73faead0a6dd3

          SHA1

          0c110c1b01e68edfacaeae64781a37b1995fa94b

          SHA256

          95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

          SHA512

          b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          c8bf1cba5673a4c31ff84923503b7356

          SHA1

          3ff38a0f8c9ba5c9bbd79d8f1c096a0efac9d426

          SHA256

          a806ed10d0c633ac7138dfd0437a9faa13e4915ce43515323da9a89832950f5d

          SHA512

          9310e12a269c6b27c465aa5c2a372f295772af57a525b4d6ae85e78114c086c6625c96b78fe645ed851f8a536acb631e7bcb389b9ef62fa26d6daea0b23ea565

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          703c16df3166d58aee09b4aa61e341ca

          SHA1

          3e335394138df3294395f24cba57f59d3e63c9cf

          SHA256

          58d5239ed19f072a3c512d5b7068160bd47ca2d02af4635af8a398d0623f19ab

          SHA512

          764ef45e3bcbfbcbb5457740acf1a2f600ab3a111185d6889cd804f0503432fe96721df17284a2e3ae99c338ba1989c8f4e15b19db600dc737fe2dcccd8719a2

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          d6b26266a7f02096844651304f3cf2cf

          SHA1

          12451d94a13b0636985c3bdb1010700a4d2a9efc

          SHA256

          1eb3f841b0e631680de76d854647b9f5d1e6e0431aa41b63f8506599a2a9edac

          SHA512

          8db89d2c90df3392f978294ae18babc246cc04ccc8aadab690c4a06d90b376d173ad248e8d267cb623da1d17a977881162848df0f8e4511c41924b7f65ecf79e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          e9b75e05cdc6ad3be5537954ba368dd9

          SHA1

          2316fd5ad72be155cd52b445be50f7e451bcbb32

          SHA256

          8bf7336239e6e591a99f735245138eb7a54ba8eb7b5b67786c560a39d0effdd3

          SHA512

          748ed78827b9fa3d3614e194023bab6fae8570a9b2e128119c9746442a33493cdb1980f8b3a273632184175381779a3e174768f027272eacaff933bd3686f2e3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ac7964e318c92163f5f3944d61109436

          SHA1

          d10579db063158595b3b91ac5934c36637c2a7f5

          SHA256

          cc18c2a825535d22cbb1ec4ef3a1710fbb3e9e6f9385f970bbe12db715c046b3

          SHA512

          ef22d6f3ee664ef03a5c7e7ec75ddb6a83a8e94e89bab6564d635b37aa414c96314863c63d8b1427b2e2aa37a29a76b142847c0c86edf3bb9b9ffe5d9c8ef73e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          e3bd968ee258df11d0f1e985f0c2073a

          SHA1

          00854353f7b35cfcca16d5744262499e30c0bde2

          SHA256

          e292f5ec28553ef3a8854f236f51ad2a1621128667b208de7bbe6876cadedd3d

          SHA512

          452b47788b3eba181836e7734d592a1d5c8cd6c44238c6283560764bf44a4eb8b6f968a220df1d01844ab6ff88008394f6a2ba9ac5b8321cb4e1a3734b172882

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          dd6cff1b7fc0c803195bd51dacafe9eb

          SHA1

          9a992611bf769262e59a98afb503fe5e617e189d

          SHA256

          1c0f53ae759827ba551d14c5452d4ea2535af3d5e66db550d287ec8728974411

          SHA512

          4063c8368ec7024088018c2b191179a8cc5f91c237eacba5712c9b97ad1189c686c4cc0a9a690e15eb89c11b84a8aed19ddbcd6626f59fe151df4af7dfb59abf

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          d7c41c54051919b33036877c9c30b5b8

          SHA1

          5529b038e5aeabbe8dd7cf28fa6787598a5097d5

          SHA256

          0f8c907b2092c174842b9bf129e439e3c0236fa9706f33a5c8b14cb301f4b2b0

          SHA512

          869761560c4cdf14ed1b6c6e166fd230a6f54e677ae318b70c47b41abe3de2e2b3b5cb8e43023375d69910a39fc133232d0dc29e3b1cd4dfe62c3a290e9bb942

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          cc6593adfdb32d85d495016e30d02132

          SHA1

          b465135fb29ae4f62f5234b3ea92534c97129673

          SHA256

          dc459eda7447c594ba6ffc445ba4080d63e20c4d6c56f4a87cf4bd4bfe5eefdb

          SHA512

          d0824db372eb772da3bb913e1b64dc0715e2ef7b9a0fa1e72f1cb35f1b66ed45e2fc12c2ad5587fcf0f107f7d0e34f65527bc70f0d4cbd7ef5d81465c3d8ee5e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          54eab27d8eecaf53aeed718254e77f79

          SHA1

          dad64bfb7671f897b5238bafa5c4d09ca91239de

          SHA256

          f27257f6386997e1d08d5f3f4bc896c92e225046ae53cae14ce957bd50203b66

          SHA512

          c413cb1da275579fb475fc44a3515016ae1baa20bf651e02df98ce60fdb4c2551e14b1c0c8d6e736620224d6380503445e93de1a8d1d15824421644326911d48

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KTB503AZ\suggestions[1].en-US
          Filesize

          17KB

          MD5

          5a34cb996293fde2cb7a4ac89587393a

          SHA1

          3c96c993500690d1a77873cd62bc639b3a10653f

          SHA256

          c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

          SHA512

          e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab2E43.tmp
          Filesize

          61KB

          MD5

          fc4666cbca561e864e7fdf883a9e6661

          SHA1

          2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

          SHA256

          10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

          SHA512

          c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar2E57.tmp
          Filesize

          161KB

          MD5

          73b4b714b42fc9a6aaefd0ae59adb009

          SHA1

          efdaffd5b0ad21913d22001d91bf6c19ecb4ac41

          SHA256

          c0cf8cc04c34b5b80a2d86ad0eafb2dd71436f070c86b0321fba0201879625fd

          SHA512

          73af3c51b15f89237552b1718bef21fd80788fa416bab2cb2e7fb3a60d56249a716eda0d2dd68ab643752272640e7eaaaf57ce64bcb38373ddc3d035fb8d57cd

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar58F4.tmp
          Filesize

          161KB

          MD5

          be2bec6e8c5653136d3e72fe53c98aa3

          SHA1

          a8182d6db17c14671c3d5766c72e58d87c0810de

          SHA256

          1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

          SHA512

          0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\0K332DUD.txt
          Filesize

          601B

          MD5

          4681125ee23d6fc629df78f886f0c9cc

          SHA1

          e5321622805ed3d122800715e72046d3ae8e2891

          SHA256

          4030fe9df181e73c7413c98dbba664119d6191df4691954bf6ad0671b60d56c8

          SHA512

          0ba1d28576a9582378d12c60616041b2a3c75a0ce9c217b428490f036d71f2e922e91c2cbac9358becd5704ee3403d6e633e533ca6944eec3fb79a405c441925

          Download Submit