Overview

overview

1

Static

static

1

file.html

windows7-x64

1

file.html

windows10-2004-x64

1

Analysis

  • max time kernel
    147s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    16/03/2023, 12:26

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    file.html

  • Size

    7KB

  • MD5

    861bcf3cc38e846a7099663486a18914

  • SHA1

    28902e8e150db6b6389b76b3333581a801b7a316

  • SHA256

    70c462c894f63d1c193ea55e2bb1e407c28f617e04816ca2d20d2258d5b6775a

  • SHA512

    281eab548c288826eed42b87085ae92b9d8d3d64f4da0b65c1eabf825654b518106b844ed4b71a20b8b0970bd9f34d789f8c3a7b1895da59383abf421cfffb1b

  • SSDEEP

    192:/JYlCuFsSC5SeW1ZUcSwB1weO1oQqIqe/CaqO7Rcb:hWgSebZcSwjho/OOF8

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\file.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1228
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1228 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:796

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
          Filesize

          61KB

          MD5

          e71c8443ae0bc2e282c73faead0a6dd3

          SHA1

          0c110c1b01e68edfacaeae64781a37b1995fa94b

          SHA256

          95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

          SHA512

          b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          78285623a82e44a94725c10f99320d19

          SHA1

          bc58a942539a7e1d5299565fa59f9770910cc64d

          SHA256

          ae253b53a7bd33a22be0e3819b4c583f04bf8dda52805d4a2d58de708e0ad1bc

          SHA512

          ec3697f68d0662bdb56ad844964821eb6ccf77c984fc5c7dfb3e5733b94e2532682ce234a3c9300c403611df846d7245f69445e36022e330755d3985bffad926

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a91ac16b24114a72b9e7ec023b5e4c7b

          SHA1

          75c89209b779b45ab90253a40d474391b291e549

          SHA256

          82b90d91c4ce784325b41c6edf0e857d7b5ad14392049d5dcb8a2a2912d999eb

          SHA512

          9293831d6c796b4c02d0688a86c44df61f1bc2789045fc05534ce72d90e31d6939b420bbe4923dede03237a049cdb45185b8dcb622e70a083484f45e2538cb12

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          896f652b395e8da8941f6ebc1aa9f629

          SHA1

          d330927eb55bc4563bad8552d66bdb27810c9a6f

          SHA256

          e3ec17301581c54778d02ca84ec561e9189cad7f745bab17482687c93042e79c

          SHA512

          abc1d9e4a2ebed453976fe77b0af0942b6f760c967607d8eadf1a3fddc1b1e7112ec0b90b6c9d43c9b61316eca759aeb917f5decc261662da374a7343126cf8b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          7b878e46cebb5ea7b4c69713614e1ee2

          SHA1

          1d643a4abed37214aec39aae22cdd67277da7e58

          SHA256

          f852b4491b8307fd5aec4e971f051a0f93fe185b161a01328ff53d3ac1e0b83b

          SHA512

          f903c206907a7c613756c642768edfca17a0d5e758bce7b1307c1b0121d072d290226742e964060256f10cb900ed441ad61795cd1ca51536420f18d8661fee01

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a4b0f3402345d7a32a62ed6536f2c6ff

          SHA1

          c00ed112a2fe81f78fdb8e118f44120ae1b32657

          SHA256

          53c7f30e9321b639f9f285e3d15f518d51364806aeb81ea6d9db06f9f370ce76

          SHA512

          012f32052afcbdf145eaebc6c0353a7305586067abac5af2e84f6192a95c6a120da0f69ecafcb111a0d865d805fade1a8a1a19e89aa2919f69853f1b30ccf742

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EV74ZOZO\suggestions[1].en-US
          Filesize

          17KB

          MD5

          5a34cb996293fde2cb7a4ac89587393a

          SHA1

          3c96c993500690d1a77873cd62bc639b3a10653f

          SHA256

          c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

          SHA512

          e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab9A8D.tmp
          Filesize

          61KB

          MD5

          fc4666cbca561e864e7fdf883a9e6661

          SHA1

          2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

          SHA256

          10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

          SHA512

          c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar9C6A.tmp
          Filesize

          161KB

          MD5

          be2bec6e8c5653136d3e72fe53c98aa3

          SHA1

          a8182d6db17c14671c3d5766c72e58d87c0810de

          SHA256

          1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

          SHA512

          0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\3Y5I2YKC.txt
          Filesize

          603B

          MD5

          2cbfab69354fd7497ad72a32cb457144

          SHA1

          002c01a1fc471f30526894401c801a298f625fc7

          SHA256

          77e1d6d3b8403add0c38d1767fcb6d13e43c0c420f833ee67dc7ab4a3965cba3

          SHA512

          f87c67040823ff745b6616eb18cafcd67bc397ce8e064da9b2dda0513fb7a7dec2f624759cf111b8223ef4c9ec4ee72bda9b3144f5edca42f13884f813d950e7

          Download Submit