Overview

overview

1

Static

static

1

ms.html

windows7-x64

1

ms.html

windows10-2004-x64

1

Analysis

  • max time kernel
    98s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    23-03-2023 08:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ms.html

  • Size

    243B

  • MD5

    b407696b06fadde3ab9365116ac915e9

  • SHA1

    56b9a7af8555a644df2b476a842e6587a9db1c7f

  • SHA256

    b9e3ce7ad5bfbf553eed69a96b0f8b3d0cf374922be259e7696f15651f0c3978

  • SHA512

    fc2cd5ce805203b79cf7f12846c9902b34179b42c67ffba07db7560dbd500b4a9ba1502f096e6e99868686d17cce63a15d7975b21d298b4eb9a83d3e6e05e2e5

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ms.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1084
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1084 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1864

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a973b639f2be6fa70c0738736d4dcd8f

    SHA1

    02f3486d3b9b828e9a31c528c6cb2c323b24f881

    SHA256

    21268f3a854695f9dbcebaea4d27f0a4ee1a049a5990fb50a1a30e6870557a23

    SHA512

    281af6e3be3c156a119c402870e6a43bf78fe696f82ad3466e595f7e171a1e571f80d7d70b005218c4b3f98b60bd0fa0add26c20dd564988478b74a4e05d9ea8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    83af0618e74ae7ddffec72add5358649

    SHA1

    2e1c34acc88e9265291c792b7ef6cdeb53eecb53

    SHA256

    42ec559ff587470938d32201b5896cf2820ee3383528910864f3308dceff6df5

    SHA512

    eeb11b41a624c47a9f39e647739af8ab38aeecb697cc457eb36209303c72e77aa02c4cbbd743b7791513480dd24c26ecae6ed5412419340c6ad9d7163ff96ca2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    146ec4f6670e69a6a24e728420002f18

    SHA1

    0eea97eb8cfa21df1ab4638e68d2cfd94ffb4879

    SHA256

    c7ab89f2bfc216812a0150759c290ece5c1d7c23b5a606602c9c41879cd74747

    SHA512

    0b16d4f400cf32160798324094f4412be6765952cd453ca25036b2e32fc66afabda1e1fe02d8e970b560d98c160e373b37d26df296c3828eb362883bd058ee8b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    940d07b96301b3491a0143b51cfbbda3

    SHA1

    187f771c85d839e7aafdbc51c406e481a9fefabc

    SHA256

    9ceac9b0f3266283330ca9674d355f3935ab951b35ec70a4da1c294487f185f9

    SHA512

    b966f2cb3b3512c3237085e37a72309d8c06c1dcc0e1c3ac428b4b425d6922a34d3f3ac73af4008ae76f1751584e6a65b389cd6e23eb2dc360862b02697f8551

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fa4944d3bbe4d34a21478f5ce02b4889

    SHA1

    f4ad4542ce9e03143cfc7ca9fcd98b18f99ba7f0

    SHA256

    dd4fe1922c4948494c584da495d243e2c568166c7fd631f7e67e1031cae64270

    SHA512

    ffc64dd84bc2a1c2647bdbf3963e4219a2eee1a19c769eb9a841ec95d49b112d862ea6072d7acb71b51e7f29e02ad3556923a76d708bf48ff3c5839114988802

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    503c662e69505da2ce5d2446e9497e13

    SHA1

    fb78a85f471f052d69455798d912e35450ed994e

    SHA256

    32d649059aefefc344bef0d064a4c787befa50fc8d099e8d38a6b18e0a5c463e

    SHA512

    338067087e8a7a6695d5d1c03421669044c5c071d2318aab0b0fecea9cb9626a26d308ed374b59aa0a3d1edfd80a53c98d685e948ad8596545ce64bf80153de5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ecb2cc691d6ab83c39270c4b71cb0558

    SHA1

    46fba6d8545996aa1fef519404b09b83a3cce1e0

    SHA256

    ba12178c0807ed762baefbef898360c0f8d88edd18659ab0e23889330ad909b4

    SHA512

    af26e1042049e5f81f5130cb3c47dbdaebca22e40b4b10be0930dc77c6d0f95860062457043105c74ac08f2aba46ad59718b5207f7e756a7c3ab739d1f490487

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5a0dce76224cf1d449f719e9b812d9d5

    SHA1

    7e55383b8ef4dd0053da4cf41faacf7b19969f6e

    SHA256

    fdee5aa4ff42e083ec6912d5434451af34709ba0f2163f31afbe2bc38d69540a

    SHA512

    6e180104066cd1c1efd611fffd1e50cac073fbebee94c54b618a4b9e3ea7d9c87c8d05bd3e6fc523719bdc4b6bda0678c21cc6472071bca66c30b66f09aa71d0

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S7FIT0B8\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab4C01.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar50E9.tmp
    Filesize

    161KB

    MD5

    be2bec6e8c5653136d3e72fe53c98aa3

    SHA1

    a8182d6db17c14671c3d5766c72e58d87c0810de

    SHA256

    1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

    SHA512

    0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\XNTDFH62.txt
    Filesize

    601B

    MD5

    b239ec4c8b18fe98878e75d02813f69f

    SHA1

    5061a77cb53e11694480c1973133a2395553577f

    SHA256

    12864cbbf451e9c76a5e1755ee41299c2810e1ed5ac5bc0baeb4f1a1f6d3ecfc

    SHA512

    bac177d63118bb16fed17d5df0d2629090194f602b202b72a26e0ee5d9301b81e7ea141842da5ded79cd17d9800a4ee087b5f1174aae7382418f3175d7c12ade

    Download Submit