Overview

overview

5

Static

static

1

copy.html

windows7-x64

5

copy.html

windows10-2004-x64

5

Analysis

  • max time kernel
    101s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    23-03-2023 11:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    copy.html

  • Size

    45KB

  • MD5

    0562ec00d314b7f5ac1fcedcc92e6a4b

  • SHA1

    b22aab9aca11a3a3ee7998ced22bc371c09b7884

  • SHA256

    3f69fed2fdceadf44c4298b16d47b49aab5e5bef8d70bcbb1573214c127885af

  • SHA512

    3c658295b8f547687133a04c2e659a07ee2d64153875a19532c7a9e6328ab288075df49aac29c4c73c50728276a02fe08c79a7ac01a2f7ae8847efaabaac483c

  • SSDEEP

    384:TrPsjcAqyu+qjWQlleTTsyDhagetyuXcLqK0M:TrPUu+qjWQlAAdXcL/

Score
5/10
microsoftphishing

Malware Config

Signatures

  • Detected potential entity reuse from brand microsoft.
    phishingmicrosoft
  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\copy.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1308
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1308 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:700

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    287b0f28c3fa89c13a4d5bbd753b0ae4

    SHA1

    4de0d0e7c4c3de18d5b9d4dc16de657372f73607

    SHA256

    48df052b590012cb0117f325c83ba5230b262f3a8d23d11e3827242315a6e284

    SHA512

    0ef92dff13024c63c82194d316605ed752d3278d8b828a4f4360985269c32c134965a53f30e831171fd704c2617081dc011ea4e3cf2b885bcbb56eb3335d893c

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4aa0721bab2d0301f9c7599016fe753b

    SHA1

    1a9b4ccf2eb06aced936d1a9db7df2edf6955301

    SHA256

    d5f303aa93c411677c22c0535e4104eb5bde706547f7dcf5144c93dc3129e59d

    SHA512

    172c4910c9cc4119f338c24800ee125a5c9919b32418e70732a889034d0211371d6eebd18f2f791dd14ebdf00e9f5e5b8c4cc965d603c72917b38df007b683ea

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e05552de975181cbe1a9ce4b4ea132ff

    SHA1

    b64a2e78a6c439dba2f49063a4573973bf4a0afb

    SHA256

    7cd1553fe956e48325aceda3577ded309d4d822f66d50a3fad9487e903851ba3

    SHA512

    4e374d4b11da494c5f49cae30344d9c8c5c7896bb5a4b6ccb2cdfc0246a83b662e6c2d38155ae75f1a5bef19f8f7f1079b6d97cce25caf6f65a08f2e7bc0610b

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5deaca5112c8094c713b9cbfec1f5622

    SHA1

    6ffccbe1b6a70ac5884733af4e500b76ba4ff7e6

    SHA256

    a04d338640efd4de3e6d4bcca61ffc54ebb21c6db98ad51ad578202fc0237c0b

    SHA512

    79a38944313a7690856b8e75617fa38d1e3d1ad1a4158e918ae8dc32ec2ff40eef621dba51f458d549ffcd02cd8767158d1bd9c92dd7ab29457a5a3b476fcd6c

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4bb99b37b64b1784eec9f84ed72a8a70

    SHA1

    bed3d4be5c1c94c68fdb0b68fd9cbc6caa0fbd13

    SHA256

    8b53b11092944e6de756a000ba136b03c7c9914e52f7250a71cce27e8fe810ec

    SHA512

    02a3ef6a680ff8e5c80e199067b78c268e0c1beb4de1760157979b835d299bbe65131a75095cd73f4105532123d5682d678ba10dfbf494902d56d49a1fc0b12c

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    933b272812235b30878529ef382e92ba

    SHA1

    84cc47bd3e81ddbf704d12e1a5ef42e9cb5f0d9d

    SHA256

    be3b38fa9b704d2bb55f55e402b2e4273ba5f38c2474393365912d1a0300cd7e

    SHA512

    c37a0ab25dd3b387bf5cd7a6a1cb0e21349151aaeafc52c4a85cfa067f5295829481432c3e7badeb404ac34c85ebd6842cd528497d5d8bd6de171744fbd082cb

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aa4743f58e45aef3913b512f94adc721

    SHA1

    67c0f75299d2dad5ffcda927afc3c3a91b78fb00

    SHA256

    fe4176c80f1c7e2a00a9bba35b068bf331be444337d0ef51b8a4870f7d7bd623

    SHA512

    36a6d9d578940829e24d7864a97de881df6803a4c1146ffa5a6710602ace4c13cb399d997f8bad8c54060291f6b2c9af22935e316fb05a737cce9b1de0c91f7e

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    38922f93c7ce215273cd760824dc9dcb

    SHA1

    192f7451ef6efc0a2fb2fe64e9e0e4b5110f982f

    SHA256

    c1914754b23e34b84f44f23430114a08bb06136a798c449848fed27e12489908

    SHA512

    5d9588190a23f2f3132dfeb903436a2d8e5c24ea117e0ccb7c9276f194703dc00593abe84b558d84b92ed050484f8cb0e247676d7a8d5c90a179d35b849ba63e

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    15795635e9781a7394fed5e23ed52b4f

    SHA1

    e16b5cdfe1ce45f2e36f2a87f1d86513bf298d6c

    SHA256

    cc684efe1dbb47398b77137731ed7c42f780d18a51f55eb1e9ae2ad63e69342b

    SHA512

    79f2262eb06d1e2b99912cce83aa4640a15d6d3b2248ac0fd6d5a440ef949227abf1779936ab0f661a73810d3fa6d96c572459531aeb2a3648705df80ffc4657

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9678e7811535e8bda995f7d2412133e1

    SHA1

    35a8b333d6a34a8938b7e6b0602681e1086a237f

    SHA256

    765386915c25aee6195bcd5d220b4c2163b66132564f3d994bdf1b30ecd46bf7

    SHA512

    c94869ead400cb0482e9f99fca3042e264aacfaa545fd3a915cce160809f836c3450acc578049d7afba5178bc26aeb3a4601e4bd5ba0b55666cde022c19454db

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    649b97a32eb66770dc1384fe0718caf8

    SHA1

    f10d71c90545e2f8b22b3421c9ebbef1e0dd2e47

    SHA256

    8eb0c0849338b1123e71ec8e513910571d44082384828fe09115528c20d961c3

    SHA512

    435ad5a29bf378d5d531442b858d843b741784818b3a662b7d4664aeda3191324fd3ba47a2c061909df43263be40948c991ba2cfb4979847d4ad7aeb7df3a067

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\03S7L47X\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CMIDRLTB\jquery-3.3.1[1].js
    Filesize

    265KB

    MD5

    6a07da9fae934baf3f749e876bbfdd96

    SHA1

    46a436eba01c79acdb225757ed80bf54bad6416b

    SHA256

    d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad

    SHA512

    e525248b09a6fb4022244682892e67bbf64a3e875eb889db43b0a24ab4a75077b5d5d26943ca382750d4febc3883193f3be581a4660065b6fc7b5ec20c4a044b

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KTB503AZ\jquery-3.1.1.min[1].js
    Filesize

    84KB

    MD5

    e071abda8fe61194711cfc2ab99fe104

    SHA1

    f647a6d37dc4ca055ced3cf64bbc1f490070acba

    SHA256

    85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

    SHA512

    53a2b560b20551672fbb0e6e72632d4fd1c7e2dd2ecf7337ebaaab179cb8be7c87e9d803ce7765706bc7fcbcf993c34587cd1237de5a279aea19911d69067b65

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UOYUJSME\jquery.min[1].js
    Filesize

    83KB

    MD5

    2f6b11a7e914718e0290410e85366fe9

    SHA1

    69bb69e25ca7d5ef0935317584e6153f3fd9a88c

    SHA256

    05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

    SHA512

    0d40bccaa59fedecf7243d63b33c42592541d0330fefc78ec81a4c6b9689922d5b211011ca4be23ae22621cce4c658f52a1552c92d7ac3615241eb640f8514db

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Cab42ED.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Tar431E.tmp
    Filesize

    161KB

    MD5

    73b4b714b42fc9a6aaefd0ae59adb009

    SHA1

    efdaffd5b0ad21913d22001d91bf6c19ecb4ac41

    SHA256

    c0cf8cc04c34b5b80a2d86ad0eafb2dd71436f070c86b0321fba0201879625fd

    SHA512

    73af3c51b15f89237552b1718bef21fd80788fa416bab2cb2e7fb3a60d56249a716eda0d2dd68ab643752272640e7eaaaf57ce64bcb38373ddc3d035fb8d57cd

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Tar7F91.tmp
    Filesize

    161KB

    MD5

    be2bec6e8c5653136d3e72fe53c98aa3

    SHA1

    a8182d6db17c14671c3d5766c72e58d87c0810de

    SHA256

    1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

    SHA512

    0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

    Download Submit
  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\3ERGASZA.txt
    Filesize

    602B

    MD5

    4e8764126e35e8a4547724ad41cf98ab

    SHA1

    1a5cdc4c7425d3bc70f06623eae90e249d055517

    SHA256

    fdf823182ba5ff94b9e7b25e9fffb7241e19d86b4dae120e7964b411a34bb870

    SHA512

    e6c64809abe9abd84485f09b09afd72f3d574b4c3a25fde31cf3253340787d7680b9b2e1c219a34e7cd6384213e33b5cd3bc0d6d7bb4466f543e79dba5d6ad20

    Download Submit