Overview

overview

5

Static

static

1

phishing.html

windows7-x64

1

phishing.html

windows10-2004-x64

5

Analysis

  • max time kernel
    83s
  • max time network
    130s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-03-2023 20:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    phishing.html

  • Size

    237KB

  • MD5

    2bd364aeb93a521b08599b0d37a2467c

  • SHA1

    8aee47c6a67728e999808a694d7688720721b507

  • SHA256

    ba34a92d91cc39dc00e409ab417b1a65eb86f57f35c16e587a28bcb4a314e7b3

  • SHA512

    050f2ebafd44171f6498f8bdad1dea4ac08759d17154438d625ffe29def13f9cf4887b89cfd9bee2c27c94bbb8e6b4c777a8724f23d9baf173bc5884bc656f24

  • SSDEEP

    1536:afO0VHSXf28zNta3cjyHE9uc6BcgGk9BAf/MuSj+Yrj0YQM2pNzLLw:WSXepuSj+Yrj0YQtw

Score
5/10
microsoftphishing

Malware Config

Signatures

  • Detected potential entity reuse from brand microsoft.
    phishingmicrosoft
  • Modifies Internet Explorer settings 1 TTPs 60 IoCs
    adwarespyware
  • Modifies registry class 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\phishing.html
    1⤵
    • Modifies Internet Explorer settings
    • Modifies registry class
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4052
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4052 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:4588

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\fa-regular-400[1].eot
    Filesize

    33KB

    MD5

    065edea411671c8caceecb999354cc21

    SHA1

    472bb21b28ab36f7f4f5a06bff20e9d9697cb2d6

    SHA256

    50eaad924a3834ff9bd10545bb3d3b03c36507eebf337ad1a59744b442e0eccd

    SHA512

    a9616078ca48c389c5d823b0b5c2cea1e79867449d13582551d9dedd547c16ca955581493f207c20091baa12607ae00e5e4a59f189ace0a1d171370fb45acfe4

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\jquery-3.2.1.slim.min[1].js
    Filesize

    67KB

    MD5

    5f48fc77cac90c4778fa24ec9c57f37d

    SHA1

    9e89d1515bc4c371b86f4cb1002fd8e377c1829f

    SHA256

    9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

    SHA512

    cab8c4afa1d8e3a8b7856ee29ae92566d44ceead70c8d533f2c98a976d77d0e1d314719b5c6a473789d8c6b21ebb4b89a6b0ec2e1c9c618fb1437ebc77d3a269

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\css[1].css
    Filesize

    240B

    MD5

    bd3d6f52841d371a84c6fda2ffa540af

    SHA1

    599e3794f5f4c6e1f0feee4aa570d2b48ea99f6d

    SHA256

    5afdf26fa26b80d8b27d22f80e5c675f14b73eda30492e32ebfde44d2d6aeed7

    SHA512

    0b90a14f8c7a56a2542a7dca441453afd321378a6c3380db470537e0fe8dbc1abef4412a1e1e387445eb6f38e887dd1f27979ef1318f33dcd9d1f04b8d5ef14c

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\jquery-3.1.1.min[1].js
    Filesize

    84KB

    MD5

    e071abda8fe61194711cfc2ab99fe104

    SHA1

    f647a6d37dc4ca055ced3cf64bbc1f490070acba

    SHA256

    85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

    SHA512

    53a2b560b20551672fbb0e6e72632d4fd1c7e2dd2ecf7337ebaaab179cb8be7c87e9d803ce7765706bc7fcbcf993c34587cd1237de5a279aea19911d69067b65

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\jquery.min[1].js
    Filesize

    83KB

    MD5

    2f6b11a7e914718e0290410e85366fe9

    SHA1

    69bb69e25ca7d5ef0935317584e6153f3fd9a88c

    SHA256

    05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

    SHA512

    0d40bccaa59fedecf7243d63b33c42592541d0330fefc78ec81a4c6b9689922d5b211011ca4be23ae22621cce4c658f52a1552c92d7ac3615241eb640f8514db

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UUIKWEAJ\fa-solid-900[1].eot
    Filesize

    182KB

    MD5

    a20e6745adc3184de8330b1f0579161f

    SHA1

    48d82a3d0758d1f87b029afcbbc596de0b0e8872

    SHA256

    9f0334c395c4b7a6110b67f8170c4b84a75d8d0d314d6e44eb9d22af770126ff

    SHA512

    8c3bfc0403bbea0588fb695b4fed1546581b63ce6b71e8e66a0aed2b518a998ce965ef93d884969ee1ceff10f8e63664775e222484d14bed0a3c3f80c2fc761f

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UUIKWEAJ\jquery-3.3.1[1].js
    Filesize

    265KB

    MD5

    6a07da9fae934baf3f749e876bbfdd96

    SHA1

    46a436eba01c79acdb225757ed80bf54bad6416b

    SHA256

    d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad

    SHA512

    e525248b09a6fb4022244682892e67bbf64a3e875eb889db43b0a24ab4a75077b5d5d26943ca382750d4febc3883193f3be581a4660065b6fc7b5ec20c4a044b

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPCK8CWE\all[1].css
    Filesize

    53KB

    MD5

    251d28bd755f5269a4531df8a81d5664

    SHA1

    c0f035b41b23c6e8fab735f618aa3cff0897b4f9

    SHA256

    afdc6bf2de981ffd7d370b76f44e7580572f197efbe214b9cfa4005d189d8eae

    SHA512

    8111f411c21c6011644139dba4ef24d1696c0f6d31e55ce384e0353a0f3e65402170c502bddf803c3df9149c371b31c03f77be98fdbc61c0c9c55afbe399681f

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPCK8CWE\bootstrap.min[1].js
    Filesize

    47KB

    MD5

    14d449eb8876fa55e1ef3c2cc52b0c17

    SHA1

    a9545831803b1359cfeed47e3b4d6bae68e40e99

    SHA256

    e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

    SHA512

    00d9069b9bd29ad0daa0503f341d67549cce28e888e1affd1a2a45b64a4c1bc460d81cfc4751857f991f2f4fb3d2572fd97fca651ba0c2b0255530209b182f22

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPCK8CWE\popper.min[1].js
    Filesize

    18KB

    MD5

    70d3fda195602fe8b75e0097eed74dde

    SHA1

    c3b977aa4b8dfb69d651e07015031d385ded964b

    SHA256

    a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

    SHA512

    51affb5a8cfd2f93b473007f6987b19a0a1a0fb970ddd59ef45bd77a355d82abbbd60468837a09823496411e797f05b1f962ae93c725ed4c00d514ba40269d14

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPCK8CWE\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit