Overview

overview

5

Static

static

1

Tallon SOP...).html

windows7-x64

1

Tallon SOP...).html

windows10-2004-x64

5

Resubmissions

24-03-2023 14:52

230324-r827dshb9z 5

24-03-2023 13:51

230324-q5zfnagg8y 5

Analysis

  • max time kernel
    67s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    24-03-2023 14:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Tallon SOP Invoice (Single) (002).html

  • Size

    333KB

  • MD5

    66936456e0fd7a786c42bafeecce440b

  • SHA1

    dcc1f454ee181a74dd99a3a3354d342a722c67cf

  • SHA256

    ec9b781718161db93294fde897a7dca738c61a55df04afc47fb4563338212d90

  • SHA512

    40d19022c95b206c614380da8c26ef21de072fc2c19585fefaa953ceb4842b63168b3fc99b5742efb8d4c8762d2052dc3b4af2390f4bdff7b620735437eaa69c

  • SSDEEP

    6144:D+cONCmQ+SgZ91yQUtAKluvkfGkH9Mb+4gZ+pW9B5:D+cONCmQ+SA9xUtDuvkfJmb+L+pc

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 54 IoCs
    adwarespyware
  • Modifies registry class 6 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 10 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\Tallon SOP Invoice (Single) (002).html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2012
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2012 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Modifies registry class
      • Suspicious use of SetWindowsHookEx
      PID:1204
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" SCODEF:2012 CREDAT:209943 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2044

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f30aa01a800f2f851fcbe464df024131

    SHA1

    dd0327368dbad205a7b10a79a7ddb539932cc6d4

    SHA256

    976e5b6e05cd8089ba9aafb185ffb577caeb4b8dfa5a55c36f53f6dc7ced3533

    SHA512

    ec91c2403027b7deff96dbb2ae8ed3a07417b16a86f9659c5acef572f5a78717cf03f0ceec930dd58ea56410d1465525ebe0753396e8b711118f2f1b4d5dcc72

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5e40cb1528998f0307aeb68225cae523

    SHA1

    b7f96ee92b1af4b6cb819594203979ffd88f6df0

    SHA256

    b273ae1bc431c86b2113528f67c7bddc9f6e039ded8ca862fc1d3f090bf42e90

    SHA512

    f158d6d29a5961c3802f6e9fa3f095f8cde3f7df69319a7dca09f402ebab532ede96171fada2fcce29d3c89f83abb607027ab0498297324d7ad392560cdd25c8

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    87d78ac340fe6dad4608a7bceed73070

    SHA1

    fe8a0c505d0e773859709b7a262f07b8dc636e8c

    SHA256

    2037c1c3c7d959a7002c14ec1fede0349076483157132a5aa6a4acf89aa68247

    SHA512

    56259ce1f629cce615b23a6f707ef21d7514fbefea45bd84a032535dadd8baaf735ba41556a68e72d90b0f3fab03bccb4d6930c79cda9bc1b2f36cda02f4bffb

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    051fcb54325a556eb8d40d0de5976434

    SHA1

    740cae08ea295a1412db8db09829b7e710046578

    SHA256

    0ebe70cb20a13f6a91d4c2be2b34527808b7be8e12e66968480975b05c92543d

    SHA512

    009ca71323668342b9ce4e32ee65cbeea297c149691afb95ef7a99247f19926b5530eb59cda0428e2ff763f680c2dea1d2a8a59c90eab78674da0b6b325dfbfe

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ebf1fdb193baa81801ae3d02ae2537e6

    SHA1

    614f4aee08ec16d7f2dd93eb55c0e729e1be3848

    SHA256

    fa3ad1758d9f2123ea8b80e894047a3002976b1e6c13c5fdca6bf551a7f00833

    SHA512

    ed78e522f63bad3c248f23d6ef7e829c0b2a680607450902628fca4b7efdbf94c853ba3b40d062ab84d7d9f04dc5bfaa90f30711dc18ff883dffa5fc6e40f587

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fa9d9d1fda6b607d6cfd2094516292e5

    SHA1

    3c1c49dfe60123b146a01b381f6e8b2d34802b02

    SHA256

    ceab19f9cb87170df8838f639a58474c1115de4a6b711c3fbc6416f15853e8c1

    SHA512

    872e38c5f0ad41eab39ef91a73f38876e2467af28595c267cc53fc4dba1c4fea8601191f15f60f6ac80d60524ace8312a707f72b8bb3cf0705bb6be9210f9c48

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    66544d8b36bc0ec0f6b608f2cffef750

    SHA1

    308961f353fb39bcf5c19af0ec5c1363c5676eca

    SHA256

    ead7d3294a808b246a4492150affa1537acca072db938e48351de89299fcb8ff

    SHA512

    13fb0c1dd8b01f37f0d048e2331b71186111e9eb57579f0e93390b7c7cb45611821cf5438635301b88c5471ee8912ceb42ed2b36c8fc6a393b356b16fc36f3fa

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e1400270081e492bddd041c885b4b271

    SHA1

    d75272d88d857cf0b286ab862e4d32f3ad6247cc

    SHA256

    a31c1c5552d4f1a4378799a3cbf5188678ebec515a993217901836edb232a1ec

    SHA512

    165610a10d63bdc7e699b9d78d88ee675df2ddc0ffe30563abe30858ef64c3910c51e80a52b84168273a88f92280728673cbc7a90e27272d4375d9275cd0c762

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    24bc58ab58ccb66016caa2a3f6945e73

    SHA1

    f5cea426dacbd6f3a776e310c332648927e05925

    SHA256

    693aa909d86982917c76e6213208cc3af6d91b417db577b43a60de20ec5c0a71

    SHA512

    38931fa2a76833a892b7145e3125bfd2b10f98661c38ed9b2c32e5145fe1d956b6eecf783ba576d0de6f57926ac5c078e0569217c8044930b2e820e0f92c03b1

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NMXH1C0L\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Cab5959.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Tar5C9B.tmp
    Filesize

    161KB

    MD5

    be2bec6e8c5653136d3e72fe53c98aa3

    SHA1

    a8182d6db17c14671c3d5766c72e58d87c0810de

    SHA256

    1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

    SHA512

    0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

    Download Submit
  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\0ZCLI8IP.txt
    Filesize

    599B

    MD5

    b0a143728ee32249614e2b8cc742eb13

    SHA1

    a32609fc48f48070203356f091b55377214b66f0

    SHA256

    483843c799af7235fd358f100c6b35d5a6743b56b4a229359d26c091d12898b4

    SHA512

    6cffafb072515f5b878eba15c5a541ef8420d477484936ef7d42a66eb074f19dac02cf61a8953fec44c618f43c9882e00d80e75c790808c261e5119f44218cfa

    Download Submit