Overview

overview

5

Static

static

1

Tallon SOP...).html

windows7-x64

1

Tallon SOP...).html

windows10-2004-x64

5

Analysis

  • max time kernel
    66s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    29-03-2023 04:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Tallon SOP Invoice (Single).html

  • Size

    345KB

  • MD5

    881f6e49edd32d210e2371fd1819c6bb

  • SHA1

    807caad4c7dcef9d6a590703086141014e3579dd

  • SHA256

    96d9c5b577b6c83e2452fcda9097290c73eb918bd9bfa751afcdaf9334a28573

  • SHA512

    cbde2d9debff79e7859daacc5b145b62943467558077c1563b3be3fa0f6593270bdb2f4b09770e5067dfd8faabfee7e44f896bc9ab0010cae3ed29ff3ed66bd2

  • SSDEEP

    6144:D+cONCmQ+ioWY9CLgO/ye730cxHzfjpmUqvMmy:D+cONCmQ+iRLx/yEH3EHvMJ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\Tallon SOP Invoice (Single).html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1288
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1288 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1656

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a8428821c8311b6988eb040257af4d46

    SHA1

    7274417a6e1642619bf9665149f710225a0dc8a0

    SHA256

    dd5cb5618a96534fb522a4b2acd89d0b8336eaf820e91904174842a78ccd1fd5

    SHA512

    fa1d8d5673893e168065948e68dc503ad8f3c40e41fef442eb3d3026617ace054511fc234c8aefffecf31e73be5248d4d11d145e61a31a70bb37d02b3cd1c1b5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ec3b48702bccc70a7233326752be0b24

    SHA1

    4fa788d6375f5a3fe24d1a6859db7f58dd8df018

    SHA256

    31b712ebe8bf63e8935fea00adbd5122904388f6968e168ccc9d521d5e6c10df

    SHA512

    65a503f47f6eb579899c610f6092be2fd77df5fbdaf71e19e6b5cf998a7a008e3e7cf08e758ca6761d752ae4e75fd1b53818be49d7be87087d7cc9dc61715397

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    02b7e902a384efa0a46e98a041b4fda8

    SHA1

    9281512f97e1b3315de501e3aa00c4f420c49274

    SHA256

    57eb0dc36ddaaee5aef2a72921c16b7207e64818630e5688143989b32319238e

    SHA512

    5635fdd2626af3d8d83b1d0fad8775d0fa28b1a47b335c080865a8b65b105452d274e394cf09751fd554fa63e02205770fa3833b0b598276a2dcbe47b2c32c69

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1bbab036dfd5ddf1753c6668d8f204a3

    SHA1

    6eb1e4863cb9c5b57cd2c5576bceeff7abe7831e

    SHA256

    bd8b9a811483342c89d7f3560afecb68c47c25b07bfad4013ae8fbc12935a723

    SHA512

    36f30667ff6f90fb6a45b457b51b0445578257410c9057975492d01da6fcac514cba36e6334377d466fd711b79131cb31f831e4e6262e25c5b5ef3de2ad922d9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4d37d7ce6c4c98b5622a5c9c57a35de3

    SHA1

    deeb96d948e6998a23311bb3486194208df0445a

    SHA256

    a66cbc630ad6258890b22f76e681cfe12681e2ae5ca2600f041aebc20b2b1174

    SHA512

    f0cf70dc9cc2f144e74f251080e67f76ba7922d0df67c2eadbd600406a39270121f4e691aef3fd7a9843bcd2223f53a4098dffff7ededd31174ff3a8fc4fa56d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    79daf14eb2967f2bf3eaef3538f0ff9e

    SHA1

    ec95be46888e89a600dff1396719ba86a7649da9

    SHA256

    8f532a1271b9e4152064a896030d29935ee88303e22a17a4d7116ff46c332f31

    SHA512

    ca4c8dc19aea9c245c41c7f8a328b23e4716b71b1f81f6a9ffb3853e5e209f82b74c90f2d12d0bceb562fb11675b3a3a4e02d505ace7be811cbeb78f7de7ee1e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6fa445f38a76e068c9d62aa80f3709c1

    SHA1

    310b24e900ad80709d283f33633fc9d3e1ec36bc

    SHA256

    06ad580d41c9d99add62e4ab8760165cd8f83fb35fedaa2338e21ec9d9f57091

    SHA512

    e1def920fdb95328324ee303b62b4d6c378d7c892526f0dd1add55f429207360e432d58f2e57232d7043d4501651eb094e4af640700f84816b48a66c6a4df079

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b401f51c7c149edb21c6c2da8bd56f50

    SHA1

    707bfabb0db823260e306055b46a78d24b97d527

    SHA256

    05f79cfd6fe833e7b9a7df8ebae7ab7ecde7d79c2940df4900c30d303932c7ce

    SHA512

    874c75490c60a29e3c51312e79de88648d113617e1a7c942c3f56e1087a69b5deb61cfe69f295d42e4b55d934744af4c55c37f4688a3ac3210b47fc38c2762b2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    10f442a5a77598849957f3516adc05f3

    SHA1

    ee40d25dd232b4ef633437b2fa7f4d0be2da2a10

    SHA256

    d5212bf1af15a6f335a37dea649e2767919a4f563c7f00a9aa80c4e69df64f71

    SHA512

    9097551fdfb5ec94399a4db69bb09b1eb83c5e55ffbc21250461a1f7af78cd0e0b8710c5440f7f87e7dc23f5b55bb7c49490551cf0c268c45a0bb6e07d22dc64

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0654b4ff2327be2695372d724c5b31ec

    SHA1

    a1fff8dc517eb350217b660c70f070983331d108

    SHA256

    f901d74b21db6165ea3561bc29eddd6c2c9252e969bdf1bba69ca28e14581991

    SHA512

    ef520d27f75d346f4a60b301ee5102430e4277e35043662388f199ee101393187fbd5564d114165be89b105332b34bb19beaf980428638d73e88bf3f40663e14

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QCNSQOTT\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab29A3.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2A70.tmp
    Filesize

    161KB

    MD5

    73b4b714b42fc9a6aaefd0ae59adb009

    SHA1

    efdaffd5b0ad21913d22001d91bf6c19ecb4ac41

    SHA256

    c0cf8cc04c34b5b80a2d86ad0eafb2dd71436f070c86b0321fba0201879625fd

    SHA512

    73af3c51b15f89237552b1718bef21fd80788fa416bab2cb2e7fb3a60d56249a716eda0d2dd68ab643752272640e7eaaaf57ce64bcb38373ddc3d035fb8d57cd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5287.tmp
    Filesize

    161KB

    MD5

    be2bec6e8c5653136d3e72fe53c98aa3

    SHA1

    a8182d6db17c14671c3d5766c72e58d87c0810de

    SHA256

    1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

    SHA512

    0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\AF4FY78S.txt
    Filesize

    608B

    MD5

    b02b3f567e40ba69394e8d3f432124d7

    SHA1

    ac054ad4950c41c4d3a09d073dc715f7c08290ef

    SHA256

    7394fcb8a3a2cec378ff28a2d71f5fc5240f9dd72019facd4e0a5df83ff76ff5

    SHA512

    7b6f621509094f1a0caa906400c3bbb557c13e64f17670a9b831e632fa67408c26a523b5beabf0822096ac1ba1b1c8d90f0036b1479034a227e36b19c5eb6753

    Download Submit