Overview

overview

5

Static

static

1

acb082a3-a...76.eml

windows7-x64

5

acb082a3-a...76.eml

windows10-2004-x64

3

=?UTF-8?B?...=.html

windows7-x64

1

=?UTF-8?B?...=.html

windows10-2004-x64

1

email-html-1.html

windows7-x64

1

email-html-1.html

windows10-2004-x64

1

Analysis

  • max time kernel
    147s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    03-04-2023 06:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    email-html-1.html

  • Size

    1KB

  • MD5

    247477f60c5136d968c7f6bcdc8addeb

  • SHA1

    802aeb7c157e1524edbb93b9a795aa8c325c0951

  • SHA256

    c440cf8c9589fa8fcd91a5032d285e22f3d23ac71b3f702749f6810d50910630

  • SHA512

    a8d12886fbd0ed9d155f63d3cc0f920c1006e0e98dffaee8d41b0e93db256a9d6cd0b362def14827f75912f7cb7ac389cffdfde28a7836579f38ef191a364d01

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\email-html-1.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1104
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1104 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:588

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a0ebdb72ce6ddb5fb591ef552469ed6f

    SHA1

    cec6b0574d6b94536915a2e60983e4272cb4375f

    SHA256

    7b528ea86e8838c006438b824ce6194c5e7181e39e6bb465b130c37739ac8f74

    SHA512

    1b1f8bd5b8b11ac04c2ff8a512f1d7202e52f73041bc304b6dd29aa2beee13ea9ad3cfd5a0697c0c461eb8c45411181c174ddd566fb6f8cef7db2f2e2440295e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    18a2d4de1466db9d61293e0dc6706393

    SHA1

    900bc472681bc6817b2bc4c0c98e0488c63c2772

    SHA256

    244bc54e41b8b05e47ad35b1c81664c174634531d00e096276f439bad68354aa

    SHA512

    15e22d2df81e1db284b851c9fcc9af7106f33c1c1a13306aa938533b7ac86f3800750b97a879c10b7ff972781e21db1a06956f550d7949f7a73b84664bf13a3e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2801164c538cd0ef3df12b418f8a6d80

    SHA1

    430e039b37bd7f0112183a93d9c52fcbf2ea0d8a

    SHA256

    4a79e99dec8ba40fb8bd98003cf63ba6ab078869d550c0f4cd167c0b1dae350e

    SHA512

    ebc66267eddc86bd8fdf90ae302947f33b78799663e7c7fa47c41c204caf3790258700b009db5dc90227c74344977150c4fc2bbb567fa1141c058deb6a92c43a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c768b70a094ac21e150e95364ec0dbfc

    SHA1

    2067e1a4263316466a8a65ad543509e92cc36081

    SHA256

    493deb9813280e6c79ecbc0faab033384a39bb57ce2d185df5715e0d7e3b34ba

    SHA512

    b9ef6808684f4691b77508973d47c5c6339183e7e9100f0a209787d17f6a7016b54befe63d64725aa770f2bb049038155eb4dc46f9068d258285756b7c3890eb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    72eac9861a09a51c9af68d832cd1fe42

    SHA1

    cddcc7ce84a2d76ad206f88bbfac0966c60dde1e

    SHA256

    7b624d94c7eff8ed8fe55f23a54248e745b452d086d6ceb37a5b6fa0a7676b08

    SHA512

    f116165ec82a965bf02df6a49bb0e7b45079d634ceccc04ae94746c3d7a3fa00e8763bb9698019e71c00d7bb278da1fe9002cde70b20c089cc599adf7ad09782

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    378fb295f3083af8f15bb2f83e572079

    SHA1

    5b23e55b608f3da614944e2fd700b9e8c8ea4c9d

    SHA256

    eb42d3b60ab30ba1a270a9620322d3f2ce7cc3ed1e680c6bae075b074395c0c0

    SHA512

    31455036039d35f83ec9bdadfccb3b5be689840ef4cfab75436494806b778efb3d6710a5ad0dc34128f683d90a3ec480ba0726337f67fbffe5fd26cce35e21d1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    391f671d59b7a94d200cd44b33f805bd

    SHA1

    eec4f26eec8eca7f9bc7aa4c6149fc0191b8e323

    SHA256

    60d99d1e2f047bb26229e50805dbd7b782bd92c9e3bd9b39de0ba54bb7d50022

    SHA512

    af264514113af58f3ca2dea0fcc433647b80a221487f27af482f9cda53b73dde3e1b532e8d788262f49348495fab7afda8d5f865a699ca19700a61cb6421ea4e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ec02d10b08a1e3aecf66400f7af1be6d

    SHA1

    c9a1cf02c500fefe34785cf7bad0bd73f6ce4551

    SHA256

    7f2055294a9dddcca7a33a3129e98615fda35741ca6146898fd66a1fb905a2cf

    SHA512

    7e4d244804ea68691f411aa4a025ec7a539a9f36e4968159788b3b6691d25a7c1fbf74c5c7e6aadc97e311deb5639d1d0b11c71eedf8a16b8c2e7dfa740c32c3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8d6fe3ec337961ed264892a3d30a0137

    SHA1

    db6a44deb882741f90377cda85ef92198e13e791

    SHA256

    8843f5e2520ec775a4c7d3ed1c7d058d94c95c9faedb182994a94ff29e2e19fe

    SHA512

    a4ab1de8964ff2333e8c1257d12521b125541fa4e2ff63ae00214ec037dcaa04ba29602bf277b0a47f60cc8973a60f9fd1cd55112fd61bc50cd0c5d4a435141f

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VQ77JNZF\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6F49.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6FE8.tmp
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar7183.tmp
    Filesize

    161KB

    MD5

    be2bec6e8c5653136d3e72fe53c98aa3

    SHA1

    a8182d6db17c14671c3d5766c72e58d87c0810de

    SHA256

    1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

    SHA512

    0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\Y3AQW75D.txt
    Filesize

    608B

    MD5

    0e683c515d5851e4fdcf2713b30874fd

    SHA1

    1de5fdce1a3f6937c9931fe88cfe68079af4c5a3

    SHA256

    36047a86eee6f4954a1ab885161436dad55d5f4f65f4bb7102265cdc886e3a75

    SHA512

    d3590cc39629f82ea299a39672e89374fcd6f5a8c64df32c263b4eb3030b3d0ab1549c5e14177bf9ff5fa6f1236b900e0b3dacca69c24d9ef747d7027b430abd

    Download Submit