Overview

overview

1

Static

static

1

New Voicem...o.html

windows7-x64

1

New Voicem...o.html

windows10-2004-x64

1

Analysis

  • max time kernel
    100s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    03-04-2023 08:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    New Voicemail igeniic.co.html

  • Size

    45KB

  • MD5

    21f6a7e072b59c12652adbf2d76be969

  • SHA1

    0f0d3e01f4c694f98613c41dc91452c7bf5319ee

  • SHA256

    2e3051865cea00f0a74fba7e058c8ff4d242717beb3e0d9adaf43e01079b4c1d

  • SHA512

    dc8916a299aa31fc462974f33b9b72e626fbf17e462fc3c9f22729d5fc116633a72ba61893b60528bfe9327e1098bfc12bdcadabab17c08ab436278bec006ca8

  • SSDEEP

    768:cVM1oshJT6/+yrlfJDUrxofaL7cG8b2tIG0dgDKJCg5MFBmWeySTzFfXYlKI+/cp:sMhGbFJGpMOy7+R

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\New Voicemail igeniic.co.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1148
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1148 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1232

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f1941847da4868ce91764b03cb96facd

    SHA1

    49e6060ef0fcfef6984996cab8e276cb6e5dbfa5

    SHA256

    9448e3a2bd4b85982ea7a87c67d70b16d0963697af6cc587f63b16fb820b99d4

    SHA512

    d00829b059eba9e4b99bd18a5eba97769f9aac93a8f0378d16348ccaaf5bb2e099604904fa81d0275f7cf61bdd32bac6e11e9e30ab3312054c8ae3f72b7a0e33

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fee36df23650ffbe7fa5c2ee1c65b2f7

    SHA1

    cc3b91c78ca519a7896473f7e8c199039ee43359

    SHA256

    4bc4c9329edc6c42b447107bc1901a82d806bb267ac0754cc2ab523eda81e9c9

    SHA512

    77133504362b4f72bd799090a1563349e662347f3a3682ac9fafa3e31646bc0ada1e69f61768a3ac131a2d525b8fb8ad179749e601fceefe0f7d1d7604668092

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7a81dbc9082a45ec66de1df84856ceb4

    SHA1

    20b14e70034420b3086f478e19904d856c5e15c5

    SHA256

    fc0972f45ca3147b5f5f13b23cf14bdcaa83a4cb2cfa100a422560b8f9458f30

    SHA512

    9cb3f79937bff3ed237f8341a04aebd822c92352c3eb418b823b7c46cbab50dc7dcf75861c1b9dd1aa6214375bc01f87e628b7c152362b090b826c7b70309028

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fd7afe4187905ab2ae7fc739729098da

    SHA1

    a616da93c31dfdec5ffa82d174209e9a3300a0f9

    SHA256

    05f488e13b736d014b0525d20c72d0bca8b8f79a2876dae21af6518d48c0ff10

    SHA512

    08c26e241e401977fd16336433e0271cbbf0fe8fdfc90c036dbf3c676b7f6b83400421b1fc04912668f39b2650931dccf93efc3d36c6ef6c3d03535fe21e80eb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7e2a48f01e1e951c52bf3464f163f75e

    SHA1

    096530efade8ff41c42c37b700ac593ab977e2ab

    SHA256

    1c42ce88696cbc60ad4c4eb08c5749b0641289e5c60ae5b1ba1bf38686be5527

    SHA512

    53f4d86abceca032f1c63ec333ea80cef7037d113b2f61daa4c99d8d2de8a0950e632f9b32a0b39c111c1f30abb9d6ea2a914079a507d2eeb49676d7380a2f9e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d3f6ab23b8897f5cb7a240162e888fe7

    SHA1

    47ba1d7ec82e0ce5b95e388b50d9d47b407af8b5

    SHA256

    2c39eb85fa81742bb771f18eefee087231ff08c79ba3ee397f308274c16eeecd

    SHA512

    100572252f902d7e2c85cd3a57dc618162e930c54209ced1939c5e57f237b8fb970ab74b7a8f30445c700fe6b7d4f3af371280275a69e6f3984d717cb13fb7f6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3d5894e7465355d1c833652009f23657

    SHA1

    e3d78f6b5a73c18699c108e03d9f3504a5252401

    SHA256

    91d382815e204eba94304f4380e3302bdd99946b61cfbc5d66c0ccd6c3aee854

    SHA512

    b41115d0d173012262a96c4891b3e9542f10a1d554ba8dc35aad1f2503b383d341fe4898e31ffd2a94c1c54ffe7fcf02808ceebab39672f329e60a42636d3728

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3c4970b24ed17651f5fcfffc518fa669

    SHA1

    dbb349aaa04a7a7ab25a7290edcee12a1797666c

    SHA256

    a10a8c6ee7f721e80b5e64faca5fa3bcca3d20c78c2d239149e81bb8f0db2881

    SHA512

    f5a57c4ad0b072328cfd3b2b779147ab631cdcc5d6dcc7cf3b7cde421431cc5f58f281869b11e0522c63947699bcfd0993c14e1fb0659b5e65807d9e0bdb886f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c352b97ba40b0aae965f6921e89a5024

    SHA1

    342a4d1fceea38ea7f5a671a7a48d5e7a9a48f6c

    SHA256

    32770afb3fb61149d4f511fd39c78a97bc6f6e4cc6e1e716301b3072f223babc

    SHA512

    fd1738e60989c0f2a9900bdaaca79cb6c8202caaecc050e4109bcae5d8d7d01b0071414f7a575a26a6880e80ccc10e4cd149486754d52db4f691fd542c3b9c04

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\03S7L47X\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab516E.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar516F.tmp
    Filesize

    161KB

    MD5

    73b4b714b42fc9a6aaefd0ae59adb009

    SHA1

    efdaffd5b0ad21913d22001d91bf6c19ecb4ac41

    SHA256

    c0cf8cc04c34b5b80a2d86ad0eafb2dd71436f070c86b0321fba0201879625fd

    SHA512

    73af3c51b15f89237552b1718bef21fd80788fa416bab2cb2e7fb3a60d56249a716eda0d2dd68ab643752272640e7eaaaf57ce64bcb38373ddc3d035fb8d57cd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar52CE.tmp
    Filesize

    161KB

    MD5

    be2bec6e8c5653136d3e72fe53c98aa3

    SHA1

    a8182d6db17c14671c3d5766c72e58d87c0810de

    SHA256

    1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

    SHA512

    0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\VQDQQCJ1.txt
    Filesize

    606B

    MD5

    7c1198008e44c31e2012339a645f2e22

    SHA1

    b8834a0c89eaa74f2dc2367c6115de550c099fbb

    SHA256

    ce012f3eb4d2df61c99923594d3e22c6d249053e6385a5e4fd94ac19ac83437a

    SHA512

    8d582e5a146b4628999b292720a3d2beb95df8b432f543a971f3a3a5e80298aacae4984b2d902e1a84ff9701b7e2048bd9bb6893943bd39dfe3d020fa97ad038

    Download Submit