Overview

overview

1

Static

static

1

Payment_re...l.html

windows7-x64

1

Payment_re...l.html

windows10-2004-x64

1

Analysis

  • max time kernel
    73s
  • max time network
    145s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03/04/2023, 21:03

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Payment_receipt_Scincenatural.html

  • Size

    205KB

  • MD5

    add83fef4bfd00ec5689a5f6d8a9ab28

  • SHA1

    407cbd9b9ae0ef06b96556f20effb968ca342b76

  • SHA256

    5b001d3e68d7cdac16f5f68702fdb5b3d9a2154c695a14098ae665f499a0c4ea

  • SHA512

    ae43679acb6e9776464e89368fc3391f725654a3268ab84cfa8575566fbeef013d6de5461bf356c427204df97bc324d6093fbb9c4861a01be40ff725c28134be

  • SSDEEP

    3072:RQ9K9tpt1GxAcp+qIkhT5xltWh/fewIQcQYC:RQ6v83P/TwT5

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Payment_receipt_Scincenatural.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4680
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4680 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1148

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
          Filesize

          471B

          MD5

          8b82e64a7691fb70aec48c12c37eb312

          SHA1

          96084b73e24ced2adea93695f71a62092771ce79

          SHA256

          5e1b36f0cccb94221d862d2fe35c892d699d397a87f74f18a668a57ba7ef8d5e

          SHA512

          36802e6043f76d717a376d762f84e89be4bf5b6675bcc662f9f768dfe6487582654333ede1f871cadaa5b5120ad5147ca81bd79b5092623d38f1fbf4037237f8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
          Filesize

          434B

          MD5

          eb0084c18a131df23d91e13d4326e5dd

          SHA1

          bd6cddbb5a3c4a7f4be662029cc4df3d4da91f3f

          SHA256

          f86db4e732a6d35775686bbb50fa5c4911353f92026c49a37f2d3baf152df600

          SHA512

          0b1141525bb8c8a317038eefa5636dcb4af4f0b6e3f79e8bb08ccc88dd5b7053f6bc85bde6b4a7125a3f9571c2bbb54af0d816be473008f3ba0ae37abf3f00d1

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\VersionManager\ver6D.tmp
          Filesize

          15KB

          MD5

          1a545d0052b581fbb2ab4c52133846bc

          SHA1

          62f3266a9b9925cd6d98658b92adec673cbe3dd3

          SHA256

          557472aeaebf4c1c800b9df14c190f66d62cbabb011300dbedde2dcddd27a6c1

          SHA512

          bd326d111589d87cd6d019378ec725ac9ac7ad4c36f22453941f7d52f90b747ede4783a83dfff6cae1b3bb46690ad49cffa77f2afda019b22863ac485b406e8d

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\css[1].css
          Filesize

          240B

          MD5

          bd3d6f52841d371a84c6fda2ffa540af

          SHA1

          599e3794f5f4c6e1f0feee4aa570d2b48ea99f6d

          SHA256

          5afdf26fa26b80d8b27d22f80e5c675f14b73eda30492e32ebfde44d2d6aeed7

          SHA512

          0b90a14f8c7a56a2542a7dca441453afd321378a6c3380db470537e0fe8dbc1abef4412a1e1e387445eb6f38e887dd1f27979ef1318f33dcd9d1f04b8d5ef14c

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\jquery.min[1].js
          Filesize

          83KB

          MD5

          2f6b11a7e914718e0290410e85366fe9

          SHA1

          69bb69e25ca7d5ef0935317584e6153f3fd9a88c

          SHA256

          05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

          SHA512

          0d40bccaa59fedecf7243d63b33c42592541d0330fefc78ec81a4c6b9689922d5b211011ca4be23ae22621cce4c658f52a1552c92d7ac3615241eb640f8514db

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\all[1].css
          Filesize

          53KB

          MD5

          251d28bd755f5269a4531df8a81d5664

          SHA1

          c0f035b41b23c6e8fab735f618aa3cff0897b4f9

          SHA256

          afdc6bf2de981ffd7d370b76f44e7580572f197efbe214b9cfa4005d189d8eae

          SHA512

          8111f411c21c6011644139dba4ef24d1696c0f6d31e55ce384e0353a0f3e65402170c502bddf803c3df9149c371b31c03f77be98fdbc61c0c9c55afbe399681f

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\jquery-3.1.1.min[1].js
          Filesize

          84KB

          MD5

          e071abda8fe61194711cfc2ab99fe104

          SHA1

          f647a6d37dc4ca055ced3cf64bbc1f490070acba

          SHA256

          85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

          SHA512

          53a2b560b20551672fbb0e6e72632d4fd1c7e2dd2ecf7337ebaaab179cb8be7c87e9d803ce7765706bc7fcbcf993c34587cd1237de5a279aea19911d69067b65

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UUIKWEAJ\suggestions[1].en-US
          Filesize

          17KB

          MD5

          5a34cb996293fde2cb7a4ac89587393a

          SHA1

          3c96c993500690d1a77873cd62bc639b3a10653f

          SHA256

          c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

          SHA512

          e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPCK8CWE\bootstrap.min[1].css
          Filesize

          141KB

          MD5

          450fc463b8b1a349df717056fbb3e078

          SHA1

          895125a4522a3b10ee7ada06ee6503587cbf95c5

          SHA256

          2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

          SHA512

          93bf1ed5f6d8b34f53413a86efd4a925d578c97abc757ea871f3f46f340745e4126c48219d2e8040713605b64a9ecf7ad986aa8102f5ea5ecf9228801d962f5d

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPCK8CWE\jquery-3.3.1[1].js
          Filesize

          265KB

          MD5

          6a07da9fae934baf3f749e876bbfdd96

          SHA1

          46a436eba01c79acdb225757ed80bf54bad6416b

          SHA256

          d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad

          SHA512

          e525248b09a6fb4022244682892e67bbf64a3e875eb889db43b0a24ab4a75077b5d5d26943ca382750d4febc3883193f3be581a4660065b6fc7b5ec20c4a044b

          Download Submit