Overview

overview

6

Static

static

1

zipbomb.html

windows7-x64

1

zipbomb.html

windows10-2004-x64

6

Resubmissions

07-04-2023 01:46

230407-b7erpshh5z 6

07-04-2023 01:43

230407-b5kj6shh5v 7

Analysis

  • max time kernel
    143s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    07-04-2023 01:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    zipbomb.html

  • Size

    143KB

  • MD5

    49d0dbd5549bad48ec263a03fa0783b6

  • SHA1

    d9618506e5ccab33257b0f7ee416a3c710638276

  • SHA256

    63aa94f0cc44cbe9b666a37f5aa74e6c0ca0034d56345f27fb7e23fdeab41106

  • SHA512

    9e6fc3c8c1bdb3fbc1ce4596a725b2631988e75baee02675da5842937888c06373154380153e7a165f0eb170dab86207fb570cd2487612b405d4a97b883253d1

  • SSDEEP

    768:5UXzDuaG4SFT/ewifzw5w0Ocff6SDZqhAPiOBoBrTTb+dIAWerFC5OH4d1YGL66N:5IG4SFMUpCAqh2BkGpWUw5O5C8W

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\zipbomb.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1236
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1236 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:560

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c90909272d4f270574cb6a16724b7cea

    SHA1

    124c7de9feaf5fab8bf86c6c81ec56050aa1f737

    SHA256

    45efbb0fc9c2594a199eff04499dac83cca72d631a2faed6afb4929e072b5127

    SHA512

    cfa6efde4ba8716b79cfe4378e1ec4ec77a71bbd257d1e235edbb0d194878615a41a616aa1cc0c556c5c4f229ed946b81ebdbdbfa1736adf518ae3e4bb14d9e8

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    51c1ab9ba0b6375db83432ff012c263f

    SHA1

    600f41b5e57aacdd227eb58a1bd5a06d2fbbdefe

    SHA256

    e8aa6d541b1304d046221c6307b15735aba9a7b7140d0deba07f46ecb102d499

    SHA512

    c723bab73ca8643af3b2ec40ef1b5573ac548090bacaeb38e3766753e5070087cc2ed4dc08f497ecc0a3964f58e476f10e207b1066808a1eaf2deace06a30581

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    12b0b886a508708a8376d45172fe48ea

    SHA1

    2c82a62975445ba8347e9c5ee9400f41b8ed06c0

    SHA256

    290fff4ef95e12491889629a858c15d01787911e1c5ab91e32b152e1983b7e07

    SHA512

    31e861dd85439e32e02a0aaab2d56540a72724d0fadd11aef07c887be6948dfc1ab3c99134042eb38044a1bf9feb386980e13e543608759e3e96c5c3fecbc25e

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8ea25b97a950cb27ae31a791cedc2266

    SHA1

    0621218c12e9d273b368434342be0efac3cd73a3

    SHA256

    1558c65b40ab8310526b05975637be14c6650d7b6e57e9fcf1cfa2c6acbfa033

    SHA512

    93a705dfbb211745622c41b9b765a756fb58ee8649d4d470bd5bb2eba41f951463b38c5693f0a49248416e2d9313e098940388f491894811b65f9f794fb55c6b

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7f76ca03b78c44b24a2882af1c5e8b0b

    SHA1

    2921b7d2708be728f68709e729849060ba549c5e

    SHA256

    2192bc4f31fcd52d8aedb6bc69eb2a8d14744b7b4d39fac6ed20b5a64ed6693f

    SHA512

    8f6a6848154e14a27380883b6b2bfa2246121497ac0f816862471108f599ec6f9facbd8169d46b7c74ee016c266bdd346a930bbd5f80498221cc7a7c681ed7f6

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    661b2cae27b994481e4e45903077a550

    SHA1

    cab45359624f7bab49a98ae33f35d6c011c773c3

    SHA256

    3e362fefb2e9e4a1d70faf48d1566b6a77e9af6bf84ce7c152c3250ce511bd05

    SHA512

    67048472edf3ffc0dbb541fda7ffdcc9deec2d0dd12a0e33c3384840f13bef1b720719fec12fa6d795c400e2941cec1496ca6042bf333c7cfb758acc7032fd9e

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    72adfa656342e84ca36eaa916723d9a9

    SHA1

    4d47adf546d3d4916cea1d694c0bf47ed4a42a42

    SHA256

    b89e24b750db610bc6617585f7c0b677f67d3ec27d13532ff2b24fde6d989d43

    SHA512

    2fc780fb1d040ab862ebe6dfb4aeccd9ddbb4ea70a919776e98ded4b59cf85508bc69a0325e25ccff8827ed53a810258338393fce0ca669e1510b38cc37a4bdc

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    655b8a826710b061ed015151740b829a

    SHA1

    989be53b045666a4b05931334a423ef488ba3a9a

    SHA256

    f61b1c8183d1664c8d382cd8ae003e6ded050d558a95d38245d09ccfff4b63b5

    SHA512

    596ddedd3fe08d0991b465a70488d6fa9b5cfaa87e31c0bcf19830d02bd2ee88dadebdba018d6777999a1d8195f7bf7f6a6c74be4e61e0b7f2b54cb230e2f8fd

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5f85983460c6940787312b84448bd92d

    SHA1

    8ff02e6066144bcc1a495952154232efc3de9198

    SHA256

    4a71bd4a9d0093a194baf336f2aad57d2c91219b87addaa0efab5fe79ee359a5

    SHA512

    e19dee65676c8ad3709b48b0f99600f3da78ab7ea826825df1920e547f1e79f9eb88fc81a3f1bcd48cae47640f8030277924a47a3159654f504274fd1b076832

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ACT9UUKV\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Cab347A.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Tar36A5.tmp
    Filesize

    161KB

    MD5

    be2bec6e8c5653136d3e72fe53c98aa3

    SHA1

    a8182d6db17c14671c3d5766c72e58d87c0810de

    SHA256

    1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

    SHA512

    0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

    Download Submit
  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\JC42HYOL.txt
    Filesize

    600B

    MD5

    6bd08dc171c6d4031cb5d069ddfd8197

    SHA1

    2af413964ed14c92fadb65d68889af5c5ffb9c4d

    SHA256

    bde96d5d56315834f6569662f8bd82174e8b5515c79780eab05cec484219f83c

    SHA512

    c5e64da530bfa9342d4e9c5db79c33a74e314ca5530084a9132897c496a293b101f893c7b45c75dcdc3debff937fc4cd5fdc9d086099e49045c3f093062f2efd

    Download Submit