Overview

overview

1

Static

static

1

spacefligh...r.html

windows7-x64

1

spacefligh...r.html

windows10-2004-x64

1

Analysis

  • max time kernel
    142s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    12/04/2023, 20:42

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    spaceflight-simulator.html

  • Size

    52KB

  • MD5

    27071ffe692a4812ca60054a368d5cee

  • SHA1

    cea4067053380cc3b6fcdc96672d4aa94fc59a8e

  • SHA256

    118fb5260c9b4102c58bd4d179555e4208d2e476c6cdb55eef74bb9b0109361e

  • SHA512

    9fcb7c670de6a35f5c8bc1184f3bc529af2af6dfc3afd7062da6ca0eaa5f6950ec9a661665071fd32eb74335c0dfa86827bd9bd3b85efbaa8e105147ff452382

  • SSDEEP

    768:LBWhh7ZM3vJBvPfXp9gFS1d3a7dvRC4UVgtk4tZ2B4CRvNlKqmnJgQKc5G8mr1:L0YfJB/p9gc1CigOlxmnHdmr1

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\spaceflight-simulator.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1616
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1616 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1424

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a8c526b736d8f02ceac1d526b876fbf6

          SHA1

          64168eac00a2809c5eb9d6c8f2b38ec7e030bb17

          SHA256

          168af04b364c6de576bcaece618f8f696169fc16c0a05b3b93772a44421858e3

          SHA512

          ece08741e011582036468ab074176429ac6bd9e58abfabd6fcd34565919c77f374725b7b67118c207c567bbe39b6a6ccb963baa355acc40c89689d88f1dc54c0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          efe9f4d4d0432f3e0e88c14614ba9cb6

          SHA1

          8686464623af3c2105e0b79605d851e8a82c3f50

          SHA256

          9c669786746c2bef74a5b197beca8e1870cd85f800110c1ff5f930c56102367b

          SHA512

          645038cbe04bf191e25772588a14cbdcc92a265230f41c5110462312ad7e6f8ae586c0213a2990849b9a5bdf53ec572100cb82282f0cddb77ea7330ced7f4528

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          2fd751319484b2cdcdb8d4f479cce5e7

          SHA1

          3e7a6b3d4be38d5e9553837377b97e1bc6344077

          SHA256

          1323516f71a354ede2d12adbc32f105b11356a79cb9e234f7663f6ba5e570c69

          SHA512

          8c8a71c2df4c5c736d8784feffdcfc9217e3cb7c671842e5a7f30e1965ef9cf23f845058ac2bb08c0a79eaea114f60ccfc0bd9ba0671a0dc90af2e089f44cc01

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          161e1cc1f265f16502ceb44d42241bfd

          SHA1

          14529e959196dc53793286270b131aee778dc12a

          SHA256

          3350aa408e5983fbd7dd090e8bfd3dd56b18e160601cc7c5a03ef732231763e9

          SHA512

          e82fffc92fa0686c6d6bec9cef0787f367cf54e922a5593d1ddbdeace2b8d1fd128e36ac015550f64fb70f88d54db7b47c09b28ae0bead64114e04b37e7df0c8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          dd56e9a1a00c8458a8e2bbf696ff0a27

          SHA1

          6f32fa66840710bf10afb358fa81c5dafff699da

          SHA256

          6136b27e29b87ff8bfd7c566107f8ce09d57360f16726a0709426160672e6fc2

          SHA512

          2df9d279b9e631dfb7eba1b8e45b1e618053066bebd37d44c0b21f680d749a0881c21b795872366cb0fffd6b37441d37352d65b7bec6c7f7e68796ffb735bbf6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          d9ef2180b74fd4dcc45e3c3d8d1d8747

          SHA1

          3d1f5d623710662d0a6ce79d2435021069bb1241

          SHA256

          80709a89e6514b8ca2bdf127ca46d81a21b2703ccbb4c302804bb0d85e918eee

          SHA512

          095c478f54f2a3013bcbfb055b2a7e36698c560e63af42e4c3ee1d7a73aba117cfef3aad2d29e3f8388a882f7d4a12d395fa721d18a62f53de11970ced5cbf81

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          486f33023e3953ec2184ef8b8e88af8d

          SHA1

          74c08d79b3c86098fb5aecc07256ab517b5432f1

          SHA256

          bc7bde125ce62f11fe342836a86999158cee69790a966344469ec6b7f0590d54

          SHA512

          83969419f787f61ca429523bb53ce5ed536833eb810f0d703aecccbb330de3a308a10e2fa5085f1d77db6b48d2221fa595d8814677ed16ed1bb1cf9384c2c252

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          7dc20aef64e55bd72cb26393df511f09

          SHA1

          11f9a6732c2e010d08ffdae825f32cde30ee0cee

          SHA256

          32a752a3906b0fdd13aa92ae2056c0456df9378546e20ed89fb9f33907d0bb17

          SHA512

          f5f773bbbcff14286e5e2505a7cbe2e3850188f9893663f3cd6ab98ce9ae77aa3d3607e4f4bafa3fd3e6f469030d21a10e72c05698d4dacd55dac8103280498f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          e49157c339de94e121a3dd3b10e9b49c

          SHA1

          3ad7436f6bc83ab87c436c47083f7ea676644409

          SHA256

          80545295c506693fd1321cf2e7bd4d40a586bf8217feab0585d84973b7215dea

          SHA512

          b5f50b2e75f47d8caa5a9883a836c046c7b025ad99c89e725b39e06f31ee961d4a8025e550625ca036eaf0c19137e24bb3be66489017c3f02eb904755e7a6d45

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          857dcbf0fe07e0a49f4cd3e1a0ba677a

          SHA1

          7988dfedf536fc7bcb9c7cf2fe1e40533e0ae4c7

          SHA256

          b77d55d91c915b967f0cae034721cac2a238e72c6e7bf9046f5854c8023513cd

          SHA512

          23d6c631f6029e8546707c6f80347d7db655915b4a12933b6bf47486e6a862fd6575a64c4159bc98687d309ed486f75f1c443b5c796a98dfd6a68717c4335248

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T22XS5WA\KFOlCnqEu92Fr1MmEU9fBBc-[1].woff
          Filesize

          20KB

          MD5

          40bcb2b8cc5ed94c4c21d06128e0e532

          SHA1

          02edc7784ea80afc258224f3cb8c86dd233aaf19

          SHA256

          9ce7f3ac47b91743893a2d29fe511a7ebec7aef52b2ea985fa127448d1f227c1

          SHA512

          9ad3ff9ed6a75f1a4c42ab2135f1f4a51a4d368d96e760e920d56d808a12b2adb4b524e0c135d3c1b3027ffecb2753293b9fdca6b81aa2c9bd6326743c669468

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T22XS5WA\KFOlCnqEu92Fr1MmWUlfBBc-[1].woff
          Filesize

          19KB

          MD5

          0774a8b7ca338dc1aba5a0ec8f2b9454

          SHA1

          6baf2c7cc3a03676c10ce872ef9fa1aa4e185901

          SHA256

          e0fd57c0d9537d9c9884b6a8ad8c1823800d94dcfb6a2cc988780fe65a592fe6

          SHA512

          a0066b2a6b656e54f7789fea5c4c965b8603d0b1c3d0b5560cfbafd469a4cb5a566c143c336bcbd443bae2648e960aa0e635770e7c94d0cb49c19326f6ca7b69

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T22XS5WA\KFOmCnqEu92Fr1Mu4mxM[1].woff
          Filesize

          19KB

          MD5

          d3907d0ccd03b1134c24d3bcaf05b698

          SHA1

          d9cfe6b477b49d47b6241b4281f4858d98eaca65

          SHA256

          f2abf7fbabe298e5823d257e48f5dc2138c6d5e0c210066f76b0067e8eda194f

          SHA512

          4c5df954bd79ed77ee12a49f0f3194e7dbf2720212b0989dad1bc12e2e3701c3ef045b10d4cd53dc5534f00e83a6a6891297c681a5cb3b33a42640ae4e01bbfd

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UIC7WQYE\css[1].css
          Filesize

          1KB

          MD5

          9276dc152583fc1bd7603fec0de26bb4

          SHA1

          95953e34978e2b8a85bac20b25d2b758f6d049c3

          SHA256

          4281e0f59be2112ed5e9f9377dece9b0a66701a44268cabc859dc52b908c831c

          SHA512

          4cd32599f9557b7cc079c3f193bf89458934d3983592c02b2e1601dcff7bca56f7614f6abfae524fcd6cbc5c5933ac18f1821ba4f3de5c61f3fd4fdcf91650bb

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VQ77JNZF\suggestions[1].en-US
          Filesize

          17KB

          MD5

          5a34cb996293fde2cb7a4ac89587393a

          SHA1

          3c96c993500690d1a77873cd62bc639b3a10653f

          SHA256

          c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

          SHA512

          e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab9669.tmp
          Filesize

          61KB

          MD5

          fc4666cbca561e864e7fdf883a9e6661

          SHA1

          2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

          SHA256

          10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

          SHA512

          c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab96E9.tmp
          Filesize

          61KB

          MD5

          e71c8443ae0bc2e282c73faead0a6dd3

          SHA1

          0c110c1b01e68edfacaeae64781a37b1995fa94b

          SHA256

          95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

          SHA512

          b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar966B.tmp
          Filesize

          161KB

          MD5

          73b4b714b42fc9a6aaefd0ae59adb009

          SHA1

          efdaffd5b0ad21913d22001d91bf6c19ecb4ac41

          SHA256

          c0cf8cc04c34b5b80a2d86ad0eafb2dd71436f070c86b0321fba0201879625fd

          SHA512

          73af3c51b15f89237552b1718bef21fd80788fa416bab2cb2e7fb3a60d56249a716eda0d2dd68ab643752272640e7eaaaf57ce64bcb38373ddc3d035fb8d57cd

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar972C.tmp
          Filesize

          161KB

          MD5

          be2bec6e8c5653136d3e72fe53c98aa3

          SHA1

          a8182d6db17c14671c3d5766c72e58d87c0810de

          SHA256

          1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

          SHA512

          0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\MYKSAA7Q.txt
          Filesize

          607B

          MD5

          01c2bbfef40906421a0357947af969bc

          SHA1

          09abe78aab2e3cf2b122b55d3aa240d72d9742ec

          SHA256

          169e127fc0ec72d9e643011c62d3d1d89db906302bc927a90203affc2345e307

          SHA512

          efb5dc353101a8df8d7047d886dc0615d326d7c38bcc8ff69c2d2ea1487e4aa5149b8029f72dd5c89820068e23a5b447200dad8df10e48603760d3aff802b6c4

          Download Submit