Overview

overview

5

Static

static

1

fd583930-5...22.eml

windows7-x64

5

fd583930-5...22.eml

windows10-2004-x64

3

A_Designat...t.html

windows7-x64

1

A_Designat...t.html

windows10-2004-x64

1

email-html-2.html

windows7-x64

1

email-html-2.html

windows10-2004-x64

1

email-plain-1.txt

windows7-x64

1

email-plain-1.txt

windows10-2004-x64

1

Analysis

  • max time kernel
    100s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    14/04/2023, 07:52

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    A_DesignationStatement.html

  • Size

    109KB

  • MD5

    7251c0b3ad553d6f8653b66187daa18f

  • SHA1

    20d25d31ba2b40c32240f917119f87fec3b84e6c

  • SHA256

    c486d915ebb2f40a8663c34675058a7efecde0daa7b453fb9369b4bdf874a56c

  • SHA512

    bf09c07adb8fa89318292ce63d71dabba81282722da7a513c0173ea5769775587a2aa8620e145175b049fb55142116e97e7be53bb3e123690524342a0a69c0e7

  • SSDEEP

    1536:P0eCA0uiS2+LX015FdcCrRU9RksvuvIenYNtihfA9FEuGFAHC34oHraS0NsCSdME:AnuiS2kX0HKPklvlY6FAP0FAxoHtG2

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\A_DesignationStatement.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1244
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1244 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:748

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_28DEA62A0AE77228DD387E155AD0BA27
          Filesize

          1KB

          MD5

          5c65596c426d08543df5b9fa55f08c6c

          SHA1

          744a569f73b48b1e8657c1905dee7bb8354913f0

          SHA256

          793e8f40416866bdc0de3a4066a89d4193470fcace324c69dd1f3d4bb3efdf19

          SHA512

          aaaec930e37f3bb393a40369ecbcffd9c1c9c3cad989465b9807f29803a744e4a022cb4ff2121ee51e2ea737cd61536648e7a9f048b5445c19de62db8077f35b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
          Filesize

          61KB

          MD5

          e71c8443ae0bc2e282c73faead0a6dd3

          SHA1

          0c110c1b01e68edfacaeae64781a37b1995fa94b

          SHA256

          95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

          SHA512

          b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          7d66ba8916d561855f1a71975cc71a62

          SHA1

          d17962a8406395cb6d3f0ed92dcb4d981e28ee57

          SHA256

          3350f0a00f7c767ad6af4a30744193a3765371c903624d9d17703fba3b5db228

          SHA512

          2b1a76fc7f6106b3fafef86c57a099c62c42bd0c5c19a81894a34a0dfb7e747679183368f7b117cc763ef564778883a4a5625a074cf8cd9fc222d39c8037fc9e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          7d66ba8916d561855f1a71975cc71a62

          SHA1

          d17962a8406395cb6d3f0ed92dcb4d981e28ee57

          SHA256

          3350f0a00f7c767ad6af4a30744193a3765371c903624d9d17703fba3b5db228

          SHA512

          2b1a76fc7f6106b3fafef86c57a099c62c42bd0c5c19a81894a34a0dfb7e747679183368f7b117cc763ef564778883a4a5625a074cf8cd9fc222d39c8037fc9e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          be99745027f43cd20a16ba16e63a9815

          SHA1

          ca15f00e06391bd4a8f7a87c73600128a4d66483

          SHA256

          503dd8b0207ec18fd4b0147e5c91f967c1dcbf24c71a4b3e39091eebde7f6911

          SHA512

          a3035144bbefd71a3673432550e964208c69a4303e06ca586fd53affd9b3b2cc6c37a115e542d4a388c70dc3c1650ffdfedce1097d17de391de0d175bcd66244

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          937e631f2be3c389e27503cbe3436806

          SHA1

          7f12dd4944135a01fc2f18c3307d61ba32588a02

          SHA256

          32b6999de2162ad651840d9494baa38dc699b34d1f80d93497214229c89a654a

          SHA512

          750d5194a0232dead35ec504988c0b32f6892336591c4a623525a43a96c7e5ed510d8bb6b047894cf3348abeff3cf0329ffd6fdf9a7a9b1d9d32d683fe97fbac

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          e040782074766f07aa37091989b0744a

          SHA1

          83ac8efbbd84d381066b0bc0802203b7f1d6214a

          SHA256

          431d825ee22b18316891a477b1a79c2efd4c335b31f6c8da2030600509a80999

          SHA512

          af4cc589783cf251185d5a2fb5aef5bb0001b6ce5c7377d4960210b9b7c7835473a3218ba9639ef0b8fd911f1c6bceccbdbc2efb2d6c8c0b20c02ad076efe973

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          e24256d8e5e432fa8b13f88094030abf

          SHA1

          e344a67b594c5e6192e18d0c5e15630db352f1a6

          SHA256

          a681dfab51e319e2acf01fd1550af8ee2e18e80ed2321f6ef09c6974d684aa32

          SHA512

          0172d592a224bcb6170ab29fc368186bad4e658c5f1458566c6b6267faa84bfdfc72a898ce712b590d6cf734af16c73a4957a44d6487491992ff9a74e48e0a90

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a0f4925655de81db6666c719f613764e

          SHA1

          6b4454e799e96a7a0a732fc1bae31e3d39605488

          SHA256

          644042f9f7ef50e050eff9703c795ff9b610e79374b0bbde72a22103a0b84e1e

          SHA512

          4dafb3c7c441966c70a511968ac1b9d0ca70b0c4212878e71cdb780d7ab40184f5f8c7c49fa75e1113fe898f120a6695d1d0e672a274173c9efe9c516e614909

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          01258db6fddb378642d496911f51549e

          SHA1

          9a01c789f3f4e1c8ce940e18aeb10b9c6491882c

          SHA256

          e5bb68c94baa93574f15432d7ff74e033d06fa3dea60ad35a805164dd65f0933

          SHA512

          b58e34bd75504f17ffc4150af5e403ad88763cc20a3ffcb6fc103ba6d518530fee47ea59e199abcb260b148dadf95d675aec0dce43f2b61165e907e87f10a706

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          57d59263e635dedcb892e9987bd32e06

          SHA1

          ce28fd5341bf835047b457eccf21817d74d17c57

          SHA256

          766a18375f6fbf4b3eca48da17d1ac1ec3456f7ada4ef1e94a4efba84559fb40

          SHA512

          40b49998882482b17d410e808225ffd19dfeb9dbb82f5edf4e21e34dc1a2b9744e80c6fa27273b585195e21c15a45a193cb396b979364213c403edf383b5b514

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a4c7c96f954293d8dcc4d5703057c9cc

          SHA1

          429bcc8f7d4e07d829285a7ed04f8cb9cb3c0faa

          SHA256

          12b937a71388cd6fa71bb7058fcdfe1563d97dbdf2c1efee051b69a9c6223587

          SHA512

          6dafb3893037796aed86e6877d6ea8cb36ca2411ab05f0dfbde7ca26e469b7568542819adae81c8f6cd644c55e565c12f7ae40f6b12540f67846a6c32f7e3bc8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          531a072ac34afeff1aa3b2aa86ed8ea1

          SHA1

          6f4222f552a2665aae9eb8aeca2fcba2a09e3241

          SHA256

          17f6705b90133aa8a37a5659d829c776e352f08f4ac514d79933babccdfef7c5

          SHA512

          bba3d25e4de399a0c22a146149d7a5a387d9c3a7b78a60dab7800ed7f0668e6e3cbfeff8276973fc11f8ddecf58f1c471eb3612584fd5725781726310df8b3c2

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R2EIRHNV\suggestions[1].en-US
          Filesize

          17KB

          MD5

          5a34cb996293fde2cb7a4ac89587393a

          SHA1

          3c96c993500690d1a77873cd62bc639b3a10653f

          SHA256

          c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

          SHA512

          e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab5EC6.tmp
          Filesize

          61KB

          MD5

          fc4666cbca561e864e7fdf883a9e6661

          SHA1

          2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

          SHA256

          10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

          SHA512

          c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab5FC3.tmp
          Filesize

          61KB

          MD5

          e71c8443ae0bc2e282c73faead0a6dd3

          SHA1

          0c110c1b01e68edfacaeae64781a37b1995fa94b

          SHA256

          95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

          SHA512

          b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar5FB3.tmp
          Filesize

          161KB

          MD5

          73b4b714b42fc9a6aaefd0ae59adb009

          SHA1

          efdaffd5b0ad21913d22001d91bf6c19ecb4ac41

          SHA256

          c0cf8cc04c34b5b80a2d86ad0eafb2dd71436f070c86b0321fba0201879625fd

          SHA512

          73af3c51b15f89237552b1718bef21fd80788fa416bab2cb2e7fb3a60d56249a716eda0d2dd68ab643752272640e7eaaaf57ce64bcb38373ddc3d035fb8d57cd

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar86A1.tmp
          Filesize

          161KB

          MD5

          be2bec6e8c5653136d3e72fe53c98aa3

          SHA1

          a8182d6db17c14671c3d5766c72e58d87c0810de

          SHA256

          1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

          SHA512

          0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\AROUEE7M.txt
          Filesize

          603B

          MD5

          8dfa767819eae45ba881111e4d0c8b5c

          SHA1

          76e3fab648e225424635e827a19a6f5dbbb81acf

          SHA256

          22153ff3a321e8462d4c1a3033919df6b4eaf49cdf265f5cd5eba5befbbb3b66

          SHA512

          eaee649e3a987074445fbb24a64954f9a28270664a5af5177b739d45d48d243f8800d0203f6dc6799b4fb3cd04f35603ba07ef0ab9af2e75e649823217868f44

          Download Submit