Overview

overview

1

Static

static

1

winprofile

windows7-x64

1

winprofile

windows10-1703-x64

1

Analysis

  • max time kernel
    100s
  • max time network
    171s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    18-04-2023 06:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    edf89271e021212126c5e5fb162a5d56104e92eaa1be0dab05a95ca097396f47.html

  • Size

    9KB

  • MD5

    b674f6b6877be5a8ec71d048028fce1b

  • SHA1

    efa15a1fda4f206405644d0b9063c9e65e743c00

  • SHA256

    edf89271e021212126c5e5fb162a5d56104e92eaa1be0dab05a95ca097396f47

  • SHA512

    797d9827fcf3cd9f5fce2bc3444823c13b9bfe3aebc8b3e3d23f4648b192da9d368ac3205b24c90e71da80a8e8f800d108fa07fdd259603abeac2114c9e7c7a1

  • SSDEEP

    192:1Llg+wuv13xV1cSHYumoldMIINNMjcIk+Lx4AgCXtTHxxSZ1yz:15g+3v13T1FH6MGIIPPIZLx4zyt6u

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\edf89271e021212126c5e5fb162a5d56104e92eaa1be0dab05a95ca097396f47.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:928
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:928 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1484

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\82CB34DD3343FE727DF8890D352E0D8F
    Filesize

    7KB

    MD5

    408d97801538cc3b9650815f65f7d4f8

    SHA1

    353c408647ed575a306c71557490f5c54b973559

    SHA256

    0d3933a6487113e038434b75e55f08b0ce441fa5fae58f92083716745c3866de

    SHA512

    ede60e53a90c0df8c2ad0055f8774dfb0a88432504f0c904ce8448411506795e3af30ae22d02639cf0fd83dd763ea8293ea0c72e52d08ceb486e419d9ef3ee27

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\82CB34DD3343FE727DF8890D352E0D8F
    Filesize

    232B

    MD5

    32c2e2397892d3e5029a7f232ef1e2bb

    SHA1

    6ffcbb4b66387bf67cd2703311f58077656cb3bf

    SHA256

    5529be6c46241e40bc74d0ceb204044761d82f0dcf8ddc91a69ff9ee1d172211

    SHA512

    67e5890cf46158c764ead47815ada41075dac857fdcac0b5b7e3debcc176692251139cb47bc3df3138ec09a7581bd2a71e1ea7686dbdd003cdabd6f0680f4b99

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cc1079731baa9779096e66483ed133d4

    SHA1

    fc87ca363ff66c327b5b2bd4f4f6154a579c2bce

    SHA256

    c26a1c6bf1dc068b9569e081e63e51ad83f2989d57823b0a1a624ba316d2a28f

    SHA512

    b98944d4e3fbafee86ca99405c3bf2f8f75bebcf05680288d670899bbe0a643c5086a9c021e7ce3e12a49746ba2dd0b91d2ab4b82c7a57fdcbaf1e83cfd4c814

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8214effc2280b3b7bed859e872224f19

    SHA1

    166a15c71e6f63cc02933d69e9ea7a3b0bb7652c

    SHA256

    293110d9a950ef34b1ef1bb1919c7b36fd60b7245ac5b308c28a8dea3545742a

    SHA512

    7778c43e8f8e8da7a29f793ec2dbcaf2b722edb66f7f1b2605887ae70c93682a6ab6c91afed11e3f21438e3727949cb2c4eaff8d9f9965bd442f275924e63b8a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2ab3889911b8d2284f6cc74615928301

    SHA1

    afddc04ac681dcb8989bd0f0c842b24ed12a2725

    SHA256

    7e52de03da45397abd3c942ec08d6cf4e2040d83a16402aa7c521e04d497779e

    SHA512

    0ca68130b035e004d1e20f7652699c34099ba0e6b7aa7a11da21c1a239241114ec60d64a1d9139c18e432e83d710b127a0fda177a3d926ca09a9a22448cd5b97

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    10b83afb4ef6b2d182fe4a2f3d5a9eef

    SHA1

    c617fe16e0b2072b2ab06a5a1804485aa7f1841c

    SHA256

    30e8d5bd5579846f3c4fb7224653a83cc53e4c58ea2aa4c7906aa57fb6fb5a9b

    SHA512

    68f7025eefd177319cea35f0240583a9d449b3ad961c150417727a577c5abe2baa263044204d7612f9b163507e171f27b79899a04ea3ceed88fa406ac8cd078b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3029afb02917a2738d002fc6addcb830

    SHA1

    42c5fcff5736640ffd4785e91be63243db6a8a59

    SHA256

    53572f43f3fd5d0406790c349a65963ba9b13eb7eeeb1706a2ea9bcfc28e7cd3

    SHA512

    f4c1cd29b4dfae5cb3d2f4c9f201e973c80f31954aaca02d7ab15ec118cab70096aa0a9b50019b5f21b39d87058886f58d4878f7fe51214543fcb5c316d17e64

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    137740637221de108983fda1da3ef5ab

    SHA1

    18adffafe9c7f42ee1532f624fa97a9a0a322e39

    SHA256

    cded247f18ca35a23f05a53217b23be13effe2d7e8dd6011ecef8b2aa5a91154

    SHA512

    ac4d0373ed9ed8977d5295faa5f8517475bf7db3a0fb2b23d5fb36c2b5f2d70f5e1dd2335b9f3d7cde8f67551f3ab1e1b2ff4283a6d331cf7b5d55d3dc6ef1d6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    68e385177ae33db5689d1200754bbb71

    SHA1

    2a5d6f980ee7e0c72792df27e41f6e82f1dfd74e

    SHA256

    736e0d89feab7eb1a0ca35282639a3f0afa4d7dee1927e97bf6c9e8319549433

    SHA512

    ed60924b301d1c2d5d9738a0a1706940c866979fd79868c9e41d84b5ec79e9cd217bdf043e1eee3aa42b30dc4fb102d895853991b57cefbc866dcca6da489d94

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1f0679efb7ad5d8dd15049240da58016

    SHA1

    5868cf646d56bc5cf2810e38cb59f5288b1d03f3

    SHA256

    271114efcce45c75b7f217c67c2bb89f334022553c401694f28e70f1ec42c035

    SHA512

    1953b2899dd80c60e5f06ec1365af4a4ffdd5be897226714445b1b6434427fac73624c40a4a2e9cec2790f91abcfc692a558b1347db8c19b021b05e85b007ecd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2f9f0783d2a7ea6484a1305491e36b6e

    SHA1

    ab04f7900078de1ce5a9037705d594ccde4e3f2e

    SHA256

    ab5cd50ae2753131a9092d6e4578ab64aa2ed276047a16935463c10421c6a98f

    SHA512

    33f068c7267ccd0eddbf90179ef1390a43d3a616f55a769bc9e89121996adb3f120b2f0521bc86ae38dd8b8c3f04153e34069c5c714119d54c12d0bc92abc5f7

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BA5D7P93\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab698F.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6990.tmp
    Filesize

    161KB

    MD5

    73b4b714b42fc9a6aaefd0ae59adb009

    SHA1

    efdaffd5b0ad21913d22001d91bf6c19ecb4ac41

    SHA256

    c0cf8cc04c34b5b80a2d86ad0eafb2dd71436f070c86b0321fba0201879625fd

    SHA512

    73af3c51b15f89237552b1718bef21fd80788fa416bab2cb2e7fb3a60d56249a716eda0d2dd68ab643752272640e7eaaaf57ce64bcb38373ddc3d035fb8d57cd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6C74.tmp
    Filesize

    161KB

    MD5

    be2bec6e8c5653136d3e72fe53c98aa3

    SHA1

    a8182d6db17c14671c3d5766c72e58d87c0810de

    SHA256

    1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

    SHA512

    0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\V8KS41XL.txt
    Filesize

    607B

    MD5

    d203ad64f85f04a7d6e844c493273d35

    SHA1

    9f29423afc1a63d217eaa331169c442641577156

    SHA256

    fb428e871604979b762e7ad976dc5c4727e53e26ab87a9dc4e61be1d65372245

    SHA512

    6c125d904c5b3d0ab8c927aa2b2827e6fd9e0afa672e6c27fec0ab019bb8128d4772b11e33dbee5f1dd28968bbe8f43caef5a3cf3d2f1e14744cd7045992ebf0

    Download Submit