Overview

overview

1

Static

static

1

_CFDI_92430.html

windows7-x64

1

_CFDI_92430.html

windows10-2004-x64

1

Analysis

  • max time kernel
    97s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    19-04-2023 13:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    _CFDI_92430.html

  • Size

    3KB

  • MD5

    a76342b3c5b5c4c5116daa82ea740615

  • SHA1

    7e92ce52048d75f3b1d3c43b03444cac0f136378

  • SHA256

    e583f06ebf937f9fa59bbaf24fff40e852a1ca58a0e0d510582dbf6a133e435f

  • SHA512

    36317d45901ef590a2c98d83b10b0e01a09e69887af3ccb72c73ea0df86e114828a703fd4cd575c457ff950db4f8c99954552e106282375cf07c7c012e0e2cb4

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Modifies registry class 6 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\_CFDI_92430.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1236
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1236 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Modifies registry class
      • Suspicious use of SetWindowsHookEx
      PID:1708

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e02c152434ed4a9edc1e16b249b97078

    SHA1

    a45a129cc53056e1f4a3826493e4c70d096e3b1c

    SHA256

    494ea20b183d7ab8d3e8dfce75bf4577e8e01a86d475af032a5fb227a1854849

    SHA512

    2ecdb9cc9f1883db2faf0c0658e572607b3c76b08ef294d52f3e22d13d90d694aaf9535bdcb3365c529426d3e41e225524f0895666205c026b31a64b93ddd4eb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ebe643dc9e8db4d15f97ec421a071f4d

    SHA1

    fefd5e98c468dc1245da094e91e428dbf7f389ad

    SHA256

    cb2e2db343cfe234389020033f44baf932651da015cf30f5d8c14ea6e040f69d

    SHA512

    6f00b33bb7fdc883919ddb5761588dd3c3db69bef496e0941fcc9e6866b3ab8024e4889c111cc3752abc16d47631e581a46418602cca8c2d42f8cd0b80602cf4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    97d38a3fc84e7e9fafbba5e899c9f6a9

    SHA1

    7b94349d9af9d3c7a58ce73b39b4311208e289a9

    SHA256

    c922b0cf913b68306e7f94f3b6744f8cedbe6d20fb34f923713ce5644d00d1c2

    SHA512

    8961725a8f19f70c72772fa8b75e0150df5e711fcef4a16325191c0abd3b1306a9a7caec3bc8be26c69531238f5439f64b4e79fd9f5a6566fc6860277fa4de5b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8a6842378d502215d4add3c38496e700

    SHA1

    78b0876b393ae6fc3bcf1769db4d20645db09ac1

    SHA256

    fe62d25c0316d9abfa3854c2e7ff59501aa74e203e2adf01b5d68c21bbedd6d5

    SHA512

    01be8af4e3d4a4f0e9b77da56617685899677825a377569e6818e485224ed208ff3f5162f0153c3158ea923ef920f0202f35504abb4ffdb7aec3adc7533a9070

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    17e54189b37c678f3c22100beafddf28

    SHA1

    79396302c2e9e559c49299008e772af38a6f0438

    SHA256

    01d7d406c09ca977da5a082872a3082c7683c3848aa65c54c1b75dba7736ed50

    SHA512

    e1c456dc2218ebe694bb4ddb27fe67e5c0754320dd1c67311ff7e2b86cfff707775ed69ddc3678886add222d307c91ed409209ff40ee9f4e5aa73d0898ab6333

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d43ca7ca3a6df77983cee3d66f4af646

    SHA1

    5fc19edcf8e9672e810cfbb763e40bc1db092996

    SHA256

    d667c05225a77a9210e51e6cacc461fd75ac1248e6327871b8a927c831fa480f

    SHA512

    5afcf2c60a30949b0bf8ba976dc459c7afba13bf5ee6b145a1f9d3ce681192c06613614fbcf4ca6c1739e8e0e2461fde1a18ccf3fb3ab123d1d010edcde191e4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e7d8528f4c20153dc7deae15301c9e29

    SHA1

    64280c7531546710faa19a72f6b674d3b5d7da3d

    SHA256

    0f39af121eb9c6d2ef6acb9fc110e6a73ab7466379549641a83e121cecc9c7ff

    SHA512

    289565990fefa0ee129a191787f92ff5b726ca6ba10434f664094ca19dac493f2757e42b4ffbb56398052d8c665d6235c9930a61d495db10346d3374b1f517cd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9711f1c1399556a6e66b36f2d4231037

    SHA1

    8ec6225694f132b4bf57ce0bc76165674decf1d5

    SHA256

    78923d747941f31653fe986d432205c4ef22188d8682ed92de3b6fe0ed6d2ebc

    SHA512

    40cdffec4cfe09f3c4a9aef371799ff358072ca3ba9a01898d38f1faa4b51be5a7e8c0f4dd7ea244ee9846dc10e5a5f710c33d964bfe1d5df5929bdaf644eb9d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    760ebc81ffca037d831c8df87e15ab65

    SHA1

    c0f856d3b3fc4c414594f8b1a32ce94b01fc0bec

    SHA256

    fceda2c826fa2b4e14555ceed42f7aec10bd613b2db8296dfc3cd1c1438ce3b8

    SHA512

    492946ecaa9e8e903e20d97dadfeb5eef4693485782d310666ba4ee57354c59202b5453d7900776c35d22141c7ebae719b370a39d8060cbb5a29e2c39accaabe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9c861ef14df2f473ce7864b7082dbfaa

    SHA1

    ff50c9a41f2b5bcc543eb3fb39eb3536f764fb6e

    SHA256

    4125dba27aec684cf9789e396d5b235133b159863b28178d6185fb16d9131d89

    SHA512

    b6a07b83a0ba86bc18b64858800008319a7bde15a451f0eac2373c66bf78d59a75bab99211011a3f2dfbf369e65d72e0610019d07f06c794d3682d5bbaf00343

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9b09c5f6b417971182cc839c7ba73b30

    SHA1

    bb2a507b96ac2c93db0aa1faa1ddcb4aa77b9eb1

    SHA256

    972e6cf42bdecba7dcea22fb5b4cc18cd9fb7f722fa9b97c0a83620327c029e6

    SHA512

    91d4656106f045d3580e709ec1bb94c66aa3db1729aae1113d8ade01875fc4f6ef3ca74c8090ee7e00d2bdaf6432cf78b329b5190bd5a4f8917b45c0b5c03198

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ACT9UUKV\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab4839.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4A35.tmp
    Filesize

    161KB

    MD5

    be2bec6e8c5653136d3e72fe53c98aa3

    SHA1

    a8182d6db17c14671c3d5766c72e58d87c0810de

    SHA256

    1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

    SHA512

    0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\4EB91XBI.txt
    Filesize

    600B

    MD5

    ff91906c16f053a3d6a2634599c45a28

    SHA1

    fa5de078be0137acea4cb9115e9a8bc427c59cf3

    SHA256

    d963654cf9609c270e5f3ab358a3915ff653da3cf5bcb50a81a5bb5e92bb70bd

    SHA512

    022ad49ab2fad6e97ee59bbb982eefc4fb30fd8facc12ee50ba00cc15cfc7362811fb10b15210cc18fe23a1abf87a95da4eb2b5a509fb8b561b355339e5c7053

    Download Submit