Overview

overview

1

Static

static

1

kiss-hehe.gif

windows7-x64

1

kiss-hehe.gif

windows10-2004-x64

1

Analysis

  • max time kernel
    97s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    19/04/2023, 17:11

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    kiss-hehe.gif

  • Size

    3.5MB

  • MD5

    a0a25702c3abfbe642ea3ca2abb161d9

  • SHA1

    1060e455704e4b7517c2d2b48b84b62d637e7468

  • SHA256

    689cdc881f65c0cfdd85feb46b04ccedefbcdf115b2047cb7f97f187930668f6

  • SHA512

    0c4be150721d4a7a99e26a704102b645b04b7913a3f85e252c32ca728abdb576f4556c706360a3bc6d22367a8d6c92549aabccf105ba9665750c562cd74dd885

  • SSDEEP

    98304:1tSZwn4T3GNmIMMRqCV+fvZiNZQViJG9f9Cz:yI4T9QguQkkBIz

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\kiss-hehe.gif
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2016
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2016 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:740

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
          Filesize

          61KB

          MD5

          e71c8443ae0bc2e282c73faead0a6dd3

          SHA1

          0c110c1b01e68edfacaeae64781a37b1995fa94b

          SHA256

          95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

          SHA512

          b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b64cd8cf2cff49717636eb5abb8406f1

          SHA1

          26256314d44e38c74ae5ddaeca5e557045218599

          SHA256

          ffdcb6211dbde77e9b8afa81baca77bcae58a937fa4b06e864ca4c8f038fd0ae

          SHA512

          02f9a05332fdc0d3b24ec8b94b10020dc5eff4a195165ae602370a68ef2de22863d3fe81c5285b37f64b1d909e1464d7bfdbddb00d8a53f161b2c907c2bf6696

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          6f6cb49079e63a883d480406b4e333c1

          SHA1

          89d6f59dfe77674b4cbe9b598330025c5cd31892

          SHA256

          769f57b3d9b73e3d6dd3e928119cb6eac245dbbfa165015829a843dfefa8afbc

          SHA512

          d1d305cfdb878e2551bbda92c94e75753e2638ccb4463328ecb507262b4d82a56568a8f1a42947386ec648c7d09df9c74c303c30adc812c4604822b5f0537352

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          3691dd194b8e996a52dfc1342071c100

          SHA1

          3a981ff324d68deefdc2772846d9e870f1943b13

          SHA256

          0c2b60119b6beaa99442eb64369edca9c88ace05884d7481d4547ca477412134

          SHA512

          95b3e65ae908f5fc9cddca24fe3cac7c0407e5c5f6235ecc446eb181d907ef3cc25b01ad9a8e5748ecaeefa8500a06f17dffeef83757eb2ae86aa7b22622a42c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          45bb28b0b62620d47ff06214808736f4

          SHA1

          5d3785c8b1d78f7724b345b6af20d6eaefe8d165

          SHA256

          28da018e761c57224b8d9ac6ee89549d1df07528262beac6d8b6ce72186418b3

          SHA512

          9df57a095d5341c49f34be7ec8e4c51990e1d482d94cdc4ec57a0fa09f068db794d5f38daf23adad3cecca177dd27b2e77b554e6f3cc62b3ab8bde8c35259a76

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          39a40f2c5114451bcee175f189d3e6f1

          SHA1

          6a89176a0bb6cde08afdcd297eb1963e2d5e6b85

          SHA256

          5143f84ba9e8a0bf6c0a7f438176ae4676553d23624766d0c9aff789c1306470

          SHA512

          9c4c89c399c55c7eeb2c6973d9ac26deaa7d4e7441378ead50fd3c0dea65d80535f2577e5b264487e5c04954fbe897fdb1acd0083949de3a45b80cf6eb325a7b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          88e5a597876402a6adff73d83505e848

          SHA1

          b34a27618a3566b31878140bf41dc37df5d2319e

          SHA256

          26d313d32649720914d7e35d24c3fad17e26aa6913ff0c98ee712f91db01c422

          SHA512

          2942cade7fe9e2a2c67ca28602caf37f822063310d1c639eccae65fbcf4eb4f501558e2f1f60500976e69da6a7b0f9fa1ee0bc61932679ce46f547e006e27f58

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ddcbe93abf06b6073390fb4b6f8fdf67

          SHA1

          20e449658db0b67a905071fdd82e0af8fd091383

          SHA256

          da20bfa1e2e2189ea29053aaa9ab2c0e579af7f4aa9d7615b78a818cf0605a6f

          SHA512

          dd515d0be540d813b8b65d34b625385a5ececf499bea8026e4279522bdef40290f8c8e57d36a9ec5a002cb8daad4fc716d49a4089b2a184839806810b89c69ac

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f5e84deefe5318d9a238ba020599dd69

          SHA1

          4d43d508233b4bf1f8f939c4d3a5734a79c75056

          SHA256

          34aed6e41321d1922fdab8ea33042563cc359f706033a9e42a0e478b7ff496a4

          SHA512

          061a400799f9b04fe48d79fbacff99f7bf2eef92403968562b01ca040b22efd9b241ee8eed69d260940aa0e4927d80765803e940de266fdbec25c6df9eaa6438

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S7FIT0B8\suggestions[1].en-US
          Filesize

          17KB

          MD5

          5a34cb996293fde2cb7a4ac89587393a

          SHA1

          3c96c993500690d1a77873cd62bc639b3a10653f

          SHA256

          c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

          SHA512

          e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab5229.tmp
          Filesize

          61KB

          MD5

          fc4666cbca561e864e7fdf883a9e6661

          SHA1

          2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

          SHA256

          10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

          SHA512

          c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar55F8.tmp
          Filesize

          161KB

          MD5

          be2bec6e8c5653136d3e72fe53c98aa3

          SHA1

          a8182d6db17c14671c3d5766c72e58d87c0810de

          SHA256

          1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

          SHA512

          0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\6GFYIBJ9.txt
          Filesize

          606B

          MD5

          c569e1e1e64e91514ad7413fe48ac48f

          SHA1

          86ae59f814d5d62682955399630907de3400bd58

          SHA256

          b85d7643792a40d9d8a901699d623ec4416183192a5242eae02717cf4fee8960

          SHA512

          b9144ffbbcc5e86050f29346e982fa1915a2faaa23b2cd6c070ace72949fcce127538eb6d08a3f10e28dc7f1184becb4d7aa764feab1f16798d7a003a36b0ed5

          Download Submit