Overview

overview

4

Static

static

1

dD1Zb3VUdW...l.html

windows7-x64

1

dD1Zb3VUdW...l.html

windows10-2004-x64

4

Analysis

  • max time kernel
    134s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    21/04/2023, 00:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    dD1Zb3VUdWJlJmQ9RW5qb3krdGhlK3ZpZGVvcythbmQrbXVzaWMreW91K2xvdmUlMkMrdXBsb2FkK29yaWdpbmFsK2NvbnRlbnQl.html

  • Size

    1KB

  • MD5

    301ed9180224ff880d634383b8f5b328

  • SHA1

    2e0eca92053e7cd07c01ca57d174654b93497a83

  • SHA256

    aadf6a6d7b754f55a5b5a0d165644d1b94c614892cc835a9a383cbbed7b81e9a

  • SHA512

    eab346764f2c23d94e5fb08a98e49d4b51eadfdf1d9cc9de6f3bf25b33e5f625e5907aace62962eb7816075f986cca6554d8f18b6dbb68c9fa034f50cf76da2c

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\dD1Zb3VUdWJlJmQ9RW5qb3krdGhlK3ZpZGVvcythbmQrbXVzaWMreW91K2xvdmUlMkMrdXBsb2FkK29yaWdpbmFsK2NvbnRlbnQl.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2032
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2032 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1476

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0d640fcd10562c8e97e82ff8718143bb

    SHA1

    df2e7bb1b8c075ce6a3ab911b440a2030847f67d

    SHA256

    a433d21f400736c999f85858d0e03e8749763b6782eba05d90d5d2e8a1ae7846

    SHA512

    27a9a058cb27ce27ec998ee8c8e15fefe17d85e9226dce4502604695b738cc6fdc872bdaeff52990fe89ffd82ddca6e7f1e992a1eae11afb0ae849b78a28b7d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5eae2d8a5075b482aba972888bf34b01

    SHA1

    8b7ce8819bc5f9dadb5a9fa1c371f9becfe756fc

    SHA256

    efec857423ab0c5f4efd211c2d6cf15717d6d58197e0488341185dba962eca9d

    SHA512

    037e98e2afac5720cfcb3e754cc1b743af5597c2182f2f0369d34d4a71232c1fe791de851270e6d58d8f34c503101099b0c5186bea02af09669053a522010ef7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e93bea1b26e22023adb9a7c8d5655ca0

    SHA1

    3c5d3b277d37f6e241b9a0eaff82662c05abcc06

    SHA256

    3e88c8e62d189bb49879561dfe970f473d0304ba0bfda4369d45525b0e3f7417

    SHA512

    f482c6502332d4c83b33e013d776c4d991b2fae1b715722e982badaa8027fae36c55f9efa71ec838461f28b0b7743ae312132e76119f9d3e592a777ff78449f8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ad8f3bbb8d635091a749cc16d4e8d81b

    SHA1

    feffe614364675c3607f2c684d13ba20ee7c0342

    SHA256

    a0055a01a1c12737dd0d00e7721ab60d4059bda6fdd5b399f8615d314404326f

    SHA512

    12ec5edb533387d401e4d52883dd57cd853f9e863747f72dcb036b898a3e2e7e0a36a97f6feb25e6a039a128b575775ed4dc3c86936277e5d9c98c553169a0b4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2893c220ea7f032d10af198633e8665a

    SHA1

    49077cdb745f7ea63cb05fc06683ca8d1944a7a2

    SHA256

    2b1330c0651b384f36828857f7a914e3e0b3a8de5eee3d963454fbab68a90062

    SHA512

    c6c7c95550fe263c9c45c52dcaf25d6c83519e9badeb1bf02b9d450ffed0281c8e5f2c78d750341a5a58f1ff972fa231fcc6a788d377f0c7ebaf57247a858b3a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b7d0c3a1fd0786c3d3bb801b8860d526

    SHA1

    2466a8d4b72b9da0f4abade67669a74fe6e2853e

    SHA256

    d8525645025a388a29fe94c5b55843f88d2f59f54183cea7791fad3afe654297

    SHA512

    dbecdd8064ee8502ce0164b024942d458debdf6c6ef1c0398381d0e8de3635659e90504809c32b6a72fd16eba98c7236869656d95c8762b5ec3b0012bb5c9a79

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    22e57534c2171acbc8f8ea3b5339f250

    SHA1

    1c22f4d6c116667678b6dee1bd5181a657252495

    SHA256

    2f4e96219a629e1313d02395591f3e2c19dcd8bd74169a243842dacbbaa925c1

    SHA512

    27581632dc324e650f84c4006edd1a4d7e75231f1186d650d735a717f471ce2be0890b0ad1ed598cb644255418fd1130837d98825ba902cb56a72b599d44decb

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QCNSQOTT\qsml[1].xml
    Filesize

    517B

    MD5

    d9f1b70ab7a64eb78f06db6bb386f3bd

    SHA1

    01dc3b141edc3bd627769bf0937f00dbefc0c1e3

    SHA256

    9856bb3725c2193807801c72e4e4cb28f6862ff62dbb727f59f7bbf7e3a2104d

    SHA512

    1bc68fdfa19a5f280fc4d6fd9aedc63185fd186cf17437f4f4ef05c7fca29443a79e6ab8e7720ceafe017aa08b53f25a418210ee989674223d0493935cb2eb6b

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QCNSQOTT\qsml[2].xml
    Filesize

    618B

    MD5

    562236336f81909d6f912232f4e64282

    SHA1

    433743c696d3dda433d05221acd917afda247762

    SHA256

    5d06356ab110f84564f82d061a4e465936af1fdb4a72573fc598d4fd66203da9

    SHA512

    bfe5e03964e8088caa4460491ed58cfed13d79f349abc73d845d0fbb0421600c8eec1dd00e8a8aa04740d75e8c81b289165ef9f315f8c78ff06d23e23839b5b3

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QCNSQOTT\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab4BA3.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4E89.tmp
    Filesize

    161KB

    MD5

    be2bec6e8c5653136d3e72fe53c98aa3

    SHA1

    a8182d6db17c14671c3d5766c72e58d87c0810de

    SHA256

    1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

    SHA512

    0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\DBOBOE8K.txt
    Filesize

    608B

    MD5

    2eb845b98e2171cb1e0a29eaf93524d3

    SHA1

    2cd478ebf6d085630e8c912067ee9d8530c0177e

    SHA256

    2dede88fa6cf2e8d3429a68342bde40c0abe4431ceee8369cd3f8f841e8db4c6

    SHA512

    454a0580113e2d0913b7a84e37ae61f29b328610480a559ad64ee33487a208b0164bca1eff32cf1b21636ca1ffeb4de3b6c10f4ab076db3b767f5909b5a1660f

    Download Submit