Overview

overview

1

Static

static

1

Outstandin...s.html

windows7-x64

1

Outstandin...s.html

windows10-2004-x64

1

Resubmissions

21-04-2023 15:31

230421-sx2l6aac61 1

21-04-2023 15:26

230421-svmefsgc92 1

Analysis

  • max time kernel
    95s
  • max time network
    108s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    21-04-2023 15:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Outstanding Invoice KHIPU Networks.html

  • Size

    1.6MB

  • MD5

    7a9660c5df7ceb082d9a562998592456

  • SHA1

    c03043a9c897e3f181651b1d994ce0181e1d9954

  • SHA256

    1ff30a7ded2de421befb70050d1c2b0b23630544ed7b00eecdd5343bbb03573d

  • SHA512

    40c19a039f9072b8931aa622085cf47ec0f9cdd43abaf38751ed5fad6f443267eb0170165c8121c4fa5b96e633557002a67f32552a56a627da0b127c1db5952a

  • SSDEEP

    12288:2Q1ZR8D2Z63ouabrb/8tdPCL+rxI2Yf50e/Ki6SXIrWE8LoT9O8m4ihBHyl8siit:Zyof6g6eNp/hBrS

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\Outstanding Invoice KHIPU Networks.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1040
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1040 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:520

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    c44c18b551b1ca22b8a360665422f372

    SHA1

    e408527a36296ac65c5159bfd3e0a3ea86149ec5

    SHA256

    b0bd316fe076323949923c5a20113d555dc0fc4bc8b664afae8300a7e02eb685

    SHA512

    fbc378ee3054b4d36a08d28902eb001dfa9550c6dabfc94f94a47f597f353d101c7e645320b90ef3ca98fb9ae8fb909e498150c12f0b9181cebc8c67397fa094

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    38b32a05d7dd18052aef26b0b0f6716b

    SHA1

    c2fb2e0a251be52057d64f15e6a471f6553129d1

    SHA256

    eaef57d2ec0dad5ec43186792c15b41df8118907a21bffe377a3e74661617eae

    SHA512

    083603bfd9d4cfd25dd53846ad1d95738038e0a7524f8a7b7d2fc6829164531f7f042531012f7f106c2803dcdb7ae5399adbfc217ed22e0bc3a4cdf67fe8e6b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    77e4f22c08d10234c34599cfb27dd021

    SHA1

    0e994a5f7bb9c7ab97f3209b8ee475810f38a217

    SHA256

    57b2e80462db90cf1769826815a29ed8273126462b11935ad733e37ee648146c

    SHA512

    b7540496bf1b41fc698a562400b94e19d8f26074c4f35b28e3277615e39a0f99eb84938c5fadb2cd4bc2e06311bde3683de142359a7e3d480bad9635ee0a342a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    010d09d7aa4eef062e932a0aae0b3b13

    SHA1

    028325fd6ae12db3be88c1d4cca91177665c40e5

    SHA256

    5da5c85e5ab40d11bcefa1220564eece2574ed18e3f8348cf5d1cd3e86e7df85

    SHA512

    a94be70513668fd69caac28859b5843405b9d0b96b2795fbced172d6bc26194d624a68587165fb89d84af11ba361b397e90ff0f6e0e612147973b732f578236f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    2b7e5f98b7a5c1697e06bb4f35aac287

    SHA1

    d54c398c2168b5e6b94e67d11fcb6fe11dccd324

    SHA256

    240932e030e2d40ca42a49e920489fd22e995d1ca32bfc322ace718914b750b2

    SHA512

    be1611086c42a519101702bd4699ed60ec3d23e5640a0d90b050fc8e1b9386b11999002fe3f816679192373149b27675c5fcfc22e0a1d425e0c7582ff18bc646

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    69f2c545545559608ae13423eca414fb

    SHA1

    6400567e1133ff5785393ad5968eb483a9674725

    SHA256

    e2c105828211cbb3726b8093558fb135c3c9ff5ea50de23b82393a66eb1bee7e

    SHA512

    52f25e4184f07d593a7fca1cd1ace574496bfbdaad5d3d4b5b077a0a6d78063cfd75744b2a1b01441c7173a4b0941b2badde81e8ec357a2f828c1dbe55191282

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    014c1288f1388d625789f5c7c8bded4e

    SHA1

    d57532e4ffb391d47a3b875a6bbd9dff4542b8f2

    SHA256

    2f30a4db4a07f3ca5afaa5ee13c9c0152ef1884779ef4d00512c9e2542e8b103

    SHA512

    47b45781debd4163100cb7da10cca4d72e7e228796343f49a9277fe7685fa06ec112e056e2366e8dcd07772f78cfc44cbb0466998b07cd3186db8f4b114d1b4a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    465021c38898909d91bcf873908e8403

    SHA1

    6327f13ad18b97d7750585130ff01d67f70d8d2a

    SHA256

    51bc0c3bb9ae07388753155e8f0c1b94dcdc877a51ea70e51027167f17ff2e45

    SHA512

    2ff97536bbe1b8027a379e75631ec404bd702382cc44a3fe68b1d237b49bd8fdcdc08a69496df2cd6c44110003a9438b00a87520c18ba8f2c811c6718546b6a9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    4242078c685bc8c01e1f8fc2782a38b7

    SHA1

    b2ef339f9e1a63382d975adbf71644c69a77780a

    SHA256

    4b8056dc7ad2f6d17baeeb8239ff92cdae114c796933ff260236512b05774e81

    SHA512

    43710e6f98c1111726ba9a7ba98844d9b1f57cf92f4e62d626103a65ed1fdbfda745773e04e2e4c34b7f0c71b77559a9ca24eff5cb9843c078dddbf08b8d9130

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    73a588e1b651abffd30dfe4da47eae55

    SHA1

    9cd0bf3f64d81c506376765b6f9e59e71aa569ce

    SHA256

    f47ca5d22ecbe1d0bf3849716744fddb69c7045937e91d14bbf990d7786e8daf

    SHA512

    546b77ba4a25ad20677b8b6a48b7038fc828ef73f874df4ea32dabee8cb265e896dc26034de0720189eb702e79edebc2cf6210eb6c1ff16c32a88b8f439c5b3b

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R2EIRHNV\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab94D1.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab961D.tmp
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9798.tmp
    Filesize

    161KB

    MD5

    be2bec6e8c5653136d3e72fe53c98aa3

    SHA1

    a8182d6db17c14671c3d5766c72e58d87c0810de

    SHA256

    1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

    SHA512

    0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\XZ08JZ8F.txt
    Filesize

    608B

    MD5

    41c0a998033137d594b3db804c435990

    SHA1

    539cafe640432aaa4152c12f8d54e05a75336e92

    SHA256

    d38a562c77680fc914d2db2185282f17afeaadc02e549e4bb99db099f022cd50

    SHA512

    09914eb48845492214cfc554f4d7845feedf79e47d18f8a9e7c36a3524ab1387d1c73815da4e5a59168bb802fda92cd10bf7aa9e6a868d4264444e04f75f27aa

    Download Submit