Overview

overview

1

Static

static

1

Outstandin...s.html

windows7-x64

1

Outstandin...s.html

windows10-2004-x64

1

Resubmissions

21/04/2023, 15:31

230421-sx2l6aac61 1

21/04/2023, 15:26

230421-svmefsgc92 1

Analysis

  • max time kernel
    102s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    21/04/2023, 15:31

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Outstanding Invoice KHIPU Networks.html

  • Size

    1.6MB

  • MD5

    7a9660c5df7ceb082d9a562998592456

  • SHA1

    c03043a9c897e3f181651b1d994ce0181e1d9954

  • SHA256

    1ff30a7ded2de421befb70050d1c2b0b23630544ed7b00eecdd5343bbb03573d

  • SHA512

    40c19a039f9072b8931aa622085cf47ec0f9cdd43abaf38751ed5fad6f443267eb0170165c8121c4fa5b96e633557002a67f32552a56a627da0b127c1db5952a

  • SSDEEP

    12288:2Q1ZR8D2Z63ouabrb/8tdPCL+rxI2Yf50e/Ki6SXIrWE8LoT9O8m4ihBHyl8siit:Zyof6g6eNp/hBrS

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\Outstanding Invoice KHIPU Networks.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1468
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1468 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1452

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
          Filesize

          61KB

          MD5

          e71c8443ae0bc2e282c73faead0a6dd3

          SHA1

          0c110c1b01e68edfacaeae64781a37b1995fa94b

          SHA256

          95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

          SHA512

          b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
          Filesize

          61KB

          MD5

          e71c8443ae0bc2e282c73faead0a6dd3

          SHA1

          0c110c1b01e68edfacaeae64781a37b1995fa94b

          SHA256

          95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

          SHA512

          b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f2ce0018ad5ff6bfcf750ce11400a783

          SHA1

          3f9392a3ba1aca271820eeee744f2622ba7598aa

          SHA256

          b647c708df1ff8acebc1b306ae27e4ddea98c1ccfffad7b3b7d2867b4e5d9b4c

          SHA512

          1af472b26666a3d1bec1ecb9db48c645a37286253ed9411b4ee8f1adc8f23a199dc588a6d4d526f3565e51f4f1d636a1fd149752e9ff4199a82b984bdea9c733

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          2c89871c625c49efb3efa26a83d47949

          SHA1

          3bd64afb227da313374e26fd92b19edbdd6f70c0

          SHA256

          d8b7796a3597bbc941eb52e379f8a1ed21022c1525d6342a351a95d9ce5e7e61

          SHA512

          2d3c5594e9f2ccddcf1db6a3051d21c473b4318ad6a91b4fa034344d611631c75ddb6b67bc3fe8c802f0b2e2a574905814638dba739dcca8e3ed0b1a8dd3718e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          203236630ccfada1a462bf4edc5deb78

          SHA1

          3453ec9ff49dd1a5d345ac4a1f0161ba49366a0f

          SHA256

          c1adfc2f8acff7ef035fbafb486a0939d7d9c2a0099a360678fcf31bcbe44a85

          SHA512

          283e97512d92821f5642d63a59dca10e2d8c78e92df042bd8765afbc97a1073d8576eb0cc597a8b885de8eaa47b779723631b17d833f1d2d610d82f817d72e9f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          10d02a0ce623a3ffdd580df988eed3cc

          SHA1

          705a60cdf3e90ada306d0b1332cb4145f554d306

          SHA256

          9a6cec890635967151bc16569a6659b35d1aeccb486e2db418957035487312a2

          SHA512

          1f7db20f4e044e42ab3a35ec70c676345d24fb20c14ebd7e67f3980f2b2f5ecf9e78fb94990e36ee2d4e23c4ed06ba93b3b5dd2a24df830677589e72a2b67f67

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f258bf4121e2cc3b0900d9c62e45fef8

          SHA1

          10ddb8ab8136fe7ae40bb19ffa7c13b7d468cb33

          SHA256

          4e3492d6f635f1b6f32ca3fa2b7955e5a09f52ae95f68d03ffb7a282c15076c1

          SHA512

          b95fa70074af9d00e05059aea731530195e63048e1efb78f1e0b03c6667803911c92c402edd3a64e7aa3310198a2f33e94987337ec1d7bac1d367f3f47f865b1

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          fe92855cc8f31eb6f8fb7e7f84923796

          SHA1

          8b05e4da807bd355095a66a3f54e0c71cefb7bc9

          SHA256

          05a2a03bc20d26986ca90e8ee2b747d340d95fa62edc2133f04f41c59d974e8f

          SHA512

          13c2389998928f9a70254aa9f8e4fabb94ea0286ca096f2ca9f9a635c8e7101a860599a836d69f879e91362640556a1a689b491e48f9b69e8cbc59c275025cc5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          323bf8596a759f35dee2bf590c25e78b

          SHA1

          faf28ee4ac0766ccf7850c3613666a9e77077c3b

          SHA256

          8fa9a2a2231dad1fd47f3d0e9b4068401b6a754b1366aa2ed4bbb99b55e52bb6

          SHA512

          0ca8fc864bdfb96272546ebf64392d429f3e35c33cd6191b6fa016eece96d5d28f10c8e0bee52786be0d79403599b4605d2566e83b3125829db8422938c9794f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          175942b31027502965d92d643ded378a

          SHA1

          1b98085799163e31a376693f911f12b2d3733ddc

          SHA256

          f67a33dea6bd6a34f109c4519de7510b7d916f580ed4f35244a16a9f43ffb4a8

          SHA512

          ba83d874b82de7e2e2e4255b3d95ee56a2c53ff37ace9e6b4bd761dfe10c6fafd356cdf52eb79a41a491ae478b163c1eed0aef0e4c348e6ede783e234e41430f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          3322ee3df99851cf4875110bb9878d65

          SHA1

          e7d7af7d7edcfb70e3abc35b5697a22c11da2031

          SHA256

          d76748bb652c6ad64a1ffd1fd44a5e1d7f0b0564c0fca636574c862fec8b5563

          SHA512

          5a2ef7cb4773885c67d419288ec8750d06cd15bd17d08816ce76a30751f52f0289f0a471fb7a80bdcd7994992c331f585460e60481a976b48eee9ee8f9ad1472

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          253b7a2783013ff16893c629d8c2ee29

          SHA1

          61da6b61410cc861ad417b9b76f0dd22dcf892c4

          SHA256

          0f33c3f4eb052ea60bbdd474430b06fd4345d280c06b7531a77f536055625d26

          SHA512

          d84798aae93f685ea438b3d4a3fba398a589537138833f7511ad9c1e06d0814e495293da532f626408d1efe350b4ce8e4964b5433991cf66d5258a183b6b16b8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          77f559bfcb8c66a4cf488abb47a0e7a4

          SHA1

          a2bf36f8de0a24dcccd5c466b13fb95a3d72f765

          SHA256

          658698e2877764809aba2b562e0075e10373c3b6d0ac9c437088658fc2a58e4b

          SHA512

          797206fe05f68999b29791d2319b5311b1e3e4c26007dc774d9f6d4db07c3167962a8fda04a654ee20976511c43d47c79aae8d97e4fd9dd3a8d6f652ff2dac1e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          003e8c74fbe32382fb3caca7359439dc

          SHA1

          5a7ae363af5dafbe22e00fee949bc731dc1779d4

          SHA256

          d7b1cebf05d4458731692e3f9cf1edf63490f02b93e2e489faba0c04770def63

          SHA512

          ea272686326303cee0e11bfc1298a550e4465fff7dfd5236e8ec7307ba5b2a4ed69ff773dbbd0ff6c39ad2a3badabb273dc49db592cbda7192673921d7b76e44

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          056fd8c8a426d719d9c2230c1ca9f6fe

          SHA1

          5127190cac6307d129df18bbae7fff1e5f296fad

          SHA256

          ec64e6e259d537ca3c2610ab4f1fa23db6911bf4ebfed37a3514fb1a5011010e

          SHA512

          3658fbf6d2a0e84391a2f630545622c41ff379bc2db33a4dad8633e479e62030ebd6b90eb15ed5ff5ec9cc6d83507d77bfaeaee95ad874bc97613ccfccce60b8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          d9cbe970ce00619708e2f65b1a15d01f

          SHA1

          ceb6d06107e177177c0e38974be977a536ec42e8

          SHA256

          1bf022c31f1d126f229ede4708489e6a41711e542f1adb3b3f0ff0aed345dee0

          SHA512

          6687858a18366b4b533273d3851b91204183f77027e84d8ea68ab861b24ffd85a63abf7d37afc4d7a48175e7c1ad13452d23eb8b057096e32c98bf7d378cb9fd

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7BYN4WSI\suggestions[1].en-US
          Filesize

          17KB

          MD5

          5a34cb996293fde2cb7a4ac89587393a

          SHA1

          3c96c993500690d1a77873cd62bc639b3a10653f

          SHA256

          c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

          SHA512

          e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabE4A6.tmp
          Filesize

          61KB

          MD5

          fc4666cbca561e864e7fdf883a9e6661

          SHA1

          2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

          SHA256

          10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

          SHA512

          c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarE7D9.tmp
          Filesize

          161KB

          MD5

          be2bec6e8c5653136d3e72fe53c98aa3

          SHA1

          a8182d6db17c14671c3d5766c72e58d87c0810de

          SHA256

          1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

          SHA512

          0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\43J3ZQEH.txt
          Filesize

          602B

          MD5

          64ec14f7d98b3d42ea1854efe597261c

          SHA1

          22e9ce6e59e3cfb55ed3490f45a5e65f41ae6d43

          SHA256

          fd5e7a342f29be4230b170bdd29cb14584a044beacba49a51e754cb5404277f5

          SHA512

          269cf3b9eb8b14f2d2dc6f3c5e5bd0b884cf49a3c2620bc1bca6a8e601e66ffb8d8aa4ea644082e62995f6258e4fe713b9b7a7d7e0235a85d1bd6951e119a8fb

          Download Submit