Overview

overview

1

Static

static

1

.html

windows7-x64

1

.html

windows10-2004-x64

1

Analysis

  • max time kernel
    97s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    23/04/2023, 21:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    .html

  • Size

    95KB

  • MD5

    18540b97144a964604b108a15230bbcc

  • SHA1

    a72741829e4538e2be69e2006fd02cb1178caeaa

  • SHA256

    d0eda36d34c2aef7530d55e78f2c730bf7f8044fef10bc716ea02f6d91905463

  • SHA512

    bcef3a5fca429e54e5ca665923647a250768aff2d58b41a1dd5c79f8c92266ff7a0664fca34b56e63a4445923963d8c4637b8437aacb016055fd60c3b4325a78

  • SSDEEP

    768:1uc/ZjNZDA6+x7ymRjymh3GatXk4fxkcv:1uaVNZgv

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1560
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1560 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:532

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    780145e4f529024750eacc976379709f

    SHA1

    d228ba773ee782c6b085d3ff9e10159eb97c7342

    SHA256

    664cf583c102b893156f3fcba78df6530fbce99baa9dd95ca3443bcd7d77fd7a

    SHA512

    4b0a3d51984c58586a817830c5cf43c74079351989dd57978454125b1b746a615a0da6b126898ecb9dcf51960f11668edb7e4e58a56ceafa6015432c7bf711d3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    801f73d3aaf0a60dfa83cb76250df3bc

    SHA1

    fc45acd068a326e69be496be8016f806f85e1bb7

    SHA256

    de805fa6de46de951b6de4bd505a058b9d7833a42b4b7a72f2d5a447277d85e1

    SHA512

    d5b4bac98ac31d6868c24354d89260c28c96c58000411815745106e90290a7e2875e943426fa9c1daead9e2a2bb3d2e604c7728ade854a11357d51b01530161a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    db3a6106bea227cd6047463727d86a53

    SHA1

    e2aea49061c6f6e0dcce64cbaf3a17fea9fcbd7a

    SHA256

    5b2fa9defd1258063f2158efbc061654208fd84e7aedbde3e3ed7afe714726ac

    SHA512

    08dcf0d7a2a0a6138f236f6f75442a240241d7bf9ac27e748067a1a4c4cc7a88faee540344466f67e433fc19d826ee89f19f8bdaddc071f8135b33d5a64e5224

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6894fe7f6f9be61c2110e9a5d6a4f32f

    SHA1

    4b20a09db48dc57f3e520cd3c15a7f20df8d0456

    SHA256

    80fe204cc3192c17be527aa6e41fd8bbeec16ddaa47a39633b84d4177d8dec6b

    SHA512

    6a9314a7a20b757c5a1b9d684f07c8cbf67e3a504064c8d45cde97ac2859ffe484ead0aecbd5d661058a78b7bb21c1e61983d12884c8a6262cd69e405fa2e2a1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0fbbc203108b363c4052d1433bdded74

    SHA1

    0d2d31866af33a705bcd250dea8f6d75da076383

    SHA256

    f1384e8498b24d2f9258f806a3f258652b97d2514c8663cbe1d7c18a0f853689

    SHA512

    e472a3b0db29ad76b1fa73bfd4100b0755a3c5fb1a4204a1dd0280195375b3af2a5d12609b0ec3407e89269539b790e78d21e8c6ee0325a71332365086abfcee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3d02cb4eb38c2541608aade0310635f1

    SHA1

    dc34b04bd0a7bc72467f8f89fddb99634e2b894f

    SHA256

    86b058b145fe74a7c1cc15e67fff19586d84155dea6cb1812c3723a40619f427

    SHA512

    f1d6d4182ea810df3214529c85243be6612965e24760cfd3c0a37494c84fe6c3d0105acf25f27e82850f60335c6dcc4acf8e0efec98add26c4000f783dd51601

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    59d932c047be4cdc0fe42bb28e7aec7c

    SHA1

    6ed80d49d722cd7715a93cdb3fec2e8762591aa0

    SHA256

    7f3ad8d00c43aa2ddd97fa72ec487dfd36dbb5f1d345056f516b182898c7731a

    SHA512

    50aecf9e97ab56c26f0fa342ee13c3b104f07707be3003714a9ca7ab9327dfdcb9fcb27b6705b69599e109dc1897a4589bf375974a794aa97c44df8362d732fe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    527768a03355a432e782b531194d0c6d

    SHA1

    53729cbb892bb9c1e948fe42ed6a9a458117360e

    SHA256

    a9bae2335f43723597f515e6f213832206eb3531743d261812e51af92b3f5856

    SHA512

    22054918b3a40b751e8fbfccd61dd1022a0ab0445d160d6e3ffc12f31284d6672a013f6c470fa7e5d9ddfef932afbb7551416b3d45e50cd5ec3aac31eb576ec4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1a555380ca4e99b7ff63cef7d2694d02

    SHA1

    e6db7674626b9eda184cdd5489a7726503fbcfbc

    SHA256

    bd0289966c84b7116a6acf68212a8fb1bfa475c9451e16023ca350ed3e2a4988

    SHA512

    040e473471b9294f113af81192b8dc724adfd32f9c545bc134e2eb3ddfe804b25e9317ce168e7abf4838e1dba4775713507de174a67aeb5169998e07b1d18631

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f97b7a2acb34dcb6095384e863e48bc3

    SHA1

    d844e7030a433ed6da2a9698867be01335613980

    SHA256

    9eb2d535d52c8df2b78a974302b97e45054c012120be3db879126963dfa7f7b1

    SHA512

    91d9f56ede6f8e8dde77407992519156afde2306038bf757ef07f3267dcb52a1e88e4b3b23552a13619f1b4366ad777a6b0da861070e4621f01e04a3553d9d5c

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VQ77JNZF\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab985C.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab98FB.tmp
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar985D.tmp
    Filesize

    161KB

    MD5

    73b4b714b42fc9a6aaefd0ae59adb009

    SHA1

    efdaffd5b0ad21913d22001d91bf6c19ecb4ac41

    SHA256

    c0cf8cc04c34b5b80a2d86ad0eafb2dd71436f070c86b0321fba0201879625fd

    SHA512

    73af3c51b15f89237552b1718bef21fd80788fa416bab2cb2e7fb3a60d56249a716eda0d2dd68ab643752272640e7eaaaf57ce64bcb38373ddc3d035fb8d57cd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar996D.tmp
    Filesize

    161KB

    MD5

    be2bec6e8c5653136d3e72fe53c98aa3

    SHA1

    a8182d6db17c14671c3d5766c72e58d87c0810de

    SHA256

    1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

    SHA512

    0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\PGSNPHCV.txt
    Filesize

    608B

    MD5

    576739bae2af525c4d1e9fd5ff0f3525

    SHA1

    62cdc8ad6d29180481d586f33675025c09f1904b

    SHA256

    3efc195ae45ff8788da1a3d412c46305a7b6ffd2a08ed0de3f52ba2eb05840c3

    SHA512

    6d4b2e081c803253bed071ea7ef80b652f7b28409c956ab853cca02b6f65260011cdc8fd01e2a0a4c6a6f95032297c59b7acec94366c98acd953b2b765f9a52e

    Download Submit