Overview

overview

1

Static

static

1

.html

windows7-x64

1

.html

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    23/04/2023, 10:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    .html

  • Size

    24KB

  • MD5

    2c2cb2185a96fd3e85c362ccadee4df0

  • SHA1

    3c78bc42636e9a184ec753641a4d3e8445ff7a59

  • SHA256

    6df5fbf859b637e059672301c9dbd8eaaacfb88ab9f07ea194b60cc380e940ab

  • SHA512

    ad36289c6910a91c48e564370495aa17bca585177a4862607e217d5a4c6b8be025b4a69fe9f64be790ac4f5e5956f6e790b4e0df4ac4ba086e864c6d3d1ed95e

  • SSDEEP

    384:0OODfeKf4ZGRfWD+6h0rRwBy9TPiai4gDEim:0OO6lZGRi+6h0rRU6TKDTD5m

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1992
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1992 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1400

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6bd9f6aded7086d3eae00af93c6bac34

    SHA1

    d3a419a984854c0b44f0b761fe67bcb3d7c40178

    SHA256

    374d91d25a78626fdbfa0992859c2752fa11b820fc9b557c8f4f28972e5814c3

    SHA512

    06e1d3ee102dd65e447d319399d91b5f5cf23afd93956571f0cf2d8f7c75c3d881d6131e856d8c56b9e61013b1edb522d99e6b0089e0e5f16bb05c5211d7d26a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9b9deb7333e1e323cb28cab8965beea0

    SHA1

    67d45ebcf6a5371a746375b07ed3a1acae8c00d6

    SHA256

    aa27231d3fa4e8214fe6c2d68b91c77c1160dbbe4b6f8516d598d2fab239852c

    SHA512

    8ff856bc9b32679c6429e9213597a6de95ec3efbe5918c38cc50acce15e4950e0ddde1d6095dda5c730966aeb95b2b3d665337589324a8f035cd8a41839e3bce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    caeaf80a8b852085579dcac8c155aa5c

    SHA1

    d640e98554a2d3cea885cece1e9255a7d01d635e

    SHA256

    413013674761086078643f185f6db50940a468df99cf7056e782edc80ed84419

    SHA512

    34b4b5f63c6c2c074bec8fc5bd5c071afdbc9ef5b6debc1605bd6a09689d1eff62fec59895d808bfba3f405231471f912be765c37659738310d763916bf91a2b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    df7acd35689a8e18948d3e104a615f83

    SHA1

    a00c2c5e79fd369ada475b7674b09fa87c1d92c6

    SHA256

    330078f0a49e8c619f25e3d06756315a775b3d40c4d1136c10e857d3c7872af7

    SHA512

    2434620eeb58602da04c91a46c771ff41ffcae07a0c800055b4d4ff6b1e964def56736bca2dd7d0a88ec2d89331b87bc5e720817f22d64238c62fb25ecd31e64

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    636362275e867f2d370e8713296eac22

    SHA1

    86f12edf05d3bd35d306794dc0fd8d8ab2295343

    SHA256

    481d201bcfad78bfea2e8a49f0a0696583a54349e88267bb0e71e0afda44a426

    SHA512

    37f8ea45b7ab03ad136f3e08bec91f7dbc38c79004a53b42aac09fffb5adc245b45c3780a589f44da587d241947d0782717148626614e6e14661460f15afef02

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    689108df8a7720c6516d35b557d630c5

    SHA1

    0f329e21b2914f0da1ae4297d6b1a70dd9125a54

    SHA256

    9cb0f0c448faf11d12ab9c13802125230dde7c1aa641899a6dcf04a72e10eac4

    SHA512

    3c29e68a79ad39cf2d70d255cdf21e7e2250461123d07439dff6c298d8ed260d82e0e0b85286d479d7e4410971def4615a678bbb6f2502e5d03289d07c898d04

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c76b8e18258078150ee37ac49f6f242b

    SHA1

    dfff7f9f889dab1ce6237513572acaa1e6d30aa2

    SHA256

    250505ac0f080d01bba30acc47e7cd47ab01f969835164257717d310d4bacfd1

    SHA512

    1c54bca4f20b297d9a8b44863c7f954c026f826b0d5e3c952487b14709a638ed2ef3c8c299eba57d2c5a7158c7af5b4ad28ca91457dab4fe545931d660ea0fa0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    17757a051f680307878e432a6e4e60b4

    SHA1

    9604cde5f481b4b31cb4bcc2902c2f812786f427

    SHA256

    3093088af8de7c67daa0893c8817e8304670dedfa2df5bf7160235fd680530ed

    SHA512

    f1552869798714a68d7293706f4ce217b61b8a01d65f6a9576e83321658fb359824753a6db43d7de17e33304173257384f6b298cfa219d43aa08ee71717457f4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    58c3e13399d2348d14389ecd648669bb

    SHA1

    2a838091f6f712ca2787d7930e73fe2c2f1a3bc8

    SHA256

    4b410e80d4ed77ff36c7da20ae3b81505b2bea0d830c868d2989f889b8a92863

    SHA512

    8fb8b6cdb4635441d6f333a00f13b773727edf902b401521d01c8b91ba077f5f685f8389f6cbb7c48a072308fe230210dbee26523d126cf1c421b17e056751df

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8b397e351053febd0ad5211bd980d9a9

    SHA1

    b1fbaa64ba772064de47d4ace94a239b8d5e9cee

    SHA256

    fec46ba55d81b37c22eb6d05d37ec47bf87d547445dfd42c6737b5f6fe153a8b

    SHA512

    646f4c9e7a4a599089545d2663065faeb092a5942f4839692a1dfca04670d6057496d60e8ff461bb68524b51e2e5c32e6b568c7e956389b7fe54a00b9996a244

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KIMPJA9E\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab4F4C.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4F4D.tmp
    Filesize

    161KB

    MD5

    73b4b714b42fc9a6aaefd0ae59adb009

    SHA1

    efdaffd5b0ad21913d22001d91bf6c19ecb4ac41

    SHA256

    c0cf8cc04c34b5b80a2d86ad0eafb2dd71436f070c86b0321fba0201879625fd

    SHA512

    73af3c51b15f89237552b1718bef21fd80788fa416bab2cb2e7fb3a60d56249a716eda0d2dd68ab643752272640e7eaaaf57ce64bcb38373ddc3d035fb8d57cd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar52EC.tmp
    Filesize

    161KB

    MD5

    be2bec6e8c5653136d3e72fe53c98aa3

    SHA1

    a8182d6db17c14671c3d5766c72e58d87c0810de

    SHA256

    1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

    SHA512

    0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\ZPOTT9QJ.txt
    Filesize

    599B

    MD5

    30fdea4be05ca2e23d2add847c2c46e9

    SHA1

    9c16edfc07962ac9bcefa55e33efc7ae01f95c65

    SHA256

    2cef162597f6cd1fdb354148f9c0ab51ce1aac251d4eb4d1ede4759f60c60b45

    SHA512

    7f466f06d756090e5f2a7ed72bb98f89566512de4bacc784be6528f73cb053b4c2dc26bae30850d1db948681ffc500564b47124d79c763118f747fe055c44fc7

    Download Submit