Overview

overview

1

Static

static

1

MA==.gif

windows7-x64

1

MA==.gif

windows10-2004-x64

1

Analysis

  • max time kernel
    67s
  • max time network
    69s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    03-05-2023 16:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    MA==.gif

  • Size

    43B

  • MD5

    fc94fb0c3ed8a8f909dbc7630a0987ff

  • SHA1

    56d45f8a17f5078a20af9962c992ca4678450765

  • SHA256

    2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

  • SHA512

    c87bf81fd70cf6434ca3a6c05ad6e9bd3f1d96f77dddad8d45ee043b126b2cb07a5cf23b4137b9d8462cd8a9adf2b463ab6de2b38c93db72d2d511ca60e3b57e

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\MA==.gif
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1128
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1128 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:652

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    6f6f8a001c372f927ccf5c700b12ecf7

    SHA1

    5f81bc301f855629c3d7f7287368b7908067b9f9

    SHA256

    e28a05918cae0c5569d1dae9b2255a84b952aaf1f2d0080fd13d4452682393c7

    SHA512

    8d7b9ebf9619654e8017bf51cc395cdecdd70aca9b0cbf63c5c783be1601c5a342f9f0325d793cf963b1d5a66a24fd6f8cf8a4d48cb46eadd847f4dab60e35dc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    c0fac5e2ac60eaf578290af785fdaf5e

    SHA1

    a5ee307954d327fd4a1a8bd8f0b76abbb482910d

    SHA256

    3c561ee458107f9fc13ae0ae8685ef797ddb569e09aefec8a5203a23b8ef802d

    SHA512

    95a51151693da4910b11f14e152dd4d967f43f725c85436b7092da22cb1d4fe569490bb326b54fcd939ebe88725fcc57a765c756ac16e0d52a595b9c62ba7bb6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    8f1fa8ce1327863b520406075ef96692

    SHA1

    fb668630fbcd24596c124c66a35faf1cb130082a

    SHA256

    1a48222fd9e1ff9055acd7acd74530c07fdfd750fd176f2f7864f41f67cd883f

    SHA512

    579bdcac38529fd6c0d5de6237d27bf6663effda615d51b34cf9287c15207bf99155ea212de8d388dec2f281b8617c15b1865da56c35c53dc10e5b12a6077197

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    e429a62c9cf44f57bc2cbe75bce98336

    SHA1

    439f886b46a455fd466003bf18ad670d9715c65e

    SHA256

    cadf9f477fc3fc5899798514345fb56a914914f2fb7ce3c0b2b89a28e63803f6

    SHA512

    430a14f1b0aee781e666d1182a2ee2ce79f1338f047df551027ee9dc766ea8bdcfaa9f51eebab97995f7e4e48c2e2ffb74a9a6602fdb9a34f529e19289b5bf25

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    5849efcd45e6170e424851b87c7f5ef2

    SHA1

    9786177fab37e54bcb26966f24d9439c841d28c8

    SHA256

    13bbe3f1b7f44fde3714c210000243f78097f841c20ad0092cbb0d03572512b7

    SHA512

    72837f34ccef5e51a10a1e17c7c2951370e5d37c6523b87ef302f6b984d8fe58e8ec70f53778139c102962f94f4a8428aaec42c3524855caa63c197ed13e65a4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    445562d883641cdfddb963331cf1cb44

    SHA1

    1421c09c51121ea36965bb5ff78d48299c2aadaa

    SHA256

    7e668bf91d9f130b24e6cb763128123ba7a881e12d8e2874fd3a7bbd78fd5082

    SHA512

    45d0dd76ceaf512a70fc356586e512e79272b3d1e128f35b83be9eae8c2622814da2b36eee6f792ffcee636f1dcaf75e1bbee7eef1d95290b2c3699617c4cff6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    09865309a33ed5a062a04d7f19ef973f

    SHA1

    919c0c33b6dea575cbddc1521d47859696f6501b

    SHA256

    0c2843dd248abf6d78ed2f13672026cc29b2fbf8afd9ce42f02d74ff4ef56bb8

    SHA512

    370743a47f0631c212b663c3ff18e94b71827e376435c13a61dd0b08841e15c27ca6787b581304613bcddac15f7d7dc9de61c8be71f94b44fc816dc761417e49

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    6f601108e0f68a2691a919cd609fdd66

    SHA1

    1a8130c9782a432d4886d9ab8c60f550d1838b64

    SHA256

    9dccd8ff6aec7caf070945d89e21d391fea74d8a8a7331f8c1cb51bc3fe911a8

    SHA512

    4bac0f2309d8abca01a6221abf629e61f3627768615813d019bf35bc9492f12c4edee739ed8a0a628fc56d317cd4d3aecc1c51c0ac9837b4c6690d647c018c0c

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UOYUJSME\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab394C.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3AE9.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\URCBLHG3.txt
    Filesize

    606B

    MD5

    9d99ac23dab178c1d4e9ecd8aaa886d8

    SHA1

    e9110b9b9001241efb06a2d018b3174285afd6fa

    SHA256

    4c4772a872b0edf20cff9a9a49608dd03bbdade7af3131964a6e3c28767ea346

    SHA512

    da0843361fddb368c1c60974b472b622bc93e723256b3b47dfdc90a3413c299f65a272be15802a574854f4e57da1f0c841cdc401424275640009e553bed90ea7

    Download Submit