Overview

overview

1

Static

static

1

Vt_ITk9Re0...20.gif

windows7-x64

1

Vt_ITk9Re0...20.gif

windows10-2004-x64

1

Analysis

  • max time kernel
    97s
  • max time network
    100s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    08-05-2023 19:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Vt_ITk9Re0dA-dT209mHvKn2Pig=320.gif

  • Size

    43B

  • MD5

    325472601571f31e1bf00674c368d335

  • SHA1

    2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a

  • SHA256

    b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

  • SHA512

    717ea0ff7f3f624c268eccb244e24ec1305ab21557abb3d6f1a7e183ff68a2d28f13d1d2af926c9ef6d1fb16dd8cbe34cd98cacf79091dddc7874dcee21ecfdc

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Vt_ITk9Re0dA-dT209mHvKn2Pig=320.gif
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1556
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1556 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:524

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    b5fcc55cffd66f38d548e8b63206c5e6

    SHA1

    79db08ababfa33a4f644fa8fe337195b5aba44c7

    SHA256

    7730df1165195dd5bb6b40d6e519b4ce07aceb03601a77bca6535d31698d4ca1

    SHA512

    aaa17175e90dbca04f0fa753084731313e70119fef7d408b41ff4170116ab24eaee0bd05dca2cc43464b1ee920819e5ce6f6e750d97e3c4fc605f01e7ff9c649

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    25cc392215add0a4264bf4536ef93b29

    SHA1

    703458328836fc0667aafa835f5a7fa0ef884562

    SHA256

    1031b4200450e1adb50d8821092ae41475c8546b4025d8aa4d6d2a90e7384567

    SHA512

    62adde91db257fd855fbca9408b85f77d0b1cc6f0c9bc8ffb677d97c6112d2e2d7a7b2536895b7481f3147f40606232b478ef0c2d49c489db5c6b8f63f5e5e6e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bec7b5e18e53562a36547fd8a4fe42e3

    SHA1

    3756afe4823fafff00c73908f09bd052e4cf2712

    SHA256

    5818870eee85ebeb3700bd299c37dc374573253bb656209aa434b45e2916d5e5

    SHA512

    53aa2ee82d913dc6f938d608e9deedf67bc4e36573bee0c8208f51f10e8a0f3efdce5b6624b83147e707f45f8af3342a2cc1966cfdd87b989286eb3218b15991

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1fa929dceaba88c86cc6b882c31d8d8c

    SHA1

    96ea155913d853016e2688459056f1b409631ecf

    SHA256

    7eb5fdb7233b07e72108d7c48e57dcee5487508214ed0f075848de19cd5669e9

    SHA512

    1a3f8c44c7f74be264a52095a789b2f7f4ceb581b2fb00df525c4de77cbf93fe53fe72af90c76e4e14dddb6bb3964cb96224644967df184625b1616a03040fdb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    18997a5ca484f757ef4c3bafc646bd2b

    SHA1

    14b99780f82db5364883bac3092bfedc18268a11

    SHA256

    83ef5fe72c64c947772a3ad306b9afd6f891616246ff89a5bc7557ab9eda3881

    SHA512

    4eac22cc27f7d091b7ef2bda8ccc023f3c2a58fbb9f509c0bbd8ed4af80a6d90f537e9ef978846896dfed65a603e70fcf531a67c04667f3107d535b02419279f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ce929f8010fa502843222c2506f78cd0

    SHA1

    51a1489000bbb3a0ecb894158002044210ec0b8e

    SHA256

    beebb280cf63dcf1f162f0c29abf524321724dcec55a58fd42763517fc152ce2

    SHA512

    ba8b81c500c64ff0d48e770e3a462f1a9c355e0a638df1bda062df254d8da187335775fa5e3d2350162344d702f76d55112288f83a71bb78c18d1f670420eb91

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cc91a2baa0b6a5339e199c8f9d8b09a0

    SHA1

    514dd141a0fa0ade3043a0f00a6c8ba869d0312a

    SHA256

    0b44244d506c09a1bde5753debe4790c0e5f87cd0f254931f395f479516a0f43

    SHA512

    5fb0056a02d261a0a39337a433301ceda0ea5c94fa4fdc13f6ab5d562b51762cf8e1d2bc24b6bcad87ab8653e32de066a68b32e07dfad2e1814161363dfa80c2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f26bc31d3cb7bee2ddd75253cb209d15

    SHA1

    417bb2be7be74181a5c54f5881d697de0b3f3a99

    SHA256

    e3181e31fb6b49ba9b1657dad26ff10cdd46b02d758f0a88f3e249dee50242ed

    SHA512

    2681de00adfbe7c09a0f85650f69f2313d40417dfdd7b0aea391d03bd6ab6cca859472595e33c8b52b0db3fa1aa57332c1f17d18096509fa409c3f2074e19774

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    61773fd7ba58999910a9d0926dbb199e

    SHA1

    3c3e70d0ac7c937ec146d1d74a1512aa16ecdc71

    SHA256

    de28fcc65e8ca9ca0cc0eb3b27a1c50e8e22d431c3359c1ac9e3894f496ed75a

    SHA512

    f030bbd853029d9b39842df93eab793bbc8d70f0cae1809313a84d27047e4ef0caf5ac855a30fa0539360faa609c1a2e2f6b8a3d429606a38d3c366acb94c5af

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TOS3MI7U\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab41E2.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar44B9.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\ZVM3I6R0.txt
    Filesize

    598B

    MD5

    4dee7cb235dd78f0e57f6f77937f7cf1

    SHA1

    c2ef954e707b4e761683ef2281c399652e07ff58

    SHA256

    d99ade193ce831604b2c220e0c008f9da0b19930d38047c4ff5ca8585d1671f9

    SHA512

    c1d19541999d5e36c317221e2c71c10f626798dac0040a85153f513d3e767b3994c0b6971a6657ae03bbf7b83c93be026bb173747615e77f3c1299c8068cfb6f

    Download Submit