Overview

overview

1

Static

static

1

pete.svg

windows7-x64

1

pete.svg

windows10-2004-x64

1

Resubmissions

09/05/2023, 18:41

230509-xbr8tadd33 1

09/05/2023, 18:40

230509-xbcs5add29 1

09/05/2023, 18:22

230509-wzwepsfc4v 8

09/05/2023, 18:18

230509-wxq27sdc58 1

09/05/2023, 18:14

230509-wvfhpadc47 6

Analysis

  • max time kernel
    101s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    09/05/2023, 18:41

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    pete.svg

  • Size

    13KB

  • MD5

    41e8b14ea397af921e8c0c7856324f7b

  • SHA1

    af831d8dab0472e5b9275b19b464002f879a9399

  • SHA256

    a2cb0e7359dfc56f8b8e043d20383c60867f0dcfb808cca56318a1a36d3f8d66

  • SHA512

    1536da8cb02c917065cc538318a36bed80b782fc51ffa2ed1e3a563b4fda5ed0c31290c6b92efd30ad275aa14e3666ec208288eadbae770d0a61aa9aa5d18854

  • SSDEEP

    384:LKuyWu/uK2BlW5P2Zu0zyignTeNS1YlPPC3BTpDH:LKubu/uK2BlWjoSSlnCRTpz

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\pete.svg
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1104
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1104 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1316

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
          Filesize

          62KB

          MD5

          3ac860860707baaf32469fa7cc7c0192

          SHA1

          c33c2acdaba0e6fa41fd2f00f186804722477639

          SHA256

          d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

          SHA512

          d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          494e5e01b82a53204892ab44f1878728

          SHA1

          3bc35c97901b0299fa618da13abbaefc68236c6c

          SHA256

          73e0104a996b24cc113f740726c1713d85276c1f9433e9a15cc6f0ed169cfc55

          SHA512

          2760951ced661e33d925ebe9915c028f635ebc36c15101960e6637a59efb775dfb4a0400484dc171783edfa72935a72b47f5520ba4fdda6fa8da0c5d3d12080b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          1242f365f5a47dd0948bef17229cc466

          SHA1

          c1e8cce70066ad981a02e83007c6d206e926b9c7

          SHA256

          f980c4d3438265f25b5972f227bf426722a7dec431853b509dd7851bcb5de4d3

          SHA512

          63a312032b4af5299bf7e2dccb02deba3c6703eedfde1e690f3d3c53878c0812fbbe738cf8c60467f8cc0407a4812ca7b9ad27551d40578a4677dcabe39c3f28

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          1c16dbc103a68b6879864dde36f1fe3c

          SHA1

          608f7f435a729e4f13046711a26cc8266057c370

          SHA256

          d1f3d96b0ff840d45903e385f000adec435672933f2f0820f7fa5ee2b90bafaa

          SHA512

          f094a79e2b92cfd589789c73981e28cd32e3b269d0a3f8fe076e5d13f1dae9cc450457ea70288c9b811492dd36b2f4b0ddda5a96326187ba8ddf6942faefeea2

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          5b658141f63e07414de371fdbd00924b

          SHA1

          16f2e4733cd0d78d80dc0b8e2a66c8f2c7c28a2d

          SHA256

          7d4ffa120c355953313e3daa42422ef7e5a2fb9497229b19b0c5d8814d89bc3a

          SHA512

          3c496d2747edc64699e401d1670e2ee77e02580a56b356837260828711350588b7971db5a64725fbf773de0fbcb73c732202feb559e1590bf739fb77eb87dd22

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          72593aeb8e236e0f7eebc73f65b16842

          SHA1

          b0f4fe212d5749df16553eb518b31ad585452373

          SHA256

          62b28d41e837bedeeacfc2e369b9c35dd26e37e4ff65f5ee9c1d8fe494cc8ffe

          SHA512

          a090502b0c3eecc03c972de545a19b5b44200764961b00a92721612662d1679283a808a9ed501f5c663fa41e6a296226bd9a26a888b067666ece8121c191cb10

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          138f028ee8f698bea637bc435e0d829b

          SHA1

          32e78806bee900747a299d6ee689756f363d2405

          SHA256

          d7e3a4bd1e32862a26d47b07829b526758c6dd2f7331bada121747e8a0867b5f

          SHA512

          caed73965759ad0c8987d6fa2e78a3c9cf6f6ee309f52cd8b1e55eb4e0d6020dce457c1aba3c24fdbbb7d25ab4af04ccb08cecd45f081aa0fa384faa8b0786f3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          e538761d25d52c37fb663726bfd70205

          SHA1

          da246ff4546f06d8ecfdd3ec2b6ebc3a8682c096

          SHA256

          0f9d9079f1ddd713735083da6ef484fc20317665a52a9c74ec499810bd2c9022

          SHA512

          66db7dc1fb9be42b1f4731cde151878c9a0762219800cd021de716d9448301b252204e55bf130e36f37639069dd4a8d58b3a3a110ca543a03dcc5bcf50624554

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          8026746b41d18b3c0142f5cbc320c92a

          SHA1

          9c9e6458734ac9141ce9d11bb508f15a1db28e23

          SHA256

          030663a408175d827542c87bfbf71dc44507c9ee3790311ff663db9f7c10c61e

          SHA512

          4abcc720f26387b6ff47eed22094c74e74cf1d68bf52694b331a19fe6c4b07a9e5311ed22e671e68588d8ea56761e447eeee5cdec418d4ffe88b8fab5752d2f9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          a7e4c976a62427909500651b2c762baa

          SHA1

          52d45b043c992bf4dece57a165e05dab798cebc5

          SHA256

          8fd84b94b763ebd1f0cdf07b5493ec166808054bb51661684525c74500545426

          SHA512

          0051dfac1636cb6e3a7fffa5a6084e696c04314b56694af429630974f664ef08e7c8ef527adbccdcdf2cb81af475afb3914c4ff1a42cd72a8b335a5df68aefc5

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ACT9UUKV\suggestions[1].en-US
          Filesize

          17KB

          MD5

          5a34cb996293fde2cb7a4ac89587393a

          SHA1

          3c96c993500690d1a77873cd62bc639b3a10653f

          SHA256

          c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

          SHA512

          e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab3CC5.tmp
          Filesize

          61KB

          MD5

          fc4666cbca561e864e7fdf883a9e6661

          SHA1

          2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

          SHA256

          10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

          SHA512

          c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar3DF5.tmp
          Filesize

          164KB

          MD5

          4ff65ad929cd9a367680e0e5b1c08166

          SHA1

          c0af0d4396bd1f15c45f39d3b849ba444233b3a2

          SHA256

          c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

          SHA512

          f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\2GK85WMS.txt
          Filesize

          600B

          MD5

          1844be06397c36c9da49d12870e4f984

          SHA1

          14366559d8eddd1807d30d41ff81ebc9492bd086

          SHA256

          07273e3dc23fc4d9e744ca6071d39db313fb79e116909668377af9622ffac9d0

          SHA512

          7817b1511a03009fdd976a68afaf64868abb9af84422bfbab63f77108e78b5c970f213256d23dc3fc252f92479a3d7f0ecd366a140035aa23a5670722f6fb628

          Download Submit