Overview

overview

1

Static

static

1

nbot.html

windows7-x64

1

nbot.html

windows10-2004-x64

1

Analysis

  • max time kernel
    100s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    11/05/2023, 16:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    nbot.html

  • Size

    1KB

  • MD5

    65d9c47ae5aa3329b38d8d6f37c0b0b8

  • SHA1

    c2547db9a9c19cf9b5252ccc06743abf8207fa09

  • SHA256

    709c432d6df52957227923462172e23304a4db82b7112031ab077cd1840474ee

  • SHA512

    427951abe4007e75516d7bd9cc9055d85003f509a8b117955e94ee2fbc8e5bee95c77ce37abcb138c7bbab626d5a7babe068cf6560290a0fdc16dc3757010a88

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\nbot.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1460
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1460 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:668

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7905f1ff384a4acd2ad7a430ace3cc3e

    SHA1

    878e823a8cbb7efd53a92a6700c829f30ab67ee5

    SHA256

    e8ad707a7e2de65c029ecffa95dc732253503520c8be9f106e563498a9b4e266

    SHA512

    835a6515d012c5dd5307981af7e7899aa3cff5ef9656c33dbbed5948b760b6a89ffd96a0c2d6bceef936e1e0ff90c7f7432f779bff2f7d4a5b07090b371b5a76

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    98df5472057bef86c27ee9c4ed1f7916

    SHA1

    fad30ec690ce64d2bd978edb0398df9ae4725062

    SHA256

    c2ee5bfc1205c24cc9a3c0e6f686444f723d2b0d6f99dbac4b78d9931e7e629b

    SHA512

    728c5d8ad8fe3e5e45a5ba22fefa93ce49bc97db16b938840d9973a6dad86b4255b67bf4456ba0cd7301ccb49c9fa2688b21653d63f888a68b72219a9b4f9fba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    61bccf430db897cf4c2bb4ab1c27016d

    SHA1

    520370501f54e440addfbc6e3d24153a9fdca61d

    SHA256

    cfbcd5f374739ce62b16ac170bc145536d16d7eb814d1be0c213c4aa9003ac84

    SHA512

    a49135f957daa5f292ba8fd2d0327c85e08b7c27be08dc26404b62ff69982878525831d9048ad14d49ab9c222b8873ceda5ae99515a09d79091affdbbc8f31dd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0beff755a0215d8aa424738fe3338bd4

    SHA1

    ae9f9fb81f7478fe9620b11c2d57fec8fab139d6

    SHA256

    b9d932cd845feb602d985b93f15b7a30d079f06022b1eb73fe3aaa78b7b3b484

    SHA512

    b29d17d57444a952205428bb5e4cb2a2e84ae5a418fa3daab639d77cc4908e1210cbc5548dbd2942b58e6e17fc07afa08f396b67a1abdd836ceaff29cb326f2a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ca6ab4631f0642f4ab29cc78aef9a709

    SHA1

    856806b383a9ff52039e9cf73264da2c485d418f

    SHA256

    1d9533b4a667fdcc5ae5e573ac145a9c7d34ac3514228b82a7d6e3a2b8b168c5

    SHA512

    bb628166ae47d848c5b015613301871074abcb1b1a309d9759a29baf46605498f88e2a400c9de11184b882d866728a18fd55ebaa5c2cdb1c83c6c267c09a1f03

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c13d3d2bbe1dca399f051556b0a1182a

    SHA1

    524a3be8a0baae32a5f3327b053a4dc9e11f279a

    SHA256

    84e3848e2312f7a1e0066afb9e55502471b4d24bf01e96785e2bfe650ba7802c

    SHA512

    6245f1889688a34ccc66cb4a4f72bb042f97e08d13d46bfe1501d6b22b44d7f0c0ee11108ae5345cad563bf8fe058ea8c069de81358da6c992b6ceea17d6a37f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    db11e1eb6753a0d99ae393f4fb69d868

    SHA1

    2967e46c21b680bb97c313cc723f815eff13e051

    SHA256

    86a157497c9360c944f044b03aef396c9187e5a66917582ca0558cae7376cb2a

    SHA512

    f4939148d28ed44c3516cc9f51560ba8ef5e2586ff5af25cdb7edcca09e6cd9e08f5c7046b00839b2db7739110f758679a15fc15f0166b11d1ea37d3b5b57221

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    db861f7fdbc5941cbc6213c96cc1c254

    SHA1

    e01af3a51abbb430a4de76713245130f55c58172

    SHA256

    62c7a343f5d29f3b1c1b05b6bfb6e9160599b25e5545c6ac07e3bd010e78263f

    SHA512

    d76deb4a9e0170de92b0102a013df684c63cc433aec64605713e75d9130e2d3b16e615357545758ed3273da29bb19e67e996e46430ab6ac60a66a37465e5e09b

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VQ77JNZF\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab7264.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab762A.tmp
    Filesize

    62KB

    MD5

    b5fcc55cffd66f38d548e8b63206c5e6

    SHA1

    79db08ababfa33a4f644fa8fe337195b5aba44c7

    SHA256

    7730df1165195dd5bb6b40d6e519b4ce07aceb03601a77bca6535d31698d4ca1

    SHA512

    aaa17175e90dbca04f0fa753084731313e70119fef7d408b41ff4170116ab24eaee0bd05dca2cc43464b1ee920819e5ce6f6e750d97e3c4fc605f01e7ff9c649

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar752B.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\95SZWKX2.txt
    Filesize

    608B

    MD5

    c3bd34de8a5a9b708e0a0712de123538

    SHA1

    60339e078fa6cebfa6a7eb0dd92b823b52150c17

    SHA256

    1abf34af442ec34496e24803324306da88d165534946d1ccd0fbd8bd5cd8d7d7

    SHA512

    d1738ac238a0e4164e0eee37f15e82d4125e77aefb09977de202da428c5863734325bb99f6782a5883b6a68cabdd662c97614ec64817620e22e61f3af038bf2f

    Download Submit