Overview

overview

1

Static

static

1

vPOEb.html

windows7-x64

1

vPOEb.html

windows10-2004-x64

1

Analysis

  • max time kernel
    112s
  • max time network
    165s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    11/05/2023, 16:30

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    vPOEb.html

  • Size

    3KB

  • MD5

    e8aa928602da4f4a4d0b4a920aafa660

  • SHA1

    630bf25bba124b866cd164996e1c416828de004c

  • SHA256

    ef7fd83a2da03d3e39b3ced47e0189008c65bd6131391abe721a01b6412a08e4

  • SHA512

    4200211889dbad661dba087a63d3e0a6a8398f91ef74b80109ec5faead16885442f26ba58a26eaa54cd2dbaae747eb33df017a91e0cb155b154b797668a3f693

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\vPOEb.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1356
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1356 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1928

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          da98e5e0727abc92c1cf9b507077f709

          SHA1

          a7a4f1f7542cd2c6408a68a1bf510e02ec144f5d

          SHA256

          ed8fb64e1e6d6e9c32dd9fa35f12bd345eabb4915129e374cea33c814cfa4986

          SHA512

          c517cee5b7a2ed193fb8d2f6634a160fad9cf886e5841a4042908a25572330ae58155efe832053b6fec996d724f6717539c808696838197e5830ce0931057fe4

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          120222e9bd7c758cedabe86a5f3fd0f0

          SHA1

          54a94a376246a3d0e73953b0635e109130972b8d

          SHA256

          db0f545e808922333e8be4bfa421164d39a17f3a22f0e49f5d14ac2845b27c0c

          SHA512

          b31af987a6c4e469fad3bef76639982999aa1fc00e9f7604429522ef080cafee4b0476e87fc36394e22184d2dc021517cec991a7e9124f5cb27536bef09ebbc0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          d19439849dacea9f0c1b91a05ce27062

          SHA1

          4f4f92fd754aff8c70a2cad11e7f15902aa75ca4

          SHA256

          6cc95b06d30f9e06ea4e8b7ccdefb5e7fb1c611014bd2c5225441453f7ad5c0e

          SHA512

          3e1c270c47b6331ec9dbebd62c06801aaea754519db29650d2bc2faa583ef32bb5a6db1d8fdef0d5ab9f05b0ed7bc73b246b8137b7ad95698a7d72e68667d8f8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          52749966ef4c80156beffcf3adc72763

          SHA1

          78fe686f6b93d8ceedff64c32c892ab7a561fc10

          SHA256

          7b36f8d35f419a7f06f1c957c7cc8ac08bd816100e0bab81cd095350a0c76433

          SHA512

          f6ccae1fb0cd15ee0c528bd07b7409972b8bacb93cdb4025003cb4f1fdb424edd44679072c247686ec3861749a3f6b8e129339f65939e380e86529d74624936c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          e4ff1bc7629572cedfcba979e5da8e09

          SHA1

          038fd4d6256de0819444b64bcbc9d79f00a7799c

          SHA256

          abb1285ef928675af8317660d095cf335aae8fa49645cc8065149cb47058dec6

          SHA512

          22a5f091ca44092cd67b8473b3799925a23214ae887e8dc0ffdc635f1b75e121674b6f5a40f735636177609ff7ca68ef9923546d145ee522553d48c85efc78e6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          79252fca81e9a51603cf72e02b56aacf

          SHA1

          4d8219eddd92d4512d807d7e01ad9be7089df288

          SHA256

          7e3abe1d7a1837568700cdae5de970a5266f3af45469bc0752496aa1badbca6d

          SHA512

          42a46d6a012f89fe360ee4fd582b6356738993ffc9062052ac2efff42e99ec1c405fb25c821544f6e09223b922be7af1cc300a7ec5f95ab55c85480e0b385c8c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          5a153746c7790a6b9e9ffd1d254e52d3

          SHA1

          e46eda544bb9aed2e601d7d3557bff7766650bfe

          SHA256

          a479a568c6a71a109e43509d314990424fe0ad4414a31a2c6c41ca35396569ef

          SHA512

          8960f0e8aebd3cfd8748337d670cc7dde7b626eedfc50fdb847a1d9ecac14a3f893edbcabd72512f05ce850d49ca7e9436433990dab605f9d578467a0afd0038

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          8aab42efc9a6488bb2e25ff3c2a0a016

          SHA1

          ab95be9313f573cce3a059f2a1e402f20b897824

          SHA256

          3b41bd03f23b2b7b199d7ec1882eaaca15fa8871d7c61d1b8ad86c3d059a409f

          SHA512

          3f5a8c18cd548b8cd18f0666ab911a4ff1549057f612356e3bf415a3fec3202830d95adf9564b3a9507d92f003e8ab011d6dd9bea6fd87bfc69efcd5fa08adb1

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          1f6106aa95cd27ba1db258c330a265ea

          SHA1

          ab90a128f7f2fa91c101791583609237d7a59ace

          SHA256

          65248be775803f1ad0bf19722ced64eccf78d469da5eae50937f7bb351eb09d7

          SHA512

          b3031aa42cd95bfbe0014a1cdb9d5708a46fb5ab8647c495f72f07c893fd54356096c9ac77239892502ae141620387e22429309ef73fd2f9f7c6a2da9aba710d

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ACT9UUKV\suggestions[1].en-US
          Filesize

          17KB

          MD5

          5a34cb996293fde2cb7a4ac89587393a

          SHA1

          3c96c993500690d1a77873cd62bc639b3a10653f

          SHA256

          c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

          SHA512

          e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabD931.tmp
          Filesize

          61KB

          MD5

          fc4666cbca561e864e7fdf883a9e6661

          SHA1

          2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

          SHA256

          10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

          SHA512

          c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabEC67.tmp
          Filesize

          62KB

          MD5

          3ac860860707baaf32469fa7cc7c0192

          SHA1

          c33c2acdaba0e6fa41fd2f00f186804722477639

          SHA256

          d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

          SHA512

          d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarECDA.tmp
          Filesize

          164KB

          MD5

          4ff65ad929cd9a367680e0e5b1c08166

          SHA1

          c0af0d4396bd1f15c45f39d3b849ba444233b3a2

          SHA256

          c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

          SHA512

          f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\9C2NCULH.txt
          Filesize

          600B

          MD5

          0cc6f918fb5f46dfaf3ebd1ba8bc68a9

          SHA1

          bcdd80143aebd4f97887bb2c6c3f10c6bcb81924

          SHA256

          20b2626354759c96c6e72b5ff6fd652bd8fbbaa047730074b59d5338f92d030b

          SHA512

          9caf6c7d54b49b5ebf9a1c9be59fac7437b5e5cd60e123e81771cdfedd37da6cf53e63e86b4179a5f5cd826ad774c6e6a6a17849b98ef588ea7f01e3ba6ea3ed

          Download Submit