Overview

overview

1

Static

static

1

ForwardedA...2.html

windows7-x64

1

ForwardedA...2.html

windows10-2004-x64

1

Analysis

  • max time kernel
    97s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    12-05-2023 18:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ForwardedAttachment_2.html

  • Size

    6KB

  • MD5

    cb66e6473f37b2bd267ed7b05a006f56

  • SHA1

    5615e2ea0b84be4b0fc5e19e6071b09ef0cc1e07

  • SHA256

    11252ff20e069558eb7f73aefae5415d50455649520940e243e4ee22ee5dc7b9

  • SHA512

    3b78c742dc6cdf97f0f339a38b13187464c363c0801f6e32d8b379aa1e0ce056de44467a56315b4a1b3ed1e6b920de0d2672d9447030b6b8fafd287459708c16

  • SSDEEP

    96:9mJ6Ytp2cKU8yttacB3/6sDNQoe61NQbyp/kuJxTdDkd8GXkvWL376sDNQoeyq:HS5vZNppj/BgWQvI

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 43 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ForwardedAttachment_2.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2028
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2028 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:564

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    09ceb901ba13aed96de4db6cc499c506

    SHA1

    29d017805509aeef19cc08e526f13b348cd3beaa

    SHA256

    a4c0704691a4cafaa622629fd2c8a8143c0103da90ffda7d2bf78b5039b45d9c

    SHA512

    722d3eb8571ee705f342c031cb98866842aae705b5cda27a4b508b5549f92bc9cd6b0af182d3624caf5e99227b19f021fb0197d6c6396725b0dbe40f77f2d680

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    aa0673ac1eec60d022528f635ad44ebd

    SHA1

    656d3467e38da4daafbf6f2e4c96bc72e2acd9ad

    SHA256

    cca4037f42c0d339f0e9aac7a0a391e57b2abb7ceebe370284719eaf52529cbd

    SHA512

    5df337b92e9df476ee93728c8b89aa7cbcefca46c84aa68556512288bb691106390e4c505361dac6aaa50b1bcb139d3715395398049d9850ce67ce5463e1918c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a75bf75124fe6e9c551505f27f9a01cd

    SHA1

    bc56ebc5f243354edf13ab1f0bf6b5d08e0e41e3

    SHA256

    bc6e501b69adc0f2804a0d52fe7160f29131530da4956ae38d71b6de3b1858bd

    SHA512

    82c64190c8a7d4d60d351fd9bc34a827fb84083eabd9f1f358661f89bf29b9a2e23602dcf58cc6635bd9f34864d7a3fd79bbad38196e8f90364531d91d391c2c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4c4df79db4b1ef6ab52188efa6a2f095

    SHA1

    2aa318cc64f3221d76c97cab97a6d4481b76cf73

    SHA256

    6cd3ed9dbd266498bab8140b441de30bfe9bc1a42497f7c6c76175bd3f283219

    SHA512

    a44e91a2bc211a123da4442c45fc63b2b4d92edf4540649f0a8b0de903330e812d96cc93a38dd11760566fcad4b8ec36eebcf0daff53f3caa9deae89239a4606

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    876cff663f0e4e0e72432397fdc02bbc

    SHA1

    85aa82ea271626b4a560d66e8c9b3507cae35ce2

    SHA256

    2d90b133bc7ba659f46183f630bd42a13b827265cd408c989a3438fee90f4941

    SHA512

    413ec2d69e813c10aa4f24529ffd87eb536363f32524bc7de4a18aede67df0ac9193389580f14a667f71f9e947b0fa7a2ce751aed367e089d66c41f605a59681

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d009ca029b735c9cb04e5aa4257268f6

    SHA1

    dcb240be15a12fcb988d064bd774588ba09d6818

    SHA256

    b0be216aa38ab2e97a6c00376d7fc94fd689abf24d4d5e0c7402eb475024349d

    SHA512

    5b1a3f3223f0352299fe2db993d246424db2cd63bbc5e14b48172ba1b6998dcef5674255e9b242dc67e5a76a8cdc97cefa4a81f9b4da4f2e086683f6da486028

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    00d8897473d4e821bd6e2441ec9ea214

    SHA1

    a66e89acefb7e8bcdef6871f36399893c00b01ff

    SHA256

    481b6390677df3907ccf525f890bbfb6cf98eaf4edd1cc3113fcd53bf2a94499

    SHA512

    6ab88d48cf15027aca4128c803e87523b8a9d8431125e6a1e7a204955de786be275f2bbf225f973ed94ac2465ab4efcf43cd7e37ba9e5a4f8c95a169da1d5e1a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c38e73dc0844541e5cbbcd926b829e98

    SHA1

    9f95d1f445f26ef32f38aca701dafad243687964

    SHA256

    38372bb9fab2f8226d00030182fd17e28831197d29c9d7b04df57b10f6dd5e1b

    SHA512

    bddf2cffc777d7eae2614680154913f22b45f562dd117b30f1df30b00f94c94d3b16fc262509f4735ec3a70122135d569421e7f79aba6b6485b9cca3e954771b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f61bd0767eec8301027a753d9cdae4b4

    SHA1

    51350d135dff77ef6165b438a5f5724e2c951911

    SHA256

    206ea5cc16f4ebc0f919d672892238e091c1c9ede4975a26cddbe277a713e423

    SHA512

    5a0ede7bef5f93d88bc23ba972c65bf83bd4b187b90af6d0422d0b8f2238c34ad51ae021386bcf5391287b0df0d9e2265b2ea739f974ad7c10cc7708381b3f7d

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QCNSQOTT\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab63F4.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar66C9.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\2VQXLK2Q.txt
    Filesize

    604B

    MD5

    69054fb794b9635ced5ec983cd5a71ac

    SHA1

    3d34359f92c5a7be46eb8ff3b23f40200ac4be35

    SHA256

    6bd1313108a6eebd8aa588ffe2bc6c45c1c8c2389f9aa6b458383cf1d51e9cc9

    SHA512

    f0d6fa6ec14aff794b794648a94a5935939fca5da05844b8628f292b14b87e978f28eff9990a4075973b08f28b9b05150050711d0bfd097c703116e965691619

    Download Submit