Overview

overview

1

Static

static

1

verify-ua.html

windows7-x64

1

verify-ua.html

windows10-2004-x64

1

Analysis

  • max time kernel
    32s
  • max time network
    35s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13-05-2023 16:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    verify-ua.html

  • Size

    4KB

  • MD5

    a2db73d14cf66a0bf2b67c0c6f5c9932

  • SHA1

    b33afc9000a9ea5ea35c3591e31da80efb80d0fe

  • SHA256

    3302f258eb18680cb0e167eb4d69f2146b8ff1517aaf74af17f3baf5a5defb80

  • SHA512

    53dfdfb20b7b9b197ef812710dc5fd5de74441618051a6fa61b67abd305c4423fc0496571dfec9845cc47bd2cee6fac6b6e77609cf13275aa76a1018e4065155

  • SSDEEP

    48:0TWiSTitsuUwgCzenjx2xxDnHrvDG6RUQXpUz+m4hFAc+9LUT4HFNotGXXoW:GwOtsefekxxDH3nCQXqzyVoITMFNsW

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 22 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\verify-ua.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1796
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1796 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1524

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    d215e8f258878362467ca56e881e503c

    SHA1

    bde8ed9da4b8297b2efeae31e307b3a724cf6c26

    SHA256

    00898cb46fa389fc4fbb5965b2d5a4a19a7fdec1988491a7d6b66a45e2032770

    SHA512

    241daebdf2a192eb34b69b36af731f78fa241e030633777d4a3ec37d6ff994e2e7f646d9aecaa7ab8a9fa91c4db135ad22c7ff585b0f9d52231bbb22245b7144

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    434B

    MD5

    5df3fb71e43590a09db82455f364590a

    SHA1

    22eecaffa9c81ded701601bac362a998a65a4ce8

    SHA256

    55b647b432953cd80a451e9bd70cb7b2b52b7ed985f9893f45fac9f48b00ff81

    SHA512

    32197fab4da89d3fd897c0ba1620a13534f0ab68d335fdc905025ce8c71e176d60cca89fc304c77def9a9c74db1fa2c97b073a18ce785dc83d12cb30036ab2de

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPCK8CWE\recaptcha__en[1].js
    Filesize

    408KB

    MD5

    9ffb885c65f054c894eb7798c7febb9e

    SHA1

    23db992670ceb314ea5e405cc7b30376231d1cc0

    SHA256

    353893c6dfd213c596c69a8955f505ab7a0d3324a7df583b489472c7e86cc512

    SHA512

    f3a7ec938f51094b4867c44e808a3a66919932b893c5fd5eae8670c66f79b10c8d0a1e36fb376f40da36033eeb9ad5fdfbc6a58a32f8288eba673c15e06f57ff

    Download Submit