Overview

overview

1

Static

static

1

Vm.html

windows7-x64

1

Vm.html

windows10-2004-x64

1

Analysis

  • max time kernel
    100s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    18-05-2023 19:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Vm.html

  • Size

    107KB

  • MD5

    8cdd9490a78171b46a9c357154920372

  • SHA1

    164c62456955751b4071c44e1fbb3809f0b0a1eb

  • SHA256

    66b876f1bb69761aeaa796e0d2c12597957620236cbeb9a2ac661ca1aab5beb6

  • SHA512

    c88c8049b72ed3f8c155b5560973c72d050ec3026c91d7f734d76b39de5e4f7b40bfed796c29b43caff9014a63d593a938351c1ada215e33b01dd647354fb755

  • SSDEEP

    3072:Upyfe2haaELFoU3XxVdvdM1GypLJ3vbZQJ:ilLx3BVK9Y

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Vm.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1764
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1764 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1060

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    024f270b5581e5cfaa3925e8db487e5b

    SHA1

    189dc75a6ee2031009450859bb5d8f16ba27d6a2

    SHA256

    00d312ff3d0889941b92702909770af74b599b7f7d443d37627ccbabed2abde5

    SHA512

    1959920427920df85458d06decf711ed2a3aa8b3755f308a5a52583f9be5dd69e9669f936697f0373b921da37fa129d52a40482680feeacfc84067403ab3cb48

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c24c2c74f3a644869737c79ad862cb7e

    SHA1

    2d658f6aa64ce0c89fb67a3173f62b1fe1f66846

    SHA256

    2757cecf427762f43efc68cf83ec0d0662a1ef5e78eae87bbd45555df59e0540

    SHA512

    aeb22df98e29a232942b8b6308e5b671f9904fe423e7bbc5634ef2ce747394aa218296473e560a1c018449317ccc15660ccf79af0a1d56717b1bcea737a7b1b6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7546d540e377f0787525b9bc34684cb4

    SHA1

    15e52e472edf1144b04a14bc2228491c6c3daed8

    SHA256

    92279807bca957fdae80ada19bc753681f570f1f175ccc36927e1448ef594676

    SHA512

    6a1f94a94198b61707d10f0d7aa150a3075253b06cdf829c934a2ed6a50a6573b0be50f8a0326e9856e354a671623eb3868f99d897f01944efa1e8d3ad471904

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8f5726750ed267711348b6ce2a7fc8ef

    SHA1

    ac9d7e1416ddaba00adb37fab4b0c9b897f0f885

    SHA256

    92b5118327006e31a34f7d0eb7bb7d8d237a636313298d27d6d668ab8879fbdc

    SHA512

    cc4d48c76f7e2d1ec4e0edf21e68753a919d0d747a9a64c19a0f156f81be192e3bf9fa547489776368db24109b7dd6da66c1a7d484209fc6b20c002de275c6dd

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QCNSQOTT\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab48E5.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4A54.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\INBIZMN8.txt
    Filesize

    601B

    MD5

    4a288d75ee568e1a0bc7285dd553d1ec

    SHA1

    ee2bd35b061e2bc458e1d8f9f335300f66358f72

    SHA256

    f80a0dc9a527d0ca31e2a874848e591d3733838ea995c41438203ded53511ed4

    SHA512

    fbd5d640dc84279ca53b9cf34cc47f54f7c067574162185c5a2aca2a280c743c3a72945ecba7b90dc0692390e0f0dd2f0b9ba28f594389868e669b2ebd905642

    Download Submit