Overview

overview

1

Static

static

1

HSBC_Prepa...f.html

windows7-x64

1

HSBC_Prepa...f.html

windows10-2004-x64

1

Analysis

  • max time kernel
    100s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    22/05/2023, 13:30

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    HSBC_Prepayment.Notification pdf.html

  • Size

    7KB

  • MD5

    1cf6166569cefc0d4305d2649e0a8b29

  • SHA1

    5d4027ebdfb059433ec9e6fd2c7d707d7fa2de59

  • SHA256

    94228b57c0398ad0c22dc71c9f240fc2fc51bcda62de344f0561f31e624d8733

  • SHA512

    242803d670657f7f81d35e00a4fd4779a9eda95ee75481935c1e642141e37d278153cf9b3626e0fe78ef333711c969a0f6384b5e13ec4c2ec737e041bf7020bf

  • SSDEEP

    192:zHdBQGdTCbl5PHavDczBPt2nAWBBPt2nAoTm4eoMmG/C:zrRT6PHaCPN4PNmDOC

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\HSBC_Prepayment.Notification pdf.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1344
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1344 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1544

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
          Filesize

          62KB

          MD5

          3ac860860707baaf32469fa7cc7c0192

          SHA1

          c33c2acdaba0e6fa41fd2f00f186804722477639

          SHA256

          d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

          SHA512

          d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          623298dad25b807629219e8e76e9bbaf

          SHA1

          e4870d355e4361df40b04ec48e03a997b2385ca0

          SHA256

          230dc304fd423f0400afced74c2461c9030feb2cd01ce12c073766ef65be49f2

          SHA512

          8bf352bfd4b94685e0f927ae9438586779c87244a34724ac38cdebcc1d02203e5904311223d51a74680b897e8a72e72dccc20c18633c83c50292e779bee44e6b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          b99707171681e4354d0ee36d3ef2ecf2

          SHA1

          dc2f01e3895d9faa5d22721d0f50d6d0385615a7

          SHA256

          2bf38f778add0e6bc01d2c4ee8447fea25f644694a922c8543aab981f7325ab5

          SHA512

          8baf51d076ed955ef1c560d91bf4c8456836f532b2f1c25a640b8379ea22833e552100a3d156d4284c4552ed90bf8519839198fb9667fbac69dbdd918993cdb9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          69f3e941663ca8e1661cbf71ba1759d6

          SHA1

          7975725f5fddfa1b28b506e17a6fcc0bf7e00216

          SHA256

          9a8060e05c0726a64eb65a1f0391e89e7b6cbb9dc6d7da7111f137e92a33d8c2

          SHA512

          664a904a6512ade79b65fad0ae04880bbc468a3c3f730b3194dee63acd7f9cdbf5b1aa2be67c071a1d7ef32637ee29b2d3f9c781576ccfb42b161da6f3a3cf36

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          9ea142bda1b1476cf2a7e35c78fc37cb

          SHA1

          f8ef0f33848aa37af058feceeba72e2f13e51667

          SHA256

          8291265fb9417b9cec94a75691902ba65dbb6499c0ac575a61cdd675dd64ff52

          SHA512

          8686d78dba06199af4c0aab0fac1182d335a11448aa491977b51915b3fdc907b06d274e732cf6feb68eedbb8a5d440ac940b4dbea9722f7d6af7318f4b880789

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          f74358eb7477823e1056b4108d6d4ace

          SHA1

          fc6c989d2c7dabf5d808d628de71d07ba0200d4c

          SHA256

          de90672a17b076f25836a82a3e8ecace753c673426822cbe6c9dbf66333d6f2d

          SHA512

          e447df3d43e33cbced7de0c5fed1376d177478fe03a4f6ad0a0eea494ed4d2a5a22ec854a22aa088f24b5ab7249f65df53113ea71a62c03562fea69e7af98c61

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          3f96387a63ee19ab87c8b52ddcafcf11

          SHA1

          a87f52d5a7afd6d607efb96962016944f9447c87

          SHA256

          4f6dce06cc12ef3a7857572d831de9d088cbb4e88b981b0b1e9e624f6600cd26

          SHA512

          7c1729cb20c586e1064f902833c520bbcc67e05cfe7cfd9ba39e81c6a3478fd7b7d0e0348f8071c15910a95e150311103fc359d22cb909d599dd8c6355453ea5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          6117e5527bbe97faab8c14f9404f4316

          SHA1

          031910c0a4192a9d59391ca710f0fef0be5fe126

          SHA256

          b11baa5016925668b17bcdfbfecd71a81da0ce5dd51aaff2268c6e58af7b55b5

          SHA512

          5e6c5d187064fb6818f431e43fe955d70079a7a3a8ef2964f572347b9fc92e0f6822cf51d60af313b1d380ba4f62fe9da09bfa2a4e2d7e468ca00baf5dd44a16

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          0e69e6dfd6dd40c28608ba8422bad417

          SHA1

          c8a0aaba05d796dcd4514fc4b2defc34745d8441

          SHA256

          6b8e2581b6e8f8fd25d89b8f47366cc220b91aeaa03daa4f5631214e507cae6b

          SHA512

          0adb5a7f220b289e67dd000c831bb1f7fb96840e9107471133c4c14a32a324589b44d32218c5f8a0206d7e13d9b3052c5783591c6a94193d86f86f73942efd4f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          0848898b3711d766adb3845554b78e9f

          SHA1

          d9549302873108caf6b6a2be516d7cc0835116c4

          SHA256

          62ff89bea61faa6d2ec2cb7b5673f94b9812f455fbcaab19cb110f2a85afc536

          SHA512

          c884607909d1bcee1cd1daaf9c39c2f3460788ecd06704ef79a398fc9ba17db15937d4419e78731021c24e14cb794c2691e7bccb948b016f56877ee91b76b279

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          71caa3a3623f54d71e7ba38a9ac9dd67

          SHA1

          2da1129dd7b59b35ea29ba28f6ae0bc020fd502d

          SHA256

          9b91050e5fe4ca3366e4344bbe19d2b602e43fdc5bab05b6909fa6efb92241b4

          SHA512

          ccc2af73943f77cef63379bee382163a77c8c6c2ea10773f8688ac512626dba26a08d3e4bf9582cf4049a5f41f2504b4152e78c5efef2943e8d342a2462f19bc

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SKXYVKI3\suggestions[1].en-US
          Filesize

          17KB

          MD5

          5a34cb996293fde2cb7a4ac89587393a

          SHA1

          3c96c993500690d1a77873cd62bc639b3a10653f

          SHA256

          c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

          SHA512

          e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab2F5D.tmp
          Filesize

          61KB

          MD5

          fc4666cbca561e864e7fdf883a9e6661

          SHA1

          2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

          SHA256

          10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

          SHA512

          c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab324E.tmp
          Filesize

          62KB

          MD5

          3ac860860707baaf32469fa7cc7c0192

          SHA1

          c33c2acdaba0e6fa41fd2f00f186804722477639

          SHA256

          d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

          SHA512

          d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar30F6.tmp
          Filesize

          161KB

          MD5

          73b4b714b42fc9a6aaefd0ae59adb009

          SHA1

          efdaffd5b0ad21913d22001d91bf6c19ecb4ac41

          SHA256

          c0cf8cc04c34b5b80a2d86ad0eafb2dd71436f070c86b0321fba0201879625fd

          SHA512

          73af3c51b15f89237552b1718bef21fd80788fa416bab2cb2e7fb3a60d56249a716eda0d2dd68ab643752272640e7eaaaf57ce64bcb38373ddc3d035fb8d57cd

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar338B.tmp
          Filesize

          164KB

          MD5

          4ff65ad929cd9a367680e0e5b1c08166

          SHA1

          c0af0d4396bd1f15c45f39d3b849ba444233b3a2

          SHA256

          c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

          SHA512

          f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\2ZW0F1MD.txt
          Filesize

          608B

          MD5

          89d2ae89473921195b933e83189a7893

          SHA1

          449adb2cd287d8d57b9c8a22b196e9dd4c957d3b

          SHA256

          6d3c1fe13d63d238f16a5cb89176bce58f032dff9942c96cf47eb87d1937e166

          SHA512

          11e3d92b67513c1a0db0a2b52e441a123f929c651ec0109449a431ca7ec021e12694df61e18090c3f4bfdc4686e05dd348c8275e8fd61cff92ccfe8b4450d579

          Download Submit