Overview

overview

1

Static

static

1

download.html

windows7-x64

1

download.html

windows10-2004-x64

1

Resubmissions

25/05/2023, 04:57

230525-fk9qsage9t 1

25/05/2023, 04:55

230525-fkmk9age81 1

Analysis

  • max time kernel
    1607s
  • max time network
    1610s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    25/05/2023, 04:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    download.html

  • Size

    77KB

  • MD5

    b3dc8031fc01301daa86311f76c190c6

  • SHA1

    256af89c2f7a5fd945e49cfb6a52903e45a8e5f5

  • SHA256

    bb4200ac835d2955316876fa5f2b01710a9d4de4d1e8f7e52dd7e9ddeadd9eab

  • SHA512

    15bb6c2116bc110b7fb8de2955e2bb939e926d0e3a3c212f36fb41ef1fb9a133a6fcbbb003d5cdf9a9fa1fd8b5c1b7012333352bfeeb0ce73899655eea6f940b

  • SSDEEP

    1536:rAX6NTTLiVTesXOfEX8cR5Qvqo92hEzh/2Q8nLIJVJ3r4DzDLcAvPRLTICp1UOOm:qjPd3ZXpFplBlLX+O94i

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\download.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1500
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1500 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:796

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B398B80134F72209547439DB21AB308D_A4CF52CCA82D7458083F7280801A3A04
    Filesize

    471B

    MD5

    5d493fbb3f2b4fefc0d499f0ab684bbd

    SHA1

    3e6f5c10767f0d4d846569c62484690269ae0930

    SHA256

    843c5e5391699422da7a44fe66989ef828f7dc54d0ecf8f35185301f25d5b6da

    SHA512

    17d2eb24e19fefcfbd4ebbe44248617b1656beb9267a0cec4b3718376bb48039fa30d5352c8ebf650fde48c844149b9d46724a945bf69deb7edb6fa19f8bc3c3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    14c59b2e32d4f85bebce24341becf302

    SHA1

    c6259200e7b842bb8688967de7b91093abc2d12e

    SHA256

    5abf482ba5b7ec94c281ab1b70dc46f791bed30ef2c3a546465fc75789869538

    SHA512

    eef18f95a48ebfe0f42fd9b20e1733d1d0b6afe09ce1a32aab35ce7b536dac8ce490c3d6a24e0a335b8126528823a0da118e1afde21dc494147edef1b2494138

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    14c59b2e32d4f85bebce24341becf302

    SHA1

    c6259200e7b842bb8688967de7b91093abc2d12e

    SHA256

    5abf482ba5b7ec94c281ab1b70dc46f791bed30ef2c3a546465fc75789869538

    SHA512

    eef18f95a48ebfe0f42fd9b20e1733d1d0b6afe09ce1a32aab35ce7b536dac8ce490c3d6a24e0a335b8126528823a0da118e1afde21dc494147edef1b2494138

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0f33208837935b0ac190d92bbb67f19f

    SHA1

    eb7796f8839731291d715cac7982f8c6c5f2b194

    SHA256

    55437f3c51a836e03f7c94cce1688246c4ef02a9eee116750dca265ea1231cc0

    SHA512

    07c0617dca49740c50b4f7053a08af00e380a2431751e039de4abe36114e72a43758f75cf976ec82767a9c4e17d68743ab24a63e8bac2d875892e3905938ea3b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    46a722f33318ab06a8431c2fe205905c

    SHA1

    b557f6cc5b2783c8e045da10340f99523bb430ba

    SHA256

    2640596888e4f36ffcf88eabae43a6ba08882cfe10f7f6e0f95b5426dffd1003

    SHA512

    b00558b71fc3ef4cfd0af573dba42aa060e319f853b9f116e95709bf693edd15fb2de8bf1e8da04e09504bc1b0f725be9191968ec076c7bb2134f1e80486e1d4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    da0e9f1d01af0526f8bd08adc112d0b2

    SHA1

    9304afa29c5b085141cbe7d17c072135f7557a7e

    SHA256

    e0b059354f732ea45e01a22be008189b897b53136eca17c9183184b8e81fae5f

    SHA512

    37df730a37234147b8a44df8f49a2c743e81fcb2102d8fae07ff0826c49af07f0616f01f9b4d8b5b441f5565f6959da9153358bf2985a073f039114636438712

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B398B80134F72209547439DB21AB308D_A4CF52CCA82D7458083F7280801A3A04
    Filesize

    430B

    MD5

    056942b32a34d27d2447415c8545b22d

    SHA1

    7e69bf1ae0f4d69ec0635ae22051ab373c71b00e

    SHA256

    dcc81119a18720aa92e93f6237b7125cae26340d63a2d8f144c318fd5d8154f1

    SHA512

    d0ca78119a28ec408f6b61d8613909590a187243798f3b071f52d42b41fb73df909d7159f8e97bc913c15c5a1521344097ccdc32ef34e2c1c90892975b428a3e

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HYTOKVEV\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab7C16.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar7C2C.tmp
    Filesize

    161KB

    MD5

    73b4b714b42fc9a6aaefd0ae59adb009

    SHA1

    efdaffd5b0ad21913d22001d91bf6c19ecb4ac41

    SHA256

    c0cf8cc04c34b5b80a2d86ad0eafb2dd71436f070c86b0321fba0201879625fd

    SHA512

    73af3c51b15f89237552b1718bef21fd80788fa416bab2cb2e7fb3a60d56249a716eda0d2dd68ab643752272640e7eaaaf57ce64bcb38373ddc3d035fb8d57cd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarBF64.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\5L8LD1CO.txt
    Filesize

    607B

    MD5

    6e60e876ff3a7b99d18f5021008efe7a

    SHA1

    46453f746ff8ab0e08a45523a78e88271ad46678

    SHA256

    775e16f5c448b810bcbe89930ad956e7659bd581db51ed679f114cc1c352f465

    SHA512

    08fe8a3b37ab689081e0e6856a620f03e6ee9468cb0f0d74874e820d89e3e53c88eecc101df99aa7af9e318ff468e8440c3635ac781b92cfc83e639ca159a8ca

    Download Submit