Overview

overview

1

Static

static

1

TATA_X0_R1...A.html

windows7-x64

1

TATA_X0_R1...A.html

windows10-2004-x64

1

Analysis

  • max time kernel
    66s
  • max time network
    81s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    25-05-2023 21:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    TATA_X0_R14.26_M21325A.html

  • Size

    661B

  • MD5

    c2aaee85b703bc682e71f4609a12bee6

  • SHA1

    927632566bc61828eacc74916888bba9e16934fa

  • SHA256

    94a495a6e11701ebf40afe383f2798b9fcd784501acb297c62b46e000c407e34

  • SHA512

    e01a2e6b37a91c0fe9da974357993981006071929f6ead3b0eff922d163d7ed267207c03d4603ed3db3eef6790d6c3de76c7ffb9809c4dcbd4d0fe484684c6be

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\TATA_X0_R14.26_M21325A.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1724
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1724 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1016

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    b5fcc55cffd66f38d548e8b63206c5e6

    SHA1

    79db08ababfa33a4f644fa8fe337195b5aba44c7

    SHA256

    7730df1165195dd5bb6b40d6e519b4ce07aceb03601a77bca6535d31698d4ca1

    SHA512

    aaa17175e90dbca04f0fa753084731313e70119fef7d408b41ff4170116ab24eaee0bd05dca2cc43464b1ee920819e5ce6f6e750d97e3c4fc605f01e7ff9c649

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    10272e1f0c325454d0e297e68c9184a3

    SHA1

    a60b8da7ed792156f82ffabae5bbfdde1849d569

    SHA256

    4ffdd4bdef107dc1869763e7ad4e6a3b3b69b7685ca36b0a0acd4de1efb5c8c1

    SHA512

    941a519e8e84a4d16a8905c3e209337ed722724efa2eb091346813c7014b2cbde4cbe0839c493493845ea52c058f014483004a70062665f66ebfd813be4087b4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    aac8f3ef2e6019948515d5b4d108c331

    SHA1

    41149f2982b8b0dc543179721388e624f6fed28d

    SHA256

    ae501e0ef4004e27342b7dbfa841f3e86dd24599553ff017da0fb7d2c0cb6c66

    SHA512

    561d89cfe0bf62fdaf0c1d8c7f221a21d849bd53240aa7e6b1032e85ce5a023ca41b6acb5fcd1b2ea90ee95c29947974ec51e247424a606da81a419381ce17cb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    10de3d65fb111663f1b6a51197a77136

    SHA1

    25deb199e47aa2ad525fb9ae4ac50ffffac0cad2

    SHA256

    ee98ef23271174255ff38ed60237b7fed7fa2b3be5460459ed1082b4526f95d7

    SHA512

    f528d9fb42d7e6641117725f517d658a36ee6fdfc757c0789a0e933ea6c8fd719faa81f00e3be1e76d20cbb2be0524a536be96454c6062a350b239ddc2f14b7d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d221a4f62e1e013cc5eb4f3cd331a407

    SHA1

    9a5018449e8faff877c3172fb9a878ed7fa3aac3

    SHA256

    9cf25b86491ad4a1e2eef913b2ba5df14204c0f9c069378c28c771090f8d4187

    SHA512

    b6802722f0c3ec6f449bb17df2fda56856417b25ad0f039f9c555eb4a077bf861141e594a42deca355b5d6d7a1acd233fa8cb9a6561eb2fd80579a7a345ce9a0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    acf22e1f9902dbe4fc485d4ac0484196

    SHA1

    0c34bcf98f7d41c3f7a6856400846f83904a5db7

    SHA256

    41f3667e650028df36cf632f77f22a6ae50dea10b91ba3f1f3dbf0ca8b751fa2

    SHA512

    814fd19a8dbc3dfb0db5f88125bee9941b96459566f51c859e2d559278ad4244267d7243e6181ee66c4c4ec454e0c7a2091f06c7589a48666db3b5c83af4be70

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    99c7b782db75cfe5b98ee79ea2bf5233

    SHA1

    97fe7ff6ac6553e87542332b435afac6734ccb54

    SHA256

    dd6b9d8ee42f2a8e349f7afb4cc739ecf4877f357060cb09e0ee9ad291bf7e58

    SHA512

    f8f3ccf1969a743dc0936c68c9f9c8bdc24052e28e2a66ca234d0974dd6f51dd0babdd301e96c08ee47deaa4f3f58c060ebc1459fa74f362504378b10b60d529

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KIMPJA9E\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3E9A.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3E99.tmp
    Filesize

    161KB

    MD5

    73b4b714b42fc9a6aaefd0ae59adb009

    SHA1

    efdaffd5b0ad21913d22001d91bf6c19ecb4ac41

    SHA256

    c0cf8cc04c34b5b80a2d86ad0eafb2dd71436f070c86b0321fba0201879625fd

    SHA512

    73af3c51b15f89237552b1718bef21fd80788fa416bab2cb2e7fb3a60d56249a716eda0d2dd68ab643752272640e7eaaaf57ce64bcb38373ddc3d035fb8d57cd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar40A4.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\H0S6V031.txt
    Filesize

    600B

    MD5

    db5e5fc91ffe4d8d10ecdebdfb171a36

    SHA1

    57d55e2aea662e73dc9f16b350bba6a928946227

    SHA256

    2568cf9772d12c030dec67e00469898287e74c80d38c1ad2f5375e7086bee53d

    SHA512

    19567d8e2c493493f1ad7de6e10318f55b9e169045063d12d469ed4ed4dd99d46d92b7b06fec9ff7891e66ff3299d6ec1f54c4e2a53d1d5b08835fe1c6421abe

    Download Submit