Overview

overview

1

Static

static

1

May10-Invo...8.html

windows7-x64

1

May10-Invo...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    100s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    29-05-2023 03:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    May10-Invoice-DocuSign-91218.html

  • Size

    515KB

  • MD5

    f75e7dcdd30bb326e01f01df143f6425

  • SHA1

    0e7a7c7abb5df0b93935e7e1bf6c620040c49b20

  • SHA256

    efbb83a531b88d0820d36410356cc4c8deef25deaa8da351a963dd51eadf8048

  • SHA512

    a06f0dbe14310cef2d8345f7e48f7f4bf5dcf58f208c1a68fca4e1dbd2505e84419f18ebb3525e96d0d886d25734229164728ecc3358f81d5474f037f25a48c8

  • SSDEEP

    12288:mla6QGjDAqEgMGmyvZIojQZ4gtAm2m1M7O2DZ5NXBci4LDmL:mlllDJBZgtAxO2l5NR7L

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\May10-Invoice-DocuSign-91218.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1700
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1700 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:664

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cede8251cb6a8ac1785cc85ddf778abf

    SHA1

    f16ec123c83393f99bea8c50e759a4f576d7110a

    SHA256

    0c2ed7501c0b95b7346c718cfe4f619c5dc771f8465a778999f164bded7645f9

    SHA512

    15432d0e33c645f17c15ebff4514496a19be9d69fc29a627dec94c32e6f3f4e513e34f783170f3996247e29b0a15d12871bc9b1676e0dbf417c12e9f6fb796fa

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c6e3f153d8e7070b74aceda5f3b08bd6

    SHA1

    a8a14f42d33a20d4011eb7825f0772ca6ffe08fc

    SHA256

    4cf4da621da01444ebd3d84cd95364379113aaf77b137e4c6e251f72158c36c9

    SHA512

    891b5bd3dbbd4bda8ab61f29c728ee8638dcc62e763d584185274d5e0d85dec0da48c3f72e121db39922133f939c83e5deeec966c5a96764c338896587239321

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    24a3b544378f66c2c5c7fa781b3bf11e

    SHA1

    3ec1f3fd6a070dcb29bba19229283c575dd8d65f

    SHA256

    e96fb6b43bfb9bec16e09503578826d3ad2bdbfbd5272c84a63eae0e4b2ddb49

    SHA512

    5df5bdff761a70649eb2c8f1eb6907c30b37ad08d08442495855e3c5a3456cd6d65df044d3161758e45d0b9e5b5e1e59cd6a6f7f8d3a9346586d64f7338aa9c0

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8b3faccf3d4df2ce6cc93c6357f82459

    SHA1

    72a5b3dd688720dd2aa139ab21c6b986632d4df0

    SHA256

    08b1c89a31f4ba4832d32f2d4a1a7d6b6c1288538b134828ec570553443c14ea

    SHA512

    cb4fb6706969ffb47b76499e4b75632b7903e5d68319e55b7205f83a11a98c5965c34edd68ddcb2fc3f10b586d4db2b0531884af680fd9e56fb0410bec5b3c5b

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b30461d133789533f505d493db432496

    SHA1

    d27c61d090c647546ddf4069f45aed672d4ec6ad

    SHA256

    3eaa9268ae93b79a611f5b6fc5793dad711638540a41a4a74920e2d41582f47b

    SHA512

    0f66a283b7d9067a2a47614afc5146476db05f42e3995654f29102cdef9869124a330346bd851950df67653f7400f0b6742f6593a1d483b95f21087fa205b59c

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    08bf6954c481ab33f9baf59a34df7457

    SHA1

    56d133a8994f88dccedc4a3d7d2679717d4fcdc1

    SHA256

    61e24a5f1f405aa6711f83cdf25124ddefa58fc0f42e67faf2497cca6a889d39

    SHA512

    1047bb47d46c8250e03f4454dd8c4be4cd5d82a39da8766fe98c5fd6ff94c95dbde7b1e487989ea3fa94f110c39f927cbe20d16db0cacc9d2dcf3021d851e22c

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9bcbf3bef15f16898e36162eee92e7a3

    SHA1

    252f1dfb05a15bdc43c72fe2191c0b5d7bc83123

    SHA256

    db1b94d3f0e39bb428d2f85f01c16b35078e94b777638935ce6c634d64261f67

    SHA512

    0220618d82ef3fdd1bf1456998b407197373c075c5ca1374fff4ccc4fb1ccfb0846ea2c1e7a210e62e322ba3cfb638ac92c6a75ac5f217f0cbdaf60018793e58

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b075ee1aa91a520193f002ce77fbf6dc

    SHA1

    5b20838056e8bbc916c73fb2d0f5fe9a2df865a7

    SHA256

    28157723320c4d2e7cbc02d86379d8a9834aa7d2e6b56e7181aa798411d7b55d

    SHA512

    4b5d8c54e95cb34c95e03bd870011bc9465960ed565c781b9001e942cc80026d0169df82f0d264fdc43b93dbcf2f122a883b503f1e134cbdcee6fcb1c076bb73

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6663ff5b2051ae84634b2127ea5f914d

    SHA1

    9be3b27c50425f5e83d91298ba29cc71a4dbe87e

    SHA256

    b8d8b0c3ae079c7ebc58ac8c4160841d9c3e1cb5d0e32f642f1b8ec560e1e66a

    SHA512

    69caa882e7459835bda8c5ca1ece4f65aed95be2bd4bf1c96f1bd832f5552f1958d8958cfc096a78e910237ada6624acbc239e37571161faf31523b702c89a60

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TOS3MI7U\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Cab3F93.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Tar4343.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit
  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\U5EIYW1T.txt
    Filesize

    607B

    MD5

    775d093c44076f9a14a3f065c32ed4e9

    SHA1

    1627d74b5109f91d0b287291e77213ee3750b956

    SHA256

    0dc93cd6a3c68bd7ce3622dbc980dc2ac4e99f59769e4411f4f42fc9ab160bbf

    SHA512

    6bc70f56cd52f75a1ce026baf7604fca0ee12d3e5ee5d92498166571b03340372bdf9b7322babdb72d51168847c2fcbf1289281e8422baa9f9568aa21d924e0d

    Download Submit