Overview

overview

1

Static

static

1

sample.html

windows7-x64

1

sample.html

windows10-2004-x64

1

Analysis

  • max time kernel
    127s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    31-05-2023 08:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    sample.html

  • Size

    10KB

  • MD5

    99d5dee2f26d407be37c885772297b6e

  • SHA1

    e2be598b7afc826acc2d8f085d1d511e96e61d10

  • SHA256

    e2b405f9d48bd69e43fde03df788e06813ef3bfd0fbd470295fed8639a40601f

  • SHA512

    8ca79ea79ec304e1ac3367d625599ea363c2ef0d4daf43088ae6a8085911d124ad8e3aec2a207c38a65d58eb63d714afb1d01f07be2c0b6a4ef05443985b9aee

  • SSDEEP

    192:fG/AoQts01kdvmM39VQFpM63WQi8HjLsUCFP/6c5oJIVwupOw+La:o4OPNuFpMqo8MUmHuJIVwupOw8a

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 40 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\sample.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2044
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2044 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1088

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    abc91a618f1b68ce7dfbf225f246cd05

    SHA1

    36daf7bfe28db8de8434e1c1c79f82be50c7a3a8

    SHA256

    09f4e560cdabd4cf28975600b775515b5aa960c6eeaee99d71097b54379ac3e6

    SHA512

    f577516c8a497597dc1e45c132d49f54af24333f2f94ca4c84eb40cff6e0474796992003f496e9216dbd498a3f3778e1d14229ac3e67aa08616e96e3c9bd17c2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bc4147f3432e693d9b9fe11f562a3ddc

    SHA1

    93418c36aa61a103c014c59d35038adf0e8ba90f

    SHA256

    c5c7c9d548b2d85ed10013f6d9361201eef3cbe80934bfd4ce754bcd1c8ab130

    SHA512

    3c5dd947c31a3322e60be413301dda3cd1e4ed2514a7c3d4fdfb496062bc50a46b5d40a3ee8e253463007acea5fbb291e7c32dbfae37a8fa2e2087a5812f0cb7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    858d68530326149ab487a81ebd81693f

    SHA1

    03627c5cd0d5f030e742583a5f0a862ad13ff63e

    SHA256

    afac5caeceb700437854d633e5256cf9e28233dd61c4451a40a3fa62fd48e82b

    SHA512

    9d29526c0669bdbd4d900237b33dc346aed84a0ab4e2f312786ad6ce9b17b75912a86de188b0136bc6fb6e2b8dbd145e47b8514d60e18eefef3caadf32423aaa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    76472d660b46729bcf77d1e538d2814a

    SHA1

    91d853b5f0bb1007abf08058ac6f25affd44dd1c

    SHA256

    fe6acda0b0e58a8022c915f6df1aec03572ba5ce9f320a8411788b09d83f8ed7

    SHA512

    6571df66cdbde66213916c6d3a3829c09a7022570e9f7866c0889aa8fd7bf1db5bc9ded8405c9f8988533603849f496489fb950981d276a49aa5c4c24c7c89ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a7a78345dbc4393ffcc2e8cf0b2d1ec9

    SHA1

    3ebd63298078c17a2282dbc7a71b316aee7679d1

    SHA256

    39b6b61ab57487b8998064201872a6388ee5265ed2bfd974f216b166e4fea036

    SHA512

    f477069d9bfac0dcc24543bd02afa207ce2b7cc50775dc0d7b78dadc8ba1d1cc7312a60acc502755603917e399193654ef7d21b048fd5c0a5d4b3d285507e36c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f077943dbd4fcdaaced45e6efbea948e

    SHA1

    2c17df8d9607a9971e169d00b3d36b417c61939d

    SHA256

    af13d9ebdaa18de6db1eed092974c6fadd0c169ec0d803a5a49909543620c97b

    SHA512

    844c9a9cc02b5e4f5348008cc2a9009a1fea9e7c47a902cf99ce14c4cbeac1c9428bb5636a6cc2d971899efdf2af169784f835faa45d2ab878510b5f91241841

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    16a1c493386a0499839bf032b8e7d9a7

    SHA1

    9313e099fcfd95f5411a479f5c54083da578b588

    SHA256

    1c4a1d5cd095efa77981b53524566aef1679177a8d96b03b84e8d46bc51364b3

    SHA512

    05fcb5c09cbaa121c1eb2406e620d9765a9ca1bce054e651ea616a3be63b50ecc86579b9560983c3688484b3c32e7c9f6b0640f1421c7373de257b19435868d1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6456dd2fcdc5f9576ca2574e3996365f

    SHA1

    c21ffa151668a1388f7878c6b96b5a449ded3f80

    SHA256

    9e9876d4ee271698c824e18442427da2e48c6463bcdc30330b191246c22a0d8f

    SHA512

    88f07f98973472554745f062c0720854c9bd0d7fb22b9140f0e6bc21bdad28272453cf517c7c829c30633b2a6079708ebaf4d0dbdaf202a3f0d0fc111ce0d616

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6456dd2fcdc5f9576ca2574e3996365f

    SHA1

    c21ffa151668a1388f7878c6b96b5a449ded3f80

    SHA256

    9e9876d4ee271698c824e18442427da2e48c6463bcdc30330b191246c22a0d8f

    SHA512

    88f07f98973472554745f062c0720854c9bd0d7fb22b9140f0e6bc21bdad28272453cf517c7c829c30633b2a6079708ebaf4d0dbdaf202a3f0d0fc111ce0d616

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7ee8aa1cabf361db11b71c9aeab46f59

    SHA1

    207f23ffcf8ae21752974a6e34f9a882cd352f4f

    SHA256

    0442fc9769ae39f137b1f5277bca9c607ca66c5decbf59a115ea965b9abf7fd5

    SHA512

    fc8afd7cf16b014a54b0696cedf7ff751dba090f55d6ba4ad65f2971bff36938a9cd320509f7fc042849bceb2291ead6f0979f0efa492f0861b1633be2a06fa0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f492c1845a6e810e782bdee6ad4a656e

    SHA1

    ef9b9667d40a11b359078766917634bb88fdb391

    SHA256

    1260260531c9de254a359fd60652260fb68d768e82374d6c8f477dae8210eeb9

    SHA512

    e29655cb0b5f79cdbab4c1ffc234c21832cd6d99a968b9daf9cf8f8173d5efbb8ad192192f0dcd1383c4cbfefc16417d842604b7cce3c919aef10095299ee905

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c3ca1a8fde96942146ca3737c5c69111

    SHA1

    9d41767948110d8c358788fbd679541c7d407fdc

    SHA256

    0fc7202d96eb52a4c5add13530211716f876c3daaf2b5ee8ab3b33cd4c20a2ea

    SHA512

    515d2247e0ac80ce21c38517747f3dc09afad181da91ef4b1331e9de45d5da59b45f29912014f77c18a0844ba32f39902eefc0afb9b6c46e2cdf8459fc788a7e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    186ceed3bac3043d8a9824f1f641b9d7

    SHA1

    ac20bb8b8b696c2d4ee77da933c10e3dfb618efe

    SHA256

    94ab0d774851f171660fcfeb22c655fe7009cd98d1817f7490a1d38783aa7d06

    SHA512

    1080fa192a1da445faec8795b8e05be6068c679cb59512480f010e02a4aa7282944687f8f25b24e6aade5ec3d47f1653bb67ada6fb7a47782557b0fdceaa6dc7

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KTB503AZ\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab281E.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2823.tmp
    Filesize

    161KB

    MD5

    73b4b714b42fc9a6aaefd0ae59adb009

    SHA1

    efdaffd5b0ad21913d22001d91bf6c19ecb4ac41

    SHA256

    c0cf8cc04c34b5b80a2d86ad0eafb2dd71436f070c86b0321fba0201879625fd

    SHA512

    73af3c51b15f89237552b1718bef21fd80788fa416bab2cb2e7fb3a60d56249a716eda0d2dd68ab643752272640e7eaaaf57ce64bcb38373ddc3d035fb8d57cd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2962.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\K9SZH0WP.txt
    Filesize

    601B

    MD5

    1f56fba8e134ac38bae233915b917620

    SHA1

    3b3636987c3e7137b9dc9ed30146ce421d0e4941

    SHA256

    d40c6f43ff7fae15e9274a0f6de909a835cb92450ab768bd41a253aa376c9c50

    SHA512

    3d9a51d8372d1e23a720a47e9d4a4d2753c27173589bbc6ee6b123ed52f81c1a49a0a2d805b6176025b14985b53900090df6197f7df20f80847280fc13745b18

    Download Submit