Overview

overview

4

Static

static

1

webstore.html

windows7-x64

1

webstore.html

windows10-2004-x64

4

Analysis

  • max time kernel
    100s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    01/06/2023, 14:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    webstore.html

  • Size

    149KB

  • MD5

    61cb1925e0c1505ff61befb831bb233a

  • SHA1

    c910b7de8b495e04bb272749bb26b02dd1928872

  • SHA256

    c6d062cddb408d245fbf37090ee62b7ac7b7773dd1da3f232be9ff3ad61d20ad

  • SHA512

    0497b660962d1650a2fa357ca8f98b9f788764cba33b6822563c7644717cf02ed08379d3399ee81c19e3cbdb8564e0b54b995e306b3ba29fec2b77feebd0594d

  • SSDEEP

    3072:3n0N/4hks4blgIw1PjnqQsmjv5g3sY9HuuPEuijXeCCTqbSZFeCUmbc8KCUyLu/9:3nhks4blgIw1PjnqQsmjv5AsY9HuuPET

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\webstore.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:936
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:936 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:688

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    b5fcc55cffd66f38d548e8b63206c5e6

    SHA1

    79db08ababfa33a4f644fa8fe337195b5aba44c7

    SHA256

    7730df1165195dd5bb6b40d6e519b4ce07aceb03601a77bca6535d31698d4ca1

    SHA512

    aaa17175e90dbca04f0fa753084731313e70119fef7d408b41ff4170116ab24eaee0bd05dca2cc43464b1ee920819e5ce6f6e750d97e3c4fc605f01e7ff9c649

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4c63c10e74414c742d660a179e1581c7

    SHA1

    e6d3dc214d3088c10e7d48d21776b73a5153340d

    SHA256

    76eee62779dda95fb4b3a8bdc85715b4749699f9a2d69e68a442fdbedbbdee29

    SHA512

    a63e5f457a176995b820cf1625d8577568be24fbd1befeab38ba27f0e63e5160db3753afb74d94e211e3b693f374671fc084aa8433d9127a2fd16fe7b1df6163

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    28cd24c70d033541c2185c9d3f2aec4a

    SHA1

    503266c771806cda6eb3442f22e06e1cb0a006ae

    SHA256

    b2e9513b38175ac02ae628682a13e0ef7b33338c90d6da11734c19ea1f4d7a0c

    SHA512

    7084a99b8f44a62dbfab97f4fad10bf077508a932d95bc5512d265415399c369bce102daf7a212a4e53c6793686517cd2f76e1756f561c4c7196bf843e5652e9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e88c003a9416c8b7208e6d4c9c303f5c

    SHA1

    b2f5441255f05090fc662ab1e04157258f5d7093

    SHA256

    a40e1f573909ba3c2f3f1cdd3294ce2189b6489cb490539a13a1c8b215c0a50e

    SHA512

    328708fce72f8b0ed649089d5e1d26d7acbf24f6fb7bb3ddb91c9aaebc73ac8129e7fda736edf539353274dff05cf747ce1c0128fbb79f945864127a84727546

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    38450cfad5ca51361f501c0f5a1aab41

    SHA1

    2f676726bbcdcad8014a191dd4c356e41064c706

    SHA256

    6d36c1eba03e1e1cc84cf84ea1983131b429ffd5981f0fb5cdf7d94b40d86517

    SHA512

    ee7cd63c64b599523c2494078436edf3edcae9d9449b524ef1dc77b9d9718c317feafde1eebb9605f450c568b96f5f70b8064db822ca646f0b71e40ad37b806a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8c08947d4452f25f818f60b54514b979

    SHA1

    9930f15b4ae00fc5837459068ef8e9c530e692f5

    SHA256

    0e94fd609313e496056712593e11f21b045b9bf344852667cfe05e0fff53c359

    SHA512

    193a1a130508c9ac0883647f05858c815b133fd05605c9a72bb0ee45c5d3d4b72de5063606c52ad28218cedf4d939a6f7b111bd53d4806a891708c9d90ed42ea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    91e49727aadd4703c13d7cd0fc933bc3

    SHA1

    ca6f78e399f65812e02d75838670bb810e5d585f

    SHA256

    909cf6c94d7c171c653eea09912966110181c07c1bfa3bc2a3e0eb424344c9ce

    SHA512

    1a23820d8987262b1d79708feb352a237ded68ce5fc99189a68bfc7e21b450664ddb4a545d142fc357877a6b6aefd60c9ee56ee4eb7ebde656283a6509dcd418

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8c866b5f5dd883f63ff082d2e88db6d3

    SHA1

    4ebda299a7f7d974e128678c5f3a8e42b640d5a4

    SHA256

    1f5ae5069057941944fc5693eaaa71719fad7e37711547faa75359d25ecbd59c

    SHA512

    3ef09b1d12326d1808b9b32c8187c77786419848e3ff3f08aa61b39c3002111b997dffc0d5117aabc9350c7cf41066e7bd2ef8cd7c003fee341a5aaa3b6ddfe3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a0d20df80421eaddcd738f2a7428f948

    SHA1

    ec5572fe9af83780f527332ea3af6b6f54ca4a0e

    SHA256

    90dcb149ea94ef6003f4c08beb39335d0368b789ddcdfcaef8e9d029ed75d806

    SHA512

    b9ae9d5ee26e7741a0974a7274f9a1eddf845e411cc2b106e8890d208ad72b138c0d4536a385625681c4e21ed1a85e9c7af299009757318b7313934fe0360a28

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RYXN1WWD\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5ED6.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5ED5.tmp
    Filesize

    161KB

    MD5

    73b4b714b42fc9a6aaefd0ae59adb009

    SHA1

    efdaffd5b0ad21913d22001d91bf6c19ecb4ac41

    SHA256

    c0cf8cc04c34b5b80a2d86ad0eafb2dd71436f070c86b0321fba0201879625fd

    SHA512

    73af3c51b15f89237552b1718bef21fd80788fa416bab2cb2e7fb3a60d56249a716eda0d2dd68ab643752272640e7eaaaf57ce64bcb38373ddc3d035fb8d57cd

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\TS07GYO6.txt
    Filesize

    607B

    MD5

    cbd9d485388c92ede7effa9549971e66

    SHA1

    53e4fd12331e6bda8fa08286fd1ecc17c82d0b33

    SHA256

    f51dbf23352a78fa8f5733500cb1e63b6b976cbd780d2ada12709b6f2bc8386e

    SHA512

    71643f7ac6760002268e0da2c49ada091f43de602b6eae9272d70f717cb8e4d6ae6daac4b3f30568d29fed28f65117e0fc0f9388987aaa1fa29297e35d39f6f4

    Download Submit