Overview

overview

6

Static

static

1

download.html

windows7-x64

1

download.html

windows10-2004-x64

6

Analysis

  • max time kernel
    66s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2023, 00:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    download.html

  • Size

    43KB

  • MD5

    0eef0dd8444f31222b75cd64cf4dc9d6

  • SHA1

    a1b8d59c870939d3d0376c1d3151941f55afda0a

  • SHA256

    1ef61b92f2a383d0dd34b4ba4d43512cb3ba1f39f571009fce90dfde10817de1

  • SHA512

    81d9c0324ea1a93f198f71b4c3e8547a9433e33a5b54661461ec11193ba2502e1d860bee36a240af26d48b334e5dec462994d7f12444d1d729331a6bf0c0cf47

  • SSDEEP

    768:sbH/MA0x/OAex/OANxCPaSooWUx/OA/BtuwMzOhnSl:sbHEv/Da/DNxhop/D/BtuwMzOVSl

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\download.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1264
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1264 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:560

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7a95a4bd1dc8b4149d9b7ea3dc1a4733

    SHA1

    1db780b9fafc58b0ab4cf1d5e0c4a0208f630416

    SHA256

    9a96468aab1d04a53fff88a6618caf83089a76f25e097ba02c21e68ac29ab399

    SHA512

    a58611397ce6d8710ef0b03304a16088011cd230dbbdb3331616299cc91fa27ff55f3b4f354e1f483aa782e30df2bf02722c7e5b61486f1b2552ca3063773148

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0bfdb65d7ae6a1f6ee2a6ec0a117cd33

    SHA1

    1ccd9823f8c2e62d197e1e7e4b4dddcf85ce7c9d

    SHA256

    ccad723db78026c43a5d95a25fe70109dd67ddd8e91149651c7679212c38d13e

    SHA512

    20b950e878ad3e8eca9548554c590c2d67996c0fd1713cb6bfcae734d990bd9ec79faa65bc18f5911939ccd4def0ac6aa402b6b7c36d1c171ff6c23bbc1227fa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3d56234be27dd1403eaa37aa4c68c0c8

    SHA1

    3e2cfd87957e764b0708a0721968a7c14d34b7c5

    SHA256

    a05e63a9c06d55bf03d628f8f234ca467af39e061c3098f23ad1affcfb627a5d

    SHA512

    eb0598819e434f99f3cf50241eab123fcdd6c79f66ef7ae6827a476c21f29001b750e663d889c20f743f78760788a206f46913d8de93f73de8eaaff168e4dafd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4d2dc8217fc375332458f9a7fe527f12

    SHA1

    9507c3627177941a65fc47912473a6e8298facb9

    SHA256

    7a5efcfb5e9ac67e0474ef8f3ac283c085f86fb3a07d9e0bd8c3ec165775e646

    SHA512

    e879a0090d98f9e9d9e86b0b9c132f1ac6e85b49c6ecedaf0aaacca478dc0dc277972bfa6007a9661a840a5e30e58f8527ca57917a4a7200ba86a040cf56874b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5330d54d9c0b125ce6c982954ce23fda

    SHA1

    739108e96a092d9d76e0d247b253bc7cf0c22fcc

    SHA256

    6b9fb737287b4cd1b815d22be0a2de79551cbfcc323446992b7f25a0a3a48770

    SHA512

    8099d2bd7b9c2ef9058d56917dc7746ac0f1a6fa0d809215def254d182de88efba202eba0e4829375f0ed8adad403b554bce5cf4ce18eacabea1478dc8366270

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2453b47c5d78b1f383bc2e1bd0d1ec63

    SHA1

    153b2522eed840f51ddabab882fb5b56390e2027

    SHA256

    a489ec8c644627eddcac5bc216c77094bbe2c0dec4351bf3047ae829b00bc4c4

    SHA512

    ae7e6550f3f08424f0d8fc0ac06fb68713a183911fb09afea9f8b5278dcd40dba96f6035cb3c7628e6b6cbe1189037868170c6afb7f5b4580e3026ce16dc4bca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2980756ac8f3ec08ac06a8dcf69ddf96

    SHA1

    901d69dc8876429f975b7c69c94a9a152cda4c67

    SHA256

    a1e4446924e913c7b4f76ae2a19841b082f412a1e698b74df600274679c27ef2

    SHA512

    51efa4fc2f025968de441dec55631ee8cdebe8d02a7f8ef77ec928da1c027335c1d23ff3bd9e4ff2f0dc23d1948545293b1f3346783af13b7c76f5b9c1343313

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5569ae9a1b488ebb1c8e6fb61f962e6d

    SHA1

    d5a09d10f6d27238bfc3d2d542a3de8f7b57ac49

    SHA256

    155b6023891625f64690293ce67d10698374b93e8bd58d5b14db65d35158f1ab

    SHA512

    3e118b14774e247ddbe4776f69b7ae25cae4811b60b47025b259f2eb8ab34a78280a0c77b2e5f05ae914b364a1062820cb7f02bfe6761787e0c1af5fbc88ea4c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3f95992a7d577431fa49b63993d1b937

    SHA1

    3b38d2a86acd97ad315cf928cd42138cdb300bbe

    SHA256

    ac30072b8a905b77ae8aa202375ca61670f54c894ea512e4680d511a75a4d6f4

    SHA512

    6bd4bc218fcee5e3f3ca4e7747fdedea5e3cd7f8a0942052bec3ba9986330161ce2f4492004326f9f4de0063e142e07241a6d30ebbb3fddd05528634ddd3e9c7

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UIC7WQYE\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab4222.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar42F4.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\JTVR3WNX.txt
    Filesize

    608B

    MD5

    051263bdc899bcd927b4abe0a2a7d736

    SHA1

    5991125504bf2a8d929bc2a04f32f17759b102a1

    SHA256

    e968ed5c646a127a789fbc1a511f5b91bc2a9e7cc4302dabf2fe675aa066acd0

    SHA512

    0fe354895faa5c7b791918f45aa6dec2da383db70a6d894369291353d7fa06222bbcf0a562d4b98f3176a336862ce085567b3f17b6ae019023363627f7a38dcb

    Download Submit