Overview

overview

10

Static

static

1

ATT19195.htm

windows7-x64

1

ATT19195.htm

windows10-2004-x64

10

Analysis

  • max time kernel
    97s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    08-06-2023 18:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ATT19195.htm

  • Size

    283B

  • MD5

    ac20ab14c76daf2323dc70e8ace3bbb8

  • SHA1

    e51b52dc550c06617b148e3c14c4d511dfa6c7a4

  • SHA256

    6dffe94dfd7c08f128e1be4541d9d40f1a68abb5f96b034ba1c7df3784fade45

  • SHA512

    a27f3fb5a41b2f6e33e7f21f516a438c8fe5dd774424e76bfd7b1bdf51d4148c32dd65c400ef3adccf404f0878f00eebc6f8071de980ec4312898bccf4d75081

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ATT19195.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1288
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1288 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1656

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dd672302f92309c46f5c17c1408a6204

    SHA1

    3d0e6a05b8a823aadfe115ae8516a1e10a8d5787

    SHA256

    b8cebe95f7b12f19618b5914dfe718df8aed7404d0c9139e0a0715f45baace4d

    SHA512

    e7f67bebdf2e3a0ded2a81db03719ea1727c09ad508ebd7450a4ac1310020609506c1435d1b8569649eb7542132076e3ed9f35115e32f19e83138c7d5fc2da6a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6a806bfa93d210a116c0881759ef0b4a

    SHA1

    e0f5dcbef0ba8bf21931fbff1d9bb6b70b9c5b03

    SHA256

    9ffa666f3a75bcf9cc3e7c910a66c8fb1c7eca1aa5ad6b6dae4abcfd33bf4346

    SHA512

    99e2c665347b71ab07c712ec94c815ed52c09f9346b50e5bcb55855e6b490a15bbbcc20030773851ed520531fa9a7a02b63512395c69adc5a5bc0aaddad009ea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7f2e1e0339f2c056e7b54a8ca3aad525

    SHA1

    8a0f4cd616c0d6f6c6b552fc41170587887dc2fd

    SHA256

    0c681b83f2db7783969782e1eba06022333fdd2371f17e54b6ff771f28e0c78a

    SHA512

    ba5619d8c8d502e2bdacd83e2eb32e942dd707bc9b7bc81b3deab321167b039d224c1a6b9cc74dec6226335a3eb40b74d78dd0a3e89787c4b251a51a256a1251

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3b203a112c89ac132e4d85f81b740578

    SHA1

    6d8e13503724919f489260096cf287558fbecbc0

    SHA256

    b48f8e22d19d728dbcf3b4257867849ea67ca8732d9131fd12e6eb6527a66613

    SHA512

    1b6b5676b9b4113e7cbd728e97329b3931a64c35855acb3837333833bab41e4da39d6377e2f0e852257a2157bb597ef33a65ae2347dafa3b4f3bc67438e2cedc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8bdcbfe2fd3e013febe88043e20bad93

    SHA1

    a90e0a4b3ad82fdf7c156531ffa2faa047faa336

    SHA256

    4736fe491584299d3a8608eef12d4f5591bf6daaf2d9a099ea96fcd0abf32ba0

    SHA512

    9f02bd4e12919c09f5c5a1c0dabc3547f175923633a8e715ca08670ea0bced95ff0da485ac2bb8ffb7006c6187819c6bc23257983d8b2528abb8b147a6e7d175

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9af9558e67c9856bdaca23e23e331967

    SHA1

    177e77bdec8262a268506c4019a681b87b1008c1

    SHA256

    e1166b2655e0f9fd2bf7d0ff6afa8c5cf9445706ca59dcfe46c7295fab2c13bf

    SHA512

    9659cea3e7d233384fdd0ea96e7480d93112b1b48e218674ef896fd57b042ee4a8a180fcb8df6958b7f4a43d4105d3f313d4f0966cc79aee4e643eb1d17a002f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    99ab83bfdc6ea63df72b10aa5a2a9028

    SHA1

    30533f3c2e19d9ad7527757ac47fc2afb5f08874

    SHA256

    5aced278baf9ecc3e1793ded29582bd6fb473abc8f4093a2839cdd85bc6dbe0d

    SHA512

    40a4dbc780023e8f14afe71f8f9ccb2abd2a3b5fd071061148661c2e236e6cb94c0e12caa44f0d8773a631110846c219f3d52c413000fb4074decb02ef1439cf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    830347168a8ddd6aede4713b3b7fcec1

    SHA1

    eb3ae4739234b8b081b56ba54d5a14b3b1837f89

    SHA256

    26ebd22ca625ba87919998e10616262fcc7a836e6492cb372bc7a8660c5d383c

    SHA512

    0b180fee6d896d78f18a11755cfe803688c012366520e4ba495110ff9892956aa5b26d5f6a2cdbd36ae2d5fdf094c664e8d954cadaa949f4828ffa51175d2804

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6e64d09ea823d8119cc5c104113b5795

    SHA1

    1bb429eda6806742ff3b77797f619060cae52619

    SHA256

    41441eea67ea99dec6ba1e18c56b627e8da913a7294ccfa09c943e6abeba9567

    SHA512

    14f4fbfcd6a0a49cbc4e99ad23431d489643c04f7290db63308c8fa24c75557ca4a765baf16774625c11da61f04e6a7e24f9d790bd10e741797ba3a9fdc07eef

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QCNSQOTT\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3FA3.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar40F3.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\STIJ3WC8.txt
    Filesize

    606B

    MD5

    62f5c5bd0ade546e94a1146bdcaa4c6d

    SHA1

    e627e5bee8223db28fcd7d55deb14edea425c506

    SHA256

    fee8204079c1cba290affa1ba566f8e7cab9ae402e97e5f357666d3a1fdd175d

    SHA512

    065475116c9a205189ed68fdc19dfd80f72d7932c4cd953ff99711ba94dcbc153581237039617c44f4cf1a77a10eec6f3a879e23d4314debc6fda6246ab5341c

    Download Submit