Overview

overview

4

Static

static

1

Payment_Advice.html

windows7-x64

1

Payment_Advice.html

windows10-2004-x64

4

Analysis

  • max time kernel
    194s
  • max time network
    195s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    13/06/2023, 22:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Payment_Advice.html

  • Size

    4KB

  • MD5

    5f46f8d9a88a6302217f5bc14c9e5118

  • SHA1

    2c3a983ed82a73f52b00718cb4da7e15a605adfa

  • SHA256

    2e4d47ab094beb7d9dc50445b129b8a8cb7762dce6df9784445e6218429cac26

  • SHA512

    3a891fcd00e6e8e3ba8b61570916cdf2451251580873076308bf298da90e1df910189b6e3fd39768125ba9b3f1f39b9a7a3b3213a1613ccdd1926fc5a1a6b661

  • SSDEEP

    48:1xuvAGMwAaWRrKhd6fGNV6rqRrVhdIRPtn6rORrKhdIRPth3lY6rO7dbo1WC4t/s:CMNaSuPf+q5PXmuP4TaUi09Z3oOyur

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Payment_Advice.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1124
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1124 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1396

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\82CB34DD3343FE727DF8890D352E0D8F
    Filesize

    7KB

    MD5

    72c377b93b6a659d93add124ec669f5f

    SHA1

    785a757be425795e484600d2c200c190070d0f5c

    SHA256

    9c2206a309e5de063012915af40e3a22b0559b710f7094abce47c0c45a172264

    SHA512

    86b2263e8a7c82b0404ad45bb565090e9dbb2101458fe9395a5e20dcfca777752597ce105ded5958208a00343616d02754b2770e7abbb27754ca6d409ebb882f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\82CB34DD3343FE727DF8890D352E0D8F
    Filesize

    232B

    MD5

    0cd9ebe074808a4a8dac219a8ea2d230

    SHA1

    1ed4722b1443fb451fd858aa077caee8d2b6a157

    SHA256

    d83d44c0004b804d1b57550043d8458cf05ac531dcf6ecb6cf3ceb1f21e28c3f

    SHA512

    fe61198f6592f30584ec8dc88ee1b2b30c3189c9150bcc593074c34eb595440866f145a88876632941548091227af0d01803c21224a187d9775888faf046eb85

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d9e1ed166fd991e9411167f09d9ec8d1

    SHA1

    8c5a46de1d130418ba553184383d74bc27556844

    SHA256

    f60f471aa3c42adac21710f2f146d5b082ff7de2e1d082527a87293708608129

    SHA512

    39dc8c73789f8a4922ca542a391126cfa2c37460f5bc730f7c2efe89635ece9ca9fa6b261aace278ab387b2ce9acc4ea84bd3b8076f37e02d921b41552a2f936

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f12147e0879e4838869b219f10103939

    SHA1

    43d462e5de68a4e95afd6620ecbe682075eb2464

    SHA256

    c3ee76c86fc957d90366384e1c6bce1500522813c05bb3955ddada49ab7c8597

    SHA512

    a38caf42780b10173bb9eee560f35c24da215b840f53a2fb0687376c723abe4e529a0df0cfbdc456e1a29594ca39ed4d6973174d685bc7e715981b84e5322d6e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    512ce6a6dfc5fe2e32a0df979c9ba33c

    SHA1

    907ff43d6e72bc11b043f4c3ab6229653094391d

    SHA256

    5c69971243769c99e0b9a9d3c348fd04f7520614b25d62e56e9d73ac89b810ac

    SHA512

    139afbd368efbe15ce084248712765904329df2a3584fc7af2af87fd4d992550f3953c04bb496cbe9ef0b4ea42fc471cf37ad927edb447b201018d2a4149dec1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    510ab9986b59322568cc0c7495194a80

    SHA1

    91ed0963eea1d47d40588bf288a0e10d5b417a6f

    SHA256

    a8d4599193d94c918b33e00e3b860eadbdf8457fb472b19eeacb1893ea17ae98

    SHA512

    069ed643ff590bdb8a83431e52241061e23b125dc40af4fe2efc0fd5b2559046b8291fcea7e03be158c16be542056eaa00c0c8cdbc48e77c7d36dd7af150b7ce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ee5c3bb76c2fc07a4a35b1eea36f15eb

    SHA1

    392c7dae21a95ca42ac3d44fa6b4d17c56448626

    SHA256

    6a59f25762d450140ba0abaecc1eba952d5cfcff9ad666aaaebaed6072508acf

    SHA512

    82a1fd1c297cd2828335d40b696b2a8bbd97bb9a3699a537813b23004f9f31975a955e84af0b3b2cfdabd1511cdc582efca662dd038cf3f88e46b566188e0b9e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7138b53f5decd5b44e58aa6e50102a5d

    SHA1

    dbc6025b74808ff87f80fb24a5a2b2e8ad129bf8

    SHA256

    f453f39949b69df9bb43c924782264cf9d08f50a984bd815316b3ba0c15d671f

    SHA512

    fa56ff575402e7a5c3e9de9234a2473d8a6ee3ff9d4118207850d2f23e4658c21c969256fa0c00fa8b4df823b8afe420653ed3e0e6909fe15ddaa3091b948464

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5130875708c083e8bfa32272d055df0e

    SHA1

    62403deb7b9c54e5557b40ed546b942b57431e85

    SHA256

    caa2b71fa4d6f7e86a58001cfbf4e9191f41dc483d587053aab97957e8f24ec9

    SHA512

    086a6b08240c6f87c0566665dcf3e88c6afc5cf75207efd1a784f1cb2a8d644f754dca308c9614e4a0a4429fc42599bfb7cc6a806735002432e37fa58d88914b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d29ad0006e61b729c56a8e2f8f03e6ec

    SHA1

    729cc47163f243e127e6c3d320945804a953248d

    SHA256

    209fd159376b9361ff3318605428312b3a268ced7c4ca57baee4e56746f690dc

    SHA512

    bb4d48de1ae6d973076a3c09cf5cbd8e6d675e3297379be042850205b98a7bbb7db5d57343455d9a1ef0fefdf171513388addc9573ed5d9043f2a079c3c185eb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    215d365971ab18124009fa357d521e64

    SHA1

    f389af21ec426d4afacbf736fa90dfaf5dd2aa34

    SHA256

    a76f310b42596986a41c00eab9a90382f80b70c14a7aeca22f8acd7d473250ec

    SHA512

    0c1bf02de70ad672fba27eab522c1b2cdbf86c2de3646e601344ea586df359d4225f99c332caac8489ec5fc7b06b796c74636111f791021286bd8ab8490f01c0

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JGZY45B8\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3B0E.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3C2D.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3BFD.tmp
    Filesize

    161KB

    MD5

    73b4b714b42fc9a6aaefd0ae59adb009

    SHA1

    efdaffd5b0ad21913d22001d91bf6c19ecb4ac41

    SHA256

    c0cf8cc04c34b5b80a2d86ad0eafb2dd71436f070c86b0321fba0201879625fd

    SHA512

    73af3c51b15f89237552b1718bef21fd80788fa416bab2cb2e7fb3a60d56249a716eda0d2dd68ab643752272640e7eaaaf57ce64bcb38373ddc3d035fb8d57cd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3C42.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\QXXJZZOT.txt
    Filesize

    607B

    MD5

    688fa3c356e875d96ede8ea6b1e36a99

    SHA1

    12ddfb7de8ffd856d18a2d5b278df86825004b50

    SHA256

    5795bc82cbf6d7d960376992fc5c23d156035f35aa24796670ef40d7051898e8

    SHA512

    b5b23389677bb4129688c0a6854a094d101092a3e1f3dbac460b2049b9fa7c7c866b8a9420f58ca12c840643da39e529b73f0d879652ad0687b2ae6b375e3455

    Download Submit