Overview

overview

1

Static

static

1

login.html

windows7-x64

1

login.html

windows10-2004-x64

1

Analysis

  • max time kernel
    100s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    13/06/2023, 09:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    login.html

  • Size

    5KB

  • MD5

    3f6def7b3a6381cd9c85ed46e6335176

  • SHA1

    18971bc03254084a464901f163887716e4cd2def

  • SHA256

    89410372d88eef6d5aac14bd64460248f1fff6faa6ffed954a49529bba20b30e

  • SHA512

    3a253e9be69837f133b4b22cb86eb0d29306b9535016754a9f3fa90bd00ae40e47b91e1d4dcefb90876b522ad0262fdfe4ea6b3def70533a2e2f54fe5b8cbe1d

  • SSDEEP

    96:zq7SZregB3FrbbhIlGVBbgM9p17RDrD0z/ZTfeNeQRBV6ZKdBktsayZRS7:FxeEZbbmlGVRjRRDsNW0iBcZKktsayZ8

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\login.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1060
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1060 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:940

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2a29f3201aae7b4f6f067bc22dd7b893

    SHA1

    f35ead0987ff039051e0f778c676d293d48ed75d

    SHA256

    6fee967204c2057e30634a9d7b4fc01bf5dbd9bc43c9ed012008a0498ea31bd9

    SHA512

    18769fb9587ab02682f097e841753fe3e6b3a7a2ecd743cec9ba15d6b7b1198eecb77cc0781880fcd7ac4ad8b69862edc4a5f89ef94c2d1611fdbe358c430904

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bc7809cb3a8ee47da5b522f65d2d8916

    SHA1

    085e8114a11258aed73af5366a0f1359058cb18d

    SHA256

    95568253a77b28a0f433f78699d9361466ef6c7142523cf602de3604d20ef20a

    SHA512

    cb3a2b5ff7c92db8a0728537c8d52f37b99c16a3c919aab685bd6f91604ed76e591e96ff5faacb5678fa207af35a7fe6c2a20bac50926f025fe35c35a735236c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0f3d4327b0859c7274c91a9fd4ae3f22

    SHA1

    d2efb0ec39ccfc8be38db4bc3708a2272305bf94

    SHA256

    6865883d7abbb7f6172fb590291d3bcd220bda71e739e31ca858eb822c6c2557

    SHA512

    fcf1decbfe674014ddeeebc6bf02ab0277a93349c64a3bc3ad0c4455d16155c971fcfc57b7d4ac7f8cc9211ee5df56f282fd700cabcba2545ac64d240c035a53

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cf163343b73663eef4d42417d71f7aab

    SHA1

    81f8b2a1fc42fecd1e93e4da72316038065c73e6

    SHA256

    bea4e195c6b0baab788c46043228bd72afc6d8b516d14e7c34d1acd50260d26c

    SHA512

    1e4ff4a225fa550e4c9b4ea72073508d3dc66f4cf74af27faf73bbccf4877b91d9c67d8106152ca9372c12ac21f7cea1c161619cce461d6adca644eab58f0f16

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    70f69c77575f2dd1e12a40826d834089

    SHA1

    86994993b53e0279caae88227234e9ffb5bb8b4f

    SHA256

    92e6d1f6549d4ae4526cd07a4bd773633348226b4f5c30e7de2362e184cc8bca

    SHA512

    948a73a4b58f51852339b77959002436ccdb66cebf7ed0361d77a4b21b7f87acd93040df5b8dd41c9b1ea7141e77b4276f123eaa970dc818e87bc8f1049d34e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    02a21e8b5df655387d6f92b0c85b2c14

    SHA1

    9b81709ac89502038fccf3f1cdd913df8e17d084

    SHA256

    d383ada69a869a6d3d1788795073120ca94b6a6aa75f26891413c59343d5ffa6

    SHA512

    6649497f82f4fe4780f1fa266d7cbd5b893a1773a68f8d75a45b0298f49ffa62bcade51993994c24b967c46a21d1c65a58082004f460d37bb8303e55689691a7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6f51160cb24fd3032aac96636d679780

    SHA1

    afbaa32da4cf6bbef3ae2fde0d8753d05704a8f4

    SHA256

    a186cc58f77c4054c76ea6f0627dc3f4bcd2bf7c2bdf96aea3602aa0aa4dc57e

    SHA512

    fcd3544874844c30e1625f83b70e22fb749a4c0d4a659e7c8bdb70ac653d384e43a70d2f6e78228b5f0b9ad31f8da6ac8da17f9e5ce14ef5c950a0247bb73462

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d793f1b8d502a30c4b8d9815276b48fa

    SHA1

    02bbe3e4128876b736f2b9855e89c5b9bac4fa1f

    SHA256

    cecfb625ca9aac5aae24594d21e1a5bb6676b26a16937bc85074ad27c9400ce9

    SHA512

    608a33f59e3eb66fba464b6522854d78fbd10d17f7620a4d57334bab8b999fd107e749d9fb8bd0288a4a4ad06aa40969fb9330025e37335cac34b2b60014b8ad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    54c6418d0e55566dfefb54a57b076e51

    SHA1

    1ed85d036f60d34e870cfff5425ce36cf9107296

    SHA256

    baf1a05932b6cf3897d59d1874fbff06bd772d8aa2191dfbd998d9789f322952

    SHA512

    2d942647b81c0273de8e1040974313c93543b8beba7397e751944103bcc0fecf7f34bb9e60ffc4a2fc9e9645d17ffaf32dfd8e45ba1711b60c8b99a3d28140c0

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TOS3MI7U\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab39C8.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3CFC.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\L670YVS5.txt
    Filesize

    608B

    MD5

    b6e4d7e597c54270cfa15933d7d925bd

    SHA1

    01146557089249179e3ecdab77c1bb0c8b9f4bc0

    SHA256

    04b3baa1b2440a6af4b6244800115cd3b08889bf472f20afd1ab6c065a837cf5

    SHA512

    88b11f644454c7c83d56728b9818899c32a0774a3524e747fbcb156c34d42e11f7b93896eb37cf4fe186fbc54242226c0066a696859248e18cb461c26fb18ba9

    Download Submit