Overview

overview

10

Static

static

1

csn_hackv2.html

windows7-x64

1

csn_hackv2.html

windows10-2004-x64

10

Resubmissions

13-06-2023 18:14

230613-wvhcaaaa58 10

13-06-2023 18:11

230613-wsvvlaad41 10

Analysis

  • max time kernel
    140s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2023 18:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    csn_hackv2.html

  • Size

    409B

  • MD5

    72b1976505fae025f4f5a1271dde71d2

  • SHA1

    76be1e871cdfbe31c7bd1c0178c5685eea60813e

  • SHA256

    84bcfb6ffc7f2d05ef0675c2b31c6981a95715c07400389626bea4259d4bdab6

  • SHA512

    da4e935014aae7edfbfa6e6a99b566ebebbfee29c7ee218f8e14015f22243f86ef84ed1caabfed59b7dfb5eb6242839a521d523bdc79c9d1ba7672d7b4bea3a3

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 51 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\csn_hackv2.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1544
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1544 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1760

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    859d8176841c91adc72952ee696dc51d

    SHA1

    98319f20ddbb0f311344530e707226b31ca51462

    SHA256

    67661c3b7f91790171fe6afba1f34076d549c30c49bd403141ab0c6dcb9d39bc

    SHA512

    aa9e44040e3d80c0886d4bab5dd3442ecabf77edd6ef059c5c959ef8922547c9b3f7aad21dcc655d9ee1a877918fcd075d17360e094ad85f9d36701eae486d3e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    f43499553b9bb29d0ce09255ec6170eb

    SHA1

    2289decebf306d28360b52639f358ca500b6b8df

    SHA256

    13f2c52e0e52b16be50c3c3a357aeba6a7fd839203d5b282bef80abfa18c3b9f

    SHA512

    eb433cb2be9151f6bf2bded92f5c9f3b0a1bb18ee81111fc4931eafc2d584d95e086f8a9dfe0d70e090e7d8965b9aee33570efc2366a6380d17612cefa5922eb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    4ad5e0043563e82b8b864c08081a27dc

    SHA1

    cf20fe7c5d401b74bf7d6754f3c75bb8abdfcf66

    SHA256

    830967bd5896913c50c03584ab69bd33bf28c49bb719f8128948ac2fafde3d96

    SHA512

    5c3106d20c7659756779f6621a86f07ee2ad250a797f54b19a82254400c99085ae20224a40c2e5c217716bc0519d2fa71326fe1a163a10cc0bf94f8e9fc57590

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    6e8ff713927abeffa2a96e1ed1e5eb68

    SHA1

    191ec24e35d5bba7bed02d68b500289f58ed83b3

    SHA256

    cf682414e0f072b03a6eade8bf3a3cc77e31e9997272406fb8848649785eea03

    SHA512

    76cd734f3e559714b1b6736c812d5a7822d7db1ca90a119b7b2d1eda82a43919ca30aaf686198bafc8f730cd3f29e4961156a76ea94c7c1db2933b9c5027b64a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    0276a406aa09a8d28ba65bf1bd21d24d

    SHA1

    e17253d7ad369cd34a5b9dcdcf79e72c18d39411

    SHA256

    faa33c4704c1f664cf8278fed1afd075cc215d8eed8068a0ef5cef554118ecd8

    SHA512

    912b3a7c34eeb9cb358cc1ca7f226636be57c06021caf8a1ff9cd1c1e0994daf4fca7bb02a2501082a12afea74f92351841b520fc8b1bdbb31d990732c5654a2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    6a8818d7e3f97b216e9560fbd3c96eaf

    SHA1

    3c143dc42d490c38774d3ed24939fe751046b225

    SHA256

    1901672ac5322a213948484aea74e599c94a3c7f80c6c550f66503accc8312c1

    SHA512

    a1804c10a4e1445a8faf550a019eace7c3193f9375d6585e7a5a651395eea32727b2a5f0e27be4021b4638f7059baf4cf4c16acfffd54b87dc5930baef257682

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    e0ee9e0f5f3aa5e93c8a70194bbd0cd1

    SHA1

    bab2437294ce0cc58719964b4ab6750decd12ce7

    SHA256

    5daa7aef84f830079d519a3c1f3040fc0c8df5e94a4ebfe9a25bb99353711365

    SHA512

    2e73b4b3e6d7ca8c4096d5bbe8b4f478312bada6ddbe18a7c798041986ca4308c7528ab92842a781ab018b8583fc884cfa51adadda8eb4c23ceea852ed1777f8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    75424f6f03dfda7bbe41e587ca990dc4

    SHA1

    97c11ae3d32ef879079c971c291d995d961cafa7

    SHA256

    4006b2e44ee51a14a75ef3228762e9b86385a228501c11e01d6bbc4bd93aec1f

    SHA512

    1514db6a7378788b340d5a7d1c23f2ebb232d82a4b0276502e60cf755abe2cfec0e6258039bacb2dfea77c809be2c1926bac986ebc5c14dc78422610fcaabe3c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    8ed4d29f1c50348ee682e977f0b0163f

    SHA1

    717cd32d2c93566a13ca5400e5e7d9e4c1620af8

    SHA256

    b911bee8d0c0313cfa03d29bb4f6f550ed5e3bf6e8bc1351dcaf26b9ec88765a

    SHA512

    e739c43f8ead2d7f7b2f4c0007cfcd8df25854b5a403ce4db9b0685cc2352185b39522ae8cca6613b110c30bb5d3eb52e46febd23a0b9784c4b81692a8b52668

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    69f34db7754c5cd689d82b4606e65c2f

    SHA1

    8f39ae08ed16250a14dd0fa90b4cd5188313af69

    SHA256

    e145f36ba0c6b33d6c7b2bff572aff8c1a816ba9f75351fa466c2089a0ba6a80

    SHA512

    d10b667009cfd16927654ecafab0678fb0f13d17884d6789028bf4aad3805980fd76eeb435aea86d11b5c7bb8e55dcc2db9ba76bbdb474cc604b8f6f368150dc

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\VF9EUI4C\www.upload[1].xml
    Filesize

    13B

    MD5

    c1ddea3ef6bbef3e7060a1a9ad89e4c5

    SHA1

    35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

    SHA256

    b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

    SHA512

    6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\p734dsx\imagestore.dat
    Filesize

    5KB

    MD5

    5255989aea797fd80d0c140b6109b066

    SHA1

    b832e0050dc5eb22b221b0909a61be372f30d510

    SHA256

    11158b1505749c744e906b8c550584fc7f68429d53202422c26c5d1563dbcf6f

    SHA512

    79a2fafb26396ba5b02d228104ca3a165128ce212e1bd6b0afbf8adaf695a1cdd01d527122977b9bc0ea4fbc165d209c48d693eb285e72bdee7215b231f5e119

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9ONXID7T\favicon[2].ico
    Filesize

    1KB

    MD5

    f299cf2e651c19e48d27900ced493ccb

    SHA1

    c2d1086d517d7a26292e0d7b32da7c55b166c23b

    SHA256

    115c8eb4840245f7aed0cb2a17fa7e91b86f79bb2f223a25af8cc533e1dedff1

    SHA512

    b46341bfbac50f48afcd2a4e34910901d722ce72f9f34f809916103e01d7ebc11bce15a28bf6449efd49ab9dfef1f84a94e3ad775cbe52d5822996674124b104

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QCNSQOTT\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3E8A.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3E8B.tmp
    Filesize

    161KB

    MD5

    73b4b714b42fc9a6aaefd0ae59adb009

    SHA1

    efdaffd5b0ad21913d22001d91bf6c19ecb4ac41

    SHA256

    c0cf8cc04c34b5b80a2d86ad0eafb2dd71436f070c86b0321fba0201879625fd

    SHA512

    73af3c51b15f89237552b1718bef21fd80788fa416bab2cb2e7fb3a60d56249a716eda0d2dd68ab643752272640e7eaaaf57ce64bcb38373ddc3d035fb8d57cd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar418E.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\UD8K4OAX.txt
    Filesize

    599B

    MD5

    14d23a7431254249461840d800ae7229

    SHA1

    afb18becff32ea0609069f8c07b2473d63bd7cee

    SHA256

    244d143e40503961a3acf319523b58ea1dc0b2c70f2fb0264ce361f55b4ff4df

    SHA512

    bfd5bf2839fb20df737f4ff9d7b281eddfc2fd56d8b62d3d063fbd5c0cd2e97bcd8676100727ed692ecaa64de848fc3a5e2ba10702ffc1576231ab81edcd8c3d

    Download Submit