Overview

overview

1

Static

static

1

SCServiceGrnz.html

windows7-x64

1

SCServiceGrnz.html

windows10-2004-x64

1

Analysis

  • max time kernel
    100s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    14/06/2023, 08:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SCServiceGrnz.html

  • Size

    4KB

  • MD5

    415c893f0df1c29018e76770812a25e8

  • SHA1

    b5eaaa091202a1329ccaa90ad7ff374947b5ce30

  • SHA256

    a078acc480df9ad9e8b59cec32b87ed62efa64bd11ebf6e69dfb18a2ade34388

  • SHA512

    5b132efcaad4c9c888874b741bea4584495af29598c3bb8956dc3641427ec195a2d49060c019fb915436de3cb1858716bdd26af927b9e882727d62886a0f4d81

  • SSDEEP

    96:oqTJBHBJDJgJLJpcJhCJz+aCJzkvJd1JzUJcJzLJgSez7RonRiRX4aoCcaRCbUC8:oqFNVM9OAOUdDs4JVez7AIVkVni

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\SCServiceGrnz.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1196
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1196 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:588

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1addb1bfb03a17f20a4adce46e794265

    SHA1

    eb4d900a3574a3adb5a2dca5741ad10dd6995986

    SHA256

    651749a95d054482cccf88ce7502fa6d231e5cc891c8f574f2f08ddc3bb55ba8

    SHA512

    1c3a72431c5d047b00d256c71321905f31ca8a3972d0ae74d9f778cf134fbdbe44ee73d4bdb3914f0d28e9505cb506c04d5f87cc5816f74841be8b0b5ba6cb90

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6db0057e798cc110eec09e9302be7708

    SHA1

    df1f8a54abf63805af6bef768867bbe253fa2b63

    SHA256

    ad21ccb77bc8ed7126c93bfeae5e9283ee04f20dba3845e9d0254265d7579ab3

    SHA512

    547aaaa191cc2f89bc9f5564c22eaa7d7aca149190e5b1d3d81def353788f8a34e23a20f0f0b3d8934ba257935ee9bd8247d96f2f060dd0aefbfa3642e40dd5a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    766310b17cc67868edd202afceb007fd

    SHA1

    546eb061c09c6b105d93fe93c3ce9a181e8026f1

    SHA256

    16cfb288a20c73054a02249f2d890c62539e676dfef947add4a987a6936212d6

    SHA512

    05369b367b0f6d9a0c39ab862f7f07d9b700f0991e88936568070ba098c20b5e925472cdee250c5f13abe2b5739a6c23bced3fe5db3c117ad01e7cb64125eed4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7f0767e53882fe36277e6f6403ed4104

    SHA1

    68c5650a95deb434c83200923ad3a7e8e81a4b04

    SHA256

    e995ae3217cf241e15c5877c945cb8cca9a9a78704561b36a2ddd3b8bdb77bf6

    SHA512

    eb95f0a6537cc0e7299dd60f05d8e4cb34d31155fb3323517b5f44a3d74cdac03f1bcf85070ed58c6c631b09f88050093c546e656f8410aa925fcbd2d0521457

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c360652d7df3b5be79e58522821e189f

    SHA1

    a94b80c4bf72b547c60fa934fec11bb4e8092a30

    SHA256

    9491cd07f8182e655951ececd04b60933ab75e572775510d033c5114b0d0e69e

    SHA512

    3bf5a25e587d47febbea1203788d41201f49b52575bbfc1591aa8ed6f04c88bc183c040ea89f193c3e297e6d877f0035d0d8c19120e483a74cce1b343d414452

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TOS3MI7U\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3FF1.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4391.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\DDS0NIGH.txt
    Filesize

    606B

    MD5

    8b63d90b110804a7832aa07feb5a5361

    SHA1

    d816d0073bc5131924a809e614f4cf0c621935de

    SHA256

    49f4a6b2cda755c1b6a005062f0cfec4f3bb930257a094562ff04886c012bc6d

    SHA512

    0919bd84ce91fa1c906ce95b63ab2c321e52efaca32aec1c6da753b06f7809b3b316824f317c13b2a1b16c2999b7e4f79ce7d6b2b27263a9d68d1ba2edf9b490

    Download Submit