Overview

overview

1

Static

static

1

2jEUZEb5nH...z.html

windows7-x64

1

2jEUZEb5nH...z.html

windows10-2004-x64

1

Analysis

  • max time kernel
    49s
  • max time network
    38s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    15-06-2023 23:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2jEUZEb5nHhyo9aA0FbszWU7bxmkP9UbJfLkxrrz.html

  • Size

    146B

  • MD5

    9fe3cb2b7313dc79bb477bc8fde184a7

  • SHA1

    4d7b3cb41e90618358d0ee066c45c76227a13747

  • SHA256

    32f2fa940d4b4fe19aca1e53a24e5aac29c57b7c5ee78588325b87f1b649c864

  • SHA512

    c54ad4f5292784e50b4830a8210b0d4d4ee08b803f4975c9859e637d483b3af38cb0436ac501dea0c73867b1a2c41b39ef2c27dc3fb20f3f27519b719ea743db

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of AdjustPrivilegeToken 4 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\2jEUZEb5nHhyo9aA0FbszWU7bxmkP9UbJfLkxrrz.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1244
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1244 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:748
  • C:\Windows\explorer.exe
    "C:\Windows\explorer.exe"
    1⤵
      PID:1848
    • C:\Windows\system32\AUDIODG.EXE
      C:\Windows\system32\AUDIODG.EXE 0x450
      1⤵
      • Suspicious use of AdjustPrivilegeToken
      PID:896

    Network

    MITRE ATT&CK Enterprise v6

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      1e0e20b7846d03a1b27b5ceefe511edb

      SHA1

      d7e4d69d94a2f399ec7b0ec46ee51863dc1dcdd7

      SHA256

      44a7712e1d2a5f9312e0679332bd39a467dc05a098cc7daccc44ade6fa3046d7

      SHA512

      1b8b11319e4fdaf109c00f9f51d0712ab6daac2b0fe8fec85d22cc638987a0359a4a567107e58efc4627652274397fbf14d2dff6f65e849b992a11b4bdc17c41

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      a56554a0cfb3afdb3464598b4a533818

      SHA1

      a30d16d816e1097326d19f3dfb4cd34891e31b22

      SHA256

      6e8eee107b328d9776e23e3abc6baa36a5c19acca05e737876a653cfb6f91111

      SHA512

      7132350bcf14555da41965bb74560615ed3e9f42fa5b708da177df3058d0ac35670bf496bfcdbf9c3c6d467fbe7b487d551121c8042f1b844eb6590932105c87

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      f5b40b75be1c5f8ccedc0097eb0341ba

      SHA1

      dacde0a2fd5e99b8be409ad89f9ac91882cabba3

      SHA256

      e7a9b4942901a0f9afec69dca1e95258d5684e281719ce7b901df42cfbb8e29f

      SHA512

      c2a0b6269129a165c6a80d9140f4594594cdff8c2f76fd9778891ff9ee364b4a746277e4831e0fd5187d210ef60fce1e3e12917a9c54f70e69e85a534a6fe559

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      b771c32204ced70176d895e4a0d10abf

      SHA1

      07f5c29c0d17f97e5c769e1e75895b8cfec988b4

      SHA256

      2ce4d303d4d5839d7d6b48f8dc83dbfb5b441b4b2525e9a22562918858a17c96

      SHA512

      c2a49b989612e4a8fb0183e27fe8bcf141b9f2db8d523b12febb9d4805348a1488cfaedbe1a29dd2a7bc78781add1fc8e74ed74f0adf856e940edf0c4633a599

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      3b7acfbb08a01b953d63da5b8c3bd959

      SHA1

      1fd9b75fc9e0d2226659c936281c270754eddfb5

      SHA256

      01a19dbf7baf2f8f5f54016f5a2453336cd5fe6845bf146070961fcc8877af9c

      SHA512

      aa4f3970b5a0ae5a3cdde338b6f1ee7b927bfba6805c813f8f595634bfef6bfa9e0815e929b8ff58820f9ef95034268177835cd8568bd051b69ff791765717e3

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      e68ae2f910ba7c26bf7cffe82e9e4fb9

      SHA1

      9660cc5dfec2a640a35ec8cda9784671eb851741

      SHA256

      32d2b4246c1990fd559186dff67e95b14292046a85822c0377d1859d75cf3f4c

      SHA512

      c30be6dd14c68a1a0e1d9c8bc08dad62de3ab57a91607455b4ffd35bc7f0ed373a1b91af54822205002a75af29c3599058056a37ef6571e9d989c7ec77974258

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      515935a0b2499a5b0c77d4deeb0f0cd9

      SHA1

      672e182667e69b67f2500a581e0fe2b428f56322

      SHA256

      0ccb27661a1aeb2789628dc43489b4008e0a41e8ce70e554d219dfa5048054b9

      SHA512

      f837e782b622ce86d95fd4d8c9e0a898c1afbf357e2be81be4d631a31a48312b63527953c46966685c3727a3b09bcb62ac44bb552a0c763fbe5f698891681707

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\Cab8DD0.tmp
      Filesize

      61KB

      MD5

      fc4666cbca561e864e7fdf883a9e6661

      SHA1

      2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

      SHA256

      10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

      SHA512

      c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\Cab8E41.tmp
      Filesize

      62KB

      MD5

      3ac860860707baaf32469fa7cc7c0192

      SHA1

      c33c2acdaba0e6fa41fd2f00f186804722477639

      SHA256

      d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

      SHA512

      d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\Tar8ED3.tmp
      Filesize

      164KB

      MD5

      4ff65ad929cd9a367680e0e5b1c08166

      SHA1

      c0af0d4396bd1f15c45f39d3b849ba444233b3a2

      SHA256

      c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

      SHA512

      f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

      Download Submit