Overview

overview

1

Static

static

1

open.gif

windows7-x64

1

open.gif

windows10-2004-x64

1

Analysis

  • max time kernel
    97s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20230621-en
  • resource tags

    arch:x64arch:x86image:win7-20230621-enlocale:en-usos:windows7-x64system
  • submitted
    21-06-2023 14:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    open.gif

  • Size

    43B

  • MD5

    325472601571f31e1bf00674c368d335

  • SHA1

    2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a

  • SHA256

    b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

  • SHA512

    717ea0ff7f3f624c268eccb244e24ec1305ab21557abb3d6f1a7e183ff68a2d28f13d1d2af926c9ef6d1fb16dd8cbe34cd98cacf79091dddc7874dcee21ecfdc

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\open.gif
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1940
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1940 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:436

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f70ba0e9c92a28f7ac4b7ab9b06698f6

    SHA1

    9468557eb80f92d1a56d5f2637f135198bce0240

    SHA256

    77766ae63fea3f049bfc6baf6d249e11ad587f8c209fd66542fffee48ed779b0

    SHA512

    7b03ec0bed2c49bf4fcd9520f82577f8b46d588fa2696874dc1c737ba60dce4e2c2c9a2bdb924b9ee9d80478962d7250efb20baccd7a30cb66b1d5c20b4d09bd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9e3f641d973590c18ddd338a3eb569cd

    SHA1

    4ed9639c22e34bfac47a4aa47200598b1113d552

    SHA256

    f4d8ae5419bd9920ab6b7af8c630bedf43ea034b7923a4f56c4673ccd84221e5

    SHA512

    d1b425d071b72290d350d0f0b85943c027a39376f63346828d9de61fcabcfb6990b5f9dba7f351f8c73ce1c482a0f2fedf4094ed2019305ac66329dede245f9a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f5c818f51e4a579f89a504c1ff51c2d6

    SHA1

    61fe40f70b2f0611278e4983ce71458f0ee00090

    SHA256

    6baae5d6e1f0776407b0029397c830a9bfa091f2a3a87259902788ed46e544b5

    SHA512

    e69f3ddbd7c886c9a8757ff1648c708193f85507c801c1963eeeec453bddab5b12572c422ebf6c19160833235f24544ed08b7ee9d732d9ee143f2e083662068a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    80e95937c3174edfa99a8472ece1c28a

    SHA1

    96df911d4d852b8e7532e4185bd751676e8a7d6f

    SHA256

    4d38a536a84deca4b7c6d776e40a6b14df855a08833684d31cac847f1dbe3617

    SHA512

    9bd8bf21c6ffb505fc9dce1d85ea77f1f7d748dfc219bb27f869daa65ab762438b5f98b12ecd65fbab2c593cd8799617733f72bc30dae1fd06325ffa7538001d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7cade991a7fd9287fd7325e2ebd9d4e0

    SHA1

    09fa9cb7cd6952df96ba36c9dca9e9e99a9094de

    SHA256

    2c0667e8e9a2ec4e3ccc9b16c6637458a88221ec013155205d0e3b76d278f00b

    SHA512

    b26080de6fa75de8de6457d1b60f61913e25b25e19bcf9315eadb374b74756e1a2bfe4e2a62d27d283c3b72096a7378a0b300cf824d9e61cf3cb59e46f7eeaa7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4c5a6bcefff57e3b7a0f301371b89d10

    SHA1

    a37733775a2aa53aab29f0deb399ba75b3ebde81

    SHA256

    5032ee696c571d4f225fade674c54f3cd004261aba6ab47730b5b75fe0e8fdad

    SHA512

    8bafcf60da86156de51c13c07b518682b71573437f09019c7d170248555c5b59d96bc90b382e5e733e68fa9d14e8443a556e439282708d0a51d944a1b278f89d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    75c5585485c86dfd4d2e4d823e650bb5

    SHA1

    230b70f16c87d9a9e88c405330afa8c76c035312

    SHA256

    af780b6cca2a78c4608a4350f05a24f90634b34a16be1447e3f06ac4779a78d9

    SHA512

    c4b03425cff71cec6b4652082c0f5d7c00040a532f233fc5fc308d7bf34b2a925abb56a3f81e250f007420bf5cc0c19fd8e08bb81b361086f48d7deca9776c7f

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\134K02XQ\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3A74.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3B62.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\EASD83WK.txt
    Filesize

    601B

    MD5

    52ada5b98af521315e00f9086dcb441c

    SHA1

    62d8295fbc4e5819afdac3fb6b3442f52fe33c5d

    SHA256

    01cba1a3e599c671d6983148eb1a611ae2f4cd3f821a9b9657d2b0048e7c66bc

    SHA512

    22c53d56b15351aa65d0ccfa67322a5c69ea68a3a332bdd4500747a6045182d9d3b0ab250fcb3d8ed38497ae647d333b5c066aa44a938adeecdd2d8c3e9459b6

    Download Submit