Overview

overview

1

Static

static

1

iTopv-p-n-...e.html

windows7-x64

1

iTopv-p-n-...e.html

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20230621-en
  • resource tags

    arch:x64arch:x86image:win7-20230621-enlocale:en-usos:windows7-x64system
  • submitted
    27/06/2023, 21:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    iTopv-p-n-enseo-win-setup.exe.html

  • Size

    19KB

  • MD5

    f553aeed3d9a3983ad66529c235d8652

  • SHA1

    c9d9d3ea03935ae6a2430816a7e2df58b1af8761

  • SHA256

    e8db3fc9e34c0e4245130738202bc6b5fc9994b9ccd16ba82bca86a3b2a1f233

  • SHA512

    822e72262150e66c79d5f84992ad98020c2d9b9bfa70f65fb32015954484fda4ef0762d785e82112e0bd51b7d9a607ac06294c63fe43d4346625bb0e48fdb584

  • SSDEEP

    384:60RlAGKd1ETp7yIwOO823+IcqTFpgLlc1nKwoOa09a3Og:6wlAGKsTABpgjF

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\iTopv-p-n-enseo-win-setup.exe.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1384
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1384 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:768

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    75d21e2f644805519d5a432904aa8874

    SHA1

    b8f98001adc6e416ff372a5ddb23fa0f6a9584ba

    SHA256

    6ca4f35c3cad3400c81b150adf61050dfa667885c61b38c5709de30d6cce361f

    SHA512

    a7218f525e3f5751fcba3b6c30d6f750204f14d0cfd7d4b726028267f5a078a90c8cbf23492096ef36c21a00805e59dbe2267dc848d33246893c9f42c7bfb671

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b7bd071745f5bae9b8c66a444bccfb5a

    SHA1

    a4b93ab75519238b8e902efd8a7969835094c4f9

    SHA256

    5f05a2d9e88d57b19cca249ea2252489a949dc95129ea6bfffb40058a1ad1feb

    SHA512

    f2030a2de2c1eb5fc146172c383d47cadb47e54f723f51f18b9dc5756be4be7d6d7aabc4fc82d737ff14082919b6f0ef2178c19d329a1532a1b850d80a40558a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    92200bd1e0bb0cebc83cb43492d9a6bd

    SHA1

    fe5835481026c58dfef02856bd1750805a1e23f6

    SHA256

    b9d347b7a488cdb55edae49549534c6bbb777bfb9b4d2a9fb0c2db373f0354c3

    SHA512

    9fdd52e344154634b18825484f6a7fbf550be347e5f517538768d010cbdbb2be9f994089fecafca4dad247a47995aedaf8f47aea7b612b60493b74662333a307

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c301d90b6a5ca65cb2a513814843bc05

    SHA1

    28f7dff0603f68a7e41e0d49b500b180b8dd6cde

    SHA256

    01cbf9d7bcf49cfe20abe9fa61a810a5b1c0bc3ddb7053a0d4e50242bb18b242

    SHA512

    c0ae7b8283385a065755b212546216e3ea474b15c55ca27aa746079a69f50fa8a562c51478cd9d5c7580d38c767374ae6450404af1c2c03940b647cdcaf18093

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    885b5910946ccf97169e9cf81b81985a

    SHA1

    22806dce36d79f7d744821965eb47177136b729f

    SHA256

    589c0e3a5308bb7c733c5442050c73184e0dc681cd2596e0993e3970d2d4c505

    SHA512

    aa499a1c0d10b987b7b25e523bbb0581bcbdc6846b30b017b908c5c415b82814f159c49a1681100e5c9c64ebaf768e2f124139a44c2ce835d0c22c396d822516

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5562710f84c850ac8b11162f49cd5a8f

    SHA1

    ad68477a161a571dc42e91e1c26076d9dbf77240

    SHA256

    e9e8d9620d7bf833ffd2c816a48649e7c8c61ac66f4f2ac5ee85d9e7217dbeee

    SHA512

    5274480f58a64313a3f0c492c99b496609510388706a6739bcaf456ebc6fa79ee64219180883728d5c402729954f6655b5ca356406ad9df7f5ebdf1dcb54697f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2963bacb6f96df0cc6f667198e8c9c63

    SHA1

    4f293bff43041503da0e1c66f106b32abc9ed8bc

    SHA256

    83abdfef11bc1ef9f5ce193dbb02bf74061b0996b6191727654f64bc0838f3da

    SHA512

    b1b89caa9f563e803548828f856b6f18b9d543aa4f705df647bf754031b2fbc5dbb6d56a4501fe0d0f3a81695246dbb8254e6850a4d997a8e8e1d28bb8ff9691

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    867901cfc6bf83ba51d50a36e6cd48cb

    SHA1

    b42e3ecb4654bad0e4013e42f7aad0640d946a07

    SHA256

    be6d61c34887bacc86438024129d19c3891655e396a2937021985e186a318288

    SHA512

    932e0825b91c17d447f50763f86913f05802bf9d801a673b166ee355a4743c52c34c3a61a1f6c0d11f226954237535f3da0a84800b00814fe088b7a0d569aa86

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1efdae0dcd9ab46342afeca689447629

    SHA1

    88be52ff00ca93613f9325527ca64e135422f983

    SHA256

    0b65e5799f35c7b4bf75f8da363116de487ef231c51d9af31a493c2c0cd95279

    SHA512

    2d96f615eabea83a6a65b856180a1d18c4a45f036ec16416e7396cad00def30abaeb183a84f73b0f92ddc8f07173f379397abaaff4980a7f25dec467b12cc700

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    98259890725193707293bcecab7c5e13

    SHA1

    fa95253673ba02f28004dfa1bfeb6339a799b03f

    SHA256

    d152f4b6bc2d6128f685a9cf5515d4f918f588aad3a63ec79e74390e3ec68eb5

    SHA512

    d47e1e0a55107682e6c56249746ea17f2c65baf91823265858bef4d661d8f758ca4d7a51b271291328b756e5393553e3ebeb2b43314429c2fd8029129d72a8f7

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I1FCIKQF\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab7D5D.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar7D7F.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\03P1IRDO.txt
    Filesize

    608B

    MD5

    bdc1d78ba88cac6a25ad2021fae8a4ff

    SHA1

    f2bd5548bf61f3a21156d377b29121b8b5e37e98

    SHA256

    ebb2c01853786fbf433c0adddbbb20eadde70b6d4d942baf8a60d42d5c3d6734

    SHA512

    b6db144e02e6b15e3c8ab5b2005c20bd80adec2974d931d8f6e348901b1096337b377d39644f3b85ae072d67b0e704d762e479b4c9b058b3d827848b928c2048

    Download Submit