Overview

overview

1

Static

static

1

shipping doc.html

windows7-x64

1

shipping doc.html

windows10-2004-x64

1

Analysis

  • max time kernel
    100s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20230621-en
  • resource tags

    arch:x64arch:x86image:win7-20230621-enlocale:en-usos:windows7-x64system
  • submitted
    29-06-2023 06:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    shipping doc.html

  • Size

    39KB

  • MD5

    7cfe37d96aff1956aee69f689bc4d86a

  • SHA1

    27a318853d587778d3302daba807a33744f8d1b2

  • SHA256

    9b2590ca8ff295e3735c52460737fd1fe0eccd4fb74bba262ba1f75acf19b0c5

  • SHA512

    0ae55558bce4d0cc9f05b3601185eaf10933b3fa07e8e445840c7ae7d324b5361b2bac651ac64a8b89d4e1afcc5ed3c6b49ffcceb64bd1839093799a2ba6a99e

  • SSDEEP

    768:7UBY+dV4rNfPbKZPhC7OIqZk/pZUBY+9V4rN/bKZPoC7OImZk/p8Zk/pImXf0+GW:7UBY+dV4rNHbKZPhC7OIqZk/pZUBY+95

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\shipping doc.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1756
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1756 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:580

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fb7b874694c31e3b57f63e889c97eb4b

    SHA1

    fd4e0d6d6f5e4b5e7eeca3175d21faa39f1a99a4

    SHA256

    e3f279ed1e2e3ec4fe5b6215f007e1f5498e8076b6ff94efe70da0d480ad27f3

    SHA512

    5f3e47ce1af235246ef6806114337a4b73f81c0d60ff993239993b4578715d0fb8404ed267923831861f6f7336bd5362c8fc445586fc1848ac972206114e9d03

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fae3c6f6ceca2d696e7bd78b6c167193

    SHA1

    c5829b6a399a52db3086cc897c5105361b4bab63

    SHA256

    1cd6788ad4e7d5a949225f53fe918910761299adfbd43f732f623cb924edbd23

    SHA512

    569e4d56befefa0e812e5f2f53c6dce463618c81195aa58d1da8e37e646ccc10fc99580a969c00e30a5048ea9c4c0ca1afd41016856205bbbf193fe09d72bd42

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6b8430b7b1643424d20d6a8d108698b2

    SHA1

    226d09f02e841ab8b2027381cdfb75113fda994e

    SHA256

    e44a89bfa0a6104c3a63eadd351a39f35eddb3db53c862390160b6fc7034ea05

    SHA512

    8926b18cb4bb2bc224e001a6e1c655850476f2ecdce1ef5bc33cf7ea3d4ecb102c255e89ca6793bd6f1cbaf05e0ea0678399053e8a8f62bdfabcfb2959c16d8a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bac52ce58fd6b9b926a3aad881b80582

    SHA1

    f1f3e78f69c29a7253978d8e3c73005640465a18

    SHA256

    9bdf42d52f999172fb832facc7aeacd82a7bb857d153980c706c4b46a91fbf1b

    SHA512

    0e579655200061538d54cc2a0626baf60bc4dba346fb2d0cfd470c1100122362843d89a4977dbe14788e9deea338a94366d512031ec873ef089ba76deed4c805

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    14e6f4926fdc4d9b25aaab35d1fa675b

    SHA1

    89feef7e45f34345d01e8336da6b8d66ec476306

    SHA256

    eded43c353f6e9c3be7213d54d1b9b9da30cb9530a53f23b8965a78637177338

    SHA512

    2d81e35dccd2598b2266e1029d23e820c49fb1f0588d6b0db5e2e2e458347e56654d00c5cf290826f0420e7f2967c3652fd7d008a604de4db52c8421541006bd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1a4dc5de8fe40cd05be82005fee7d1cb

    SHA1

    8f5a8c96fc1464360e94b6c61660b8fb5ac23bd5

    SHA256

    38dcbad5a144906ef9b3a904d72c5b7294815a346344ab7c79487b850738eb76

    SHA512

    cc1cda515a3952bfa11072af4278c7f412b2ccb841fb2cffe08c1ea9fab605fb9cb6de8efa49a06bb953f7c0c17671d23df7c0affa461af2876b583ffa34b11b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d6155ba6152e7071ebc89a7556647316

    SHA1

    839d1da4f9735062644593d3d8e83178993c7c6e

    SHA256

    19a8cd466932fcec545afbb294966106444281f09089353e7ab19cf637878544

    SHA512

    eba87ec1720382a00120efc9088c5b5afb2a8b31efd36cec76dcffdc99d7d512897e4627a8169ea533f0f7d691c814d110770a8fdee1d54d748f9b7a85596d68

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    aa0c0d0efb2c15c43f57ad9b68ed0d1c

    SHA1

    db79a6406770111acfe7ae7eb51140fc20773898

    SHA256

    ac102d0cb716744622f43779be139d3c94caa6f11b48a2832983de48477bd575

    SHA512

    7da80ca03fd20b5ac1f7c58d855fe7d2ea77c7298832f7de3a4644e4141b714f602af024ae845da0b8d2704af4c955b62689968e84bcdb8466681327ebefb671

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fc7bd11a6fe6f55232aa79cbd098af91

    SHA1

    03b760d2a497dea372b52ab3d43b7833759a119b

    SHA256

    7f265b69bf0bf7d4d18553bb96420f61ef14c3ef03e445ffaf208a651c74e9fc

    SHA512

    1a47b413e5766789ef9220a8ea4a5fcab53956f859f1e27a500591f8459bdd1262db78471c689241523082ba8c6412ad850fd87d15200823ce79a85bebec7618

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fc6291bb0d2715e1c14714fa74945ebb

    SHA1

    f629c83f74ccb8c6229afab72a6a40b8d06490b0

    SHA256

    d8764f2dc33d609a2da2cee8566a240e1347a5c895f20b2943a9546073425065

    SHA512

    109dd0a94cc1f28638f9fe3d728a807342358305c352cee6dc03bfc4e1e0a70de495da5d459f78289e3189417d28eb53bb8f8353e650391bf0a0d30fd472ad06

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c1bd3a4edd29e71ecefe3d87d52b734e

    SHA1

    035d628e9cb7d4c91c3789899ef01452d3113e02

    SHA256

    320550322f432de6425f6b201980283c950825939f254db46d792ac3cd60b383

    SHA512

    03f7695e2a247e986fd725d9037baa04349a2bac8f7450f67866900b876d8b80af4e0046de70af21b704233bb5eda043ca82b5923be050a3be1535be14105d05

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ff672a0bc66d844833d5ded1b880d5e9

    SHA1

    b50116f4ba0d48d15b06831369ba41ebe3ffe078

    SHA256

    ed8e8793f9b2ee5f1bd235e891fba1b3243ddfd113081cd62faddd89a52a282e

    SHA512

    414d0a6a0910494746601458d904f8d35182a67aa11f52098d62ba885664b137802cc809828d97b1a4c248f20338236bd37adb68aaa8a48576fe312bed685de8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f70bc86a0520705dff27119d2d9428c6

    SHA1

    c2eac8feefa7c1d92f18ddab9b8405acc3cf4569

    SHA256

    0ac71d24d5f558e692cc4cb564cdf21ed8bd27113ad8b9eadd600d094b5c0fea

    SHA512

    23e4864ad74106d5a9c3402be8709c6720a3b60c5f1b6f17e8ba785a6ead3f3a881d34be208c8cba9275c674158d7b0023c3c8c46de0946f968facb25f69afa9

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IESQQ4SH\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab1EF9.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2967.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\NAFMYRW2.txt
    Filesize

    606B

    MD5

    c48de2b8aedc1fe60eed881d4d275962

    SHA1

    228f1a25cbda8bb8a24eb29a0b7752717aabbbe0

    SHA256

    3ed449b45eb9f3fdcbd64a1d06889e561b41d22b4ee67582a785bbde2ad518c8

    SHA512

    e33592e592225e380936a5e617f26f8c34218353f43fe494ec3987b3952219ff377033824d83bdea4ec21833c9d2ade1812f3556e29b08b629223c9595e8bfd6

    Download Submit