Overview

overview

1

Static

static

1

shipping doc.html

windows7-x64

1

shipping doc.html

windows10-2004-x64

1

Analysis

  • max time kernel
    100s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20230621-en
  • resource tags

    arch:x64arch:x86image:win7-20230621-enlocale:en-usos:windows7-x64system
  • submitted
    29/06/2023, 07:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    shipping doc.html

  • Size

    39KB

  • MD5

    d5bd9328d0e2b1b22a810bb454a9f28d

  • SHA1

    bbe660e3572bfa7927303c5b8f6dd3c1cd258ab4

  • SHA256

    778219c2d4389c5f08dfc2daba5744fc291b4ba42b6262e4daa58c11c8179228

  • SHA512

    d69831181807603f64731aca927363ce8b41229c90a784ab55836bf0fe9a1df038b31238c2522672203486009bca668a11d659917668e5cb2af7b057f9cfc13e

  • SSDEEP

    768:7UBY+dV4rNfPbKZPhC7OIqZk/pZUBY+9V4rN/bKZPoC7OImZk/p8Zk/pImXf0+Gh:7UBY+dV4rNHbKZPhC7OIqZk/pZUBY+98

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\shipping doc.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2040
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2040 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:976

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b2681c2d423a83cf7f0372bfb3a8c2e9

    SHA1

    f0cb246d097515a9b851d7a504c5c01680e20add

    SHA256

    938b55f8b5869eb5f527ffa954661cd3485eb9b087ccc7da9bbe585d1643eb1e

    SHA512

    5eed6f543ac84875f4722f0493c64954391a74423ba7a0f483c01a50755cf48ac3128d225a3a0d4d533d61d0bd4515eb373aec74820b78e4e24799ea5f202ed9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    488a459be1306e9cde06e5cd99797d07

    SHA1

    2ec19fbbf4238530d4bb47a382a702adf057a20c

    SHA256

    6eee2c7ee1bba475b484f0a1efe8399a58fe3e961a02045b42b3a4709b7a6373

    SHA512

    7f01cf0b05b387e9a36b8b5fabd48ef622ebef6ca630127f25db12b8b9121ebe45fa5437f177789445f37dd23abf5b47eea4c6d34ec10c883f7049b2a52acd3f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5e31e168ca01469491bef225ea79e146

    SHA1

    cb812b32f57a7206ad8dc0081d0630e3502f9f38

    SHA256

    00050940e2f6b3a87fa17b54801d58b5b62eab05e7265de4ac24e485377d6cac

    SHA512

    b5874a4dd199d6d8cb4964c4702c1c50086b16e643f13cc7de966cf933fe007b360567de89baa7db08520f417512c5cec026dda90c6a0b5b4da7d2463fc5a7cb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e8bedc0fc3e5b0f881d247a9c523a1cd

    SHA1

    3ddbb0eb11ee5f63dcc5111ee416f2dcd69a9b79

    SHA256

    3ae77d49e0a7339f4dca74f04792e3a3117e2b2527fa4a2eb093f02f64284be8

    SHA512

    d0de6711d2d5d37d3ed4d8a44130a8a4f60b52c17dc108c7b6e1aa8d4fdcdb440114c06c13aab99912a5e6eb6b4f5dfe5d9c45393c84048d16e318c607a23e13

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c073dfc749029c42bf1aee20bddf1aa0

    SHA1

    3e6b920c8c97c86d8848d919975ba4baa94551c7

    SHA256

    3ff2f9ca8f8e79c40ba690bad7b36e5767a711e09c9b1e0fb1f4857189b758af

    SHA512

    edf839fde4664626ecd13a505b879bcda3981ecbadf7a1dca9e718787b17ced356e130e7ee69a0b22bc6e0de8b4627f3b3365f87c9657c411b40b830014ec8c0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f3797b5916814516a56ede12055f6d38

    SHA1

    1dad4a11aa6fac30e392ff18c79e20e26039cab9

    SHA256

    114b1a7211fbae9d8b56b11bfdc938bed1f45b99fbc6c9aa4f72944bce8d7f90

    SHA512

    ed45ac8375a83536eed99728a6aa76dd7f00d4f41759461c6b1ae8783879abd96657dc38ca307eff0586bd56021b5e28d221dca27fe7dcfffa28b66d6000876f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1abe2dda97ee5ade213f57b84a1cd75f

    SHA1

    afe36d771be85b7d8ddb3247c7c3add934613866

    SHA256

    6eb70dc762baa3f92917a363bf7f712d9bc8e949c64a412710cdfcc5c0fd7ee8

    SHA512

    b3e2d3d034d5e7f703ebc78c1ad69e7a61748991d869566b11d5f2d03e3c5d188f1e1ecee4bb43def0f183a7d15a343f81bacc7de78e13c39101545f44162960

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b1f915b100c547b74fafdf5d22bc3040

    SHA1

    0cf000ec6db00206cbbe7556af477110121aea48

    SHA256

    7db96778053308c9a9281c34862efe6404ec184bf92115fae5451035b14a52eb

    SHA512

    d49d5765fee249819e03277110134c9462bb3079afacebea3a4cb5381663ecc92a17c6b3d34e0f6a4bf6ec8fccc62bbf01d00a0372fa8d107585c721621b5d51

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    965936f3ce891385ada2f408da999ad7

    SHA1

    27ec4c04411b5272723d576c1e605f6d1cb65eb7

    SHA256

    8d8ae3487500b1fabd9b266b68c8ae620132833f5d989b5432ac36226add08d3

    SHA512

    cf83b4a2f3b60b22e39f763111658d5435e9a2afb30f740bac134452d4d18ac1d547d9db8944e8874c66c43842f43137d0af45a3db5ac9211c0c10dbfae8bfd1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    27694cd029b37287975e4b52fd31099f

    SHA1

    75cd915303c50366e87813b21e0ba3d80bb67d4b

    SHA256

    bbe19563a9f59967efc57a08762b6ba841facdbde1f692a146091f7537547034

    SHA512

    eae724fbdec5522e1ad3ab4c9ce7f612b2bdd5bec6cb10d731540cdf0d4b62d604ff68bc605138c46e7cfb8aedc4a008cfd75c8b73b6d37694006486a6d2c7a1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    717ad3f2af4281cf250960e70949e94d

    SHA1

    3098db6dc56517eeda56e881fd32b27d0e53b7de

    SHA256

    e86aaf98dbfdfb0bd12d0faf6e1ec5c0db2cd74086a4fd711f5139564c3546fd

    SHA512

    62d8a61ad26ab79112934cc990e2337d0d6a305bf3d3f27214fcb844e91bea863abde242442a6dc2f7c5f3f535c45bc26d7769620117f2801ab4615b48f08b87

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    228123b586912b163b1f3882d29849ea

    SHA1

    03058a57565c7162300f366f4720bb7f67a3551e

    SHA256

    81541aeb67c61eae20f6de658c36027d2ddd1f39c10484d9f4fee815f2e53079

    SHA512

    594daf91840e5cc5192403131c9c97698c41464204f6a1bb3e5c13d98ef0e9223feba8d53bad1bb6a4dd9c430bca9f3c84f6f759c413465fdba7d910d2b73c23

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    21aea04ab4403a09255d9384b0757e39

    SHA1

    4fc9e0d23d3c345853ee7702ae34f7ef2d3106b1

    SHA256

    26ede8a1f9abd393a56321420b256cb572685171dd948140e6451abe97886c39

    SHA512

    559328e31c0b4bae0c209643a2d5fe2d52465cea0ab17ca7e879bfd62debec987051cd7a9312a1bb8885898bb282018173873244b0fc6221b9088bee9b7e8de2

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\134K02XQ\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab256E.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2590.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\9765FY8K.txt
    Filesize

    601B

    MD5

    ef9cfed6c3764c6583e0aac547c40544

    SHA1

    ede4b0862c7509cece3754ba3b88ea1b3c4077bd

    SHA256

    e29c31eb9fdccc9293f3c4e8845218db4ecfee6fed6c7a2728b67ebbfc930e30

    SHA512

    dc8cf8dca75b9252aea509ebf20aa62d4d12949c6dd9270cb13dc30fbf8a9539489c6f555b190fd3f11cd0822b97f9ab58f626acd0981a8a3c69e44ed2b6720a

    Download Submit