Overview

overview

1

Static

static

1

sample.html

windows7-x64

1

sample.html

windows10-2004-x64

1

Analysis

  • max time kernel
    98s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20230621-en
  • resource tags

    arch:x64arch:x86image:win7-20230621-enlocale:en-usos:windows7-x64system
  • submitted
    30/06/2023, 15:33

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    sample.html

  • Size

    40KB

  • MD5

    6b82c0f1b496e1ece358ed0bbea18110

  • SHA1

    a4c6e914a593732c8f4f94f8837949b91f6caf00

  • SHA256

    1cec201ff343e1788a75be8e75eeb581bee116bdb4ff1e44b1a3b7154dc5f006

  • SHA512

    39932085af0b7ba3a834ad2e81811d18c417127d9fa29ee4c4a6b2d4eedb1f0fc25a4b09ef18dc461a78c30c9436866dc55be1dc210157776ea407997ce301da

  • SSDEEP

    768:Mrn09ZdapKtCFqgzfQwG5zKn6BMLdOkCcA:6SapaCFqgzFG5zKn6BMLdOFcA

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\sample.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1396
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1396 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:756

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          c9d63f05e51173ea545002342b5786d5

          SHA1

          962585e836447539d687c315aefcd7789cb79bfd

          SHA256

          ef4187db77ccb09c7c8922a5f648cc74cd7601e70ea8f0ed162eb287c3146712

          SHA512

          12365cfba3b7cc1416d52abe1d012668aa56635b63d58bdb78f6030edd4e10a933cec7d2f31804564150b455cf91f659ce050b154afa9f5e2e68c088defc7b9b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          c8e0f98e4c99cb747b29343d67fe0216

          SHA1

          5edbb4fb23337d0ea95f5ae6712d1ad643a6e4c2

          SHA256

          ce7bb13e96a50cca7b4713634225b054a4269d733c089eff99f42e4ceeb4c65c

          SHA512

          fbf2fdfdeb5f4695d1e0fd4843895ff1b0aa67ce01bdb406d1cf6b3e53d7ae194db083475d4cbacffff0a702846aeed32f2126bf6ad0f31ba4999e7d9bde7d05

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          f56bd8634f2f15af3ae738a718ee77e9

          SHA1

          cbf10901f0067bb84f70e0ae14039f17004a7d4f

          SHA256

          a17f184c4efffda0b9128179677b9ae057095bcbc2531297e33e1b692ee85afb

          SHA512

          b9e91bc864ae2bee7052a6bf458f15112fc99d9e207ecf886b706963b17a766f11cdf49b87340448612f58b6a3fd5226aa9469ed6c7c49711a8737f9b4633680

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          9c30e41e1f5fa9f782e019a23bc540a7

          SHA1

          d4d2660a8d2b8e20a9a8d134b7d996a84206c5c7

          SHA256

          d35ff593ce825f6fea107f840b8de1b96ff4d63f49c3761c204d6dd6f3c2b0d2

          SHA512

          56a250b1094e4976e4a0086b89fc56d82713600ffd28b8ec3ea30945e865ea42443d8e30a9f8e3911acbfd098ef9445f376e7336c12069bb10f575ce942d0158

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          95a3e509764bdb5eb358bc2e0bb617fb

          SHA1

          8aaacd07280175eb6b10941509451db5655df00e

          SHA256

          8c70d36f685bc9cf5b76b96ac5ac645a2f84601cccc49bb68886dbdd56d4451c

          SHA512

          747a72f904868be0247eb0603c092223fc31e469fc8660e7f6e3c65d704e968bc78cd95f0bbcada1e4a8366a9835db78c67018fa4757d7a5ab234694db94df1b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          7e82c9942cc8282def485c91d1cedad1

          SHA1

          ed7398e9d88a7c2b8c9af2f06fef827d36887b29

          SHA256

          5e80e15d0007405a90c022b3645922ee7a09143379aaa969b6108d904fc0b9c1

          SHA512

          272964abcdc017ff077846b06243c257772dc22b1d59d9cd540d117eaf6fe9a0a5a2074c01d1fb48632261f56288d6622f9f76867831f851c5d61589c8027022

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          aa97a9e121e0d1895fae3a064b268794

          SHA1

          6789f49e05fa29050360f059415af3f79855c819

          SHA256

          f294a5490fca933fdb0c924a21bf375fa51970140465efb9e521f3d7acfa7acd

          SHA512

          d1ddb0405c175eacd15328db2008dba374fb3da3d58c0ae8375316716cc9a53aa512000623b01634ba5eaaf0337371f8ccc82e1ec333b1cf65db9a2e3a0e6991

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          5826b5b132aa86b8eeac92fe6f8c4ce4

          SHA1

          3800b838798163d219f65d6645495ce3067c9ea9

          SHA256

          1c100c808702c9d9e264c88032b18690481824508c04845e5da7d5fe2e2c5200

          SHA512

          9cdf4015b38e2330c282357ac3b4a880d2f4f9631d5ed4df3a8c971ace72e00c9714125e81be9b1a1018697f0a0b537ee46373fac27d5195a8903cceb893af31

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          feefba71aa5a23d517be4dc5e33764de

          SHA1

          9ff9afb4c87864b020a5b2b7511800ef09f79804

          SHA256

          8ccf8516718dbb3d8c2acaf8384bc3127429bf1b352ebf11c800601d66c5b2ee

          SHA512

          bd3ea7cf2868ba1f9dabd39ac5d6cc67bee46ab0cf6180f5669607986c3289b5b538383a87c2320d6a568ff530c1859fb3e13e2df63e420da9097906cf236bbe

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          5c9691e70bd0b2ccfed51187c678888a

          SHA1

          492e246364cae49b76467dbc0bb62bb3fb3a91ff

          SHA256

          9ea53b9ada5c3073936f3f1f74ea4514c198baa04fb11dcfb5762fc2d1a9d5c6

          SHA512

          007bd1fb85330dfc55881f97f5fce95dd8969104cbb517b475204ef0b6ace67a38f1bc5f6d8cd4e1750c20d815c611fe909125483a08232d2f2cf4eaf129ca3e

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OORT469H\suggestions[1].en-US
          Filesize

          17KB

          MD5

          5a34cb996293fde2cb7a4ac89587393a

          SHA1

          3c96c993500690d1a77873cd62bc639b3a10653f

          SHA256

          c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

          SHA512

          e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab72E1.tmp
          Filesize

          62KB

          MD5

          3ac860860707baaf32469fa7cc7c0192

          SHA1

          c33c2acdaba0e6fa41fd2f00f186804722477639

          SHA256

          d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

          SHA512

          d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar73EF.tmp
          Filesize

          164KB

          MD5

          4ff65ad929cd9a367680e0e5b1c08166

          SHA1

          c0af0d4396bd1f15c45f39d3b849ba444233b3a2

          SHA256

          c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

          SHA512

          f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\IK9839PJ.txt
          Filesize

          606B

          MD5

          f7173e810bd977e8b51098b2ac63da66

          SHA1

          a409ee3d415297c2e96dc703cc968371c49f4e48

          SHA256

          06dda0404d76aea3e14e172dcd39894909b8def923117817ad3e74d6b8d28508

          SHA512

          f0305f005eb55955a2600d33261aa7e7ac886b508685216e6ccc77c4fb15a5b416a8266419e8cbf5d4177f6b1551edda5120fed54963baec83d54bd4ed8c6354

          Download Submit