Overview

overview

1

Static

static

1

cgi.html

windows7-x64

1

cgi.html

windows10-2004-x64

1

Analysis

  • max time kernel
    98s
  • max time network
    138s
  • platform
    windows7_x64
  • resource
    win7-20230621-en
  • resource tags

    arch:x64arch:x86image:win7-20230621-enlocale:en-usos:windows7-x64system
  • submitted
    03-07-2023 15:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cgi.html

  • Size

    315B

  • MD5

    a34ac19f4afae63adc5d2f7bc970c07f

  • SHA1

    a82190fc530c265aa40a045c21770d967f4767b8

  • SHA256

    d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

  • SHA512

    42e53d96e5961e95b7a984d9c9778a1d3bd8ee0c87b8b3b515fa31f67c2d073c8565afc2f4b962c43668c4efa1e478da9bb0ecffa79479c7e880731bc4c55765

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Modifies registry class 6 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\cgi.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2000
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2000 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Modifies registry class
      • Suspicious use of SetWindowsHookEx
      PID:1972

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    add9f46ff9c1b978f98d1b2e7350d7ba

    SHA1

    d3644d63967c0b2ae42783d21c9ac9f0fb40592b

    SHA256

    7c4c209bb7302282c6ac3013878268e3260ce3e700cc08b6a23a7fb56b07e0a4

    SHA512

    2871589ae962edf27ce9e3169a64c696c7abfca4271fdd1fd031e1d8c3bf8737124b7edb94ba00fee408d2b4039bf68bbe42ef098a0bde63a67813f4991bf477

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4bf6fb007fa00714fe46f0697cf9b059

    SHA1

    61fb6528ce6d6eab67cb1955b11ebd1e81312131

    SHA256

    5922a8afa4668aa9b39c6a03776f392a895eb606e22465e2ee0db5ec6b943ab4

    SHA512

    07e65bceac1cfee1e5f23a7834c574bf31d17081d79e72696c9cfe841b60607054e4d88c13b81e2d4e9355c4c63619960adf4b1c8d4c955ecb7fc33dc60629a7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c646fbf4f58075e555b53949b7b80edb

    SHA1

    d0f478542b6a8c8ad05543610a742a603cf65ca0

    SHA256

    7c93d6d6322446da846bdbfde89bbc90a5af619f7361887433aeb1c5696b049f

    SHA512

    3c92b2123352e7f16b37cd0d2482acc1b5f90ed1d6a180db0416f4794e11f6d9bdd16400e736dea6a1904c1ff3469b9ae1b08a323a8c9fa3868fe4c8933f4903

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    559fe176a6ac1e16d9de135d29a01d2e

    SHA1

    3d3ca21052c0aa463277363c823c98a6a504b2b5

    SHA256

    d9a28cb446d8cff04eb2a93328e04c18fc1c6f6e4539e5f8a081a6af1cc60821

    SHA512

    32d38fedff9463873047d87680bb4d15c87128bffecd2ea500b44f546d09042831ae8d43995e6a7954b617c60cdb0397815c034c4ba5180f796ffde99af61be2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1dd32da2793f38ce3884b4efae0ac002

    SHA1

    783176414322949b59e9e358668161ac9a5e5231

    SHA256

    c11b515c8ec333322afe8da602928df51777bc203987b7da09f4498dcc18761e

    SHA512

    67000d8de5a9a779dfc10ba66b2abd69ceb3d8365feb4d9ce618e77648c5fccc4a195db3a49263ebbde5a9152a7115c72585fc4c218ad8a01be3d2ced6f18558

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    55a85277da5222816ec22db425f222aa

    SHA1

    30cd57ec548a5edaf51ce53048660a5853d12912

    SHA256

    b82e4b890b7f77016d749c0bf4b611fd68ff581f8fd493a31b39aa5597876d87

    SHA512

    2539e65e3fd39dd3b50a8446686f5086d6e6a375af51fbb95aa18aa6d7cc1f37d35cde8113d86d3c11e9deecad5caa06183344a26a4a63343c1f78f2ed41a262

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    76f35676198e810db64f575351fdcc53

    SHA1

    949b86bb5a8f6fb26426c54d4d0c369351de76ae

    SHA256

    ec064bd09861026b121148378fa1fcbd1e71f617999d073aa7f93f560650276a

    SHA512

    6548ce66dd17b355cc858182ad1db7d61364db972d1e0ed3df68fa60f7e73a19d78a743403c8532e0465a516ed3d955fedf32f3d115f9a232c518c605ff9116c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d47a8989c8a9c7ac03a9b13a76f734d8

    SHA1

    62013b031e05520d9b6c4371dde74dfda6c90666

    SHA256

    95b6d6fd1e9f4e051d7f99625d7dd0c5fe413b7131c115042456e38d98403109

    SHA512

    f4acf1a48d682482ead3b67be013ef995e094035b16c144e06e38a2386f7ff75e780e801bdbf4e01cd75a2356f0b6c0889efecff2c396a2bf77d04449ae90294

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9242c864c311bb305500725ac5b052f9

    SHA1

    cada4697dc17c33b48081ef486b4f512d1fb3d46

    SHA256

    3ebd7df367d1c56e2e1da359b60436033bf784dfaf11082db44a85140d7fc08d

    SHA512

    90e69e2df29c4e5f92df27399f7957421aa6ae00782e0ed8b040521a1120d8d00e957a402cc0c619d8ba2059b986c77caebc4ebc35763bb11d0915ce8c778f81

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7DZDVCQ4\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab4675.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4735.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\6KUJDIZH.txt
    Filesize

    608B

    MD5

    534f7649f7dc74c2c698c0c5b0216780

    SHA1

    641d9653873c6377d6889a4891fc6307d2040ef1

    SHA256

    4cf349aa72a7a1f20321b2d7ece1b4534b79f0f0bec584b60575c46b301910b7

    SHA512

    1a0e8befeb27f8967718b48224e7ae1559d97ab79867c1fbda149ee6b95286829035b56e5f96815a1c44fd35c1454bd930744cfbac188a17acd985f74cbd8a23

    Download Submit