Overview

overview

1

Static

static

1

lease cont...f.html

windows7-x64

1

lease cont...f.html

windows10-2004-x64

1

Analysis

  • max time kernel
    142s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20230703-en
  • resource tags

    arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
  • submitted
    06-07-2023 09:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    lease contract document pdf.html

  • Size

    269KB

  • MD5

    10fde2fb3cbac99c6e2a372be8f56465

  • SHA1

    4131bd3030dc4c7ee46f8696b5aee9b76023cb96

  • SHA256

    4cb0320d667311b3fc46903519765fe9815106cfb005d883b9466985ee3c5116

  • SHA512

    ea7535bcc365ea747014a56bc33ceb27a2ab0be03642a8a871d80be5c3a23281acd312e47fee32c815716c7743b11383f1dbe98ab52a1ea352d6407e0b6bc055

  • SSDEEP

    1536:fq6wJpJW3wInCU77Pc5ybMMHcFdL5RdD0BKt2AnsD5FWXxXLXv47pGXRMN6o8Vbo:tLAsCXo8cAcfO4FIwo7vwI7E

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\lease contract document pdf.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2428
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2428 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2192

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    1KB

    MD5

    cffa7efcc68ce72b7b5be4e4a50029a3

    SHA1

    2a412d4d421edab42a4fad10054f3f73ac495e59

    SHA256

    8ed050a4f3426649c5215a33af3e89aab2791afb48885e2d8502f6bfb2df4c7d

    SHA512

    9094e27457d56379a0e3b63e896c4a7c6f3f989dfa8e35ed13043fe1fd9acdd38e2c0b46a000cd4aa452dfd5acf7712fa32f6ea07b67d6f8677c73d3fab46429

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    410B

    MD5

    3412856f71e3e81582d67ad97d164f35

    SHA1

    7372e6358e1d611f54d6b92d4d2058489fac9eb9

    SHA256

    4b5a6654d480c388bf9b7214446e71d2a57a4f531ab2a6bfa456ae89bfc4a5a3

    SHA512

    2c944c94aa03b65e31ef02dc016b4d253de23289a8369254363ece60b42587ac01d579466196679238a0a17c1a1be41580355574f3e436b173460e5eee52703c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2bc648fa4e56b8c803af4fbf236f639d

    SHA1

    f19dffabc61b51eba7cb5d78742acce0357c0d53

    SHA256

    26c523d4f227978ea77c90b474298ecf6a835c38177216b87d6ebee7476588b3

    SHA512

    92ebc5ec986336acac0e343c68e7bc6ee30c93e804b818563a9ba4430fc443f2f5816e30b25e1784550004aad8da02e0307979d4b30024ca26b469ffaa495ab0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    52f91e0393ad479773a0448cb58dd355

    SHA1

    f18974ebbafb7979ff55d6ee0613faea55b0aa8d

    SHA256

    b794d9de4d4fbf4f9893beb7212febfce515415f68f583685dcd99596a8d812e

    SHA512

    339c67d6e3ffb4c15dca7d05b69109d736e3285c314f41c0f27e337cc8cd9c8d39b05703fb0bd697abef72799d64cc5cb5ebbf3ecf2eb414f57dc56edd490036

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a128fee3288f744228226c4defc67364

    SHA1

    41a3e59b29939d5defebf87b45c03393117a86fc

    SHA256

    da114d8223d57ef74852d12fa200c48dceffc9f854abaaf04cd1c5c2a909ff68

    SHA512

    c738c11f5f8d9e60bcddee89b3167e495b7a8170ef819cab32ac163c1cffccff52467858424cd2688774ad705b0c172790d91f5688c08aed37d1918588b9beb4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6fb33d5fb474a9c7c7b58de8a4769820

    SHA1

    540365d1be7acc2d172fb12860916746320392f9

    SHA256

    94cf0f37393edb98b67b0ed9e055a6787b522f908a8bba61bd026dfb1f005b15

    SHA512

    fc2f2b7d43ad18bc476e327014dac675cac182bb7d082b693bc4d1e1308084c34ab22130fdbf88f30123cc8f4a3f614bd431faea53111f3dc662a70ae561b599

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    852a45c341103b22c2d6aaa53a5bfaa8

    SHA1

    0c3a8915ea9f8237e90f3f07acb1cd8031409a4e

    SHA256

    72371dae58c438399723910d938f9757ed5b90be295cf112c9a06c581ef7f26f

    SHA512

    4964ece5521365e2876f6b8c10f3979aefefa519d4a2d1d78d73c6aa1965b3f0cb0db5d3925e13056203bce154f7c84afad7426bea598f434360e187b9bd266b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    207bf94c49a046e5fc2549907932c0a9

    SHA1

    4f4fb95fe8b858b2cf3e1f3c02043fbbfef54e8b

    SHA256

    c10f966f6a8d84f2a2f2841c4dee515d9619fe62e05e4882ec58e2ff8a814ddf

    SHA512

    89150adf867204f6675ebfb49d503ee5fb7e7214d91ac22a824ec1d384ce6b9048ccfc7328dbce17a2b313ace19dde25c99bed1876d76e95097e5eb17eed8ac8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b77f29e2509a94b5213f3de67c202825

    SHA1

    e7849605f9e36f31a5f1019e853fabb8958db7b9

    SHA256

    b4795bd0e27ac9a9373b33930c0e34750a6dadeb7edcd6f36b178da40179c7f0

    SHA512

    05d842bbc8d841fdaab53862376668ba85670b39ae1268e9a5facf952fbb3cdd149b4987fa7aee6ec618af3ee92b7a244c190c4600f102acc6d301e6ddeceddc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    88443fe2cf50c7ee9059826d12b82554

    SHA1

    2b37b74b76e959a084f7236ea06491ca18968391

    SHA256

    66a074525d9c0f5d6bc3ad96736965aaaf60943ec6c0b084ae71b43c2a1c2de5

    SHA512

    1df9e24ed4c93dd658ebdd76b9bf1c6b5ff09fa29c0a0c34ccb29bf7f60dad84eaf38c1e5bd30a98c848899d1e868252eb5f3e05d2e729da5b7c34ace61e89ae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    92b5ddd6500179713da5304fad8f2682

    SHA1

    d1a774e3ced34c8540185f767025c13fcefafe56

    SHA256

    af0d32e40d1bc2cac9873b9e0d6ad3e696576fbc922e4018acaa335fe961d6eb

    SHA512

    2833b07dd05485d6e223e52a69644cdb14374029068e28d1b903a6ff531af59c78f31660398fd84100de256577792f4a195e5d0ebdf2c5f4c5dce2bd194bb926

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    15a9ebef8dfa8b8d2045ac20feea544c

    SHA1

    c5530f2158ea14c2401d01b4c7bf062fa0ec7185

    SHA256

    000afa4b50a2ee2c289063c26932aaaffb04f4d9334b02776f51cc4e99f53aa8

    SHA512

    675712bdc01265c945a22779aecdc826c2b950ffff77b5d881f337df9aaf093091dbcf2838bda7debedb71bd11062e6a6bfa89fa307dab71a883ff555fd8ad63

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fe4e42b8f6c6b15d2f3b2220c8a03d1d

    SHA1

    3ae2b68f361e3a38efe602b5e9379fab03aa5c4e

    SHA256

    eb32bcf0d7306b704278f52b227f9e434b074b875c4ad75cd609d573b650f9ed

    SHA512

    628b5f2271aaf124eaa48b381e8b1c379ab740128bbf72f345f07a9080a4eb69a8427944ce0352476e13584a9fa36700f1684606328b1d483a0e8fc6e0b31cc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1c1ccbeb38c70bdd18b91aa2f9dafe01

    SHA1

    29163126d273f309f802dab4abb4d0ea18efe63e

    SHA256

    7f2b1690d90a6c95a50e82614627ff7e5386346e3fd7193158cc407428a2ff9b

    SHA512

    2f282a81bf5e24efbfe534da279bcb9200682653f98e4ad8f78cde2512bf003ed9edbbd5388ff277a4a4e1e2250e0aaaf45bab716aa68e9d450e6676dfa03b29

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4da7eebe90cb732d65adbe217cb54ef7

    SHA1

    240cd6c87f99c3d319a3965a3ac3bc30aa3df6f3

    SHA256

    4415310416ac11ccb4eb03dd9999aff9e2f91bb2d5d3f2fc4e6827e4c33d898b

    SHA512

    057ec2a0e0836ef3140cf9e3278b7f0319a84ae566aa771de6bd6dfa4b7ec0242ef502e1a7475e881cb136a9141e46b1b53791d413a7fd380de3091d5578234c

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2SV9Y7I1\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3C48.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3C5B.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\NXMXDH8Y.txt
    Filesize

    601B

    MD5

    15dfc3bc13154858b9db842e779022ea

    SHA1

    21c5f6b3b2299a5a656c58ee083cf959420cdbf5

    SHA256

    61bd2b445d93b6aac89abdcb7e4b4399bc485efca2b7d3aa5c4b2fdf4495e566

    SHA512

    e586e620311716698c37a524b2d13cbac5d1937082256e427d0c1d5817edad6b76bc1041485d85b071d9d0a848d17214045e09c316ccb41084d2b7f5457bd5ea

    Download Submit