Overview

overview

1

Static

static

1

Untitled a...04.htm

windows7-x64

1

Untitled a...04.htm

windows10-2004-x64

1

Resubmissions

06/07/2023, 18:37

230706-w9zvwadg55 1

06/07/2023, 18:23

230706-w1la5aeg9y 1

Analysis

  • max time kernel
    100s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20230703-en
  • resource tags

    arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
  • submitted
    06/07/2023, 18:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Untitled attachment 00004.htm

  • Size

    2KB

  • MD5

    54bb99cc5c1f71170185d332a2abc2c1

  • SHA1

    20f25d1f61320b1c7058611e8c569874c84c23e2

  • SHA256

    c5a695103bfea2f1fd6abe65764819572d95fe43d62f2f1d3d95182da1e5132f

  • SHA512

    b39614041966586adfdc174cb4da92051aa7f1c5965fe6df81f816deb9668f387536e08ea361023e7a9d4b9d5629009f0b1dd5775bf5356a6291cc1f61efc011

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\Untitled attachment 00004.htm"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2424
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2424 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2376

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    162252be2be43128e467e924e03c632e

    SHA1

    60836654672f0bf855d9dcf696db121e6d74421a

    SHA256

    d1615b7bcaded645b4ab6bb9e220e71eb6bfa3d8700f49421a9453946b9b3f96

    SHA512

    3c8bf06b93d75cbd7b67666880643d21965c44261ab53ec8b8ec9e2e5ea81050834758839edc49b376eaf44d22568f5471be9c8718731dee6b38de0dcef73db5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    00e36167bfbb8ddd83e81e417708dabf

    SHA1

    3b0945b3371b5e509a4069bf466e0da0269f4693

    SHA256

    e7f467aca0263c5c17fe93299fa1d591b1b20626073a0d5ea7102ed5c607611f

    SHA512

    c848f377dfbc98ebbe3c56d2f1ef48f6a57636fd027f01548cc5a57b36e063c209ee65abb1a90f7f714615a8683505f3e81a6e592a64fda75e8c85d5ded70c81

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4aafd6e126831654a66090a2a27ac706

    SHA1

    36b22b77d50c4ffb7a4d89ec1a459d7217e4e988

    SHA256

    38de95b7f1fe10102aa210ddf583ba81d341290b8481a4d7ef61ee70daf1d517

    SHA512

    badf3ae8b5f2f6764979e20d39a84a7f2b5183878d89e51b4cbf74007fb10adfc80c7124c73ed5c0884d659c9e8caf05998efeccfa20e01d66247c23705e5a10

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d4b76a156bed114b01e133fbdd49b46b

    SHA1

    d7a86d63f84b85515fd7affcf07d56577bed738e

    SHA256

    1c7d83a624d11bd37cb511432abf3170bbdf4e08726c6cf2a2943ee55678a148

    SHA512

    874a5238688d30321bb2fd24862abc7a9111abd070f2e92756ea9dd3d1c4bb8f8b14ad48874eddde98f734409716abd50e862b194cb08bbd1f035c9d08a3f369

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eeba7405efd20ecd6e34dd0a352fe1b3

    SHA1

    9bb073d9ea38b461b962d50fea9e4bb70db1a5c1

    SHA256

    d454d98da892b70c4ea5003bcac6a31d143516f2581d8a9301c3e7a97f5131cd

    SHA512

    f0035d9e174f9d197f95a020e620206cf79aab832cd0e86f74f40084afe3fda4ddcef6286a9172eb5cd462b7d5b4153cf040194096d00b3764d318cc3ee0ca39

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    795bb54db0ac501418f64fa4331ad6d4

    SHA1

    30d08dc7ccff6d4d702457309b6dfd45a8569f5b

    SHA256

    7db8e59a54b2a3f4c217e1d662a53438c8e570bd9a206a46402f0f41148a21fa

    SHA512

    0865cc5b55b2d56f2cfd8b4f681898b0a828d6ef7046ff5a0cd4aa1b910d8fa20ef39d0fd2941e406b8d5373c0b537a25f5f628d2398d5538ad6b02ddbe99ed7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eb3df17ccdccc264b5f5852e84db1ae7

    SHA1

    6cc91f2901e0989a9907bb5385af2cf9f1b1aa4e

    SHA256

    52a65851cdec9eedbfba6ce9f6a47415caf0323199bf06829d6b721c45eafa05

    SHA512

    5cb5e7f30a7ad4a323ae84013553e17ec6c8b23f1bf269cda691ca8b463adef60ed079c578e960e2f7a9434b533091d5776a3bd145091824dec284c377b4bd1e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    15576cb3472075267fc8e24dfb11dcaa

    SHA1

    8b35ab3ee79e0cd5cff3676ceeb56bf7a4818ff2

    SHA256

    2347dc3841d199bff1300bea0ffc2c214cb057df54090fd13c340ab0e419a6aa

    SHA512

    e9ff33d8cf06c4d0735ea4f0a0c40c00f7af6de4f53dcf871e76f87cb1a51c880e34df74e1cd6ac9cea02a26997732cbcc91353ca7a7253d3c988e7c6903dd13

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3fd57d71843829e0c6bc2cde615d272c

    SHA1

    c42d86e2f72a149a3d86af3626713dd15157b38d

    SHA256

    d1bd400ee38b7eed7bfa97a7da5279df8c027115e35b358ccfc2dc29c861a38a

    SHA512

    10fb38ab7c61f18f1368c393e340e8f180dea075b793fed3edb10a7509ea27702a32114c8fdea890dd4d64fc9fc013076092173b5940e955693adce5dc15271d

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8DEHEN72\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab40D8.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4198.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\T32JBNOU.txt
    Filesize

    601B

    MD5

    1b7b54bc0bfa604c1fc8316f9485434d

    SHA1

    fd0e79567aec36ceb0be1da500cb5aceca8db734

    SHA256

    e56a8c79cb1ab0ad7e15697015847dad359bd0cb410da2393715bb32824227e0

    SHA512

    d83472fa77ffdfe1b5383d2be23e777a99fd6db25334066849dfae9d292f109cdc09e353a73617ca8f0778b5735b2b28673f8350dbc06cbc4524abee2887e8dc

    Download Submit