Overview

overview

1

Static

static

1

PO-7ab23 f...s.html

windows7-x64

1

PO-7ab23 f...s.html

windows10-2004-x64

1

Analysis

  • max time kernel
    144s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20230705-en
  • resource tags

    arch:x64arch:x86image:win7-20230705-enlocale:en-usos:windows7-x64system
  • submitted
    10/07/2023, 20:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    PO-7ab23 for [isabellaxls.html

  • Size

    3KB

  • MD5

    4d772e61c6ac7e3e1ec139411653fc8d

  • SHA1

    408d80d1a621adfe94efb0bb92c0b07017be71f8

  • SHA256

    af7fbe5f4fc869e506804f55b2ca0cfc4901c9a383621311a6376754d415b02e

  • SHA512

    7028695d8aadfd360d28ca4bda3fbc93609e7c312591b55089902b4a821265df921e15beb97f23f2399edfa34196494671ed455ca470ea24f8974ba76cd43566

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\PO-7ab23 for [isabellaxls.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2872
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2872 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2964

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4a818f78b82f4318262ecabef1e834a2

    SHA1

    a3a16aafbb26958f40f6624a77e9c86f18966cd9

    SHA256

    bb4b57d00670d5af8ddf8b20f46d5ee3cc304c1542dbbeab4c2e05344148dd58

    SHA512

    d3e138a5bcf8d6194135be21d820387482fbc24d87ed13d7e7beaa2a266c7c7343faa548ee022a9e6997b6dbf7e0052c76b27947d49f3d57ce828c0fe3df5fff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    03bb1569fe6938ac417ecaf3d9789d02

    SHA1

    671646ac750655579971d4d8ad0cc7bb032b4099

    SHA256

    157ad4f9986df331823b6755db89638aaeb4051bb3db1913ebff65bddb08a9ae

    SHA512

    9274b44d7b72d77e2169b4afbcee5576b8a315dc9f99d72d4e172aabbe61d2aea5afea325f4b45d6dc899315bbd3aa2b4da70d8eddcc493efec24f541e57b092

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a07b093b4bdd4dc566ba499bcf9f1957

    SHA1

    68751ca362c8b8af0103ca312e5f1c52c9a76e98

    SHA256

    6675c30cda4abcfd1d1b18c7a41955f8f7f6864f63517def4a3976a86baad649

    SHA512

    4e7509d761bc6b570bb6df93572cf049f2ac7fa99b5d59cd636991e2e269db37f118d8320969e45a6d571e286e2cf9397c97faf2db8e5d2e0c9b93eafcb4c72c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d7b022036d5606f0649e5fbf347ea372

    SHA1

    888a4e8ec56d8fcb9fe81faa736821e764665534

    SHA256

    2dc7d95239918b10e151a7b884ebaa5011bf9f207f57504fc47332c63e079339

    SHA512

    c634df5b008085ecd080ded2840772866d37812181e72fac8e280dcd932bb4fc3273f8633896efb3e4e1e564ed40e28c62e6aab3589094b8605aa812a60f6163

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2aa19f54e918a27dc70d3828e3760f44

    SHA1

    62d8ede6b487d70aa9ed21126d4bee439ae0d213

    SHA256

    63a991050464d087961e8f9c6e9eeeffa8ce0ddafb3013b9463ab082115ccb33

    SHA512

    bb3c0e6db390a4daf95392b6baa2d049b38da50d1d11e1e1263b386ed83b847ecd98eaccd2d0eedc00a4d35a34a1268a24af860eb67ac5d254b61d9c29d12395

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    54ecf2a54e934326f68b72abbd71d9f6

    SHA1

    0b1884eff137af2b65c80de69faf4ba79cd66299

    SHA256

    7fd118226f142d950ed564525dec10115ecc5febb45bc67849755ba5cb7a45ab

    SHA512

    5abe05f8024ad5a1f01976db18c03587c8de2f285c6bca576fb93cadbf0b9f66455c245a57fec585f00fca54b7d05a3533a3d8ac291e5eac4c46cccc1ef4f9df

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d074174b7b9fbc67f0449fa2a324a634

    SHA1

    e53497daae3fb3dcaaf14485306d2bb5454fdb10

    SHA256

    3a03089011fec165f5c18971c4f04a99d831b96d48d70dd94c90e56251d59e8e

    SHA512

    8b0ee1cb0d3cf6756b8fbc1093a2774a084c417c98a830559bcd84355159fe58a5afcfa43073e37836fb68907497af36f4248138da407d01faa15e2a443faa61

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bb9afe7270c1fb19b1681b01636ea2f3

    SHA1

    6041e37920f2086d86a25e31ea63b570d59ce8e2

    SHA256

    25b3bb7f2fe0718ffdb651d415de398b939eac7252466a9fa420d84964b0a683

    SHA512

    2ce68d81ce1de21aa36c76bb4661315d8116aceb2adaba775bf34a709ecd654e6578f814dfa3a70d429921c8fbebc45f9f0d22e062b792414946b80093825ff1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a27fcb759a3a8b863d5b73570451ada6

    SHA1

    e0cb59c8bfd35495dea3bd94ce960343ace774a6

    SHA256

    a5e98812750ade1b51e2ec38887fc9d922c471a780e2dfd722570cbfeaa547e0

    SHA512

    0618c2de8634bce4adca9e076338c9414b8fd40a2b2327a618e9b7e91e8901a23a3852d2bd6f4c1a909b565541550c8867e5a489cf80af2df46611d2a07eeee1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d60cc411386ae1ea6b70d40c704e2325

    SHA1

    da4f796d2fa2110b621053775b1a658b881be992

    SHA256

    a18260e95da0a4492db558ffa467af01f226d23f15e94f71033f6385d8a9b557

    SHA512

    6a8c88706a9967b3b77851d4b7b25840fb2bb037ad12c0a03197dcdbba6544069fac54f6c50e6f3b84e85752ec6f84102cfc5f3c9d59e670a05ce9c473225134

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c941c893181867667f9584b0d5765d60

    SHA1

    4977705b6c2feafc136788fb96f078b8099724ea

    SHA256

    73a062a9949735f7398dba8e5116ee73d8180a14bff30e8444d66c0702f18472

    SHA512

    310e21ee7332acd6f9e06f1ce14e5be1cee664104403122ff0e97f269c9b052e5b6791e59678f0a7b8e46dbef8dbf5f49157964a9cbecf5a08b2b8b42fd4ada0

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5I9HDCK2\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabBBD3.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarBD7B.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\MX7VOEW3.txt
    Filesize

    606B

    MD5

    a96b70288b4b99296d9b1d75bb54a9bb

    SHA1

    4af84cbef2a9e58b2f45ffb29b60f8182a14d488

    SHA256

    d81a9947eb6a5d41f25788994f77d6034a08cf40427db08d3484ebd48bd64dbc

    SHA512

    ffe98e573bf49d62cd162df39d93502a4a16d0e158ccef62f51f759492edf2309cb0a19d1f42535fb21bfda53e25a264026f9e02d49414d50614c08c981debcf

    Download Submit