Overview

overview

1

Static

static

1

action.html

windows7-x64

1

action.html

windows10-2004-x64

1

Resubmissions

13/07/2023, 10:32

230713-mk71hshc5s 1

Analysis

  • max time kernel
    121s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    13/07/2023, 10:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    action.html

  • Size

    442B

  • MD5

    d8c1af8e77e38c26c9331ff8d05ba9ee

  • SHA1

    9cc7818f5390c1b9f1c784a4e46f3058752d2f4a

  • SHA256

    c529139a9b0965d96ef4bf37245098d53cb7b48f1e27cb99612d1e181b4f8c23

  • SHA512

    78739c05595bf2f35175d07e2107906a3bb4343d7f0c42d88a84109654c8b611d368193013adad257c2d1dab073ed527649a011d3331dbd285d9d6312751ef93

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\action.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3016
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3016 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2504

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f25bbaf51e68a7644fd477c5b3b7eaa3

    SHA1

    d7560767262140f4c86ba591803a133e66d65400

    SHA256

    2faf2338d48411c0289d207e992115391ec1e5ec8b8fad8b186ec480eb06ec8a

    SHA512

    ff948cb0a73524b142e150527d665fb664698346f9e66a7d189d3d6f337bdf79c490fd2f852bff4611ebd2dca83367866d13eb608643325cb83152dde80cd3bb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ca44c7fc57077625d956c3c0df3091d5

    SHA1

    a11f456dbc8d79f732f36850844d294086507e4b

    SHA256

    522bc97dbb60c0ba13d34de589bfc0c17f635ffd6a13d0cc2f43a578d77371e3

    SHA512

    5f9294cfe76b44c90ea31e6921dc046a903b64cc1c576b4e1e4eea3278bca98561e59ac94f52466f1bc902ad288b3db4193e8c9ff8350749630da082d5405ea0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    febe96e3ed6bb3d26fb980f86d14afff

    SHA1

    c209205b94131d639c07434fe4b5b9f1e265e962

    SHA256

    a3ccc27ae1ab4e58922675e6965186f68c6a5c3a296dad1523c8397197cba056

    SHA512

    47637402be65379d89ea496173a904d851e6bf4e84dd07027c51f8759feabdab8edb9c7d717ef52032a9892d9f13c223fb706c69085d0a32c1d1a9264415867a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5f54dc46c346ee7464c1e34cffde0df4

    SHA1

    54d65eca999996c715327248d17d6ca0451f31f1

    SHA256

    2d0d19a03c7d89e7aa9708bd02c33e43abd6c8509c0136dedcc4938e1e630fa5

    SHA512

    df3e9c5fd450c8bcb3a9d57c7af8a7c581a7204f22433e7b9d270f143cd339e6f33f09dad0b04e9bd488ebf1d7394460e956a34fd127a1c71f017e7a59d63db4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6edb7f2a20542036f4b3ce9c33a1cf27

    SHA1

    96b01ff0d711d1c24d949b0b7c468e6a91de048f

    SHA256

    3c9273e4b9a1117fa76f800095bd0710f0774d44e061a6fc13bd98c8c3d38c0b

    SHA512

    3fa0d16e5d92933248c10c9d1187e29f038313ee46208fb888fd9a5b05d8dd3fa192350d760ca0c24ea1a543ecfed9c152751c3a0f46b08adb6cce69c0cdfcbe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c0a759ba36c3a11270f768cd51a457af

    SHA1

    43128600cf11c121ba6e9705224f499af9162dbb

    SHA256

    5ebc383df19dddfb18057e4cf7c53089f05455a0dc00b18320ad1f049094f244

    SHA512

    44084070617fefdfd30f8ee4cebbd84fbb4245fa82555ccc9c316db3f722681f0b749e9b1f1647c16d8fc7063577cd9f715cb90a1eda1923f0ea1475ae58cd23

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0002471f58928e817551df13ad37d26e

    SHA1

    db39102d9edb411f37e0acfc545dea8677331597

    SHA256

    84123764666c2ce8c24026547b6c22b985d6167fb9c2fe1d81e325692c379557

    SHA512

    6cf506abbc0e6627cb5d8d3af2ca5b58a0086a62616cd8f172b3384e281ebcf5ad653c13a95e7dea4577012b1b38f308fcbb13d2fd8ccd1a0a986461da74bc37

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U6AGJ71Z\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8CC7.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8D67.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\QA1LQ5VJ.txt
    Filesize

    603B

    MD5

    d84b2b202dcc14222712598437ae07f1

    SHA1

    b3409d357fb83f4c0978dd3b8517cac98c5f95f2

    SHA256

    e8c0a1f66a04258146160efb3e9ab57d24c5f538c9cbf7c8813496ea1a9828ec

    SHA512

    a30fe8707732c8a441bc43d8ca91674cf1f3728eff6065eda375dd273d07058754b9eef9d94a1484fa5aa33414127a41058c4b42ad6c45576f1f7cdf92bf69c3

    Download Submit