Overview

overview

5

Static

static

1

attachment-3.eml

windows7-x64

5

email-html-2.html

windows7-x64

5

email-plain-1.txt

windows7-x64

1

image.png

windows7-x64

3

email-html-2.html

windows7-x64

1

email-plain-1.txt

windows7-x64

1

Resubmissions

14/07/2023, 15:32

230714-syztyseh62 5

14/07/2023, 13:50

230714-q496rsfb91 5

Analysis

  • max time kernel
    837s
  • max time network
    840s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    14/07/2023, 15:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    email-html-2.html

  • Size

    3KB

  • MD5

    0e3b48fddbaf531c3cb92a45c570db6c

  • SHA1

    08eccf5f4b81c156f52e4e5aef7b05b186c91b34

  • SHA256

    b2ea6ab20ae0a4b02f76ea95cddedc3642f431fd8e6ab1a2347e6c16b147f4a0

  • SHA512

    9601bc6c3fb21238add9b8d34e8176760252c9f43ce8f2c75b80b1f74f7fe2ee69393202756edc2181e9f20aeef90402fe2a146631ce4e2e2f22f79443e68e94

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 44 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\email-html-2.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2820
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2820 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2932

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    427e6a4572bf769dd2531109d7e25885

    SHA1

    c1ec9fb4df25850831ae4f64afab3a89dd8c860d

    SHA256

    acbc23d750446c0c521bad6c033f2b2432838460561aa16e4a093e90247c9c9a

    SHA512

    4220c9886ea82e621d54a40795fa43d65db573b6b837fa0a876ca81f8499056c0f97b1d008a3dd947053da6641668475178fa4ff623b839748661bf56ca19a62

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fbc69c4530560d5564e8d9560864359f

    SHA1

    92fc5f78ef0f25de362ce3c3f40b9d74d2742f55

    SHA256

    6bce30467edf2c18005a96da0bb8aaee3de10dfc27d68f3a26c5e3c65cc40087

    SHA512

    47e5781761884f1b803b1c014258f6fc082d1ebc4ae9ecce9bd4ecdd0f33f0dd4b6aadc9eb39e4c9ac1cf5bc162de3ad6220aaba55f8f8c591d74d637659cdbe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f977be58b81c5413e9ac63f57e54848f

    SHA1

    72bb064297b17a9f98423d253e2c6af493f617d9

    SHA256

    46d71d5fd9b268d129aa36239e67761403f5e275c0df12d2846373a55b688cad

    SHA512

    984be33a104f619e76d18fe40d52ca338385871d9b0d9cb9ed6479fe7943e9dc92e66f812ab4ae5a618276fdf812a01ab6ed0c7e43ef72e3c0bce4f3de7f60cd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    146d2e7e05a7bda20ee7db21e012ba84

    SHA1

    c2c65aa527d089717734071843149c289d76ebef

    SHA256

    2ddd12d68fbb11000756de08b7da3daea8eb97e25090262dc4a225ab3285892e

    SHA512

    e8015fca4f589c0028ed17c992b3f518bd561527028be3faeb1d45a2bb97bf4380d25a3547226689e60e4495f68eeb78c960e02efdfc6b576583b01e70325100

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    35f904ba226d55ed3c8560ef9d983584

    SHA1

    7cf760e2ed386f32089fdae9c7ddf38fae4a00fc

    SHA256

    283ee2de9d515c058f23d8e0f64ac77aa273463dc8dcae7b3bd71b732a8f62bb

    SHA512

    5a120f988bfda84b1b79db285a39e59c9e8d8529d3db7999221bd3194bdedee1609cf8ec41e79f982b3e864c94270f5025c7156b95fb676df48481a81a90d53d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f6d4bfce917ffa6cb26c53c190e15d9b

    SHA1

    f1def4d701f158dec1940b68427c039cdf20ad03

    SHA256

    2ce902d7e54e4a26fcdc0d3fdcecde26f75b4c7ad8d46d7bda65047897790781

    SHA512

    fde5150f4a1cdadb61e62d64e0a139a18b67870f2954f2a6924a73f39b54e18057b4cdddd357b3d8e9a7a6644b5ece440456b9c34796083c962b5921a188485b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5b9d0cc0060a959823408226b82fb6b1

    SHA1

    5607b44fe5cf45fd60878a62885c122d28a59987

    SHA256

    801c65f598fc005379796f2e03eb45c8a7c30f371c976e18ac9488b2fb496875

    SHA512

    6ff58bdf3fbb41bf6b0a6fe86060fa39c9baca055916a9f7648e2621b41f25c92cdafab2feab74213d77165992620b36d13d31557a52f17d904df255102d0d4e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ca7fbe589f0a692e275fd70ec668ad02

    SHA1

    640407995e427a647a8cff7e995c2bb53d32b0e8

    SHA256

    0c1dabbd6948828c4e039815ad1d9fa601542f7620f44519b71355e86fe9e909

    SHA512

    ded2620382b7fc98890fad19b400bb08caa0a3ad1d9266b9ff23a646d18b3bf0243baa970c6c3c46354605e38e0ce9ebc14559439b5db09cb80944cde0e3d19c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    54e3e3a188224b0b6536f9bfce2997ec

    SHA1

    029398efe0dcbcb450d6c85cd4866cfe7bacc0d1

    SHA256

    0ef8740ee90131163cacbc445bf2fc6d7412bbf386ef493c1e6880e2d74588ea

    SHA512

    8525860c34b1f33695deafc5d16882c82d775697785c454832642c9df2b0ccce4be29f51c4821be892acdbd63dcc689945df35d998896e275e5a9341b4176d3e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e0eb5890387b82781e7b9493de762676

    SHA1

    45e7010ebd608b345c24741f3bb35e7bd2df425d

    SHA256

    c98a7a984f60c8d3d68e0185e9a8eaaef38ad15dd8668e3bc9fd680d82f526d3

    SHA512

    5b3e3fbf058a8635bf8dba1ce905c83f4e086e1ccd9a3c2af074f07977bedfcb01b6c4033bdf0d5607203428ca8e376948e9993dd86da7da6d1ae484d55ca661

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1cd0cdbc41835e9af02f694024b8a2af

    SHA1

    8d98fe53df9c1856a79bf94649a6b50df56c6e7f

    SHA256

    fba6fcf690ff502ae585b3415f295c02fcaaa74252dddb9189d0ab01bc30780c

    SHA512

    08bebf6e7c782e6050060aa06742770c2672669203e4b57486a9f9e354dbcf64b346ebe3a905f41d8b18617a09fb53b85f72a62d60a161652147177b40c8adbe

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\64WRFCMO\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8F27.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8FA8.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\8AVY9EV3.txt
    Filesize

    605B

    MD5

    8b466f126c76269285b2b81d28c0881b

    SHA1

    5ec81ba92647948bc8dceae9ecb0adb8fb638fec

    SHA256

    241fa25fbcaad2481867fe177481ed60bf46f44cffc0c1e978a830e0a61aaeab

    SHA512

    3658d126487314ef1ccfa56d24be26217f9de6bf94c7d7602c4443fbfd82fc757e8b1d1db71e1d3177005b1f79e9b6aa837808646490cc9d776a7a060b3e0d82

    Download Submit