Overview

overview

1

Static

static

1

Untitled a...11.htm

windows7-x64

1

Untitled a...11.htm

windows10-2004-x64

1

Resubmissions

18/07/2023, 20:01

230718-yrv53sdd99 1

18/07/2023, 20:00

230718-yq5ywsdd97 1

18/07/2023, 19:28

230718-x66ppadd25 1

Analysis

  • max time kernel
    135s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    18/07/2023, 19:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Untitled attachment 00011.htm

  • Size

    86KB

  • MD5

    e5b0d9a102e5452fac56cc86d3d3756f

  • SHA1

    66a023efa3d16fbb94fe2a15318a0ceb004316e2

  • SHA256

    2b6408ba93af92f01978e09a01631b71bd3221330270def8044168d3c0b629af

  • SHA512

    e479d7c099069804eda957571ae3c611ba16b3b0b7a47a99ee627cd5bec64556dd635537ce0c25c22e8274c7804ac26e4005ed9aa159d630c7f3ad876585c955

  • SSDEEP

    1536:eDuRpGBMgws2EAYiMfhWFl1n97McThNyQKxq9FhDwgL22VS7cPcEJ89:ggBEApMpWZlhNlM19

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\Untitled attachment 00011.htm"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1636
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1636 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2560

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    333f9453fc37dd6bf987a7be23a3b645

    SHA1

    9a56b79613b207a1908da7ca45021fe958ec2fe5

    SHA256

    402abd3662e07056fba8ffb78a56f1df92aef18c07d1414b0109c276a10bdb13

    SHA512

    63aad7cfb901d9d0a97187994598ac136762b6e52e3554e4a99142f389ed79cea08a1288affdc1337e24663dc4916d06493ab21701b9427c9e007cb3c9f07d3b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7fe0b82ad8c889af39b5f3f5dbce9f44

    SHA1

    6b6ab0ea088ec3f4bea658d1b4ec022585dd2a25

    SHA256

    d8d53cf2b24cc184e31113e7750f77e98f69031296a6527197409b03dfd18bcf

    SHA512

    ad8ce2eb86abd3dd0d4aaa7c87196faaa96216fed10b7313cf5c4d1fad37233ef3e9f03b19c7d2db445ac9b6036d1f41d29485550d42fde65c13c90717e8ece0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    68149afe3846030a439506209ce5a89e

    SHA1

    27443196ad6fe4b87009317b29de39aa88e757a0

    SHA256

    42936d890a09fe799b493f066a493cc8eb883461b4eba864f54c4fa5cd4e7275

    SHA512

    ec1f923078b7d80c308ddd0c964200214a7ce840cea77427a8c30861095c84f06aa23d24760d3966250d5189b0308847c10bef6821bdde06827ad9c48de44516

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    af1f81eac2d462057eb306376dc29b1b

    SHA1

    6835822436a0803a63e5fb49060dbc01196b9cda

    SHA256

    797297a3ea383b884aba452b1df01ec29a42f5d069b2af1eeeaee13f9e059eb2

    SHA512

    3254e1320993ecee0d6dd0281f096fd40f8bf5fccb3ea4417ed0095827f7709ba4a7849cd13bc24b3baaacf4be713a5028aca24cd35f7571406da7949118585d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    17ab4c4263196a80b6142c14d59e32a6

    SHA1

    4f31270f721a18291d84a7ac67b703ef8e56ea41

    SHA256

    83da611eba1a0a7fcdd76a72c151502f4b3caf2cc726af9b0391fc1591bd0be7

    SHA512

    bcf3de33b26621833ed5755443b788390b2ed51e3ea4e77169e4b9df18f8abc9c15376b442caf7c3d7048e96948a6432a4b3ccccb80b9bef12e9a9c95eec43fb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a5fbafe5fce93af202f0cee8a419575a

    SHA1

    3bb7125541720404a2fd88b6f37e9d1c16549f07

    SHA256

    7e1f9af344df736a65ab120f293ec75d5534319b77ed222a464c142eca9cb82a

    SHA512

    adc64b4b13146815d9fe11e6337b7d5705c4fdd38158d4b6a31ee34c90ef3d4fc986a79e168c76bf4f399da69438deca608ba9598a625cbbcd70fdb09d3f55ae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ecd3710353ff6ff5cc9abb55b292f677

    SHA1

    eaff669af5c50b624316538c16cf0d4bc50bf8c8

    SHA256

    c465476cbeebd068ccaa8f2680e0e5c684ed397e05f2ae4079d7d0f65c6f6e87

    SHA512

    da350564637edd1c6e2fb4a235227f237859118af32a69f646dc7a24b4ae025b78674cd62312c509d497262c992743afbf694a6fafa37aa96f6eb8c568d4f802

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    49f8da234a30a7d60bc042112a4dbe8d

    SHA1

    32fcabd446e330f8094987254db1899a6e477e25

    SHA256

    f4f894a03c8b1d609b5e79c2195334a8a168fc6d512131cc9bac197fd729203f

    SHA512

    525889d9639c25c4c45780e06d72bb2db66257c5e6861299e925a4279a495570e817b9b4200697286a4bb466db2c4296e9240f98a0ca7495da61932bdadbdbb4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9bdeae33a4c1d2e7a785a41ace6eddec

    SHA1

    fe5c5cc6ad5f1e75121c77e4f7524162db708201

    SHA256

    b939c158576c2136cc79ef1e8f6adecc6c14251b3a6096a6ec25181e8e3f4dfe

    SHA512

    a47bd8ae59470866de4ab24e453c35607783b31f5a609c9b01dabd1511103d6a94427c07a11d37942433adda673816b9f6d5f1e537b7e6edcacaaf8383f87c1c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1b6687010aaa334537987e152001f085

    SHA1

    287ce22a74376b51d5a7ff04ebdc9b95c69c3c30

    SHA256

    7edf6c994fddf62bb86fe0758f6b26be7da7b6aa2e81ff8ded1e8ba63808c504

    SHA512

    3573fa9f42a4e414108c841502d2ab66c547718542bca89ff2fdd6302c6186ece5fe7b71e851dffb7ef751903c0b57890d4a4c208e3da5f13a09d3399f19b062

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cd9ae48cc4c4e38493422d6288cff2c8

    SHA1

    4589323743f084d36dc392aebeda96d374295eba

    SHA256

    3f63b0f0577a7ce37ad1bf125858db969485332da9fc51258c7a369ed498e39f

    SHA512

    74c3401806f5c9ea2c805b22b36832cc08d9a6ba7e7493bd665eb589f73e7a635adc2601c3da10cc44f00a186cf316da321bf18d8d3d599c5f12a8d699bccd45

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O5N1CMJ9\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8A39.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8AE7.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\501XK1SL.txt
    Filesize

    603B

    MD5

    9bb72f62cc895c14b74fcdcc83fb4e44

    SHA1

    ed44087cc6edf276853a03165be0bb99de2e32c9

    SHA256

    136866b2ef1b773a3d8136a8ea387cc1ea03602682aadb6451ba021e19f64ae8

    SHA512

    14e0e381e651383eea9ba95157aca78798361da917b4313c6604a0c265150017a7426dae18ec3c7bda391501f2551954fd94d72abb69c47cfc36073d4608acd6

    Download Submit