Overview

overview

1

Static

static

1

attachment.html

windows7-x64

1

attachment.html

windows10-2004-x64

1

Analysis

  • max time kernel
    66s
  • max time network
    74s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    19/07/2023, 00:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    attachment.html

  • Size

    201KB

  • MD5

    b0cb5414f6186ef1942013118c5b7ac6

  • SHA1

    aa4a401bf41bdf89e193fa274167e106bbd151bb

  • SHA256

    438b2c174e31ab588bb156bf8e2b09f71c7fe9a867ffe079d5a128e3cbda5fcd

  • SHA512

    b658d26e166b7a7480a311e64e185d59caebd7c48fc779e1e13178bb54a6f4ad21ca0d48f9507dea6ddf7e529ebafd9d3fc870e6c3059dd45aab8d8b750ab578

  • SSDEEP

    1536:h5yIeXobSEX2N3ptFKtzYs7qe3gfUuzlZqRkLVRL3pyncsixlQTQV76oFFt70Jfv:bPX2N3pmGe0XzlXoTixlsQVlFBqgd4E2

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\attachment.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2060
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2060 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:556

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0bba3741c089853deefac577e01a2e0a

    SHA1

    e30f78019addbcbb94cb0c1a6186a567f7a1c444

    SHA256

    f6d53c4272127df4673b87d7cb3dd7a4de49a1055fdbc8758faa7d63b2096772

    SHA512

    db9f393fe020f3915d723d25747eb46d64d4592730c01bb1431515fbf3d104b8e9fc3ef5da41542a6a4de050c0a88c88801b38e709e9d94fc92273a05e15f6ac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0fadbf90e36cffc64c5b47d2b02be107

    SHA1

    d2c3da05abf95ffc32d3fd72ce5a77dab53a0812

    SHA256

    a4d9647395c2121d1b8be6077d9042551bcb7a5218d40acfebd05966c126293c

    SHA512

    3ff3ec46e961bd4a5d5e062af2ba3a956b8975fbef012196f11b5ee8b24a76dbd2e579450e49e4ac0a9c8765dd6c52014a715b2301bbdd0a704f3f9a4537c93d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    892bb29f9bc835f7eb821de298559d04

    SHA1

    36901ba2e3cd8e73fab53fb45635f7110d77f38e

    SHA256

    5207c79f4039d40b7e5e888e9d3df878abe523040f1086bbc504fad62f6fa893

    SHA512

    774ab0e7cbecd4bbde993942ac949935fe5db9075903e5faff2c534b2be9ff521cb82c9aff67075047f94df4c6eb48f5f70c08149efa1ac91159a9fde4baf5d1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    43b605bd95db399b27e5bb546d9c2f85

    SHA1

    4ced3da41f41b48fd038787d0cc7139f1e07ef9b

    SHA256

    87e03a6d5f07e2b60e8c8640d50447296a6b5d11ebb7a9d883bc713ad6f081c2

    SHA512

    57a16e573b5d054f0e9f847c2191a02bb5bbb75e62211ba9b0b3995a0105541173f1fbfab6376550d571fb345870fcc727501f653250dd4762f2d95dadcc6d07

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e86677d3734ccd00d9873fce06e4d0c6

    SHA1

    b114b4b8edf690464da46f9cd0b1bd9043749100

    SHA256

    7b6ab3dfd69524c5c39c3fb33825e4ccec57b8ff43f454536cc32798c32f8489

    SHA512

    04d4e2c801bc5b7362e4863d18790f009158130489826298388536b147604cc6b615f84f34d9469e3d1609a622a780a47ba61805205bb0909a98cddfac905d8a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9b18f60e22e68c8f71a71073e5e9eb99

    SHA1

    ea7a8fcb4b9967f16470045575aac2ffc6a85f20

    SHA256

    d3e5053819100fc2e5d180105f00f4b41617c81510893d6d4aee90202207a68a

    SHA512

    67f45ecf30904a256087fbf5ebae859099a928c3f8d07d65f5aed568b5b94ae016fcd9e4d0a74a83e813f357ad73dfb992952ae4c87cd8dd7f8a77b75dfb1066

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c101d987f8dd8e11ec24093e35ffe477

    SHA1

    54a98c599e92be61d4964615c2d358503ea6226e

    SHA256

    4aeac3a49dfa5cb8a589d67f493e58bdc89fa3c86b858ffa00d783595a0bbd0e

    SHA512

    079ab0c0bb40ccbce1a17edc1f6113200928ee2e4a3946577a1f4803b2026c56f016a1bd2c1b747ec32af93bc1f52faf02717706cc3963ba42bcde05ef77d1b0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cb786a02652932dbefb9ba7c06c0ff89

    SHA1

    a8b6d641ffed218ff16250fb8c977215756184e7

    SHA256

    1f8f202b530deb9d81b8b36ad861bc85badf0069343f578d276e352c9263a79d

    SHA512

    ae2046bf01f120d96bde43c3d81b3af2aac2aa0bc3d94169c7cebc5ae30cdcfc70daad7094f0b1ed0b03405510c2006d08fbe2e45a712f2967020dabd06b0afa

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O5N1CMJ9\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8FF2.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar913E.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\9M8LJ0UZ.txt
    Filesize

    603B

    MD5

    7a84625ca9f21cece16a6cd8515b9a9b

    SHA1

    f3f16afca6ec4dca0d05fd411d0a4dc008200598

    SHA256

    c37bce2f09221be9f5281cb2f322196ab0993fb884f825b3e70bd79804b2a9ff

    SHA512

    c0c0592163de6b3b3ac3b7f2f3f4da8428f7cbb4b7d5c51dc74148eb77441d7b8da717f1feafa34b25ec1e8c079445a6760fa5d3810718825a13226264efe59f

    Download Submit