Overview

overview

1

Static

static

1

open.gif

windows7-x64

1

open.gif

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    21/07/2023, 08:28

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    open.gif

  • Size

    43B

  • MD5

    07fff40b5dd495aca2ac4e1c3fbc60aa

  • SHA1

    e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4

  • SHA256

    a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

  • SHA512

    49b8daf1f5ba868bc8c6b224c787a75025ca36513ef8633d1d8f34e48ee0b578f466fcc104a7bed553404ddc5f9faff3fef5f894b31cd57f32245e550fad656a

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\open.gif
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2232
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2232 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2580

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          24fa905ae937d0c27fcee59403203cca

          SHA1

          72574f0487a9665f1261448133673616a5e28750

          SHA256

          ec177873027f9747659ce3de7538c53f2402534e95a12f42d2b6cd23ef91180f

          SHA512

          0f0dd8332bbab9d4b5a3f5629651698b45accf3592c7ddf3782886baadcd6d24dcd216b6f0aa34e26655ef5325cd7facfde530995a2c4bfc227b037c13366db6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          e084f2983151c96870a1125606e92252

          SHA1

          ebe7db509f66b11cb9444eda2faed1dfe6487cad

          SHA256

          6a47a3f2a018eb8a98dfbd2b62049c9aad677d7bc11e6e9762fb083f623ee3d0

          SHA512

          81942d2d15c2b8eb72b94983a1eebebe9c6cf8ed861e07c513f9efe99c983d283e4a9018cb3eaf2cc23600a2b5ee907f2da47e1067fb7f2e8680761b51dfcef3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          6f4e6804d7b84f0ef5d24525f9debe30

          SHA1

          309686f71e2af0163eeff0fc07943f1d3df7dedb

          SHA256

          8e30ddceea1464aaa05e25049a9a4b4a4c7640037fffa40ab75537f93536ee8d

          SHA512

          856e7a495fe2490abad040923d4bb5bbca3c9f66c9baa1d97f9e7683b0101e86de8d0fc956fe072817a7f396c9a73315690ad4f29e30621edb7cb200d9a66774

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          020cf119062dac689a0961c1e3a61688

          SHA1

          3fe5950357326d2fbe40ad30922d26e489ac9369

          SHA256

          588db03e9edb84fbad0d709039caa4612665b7f86baf44c998c14d72b0ccd954

          SHA512

          8f069d23f8b72a4731b4ceaa7d925ecc4652ba5a124c7ecdc0cb3a3f76a210603e866c999fe9a1f6e64fddc0369d85a3d5b8a0a9793c680247d07dea4216571f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          5f52e8feb402ee53434e528b0294596b

          SHA1

          2b8797446fef5a7fa1174cf965fffc803daee0c9

          SHA256

          8946c721aa031470d1afc49692a8ac957e273acc52e494187a16786960515373

          SHA512

          9d8fd7f500ef7bb73b519a8fdf4d21080bf93d7275f958eee33b83c485c8f79d214b6c633b20b8636f127f76aef26a6b1bbc8c714ae1628915c5b86c3f4eabec

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          74bbf5339d4299226e849e7e77de8b4a

          SHA1

          8078f7a856527a6f9c5ef4ebfd4bbc85714566dd

          SHA256

          1da2a8c6f2402831b12106ed93e5da0797fe3a86dab798ac5cd80512e960bed3

          SHA512

          ba387f942884dedbbe4fe1ee612dfdbbe7c34f9a06bb0f8fe823c38197a681af25f927b44520779ade9cd83a4cfdee4e51c6ad7ce527b62299881fce72fae38e

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O5N1CMJ9\suggestions[1].en-US
          Filesize

          17KB

          MD5

          5a34cb996293fde2cb7a4ac89587393a

          SHA1

          3c96c993500690d1a77873cd62bc639b3a10653f

          SHA256

          c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

          SHA512

          e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab9790.tmp
          Filesize

          62KB

          MD5

          3ac860860707baaf32469fa7cc7c0192

          SHA1

          c33c2acdaba0e6fa41fd2f00f186804722477639

          SHA256

          d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

          SHA512

          d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar985F.tmp
          Filesize

          164KB

          MD5

          4ff65ad929cd9a367680e0e5b1c08166

          SHA1

          c0af0d4396bd1f15c45f39d3b849ba444233b3a2

          SHA256

          c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

          SHA512

          f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\ZRLABA0S.txt
          Filesize

          603B

          MD5

          271872109e749b2eb2f714e3ca61c301

          SHA1

          12eb058619120d537e62da97d4226ba81ae09bdd

          SHA256

          8460899ad522562ac282f970a0aac3e75c886c88d725e8cda515c0d52c0b2e16

          SHA512

          052cf9b0ab99d237751700d9c0ac13ae1bf477c08e16bac99d08c8e3ede8b83c3f8ef1a87c9f5fa50e23381826f0a8e0bd9e7b4830445f73c83099143857a525

          Download Submit