Overview

overview

1

Static

static

1

index_JC.html

windows7-x64

1

index_JC.html

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    22/07/2023, 10:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    index_JC.html

  • Size

    1KB

  • MD5

    74a8e1f1ba5f08b4dd09ff6e58793697

  • SHA1

    112bfd6df711c4a2bb12e70889c184e9326fd0d1

  • SHA256

    e0235615cfc617784db4cea54b3ed04d3ce8cff39d6a5a7a5d7ec0515791d710

  • SHA512

    e3741844f149c7cfde9c17e4ec5b8b0cee18e7a5d93b165450810b6463fe0d1588180264504c039ccee562e4bbe6312045f330c334b7813aa3e86923dd2151f0

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\index_JC.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2272
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2272 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2200

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    96864b61ce16fbc7ab890f0fe9227edf

    SHA1

    6a28bd06face915a71ef720fba22cd40a0e3ecf2

    SHA256

    4d97c6b1493ac386e7bed407c6656b01f444317894594b1807d4c2619b07ea5a

    SHA512

    d81d04256514879e1e6661eb80016ad4b8dd20dfb6e8ae7fc55a5c4bbcc7710a838f3c3cfe1fc3eaf374e8ac0f75de430bd3a006d956b01d54038713a128b7ee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    5011feef17380a394d20f35d0003a0d4

    SHA1

    4b957a328b6993032922db6d19c6878c7ce3ccc0

    SHA256

    caf55de76c97afb095baa5761d0a2a26bf9cb016e5204ad9fd2c9e6aa35f015f

    SHA512

    0517232be66828c74558defce435340718b5731bf08d225d363aeb527be5bd67bc6de750cfe3efc8cc266fafb57ef99a7014b2fcea226e725511617eae94be05

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    15d6b2b50e8a6803eccbabc11bffcf56

    SHA1

    4c2410e3185c7f9a2a11a35b5a44c6ccf69be75a

    SHA256

    4154e121a6d02143eaccb8b816020881a63f4b0a81d7869870f160bacb24072b

    SHA512

    1230645741199c7959d3160475db88b64abee8ba67e5c324f7e0e58c00423217009a965819409cc99153de5e1e2da69c5f1656926b38339900b478fe7d0deebe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    132cccb5cbface1e32b5681b3f857ade

    SHA1

    0e62639864dab1b5f54c06e8b419bbf05868cc17

    SHA256

    b95e444afd3a999e4f16126c1dae7fbd032e053c5a202e141d64e6d2fb3fa59b

    SHA512

    6376d42731548cbdd56af978c3fe66e85485ac286c2f32dd305175b4dfa0135cb94c557f116cba496d84ecdb6c7d04460d4823bdcc72d09d81c54ce3bd7e4f10

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    323ff57007c725b69640b4b8b7a75ace

    SHA1

    5fbc5c11cd9076ecf7a138f3422f7fd7ca38eea9

    SHA256

    bbb8ef8d7edb36c7beafae9c39d369c354c1532e07173e0b163ec059d8f4c90b

    SHA512

    4861c6cdf92984927157953cff7d39f1483bb893e500e049dc9eac80c57f3a471c6150d7e79d35b65e0cc66735be0523ccfb4997375af727af1778a972516c32

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    912fce22caa568849936c43611bf39ed

    SHA1

    e46428813b0e6e5ccf9ab53999c7fdd54444b382

    SHA256

    6209f040ab34079eb235e0c0222e8c036a664fb454fb1114181d72c20bab6e20

    SHA512

    309b97903e5be8dfe2e5ff93814e5cecdce410f8852c9409185465ef1317f5af922e9de724eb97ee4e609e04ed37fa2def4b3e362942439a1d95e2b4e924e1b1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    0e72e388c491069684d3da53a56e7ae7

    SHA1

    ce8f93d63bf3af4185805fdd779bd300513f63fa

    SHA256

    06b5728da3303f961bd993673635facf1c62c5b8fd81bbdeb0bf4d8fc1475f92

    SHA512

    41bd8c1f49ce10e8707f9e51ceb864beaf2aadd983a5534d5e2a718606945016a45bdf1a9004a20356373a9353e4cddf65fb5c2fc4cc6328e4fff93fec5d9f20

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    e231166fac664fcd8c26cbaafe01b309

    SHA1

    8ff52165dd4d617c28fabc214edcbab345429bb1

    SHA256

    5481ef33e8d47d04df183e43ff69c4c5395536720483ea0e854dd30eb99980b8

    SHA512

    6b54f7b6abb7d5fa07fd90ad0d109890ae09c2888fc3803182056b6d33b6b24e8bff7f16b41e8af5f1035f4afe3b63f2d174ed51af4a151fe37e74fd68c0c42f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    62eb5ac9f444e184b323ed819234ba8f

    SHA1

    f5201d3faf79ff936edd58be20a39931fca8f1d7

    SHA256

    efa1f38f7aee3fe76286cc97ed52b57ebab37854279043df832a04fba4cec4c4

    SHA512

    68d3cb234092d5e1d242811634c1351c33437f22b1b47b13b3819a94e67f5a013fc77376428a3bef2aa7a97ca58378c595adce1248af6c78b90b1c567eb9d453

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8AJTUMOT\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabDAD6.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarDB48.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\GBWZIM5P.txt
    Filesize

    606B

    MD5

    1f84b60439e6ba68b54ffe6809ebb7bd

    SHA1

    1d7cd775f75743ae3cde4dc6a4fe913ab3322fca

    SHA256

    55f40513da552c467deadebd230607d6a82567b2651ab6c42aadd3d1781e926a

    SHA512

    cae32deba69c5e90c143f18cc15e52b85df5cf205ee567fb0a2823832d9d87324d1431d84c642a1bf24140f5afb6ad1e4e55b381cfc1993f6efaee0cd1f37927

    Download Submit