Overview

overview

10

Static

static

10

b67352f2a1...63.exe

windows7-x64

1

b67352f2a1...63.exe

windows10-2004-x64

5

Resubmissions

04-08-2023 09:55

230804-lx95zaad82 10

24-07-2023 06:21

230724-g4d9nabb5x 10

03-05-2023 12:21

230503-pjk6gage31 10

Analysis

  • max time kernel
    14s
  • max time network
    18s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    24-07-2023 06:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b67352f2a18830c9ce765ac22256d1e0c1d5fe94bf564720dac661827e73d663.exe

  • Size

    553KB

  • MD5

    09f041a556aaff79bd410a08ba452a86

  • SHA1

    fbb16877fa1eab06e207177c7c9d581e60575390

  • SHA256

    b67352f2a18830c9ce765ac22256d1e0c1d5fe94bf564720dac661827e73d663

  • SHA512

    4f4376e30572a306fc884d033b452dd6f8124de56139d7bdad83252b1862b0c323e4a9c74ac0fd5949a3800c8d4b177f668c3be179579704d7de6cfa4723e908

  • SSDEEP

    12288:XZWETxtYn0CtMjoUexjrTadcWBbfoz9N8SCcI7NUqIFzGRIF6nj1K20XdD/S8Ch7:XZWEfYnDMjjQjCdx5ojI

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 24 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b67352f2a18830c9ce765ac22256d1e0c1d5fe94bf564720dac661827e73d663.exe
    "C:\Users\Admin\AppData\Local\Temp\b67352f2a18830c9ce765ac22256d1e0c1d5fe94bf564720dac661827e73d663.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2312
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch2&plcid=0x409&o1=SHIM_NOVERSION_FOUND&version=(null)&processName=b67352f2a18830c9ce765ac22256d1e0c1d5fe94bf564720dac661827e73d663.exe&platform=0009&osver=5&isServer=0&shimver=4.0.30319.0
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:1696
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1696 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2864

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6293d046b4344f6291bd974708d118ac

    SHA1

    080632033b654f51cf1926eeadb691e9dcf063ad

    SHA256

    df0a21562fdd0e46b99d617b4833bb685fd1bcce20df8b7b3750a7c0b3827513

    SHA512

    b4ba76c55e960db0220a073299b01f0d29ca26e5d202b227ad721b676dd06076581cc2117361830fd2b3875beb279d12a3ebbca2a7277f04222df27654076855

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0afaa07a5fb57c4b57f87b523794662e

    SHA1

    f2223dc7848270a5225709fd0bf0e72bf8247511

    SHA256

    3032b3f15863130d8a9ada3154db596e1e611a56817568165b8b43b662507bf2

    SHA512

    ced5dbbb58c45f5a5279835cb778d47ea81f8eec509fe6a07c115f4274f2ca8eabf929a95947a7860ec4689275fcb030ce6224aee8da0867c65024d5dfae701a

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6c612b8f366c9935831dc723654edb8c

    SHA1

    52dc05f9be9b044ebfa76e86e32e3e6cf7e9a506

    SHA256

    21111b27161db461504edcd0bbc43e3f93e26a335505041346e34c458d91167f

    SHA512

    a4ef490840c90a9052e1b5397cec610b22d5b354a7a240178a92cd46b2aedd1acca485052da8b9e001d4e28b2e23fca47ffa0309f4086997cbce5bc559506633

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    159bfc8821be9fecd8edf7d34a43b438

    SHA1

    05cf4051a1444d2434282376d730ba81ce7a89fa

    SHA256

    c7e52e06a76d6bfc825fade832e7eacee195a0db646c52e743bfffad8ad9b3c7

    SHA512

    3df9f640decc71fa98240a4df8ac3a12402ea9791e05dc4e8c2889c6d07ef04e45dbd355deb15a95236caa80011b18cc6020297a85813fa410a7c53c6159fa2e

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    67bc1025b47e8e4c611ea4f20d93c0f8

    SHA1

    55157fee2aca1cf5c04ecdf0bc070c5b64947b2e

    SHA256

    1c9caa403f5f6a88cc27b13a1a5b632267723df4f2e92bc3d002a7438e46e4f4

    SHA512

    dd2924b8cf55e3ddd33361201a92ea24d0352e0f4a574ead6e0816588ae2fb59b576c26cd024f0a4218a9e99bd2395df1844907ef3a714863caec54bca2276b6

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ecaf1ed5b802a718be75e176ea678d98

    SHA1

    8185231737e4f32b7a010e6cd320574d15508b3e

    SHA256

    b34e967ea5b6b86e92a8f6e08f83f966c3348a62e2a3a95afdc71f90eb7afccd

    SHA512

    27650990102eac7446eaac0c9922afb4eeb500ca9ac73b2751d02069379440a5c8aae8d8bb9d5c532613bf1e3ffa20413605e22662d87860299fe0fe02380ebc

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    869727f05f98460001f374ad6bfff47c

    SHA1

    31aff6716e7646a323318c39b9528d18250ef297

    SHA256

    14ab6b01188dd579ae38c8a2f3627d442dc1b7fe1dadd8ebc824f538f90b1ef7

    SHA512

    944c6857be537e60bbd31a9ffe8331ce0b4df1987f41b34ef1035981e5807acf53bb0fffc12c880c7895a5527dd21dd1ebb09b5c798b0005cf31eb1f83122b91

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\CabA91E.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\TarA9AD.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit