Overview

overview

7

Static

static

1

newhotmail.zip

windows7-x64

1

newhotmail.zip

windows10-2004-x64

1

newhotmail..._store

windows7-x64

3

newhotmail..._store

windows10-2004-x64

3

newhotmail...rs.php

windows7-x64

3

newhotmail...rs.php

windows10-2004-x64

3

newhotmail..._store

windows7-x64

3

newhotmail..._store

windows10-2004-x64

3

newhotmail...es.css

windows7-x64

3

newhotmail...es.css

windows10-2004-x64

7

newhotmail...s2.css

windows7-x64

3

newhotmail...s2.css

windows10-2004-x64

7

newhotmail..._store

windows7-x64

3

newhotmail..._store

windows10-2004-x64

3

newhotmail...il.png

windows7-x64

3

newhotmail...il.png

windows10-2004-x64

3

newhotmail...on.ico

windows7-x64

3

newhotmail...on.ico

windows10-2004-x64

3

newhotmail...go.png

windows7-x64

3

newhotmail...go.png

windows10-2004-x64

3

newhotmail...ne.png

windows7-x64

3

newhotmail...ne.png

windows10-2004-x64

3

newhotmail...er.gif

windows7-x64

1

newhotmail...er.gif

windows10-2004-x64

1

newhotmail...ex.php

windows7-x64

3

newhotmail...ex.php

windows10-2004-x64

3

newhotmail...og.php

windows7-x64

3

newhotmail...og.php

windows10-2004-x64

3

newhotmail...ng.php

windows7-x64

3

newhotmail...ng.php

windows10-2004-x64

3

newhotmail...e2.php

windows7-x64

3

newhotmail...e2.php

windows10-2004-x64

3

Analysis

  • max time kernel
    134s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    25-07-2023 11:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    newhotmail/hotmail/images/spacer.gif

  • Size

    43B

  • MD5

    df3e567d6f16d040326c7a0ea29a4f41

  • SHA1

    ea7df583983133b62712b5e73bffbcd45cc53736

  • SHA256

    548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

  • SHA512

    b2ca25a3311dc42942e046eb1a27038b71d689925b7d6b3ebb4d7cd2c7b9a0c7de3d10175790ac060dc3f8acf3c1708c336626be06879097f4d0ecaa7f567041

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\newhotmail\hotmail\images\spacer.gif
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1656
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1656 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2636

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    915ceea7f6f74eee938e8b1968b9c9d7

    SHA1

    3bccb0b59445f45334be8e712df9db2a40643722

    SHA256

    ce9c69a1f6928caea2c4ef1cfc379f7f28e57dcff012c9599eb4d0efcdd20e05

    SHA512

    5f984d9786960007f5089df02e2cc407eae51be211c27c7ad0890ef3ef24420af260717111a54bf141ea2038744c4904b2781f1e0560bda690362664101f2660

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7cfa60550f8f438fa338325f20d004d0

    SHA1

    c030918e3baa61b6bb243bc3f4e122293438abb6

    SHA256

    02f4af44685a7df7fa12bfed7b9b360df2fb7dcf13743e879f9cb8a3b0fbd881

    SHA512

    b1bc68f302fe57314b03638bdcf6920b4cee9e5b172b358977d1729ee1a279e69be6bad8c3a303c6b9cfed64a9e659a2cf2751226c4c1c6e63a76acc67604b22

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    50cbbf7850df43da2fceefe504f2f9d3

    SHA1

    c08c8e2b07a9d2e17efd3c7cc3cf5f3a46f65bf3

    SHA256

    1943d6490b097c3a9f3aa63c2ffb3c2dd215f9e7b1f6e93531a53163aec448f9

    SHA512

    e0e9974ea23e2f3172d88177dd2520407490f37a982c6269b4772bb212f742f490dec82f93d6e80de3c8e543dbe871570a7540d0c83c15be37330344813ae516

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0143160de414f46190192833efadf3d4

    SHA1

    d2f195c7b987adca21191c4ce997f5c23ef80147

    SHA256

    87f0c87ee236bc55d9f6ea68412f69f29202dcea82abed1322223d74c60c141c

    SHA512

    9c3679885b16b28de2d0f9d650c48c211ab35d5500068a37f62fa750e1a8afcc6e346dcf9108ee76f4b8df228a79ba562c40bb5d80509c9b767b0427027f6ca9

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    65f911d683d5480d32014917996134c3

    SHA1

    bdfd3b6199cba1e23931db5209ee697ee1909d4e

    SHA256

    14552125093db2ecf33aee4690c63136b68d42d33e8441a1faf749d2f3bb2a8a

    SHA512

    69cde2f905ff74515b803708d94fa576461837f6c73627469702f856cbe8e9b80b3ff10de3a207bd52aed53f2df9739063ea969d299d019d426ac01c639e32eb

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7c65362346138ed64e16343b05ec2b29

    SHA1

    1efdf6f1c80e3836749ceec968b825e4bcfa273b

    SHA256

    a271e32899d87f0649cb4dd128848abb257b892c193582f5991dee30f111719d

    SHA512

    77fb119575df29e5d84582a186acb1d217570f320785f168b222e4790c05ecd992bd322ae2b1b26c17cfe5e5341fbe4a4ed00b4f4dd52ce598aeaeddd69e92df

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6e32de14da696cdc41d451c2003890c1

    SHA1

    f4ce0eca7a97546c473c686549051f47757d68f8

    SHA256

    f5f1abbe00f7688e6d2becc9ed963a5bded0580b811b9dfcbde9d5959f4fc988

    SHA512

    00deb68559561b6dde7fe05d16a15047722caa992a39d5d30d84a9e1f94f9c155ae65c4a9d5c900b96c92c4f181751bca3650f5124bb1b6e047859bac3d863ee

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ecfb7df62ed85a900cc25bb761c0ac9a

    SHA1

    0ffaedc5f40a83fbec5f5c42840b0284de07c3ed

    SHA256

    9711fbd1a51df8da6060c83c9866c67a40493ebcab342d2cf927ffd891f4e205

    SHA512

    d5569823473a7b8721fdcaaada6bd7fd24e02d69f38025f74a1845ef11187d8464d5cc017a31436b746910416d7246c55583b793356e83b4fcf1ea18d5037241

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    78b13505979e516cdb95d53f8b1c2a22

    SHA1

    c62e933353f769fe3747fc9555935aca4b188ded

    SHA256

    adf45c31facaa56f246275633201bc063a055c4f1c0542f6f68e6c40717ae58d

    SHA512

    bfccc464a732fb538535df01cc4ce9b10cb67a0fc83f1222542878e96f2d14212e61988aa0b1a049ba82dc1375a445f9e044a8abef3748b50fddd00319148ec7

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    19617a9f4a62beda51abfccd48085627

    SHA1

    f530bfd277f6de7a24446101f6c90a049782784d

    SHA256

    53ef3646209c1170d9860dd4a04d0e84c79da80e5ee969488cb67311235dd389

    SHA512

    23b11b1ea1e3ba8c1b2fd00a7f20c55cf09ccc90fe5fcf6bf02c3b92ac095ecf409408125da69b375aba8e75363de1a256aaee61057aac372da9ac88401c43f5

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TGCFYHZ3\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Cab1853.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Tar1941.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit
  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\HB8E7ER6.txt
    Filesize

    606B

    MD5

    010d4ad81a1ccebc102e5371945ca4d1

    SHA1

    083db4e1745a0126e5d790c7b366491bba08d9be

    SHA256

    59bf7e8e3a04a06d32c1d3b716963db63702c00021b50f90899f99c04104b886

    SHA512

    b771d5c4f3e82c6262938c3cbc9198901858b4def47ab557079fcc97f2b16066440da0e1161213ce5b1f144d1ec3e10823565bf04085ccb0995df72b25742c9d

    Download Submit