Overview

overview

1

Static

static

1

serv.html

windows7-x64

1

serv.html

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    138s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    26-07-2023 13:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    serv.html

  • Size

    315B

  • MD5

    a34ac19f4afae63adc5d2f7bc970c07f

  • SHA1

    a82190fc530c265aa40a045c21770d967f4767b8

  • SHA256

    d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

  • SHA512

    42e53d96e5961e95b7a984d9c9778a1d3bd8ee0c87b8b3b515fa31f67c2d073c8565afc2f4b962c43668c4efa1e478da9bb0ecffa79479c7e880731bc4c55765

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\serv.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2636
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2636 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1684

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    48a6bbb8f18c814ad2b26bc313cdb613

    SHA1

    9900c88e9e9305756a8fee430388fc5441a77e9e

    SHA256

    827c708f70731716f42c9cde73a9541b46102891a82d318855802f46ea12de22

    SHA512

    2de6a50d76d4cc7852f218456243bd76fe676d7d41c3df1a16e9f37cfe4fad12ead5b63078a9178e047c5c172c7ec8461462aebd74357172f09c8f11101e8200

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6bdd93d8d1404cab24f8ce96ec1eb2a1

    SHA1

    bac0716905ecda31c09aa89058da22ccf34ee23d

    SHA256

    c3b607f3ba5183e5025030c398c84eb8f0b3f01c98dd1e59e961aff5b758a209

    SHA512

    20d422eaf74bd2735892cb3f23d9c1737d1c6b94f75136222c7c9968485e348e4b9fcb3be01fb8b4e85c46c3158a8535795d5e78917df011c2fdc304977094bf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6341e10d45ce011bff73caf98c06562d

    SHA1

    8b06363f68bb8174e7e6eedb36ea45cdf89d6f12

    SHA256

    2f2eb0ca222ae7796caa11116d51b97b27acc86202a196dbb28c065fe0276903

    SHA512

    13b9b7f2ebc70c394e52be9b6b0997edf1533b0c02da9e8a27241bf2dcdfe890629ef9a2da01c7d6afbda16d31f178a8e769c8720291bc4cc73f163544f0552a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7a984b3f24cfb603c7002646e5db2748

    SHA1

    e6928fd634b95201825f47cdee29bf50958c19a1

    SHA256

    e957193a4f3fbe6b3e1e82316147e4431732f55f61d93776ea308769fea9e55a

    SHA512

    f964632287d24999f38e4540bfd308eeaff0013b2e95f8728a5849416470a72024688337b72f5cbcaadccd11fcf2628978fe4061002395dcbae656bc02c8b59d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6d6364bf47b72f06ddc0aeaf35b612e6

    SHA1

    b053d4d5bb57ccd7f80511eb3744b316f669c5d6

    SHA256

    c239df0abbaee558276f36a4895f8ab71193e6b06621d4f9328add738e04a77a

    SHA512

    b75fd1f5993bfeca33a9577cd18f9c1511bfcf19effae7e56708d4e9bbba6c7937afefaebc8e614cc2cde6da11586485d0fb002d89399a89e1e3f3bed58915ee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3985bc094fee7b60836459a3e2ceec28

    SHA1

    cda10a159d032611a3d5e15ab8da15709f92c664

    SHA256

    f8a8bdeea1990ef2c4d089ca82b27e8979b5bb5622c63e1aebab43ade8c32a50

    SHA512

    4fb57bead9dc7a5c891a1a099a548070650e179a4d0b0f83fbf59dae3741b36747302d0ed7ed07f0c12de1ef55befb8a98ff9de30dadbe38ca8ca13e3de41249

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bce1d89ea4cbd1164b4acb77a4dbf7be

    SHA1

    f839bdef7940ee8ba5933d1e6033dd1391a1dc31

    SHA256

    fc0bf855360d9504a875c63f3418b34d743d73d968eae5fb911994cbf9a55ad4

    SHA512

    457164d1d63005c7228e0237ed91e08654c89ceb065f5b370ef00c477d02ac302fa5c85c941479b07a2660c454f41531002804caa5544276dd63d8c898c33f11

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7c3a0118899a6d96d0c490870fe5685b

    SHA1

    e9aa063ea81133674aeca1601225f89e0db3c55e

    SHA256

    1422ec2be87773bdf2f78cc8b8ab01c28281063b67462db8eeef358037cc20da

    SHA512

    7b848b0cfc272b6297dd73fa49e607fc93cfb27a1be4d7a8b79e79c5aadf7c6764b0c844986b9cc38cff59df14606aacfa8805834c6bb0452ca3d9e4da6aebaa

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TGCFYHZ3\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabCB5B.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarCC2B.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\H0RRTZLV.txt
    Filesize

    606B

    MD5

    6cb420608934a334b9e3aaf3072a83a7

    SHA1

    2e7db64da28c8fc18e58c14d78e7b200c3f7286c

    SHA256

    b56bf6174e6efba19dc3d3df84d807e025a328060d1d0d4cc2cb87be8912283e

    SHA512

    65702c58b8d4914765b35ab359989b32ba45668a126c0ad8e4401876504e51726c41493aed0647dc272ddde40edd272de341f10b8c4f41ce4710cc9145ba2c6c

    Download Submit