Overview

overview

1

Static

static

1

route33.html

windows7-x64

1

route33.html

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    26/07/2023, 14:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    route33.html

  • Size

    315B

  • MD5

    a34ac19f4afae63adc5d2f7bc970c07f

  • SHA1

    a82190fc530c265aa40a045c21770d967f4767b8

  • SHA256

    d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

  • SHA512

    42e53d96e5961e95b7a984d9c9778a1d3bd8ee0c87b8b3b515fa31f67c2d073c8565afc2f4b962c43668c4efa1e478da9bb0ecffa79479c7e880731bc4c55765

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\route33.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2492
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2492 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1280

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    ea57e9a74fbd07aa859759de109b48d9

    SHA1

    9d45ad5d77e4a23d6b37bcffbde1bc5d16c7e4dd

    SHA256

    e1541783ab53ff659b58c7aff77f63faface0cd211f8601b0de442d9f52976bf

    SHA512

    698b657f202178b6051f9db8e582b7ea2ee1c54b2936505b40532f4501a0837cfcc1a7196e870a3d2ca92287feceff7d0265f11b8c349bd53924c0c5d236bd30

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    634f7f0284b879d4482f1c99bb6d9b96

    SHA1

    25a6ab22b198e697abf2bc2b3f90a6a84a72e974

    SHA256

    badfe4103e6711757b71c8d359ebc68936018d97af1e32bc2907dd1f5c176e2b

    SHA512

    053d8eca33744183e85ae982518c8fe9e625f21affaf11d6d0a21b98c1d141965797b20959d65023402107074db67dddb0b3b1edb85d81c0c7a3607e4e8268b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2eaed78bc4df9afe8c240d0e6b283a6d

    SHA1

    9ebcbd8cfc50fe984d2592e19e25dc045356c86a

    SHA256

    519ba4b82ce4c8ed525d5f6e7f7f8a6a31fe2e3ff1993a90e3e81781b4be1af6

    SHA512

    9f873b3de2c82c1c069a3fbd192449f62b1358a5371b1f7e8d9dcb2e47fe9fed1ebc4275097aff9e9901543fc2988845d0329f344e1700a18e77fd571df93802

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6f18eae66478c49014bbc0e5f4fed1e9

    SHA1

    6a0b8ee3c5a35353f5248e52f430dccc45358a1f

    SHA256

    7d84e502b19e392c2a2dcae9873ab28968e793c6bac544ecb02af9d26f8cb215

    SHA512

    c7481630bd00c116ef7f870d8f0b391320c9448f77d45748d92e522ef3f4a0b84b662be1d091781f88c117bfcb5d1a4b3e8ec0a2ac4bfb82b2c8d12841a1f3de

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    864887a209334ab6179065c0796a57b2

    SHA1

    c1169a5ec1f6785aaa15def9d3ef31c4a9c9544f

    SHA256

    a777c0df6df617a45f147f0e34c5979122922ade8a7eb3252222d111f992ea5b

    SHA512

    9435a28ef87b977ec631f1ce8d0b98ae42dd1a368531dc181b1243cae000d5a4818bfdfd8f8b948366f95758bfc98d9ba96b018d2537761d8f06a3ce012d67bb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1516783911cd1fcd7158b64060116cd0

    SHA1

    2b5b9e3c792079cfe8bdaea2d99379f78494ff63

    SHA256

    e4decc745db53921d17e955a82317f73ebbda7a04160031227bae15e64aa10cc

    SHA512

    982762974e4e814dbfab9620ad24f57dcd3d8d0cb39242c5eff452e48d5c9ec9568ec5d8376eb8b580f9c32ad4d164e0fc3fb19153e230be0b60aeee1ea143b4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2196b56641c54663264e6b04cf6521e0

    SHA1

    964ebb6ce826d8372b9285d09fc3190265f28827

    SHA256

    3e54af4529a0d8b9f6527d996b0e60a49ff93f61f03bea3dbcd37cd122e2edfc

    SHA512

    103a8cb4405a04d4b7d95de152a59efb5373e205acf4cbbeb2b39b319d46c270a221d1e2882a91a561300abc085a267b0eba3b20fa2bd50aaa4d8cb465769082

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bcfd1e883ea48d79d131b0492b460de3

    SHA1

    0851a063772a3935ed4c255331a9c4a4f2f4508c

    SHA256

    e363079c78cb5c3a643bbef58241b47065496e4752e7bd906bfb5d0c1d0a39a9

    SHA512

    40d359df0e5cc9772bf1d3723aec57f5ef58a48342788e43d1ba75f45a4a04faf671c4999d1836a0904b365e02bfdaf7e0cd8e1d8bbd70a1806714f1ad0cb88b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1a4e7310132079062832fe033a3bfdda

    SHA1

    5b9c015eb976eb0ba2d7161823009231543263f2

    SHA256

    76c792d47697bd21253caa31737a8eb7919dcf23c5da4f9b62ec4f409a8c011a

    SHA512

    b75f0f8c63ca6ea4d1e26ed3796ed139a93d126e6e2b1c048e58ee9ac7a6aed6f0de46f7a1b7b8d02b992a99f500f82c67accd3e219bf68902036db01dd30077

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    634f7f0284b879d4482f1c99bb6d9b96

    SHA1

    25a6ab22b198e697abf2bc2b3f90a6a84a72e974

    SHA256

    badfe4103e6711757b71c8d359ebc68936018d97af1e32bc2907dd1f5c176e2b

    SHA512

    053d8eca33744183e85ae982518c8fe9e625f21affaf11d6d0a21b98c1d141965797b20959d65023402107074db67dddb0b3b1edb85d81c0c7a3607e4e8268b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B9M1KBX1\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8C99.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8D48.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\EYZ41WK1.txt
    Filesize

    601B

    MD5

    00afbe8d0c1d05ac5affb253a6c5d41c

    SHA1

    e31905f8fa920c1d2c6bed1e5d02400048165f47

    SHA256

    33b93144d78cd81a4f00fcfa6bbc49a781824ef89daf6c8422734a94b7e3d0cd

    SHA512

    639d87ff3bbea0fe2f381b6921aebcdbcd0c9689b82912cd5cce8b390d08e56f95f1483066f5931589c368929ef745b1d8a0ce1a692d1171e832c21eeddc98c7

    Download Submit