Overview

overview

1

Static

static

1

PAYMT_CONF...87.htm

windows7-x64

1

PAYMT_CONF...87.htm

windows10-2004-x64

1

Resubmissions

02-08-2023 19:27

230802-x6al9aaf7z 1

02-08-2023 19:25

230802-x5d82shd43 1

Analysis

  • max time kernel
    17s
  • max time network
    19s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    02-08-2023 19:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    PAYMT_CONFIRMATION_#INV_009948987.htm

  • Size

    26KB

  • MD5

    38506086784d3d6ddb9a208ea36c4274

  • SHA1

    f5696d81de6a22cf629b85534d9d93e7cf49ea45

  • SHA256

    ddd7007dabe28ea231ba5efd93bde43556c0c26b7ad8d309ed6fe14ae1a1b8a1

  • SHA512

    41f2f9ed4e98c84f4c52ece6102c9bdea086150adfc01c55e4e4aa420772f20df53bb5f3fb7023e4de1e2c64e60d7eed33caa933569d1433cd009bdd8fb1df1d

  • SSDEEP

    768:74sSxiDfOpvQTwPoZHcmCL3gDPFpYApLLoeX25UfKp8Q00:74VmqYdNQeHFz0

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\PAYMT_CONFIRMATION_#INV_009948987.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2136
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2136 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2176

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ea7a4ec32047e744700de2c200bf533d

    SHA1

    dc9bcd4c52448e8e6663efdad7ad6b8b1952119f

    SHA256

    f808543123cd704acc5a4fbaa1f30d847c0b024c49c94c0960d4374573c3a9f4

    SHA512

    cce0ba943602969429bd0cbe9cc4aa92181953e7743b704891d40faa5e82809ae98792828e229c5021eadbf76413e077e3443965cd46782612da27c1f7cd3a3d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    38082769081c4c13081879eb9ab952c9

    SHA1

    938ec49757f0cff0d33d9df5e34c1ef14ce4b603

    SHA256

    d706525a7e68e82aee22c0be406a1e517ac51b8724209818b0028525197a2046

    SHA512

    8b8dd4164ca05358fd6e585940e41b42e746f71d7286dec5ab070a7af659207407eca82ef68314c74ba78454fc62f87ddce8b19826190b797e4996ecca2d3128

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f13cc5ae65acb5a87bdceb8ebf49023b

    SHA1

    a6fe9d2e5168edb2f8e060dd12645a3148a5679d

    SHA256

    029887e531580614aee3340469f7c2a11d9920a089f0f1c89363f49d4929ef81

    SHA512

    5d24cb21ae2f0009a8d98a9def752e7ed358d29197c5f6897ab3c7664498e857ee3a0601f5297eb469789816b8e2d8cfb91fc77bf0d35bb1507a82b8362ea5e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0c530e002e583afe2e00228b8764ac6b

    SHA1

    ca30b072da6671942ad0eeb6890aa38df23702ce

    SHA256

    8dea6ca2a984ded4008194d0d5354ef452f0ac03a324823ea66096da8b2341de

    SHA512

    61de220228a5914b7b1ae08c41cf5b16345c68c0f505f1838fc034041eae230a819224c0adb15c27d1c5044622539b7d5fce0de19df67abc7b0ea8369a5ce467

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1caa321766b9c00f5d7daa63710c0b9f

    SHA1

    bf24c65b10ae8b88df5671dc06c3684181919dea

    SHA256

    097f4a3374bf6934a6cb8607a295e9c0be1e9fc029bb7efd756df9a271da68e9

    SHA512

    4202604a4d89ef61538009a2063b7327590ba9578493bcb944bdd101915eb99fdf15527a379e3bc64ece66c9472b2cf50b20018638ff809029cac3bb78108b1e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a29909ff2e898cdd02edd20dec76ecfd

    SHA1

    47c3de25b3289c2d4ca7eda55a518231b2e271c1

    SHA256

    a3bb463a441f76cb82314ad303213d0b2db6668f4b37f570295971bbde9c3834

    SHA512

    c162f1a67283b8b0e8bf67db56b06820a6563d673369d12512e9be65eac99627a7bf81b049afcd0e4c6d2cee26848014fdfe0dfb42867ec5a4fcfa958b367172

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f6d9bac30996892e3c3638c74c416362

    SHA1

    e7e3fbcb01a41087b73afca0f7be515ac1e541a9

    SHA256

    72c55483690a8ed7c5e46e6669ec4300036d26c57cbde2f7af9002ae7c69aee2

    SHA512

    519b55c497b6096fb54c4dbc3e14e53be5f9d3f00b25677e9ec33e701089a38323e186a8164824b517b0c5488f04deef23ac0ce65e8718bfcc4a584ef7c3f322

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    20e91f4bd975bf8e65493a46ec7646ac

    SHA1

    17d69714dd04435af22028fa3b6860c105b0f11f

    SHA256

    c81218cbf2f02347b073808446eb0ab9bd02e35baa685faf73cb899bac1cc1e7

    SHA512

    37ef7016e23ef566346c264efe5391e7cf3990eb6b61e2e0a13f12cd036a1a409de206a656f0427d0ea954df293be97498e77c0bd77d26b2703109ad6b13b992

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4e571fe2dca330bb2c15ab6286422300

    SHA1

    982bb027515760b5ebc17d4262cd288b24c53081

    SHA256

    5c0bd5cc28a6c641506d9e39dddb8a163c3c71db0029f35d01113a55b6690787

    SHA512

    0f22523ba9fd1d2351ea5e1d57720388c2ad2a2f417eaf874e8df11c10a19f983f528eaa263ddf4445f0471bb58b6f88a7e70e7efa7bc54d46909135b10b4b15

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7b22866536d20a53cb7ec24e2a81f4aa

    SHA1

    94e33c72c936dcdc138169a501e53c058eb62a8f

    SHA256

    df88cb56d7f3fc477edd0e991a9e7f398bf66cc46084c0f71d6d7b3898eb76c3

    SHA512

    aec98d847d4cf97cdf7bfc1571253975dec6eed8f12bc46f62abaf5eed5452c48d6eaf52b1fec72c23d2b8948ecdbf21b87b19dbc9df0378bebb3750e2f1f973

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabBF0E.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarBF0D.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit