Overview

overview

1

Static

static

1

winprofile

windows7-x64

1

winprofile

windows10-1703-x64

1

Analysis

  • max time kernel
    72s
  • max time network
    228s
  • platform
    windows10-1703_x64
  • resource
    win10-20230831-en
  • resource tags

    arch:x64arch:x86image:win10-20230831-enlocale:en-usos:windows10-1703-x64system
  • submitted
    02-09-2023 04:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3defe83d42986c988d5eca7a56c36d0e81ba262aa02c314d220664430b1e31e0.html

  • Size

    229KB

  • MD5

    e158de20e9cc44a9e1c7a21dea8c9a3d

  • SHA1

    e683dcdb56b53ee6a4cd92034df980287c8742ed

  • SHA256

    3defe83d42986c988d5eca7a56c36d0e81ba262aa02c314d220664430b1e31e0

  • SHA512

    e5a699d7dd680f255f2354fa206509bc267d9da7d8ee501504541c1c0d94101b54c7f73b7e504c7f5e5cd329967a6ced181218d632dee9602f09964a9b041726

  • SSDEEP

    3072:Me8T+SjaZ2h+38dz2edsd1K/za2pIQ35dUNQtRF7bcF0bP5Fylw/FcYcPFko/Eb+:Mj+SOZ+bdsd1plwv3Rq

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 54 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\3defe83d42986c988d5eca7a56c36d0e81ba262aa02c314d220664430b1e31e0.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4236
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4236 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3140

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
    Filesize

    4KB

    MD5

    24be8a92460b5b7a555b1da559296958

    SHA1

    94147054e8a04e82fea1c185af30c7c90b194064

    SHA256

    77a3cfe6b7eb676af438d5de88c7efcb6abcc494e0b65da90201969e6d79b2a3

    SHA512

    ed8ef0453e050392c430fdcf556249f679570c130decd18057e077471a45ab0bc0fba513cb2d4d1c61f3d1935318113b3733dec2bc7828a169b18a1081e609a0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    3a50ce37c484741b6394155c1f7581e0

    SHA1

    19bbc1d0c2b6aa535a01270633d49160b0e4630e

    SHA256

    2c16cea1471e4e46950429a7c0ac0481e88a24d365ccc0398c1e6a858d577140

    SHA512

    64ef562f568d14a3da0345b8c58e91c7416d0fb8707cc704ebab0bf556fd3d6b9c7c9d20e88632bb851f4e82a45c3144979dcbdf3706088e6b89c85fe3347cbf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    404B

    MD5

    5352dfbabda3e6c0412ebd6bf0404f56

    SHA1

    77dab6a505a646a17f6ebb59d77f6e2c06680dbd

    SHA256

    ec70e1d7fac07b88053650349b6d5a068543d6f6f41262270bf75cba6f52f20e

    SHA512

    d520aec184bf930d44a09c921e9f778f5a53dd79c2d9d20ec9f33ea23e05071b7700045de9ae821ce9247e782f342e46e38b8826ea7051dd74ee7f4538dc0482

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\VersionManager\ver2575.tmp
    Filesize

    15KB

    MD5

    1a545d0052b581fbb2ab4c52133846bc

    SHA1

    62f3266a9b9925cd6d98658b92adec673cbe3dd3

    SHA256

    557472aeaebf4c1c800b9df14c190f66d62cbabb011300dbedde2dcddd27a6c1

    SHA512

    bd326d111589d87cd6d019378ec725ac9ac7ad4c36f22453941f7d52f90b747ede4783a83dfff6cae1b3bb46690ad49cffa77f2afda019b22863ac485b406e8d

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\GMAQ31I9\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\6C3IBA3Y.cookie
    Filesize

    613B

    MD5

    7c91578ffc488e32cd72b9cc0c2d3753

    SHA1

    0c32812775e58f26eeab0c715cad6ad061273c75

    SHA256

    d0f23663cfb9ce9fa0ac457a7525dca8b87c3301220b1423b7bf2161f235d7ed

    SHA512

    2cd4331a242ca4997aed8ec0fb8ba969c77f3b84ae5f5e580944931f5f88cbc0d892c3258966db76745ba547685bfd07bd58dd695b27cab9c2101f619523f680

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\XLLGVKF5.cookie
    Filesize

    648B

    MD5

    55d9e1df813ea8cf7ac7c7d63b0ad839

    SHA1

    0a906ae50f7058fb0ce2105599ff0a20f14e1d8d

    SHA256

    4d67b620e62e9d0f3c1c94ee4ab12e6cc69c0c34ac1c6c02c0570b76e9b35e2a

    SHA512

    1671b7780514e4a83d12b89813c63f88eb66ac5a0dfb97a72cceb8201ff5983b7bfe261278b75564f6b9059d462ff66edd1c0cabe6f63973e03ab737b7e2b8f9

    Download Submit