Overview

overview

1

Static

static

1

winprofile

windows7-x64

1

winprofile

windows10-1703-x64

1

Analysis

  • max time kernel
    300s
  • max time network
    261s
  • platform
    windows10-1703_x64
  • resource
    win10-20230831-en
  • resource tags

    arch:x64arch:x86image:win10-20230831-enlocale:en-usos:windows10-1703-x64system
  • submitted
    02/09/2023, 04:48

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    414fcead8aee21fab5d2da25fc3bb8f87c7fddfad14abf62d75d00d4be59ee16.html

  • Size

    229KB

  • MD5

    1bb69d333fc68d8cd7010fd38d46b985

  • SHA1

    ffb2c5bcf5991c2a54e6948935b99fe638fee59b

  • SHA256

    414fcead8aee21fab5d2da25fc3bb8f87c7fddfad14abf62d75d00d4be59ee16

  • SHA512

    2ff81e8ce897d9bf79b98373c30641c7b25028ddcc04faa46f41a37f212a1592383d4f2e8f710d010b582cfe49b66eb0b3818e772fd163a629bb3aeb43fd3065

  • SSDEEP

    3072:Me8T+SjaZ7h+38dz2edsd1K/za2pIQukdUNetRF7bcF0bP5Fylw/FcYcPFko/Eb+:Mj+SOZ3bdsd1llwv3Rq

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 54 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\414fcead8aee21fab5d2da25fc3bb8f87c7fddfad14abf62d75d00d4be59ee16.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2760
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2760 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1092

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
          Filesize

          342B

          MD5

          c7b077db6c04b348a72fe711c6e005ca

          SHA1

          f9f38614618bfb75649185543873feeae263387c

          SHA256

          b11ebb3393c8a7cd74c86f18075047998250f997394c91017c276bad5962c572

          SHA512

          64b301feff338815e743a55d84d972db6eaef4fd79c7f7e4861297f8cb492cb9cd0c9f287d57ac4eb65c795f1d2d06b8eaabe17af48e60d00b7fefbdae0500e0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
          Filesize

          392B

          MD5

          b06853355ecd480e1dcd02b03d2a67de

          SHA1

          23b766ac90c320c380075a57349df6fac5c4fe49

          SHA256

          f5dfa0817b595b76df405cdc3c87db75e10169f413ee5fdc0b8dafbac2aea169

          SHA512

          c314fac0513a987dcd33eea20711f73e0e804ebb7d70d8302f9e9cb576d795209f499034677eda85b0ba2fe8851049f162700c7effe70076b00ebace2779ad45

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\VersionManager\verFDC9.tmp
          Filesize

          15KB

          MD5

          1a545d0052b581fbb2ab4c52133846bc

          SHA1

          62f3266a9b9925cd6d98658b92adec673cbe3dd3

          SHA256

          557472aeaebf4c1c800b9df14c190f66d62cbabb011300dbedde2dcddd27a6c1

          SHA512

          bd326d111589d87cd6d019378ec725ac9ac7ad4c36f22453941f7d52f90b747ede4783a83dfff6cae1b3bb46690ad49cffa77f2afda019b22863ac485b406e8d

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\PXRBX34M\suggestions[1].en-US
          Filesize

          17KB

          MD5

          5a34cb996293fde2cb7a4ac89587393a

          SHA1

          3c96c993500690d1a77873cd62bc639b3a10653f

          SHA256

          c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

          SHA512

          e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\66LGZ051.cookie
          Filesize

          648B

          MD5

          e55832ed006fd4e419afa9f86a4cf8b1

          SHA1

          3be7cf6b2f7788417bd4e9290d219fceca363f41

          SHA256

          63e2b101bd0d1dea9c16585da421d55817b21ba66967c3e2828098389c9232a6

          SHA512

          bf4361da421db9953f3380dccc062c326942fec21b612be4656eafd3604a10479c3a570e137d8dfa199239b844bd19b76e93c8eb2c7a021d83d36c105e369a18

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\W46HH2SE.cookie
          Filesize

          613B

          MD5

          a08d1f09133b6c0317dc2df2ba92a67c

          SHA1

          dc86d56e7303febc82857cb9f0d126cbf7f95fbf

          SHA256

          ba88215d7b6988b0fc1a86a92c5f46f4515d6f5a87454c1bc8f1ce5cea0e6098

          SHA512

          f22034c9b0ddcbcb3d1bbbed26ff444a80c94c55f402f1257263daf07c8358276f1ed8b84546d3f8afd8e90d704591e0c01a5aee23abfab9376859c61a49805b

          Download Submit