Overview

overview

1

Static

static

1

winprofile

windows7-x64

1

winprofile

windows10-1703-x64

1

Analysis

  • max time kernel
    181s
  • max time network
    251s
  • platform
    windows10-1703_x64
  • resource
    win10-20230831-en
  • resource tags

    arch:x64arch:x86image:win10-20230831-enlocale:en-usos:windows10-1703-x64system
  • submitted
    02-09-2023 04:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c7f94c611bc7e5521e37d2080b2bbc48cc9078a043471f49242d9acdfeb1ae61.html

  • Size

    31KB

  • MD5

    abd27d81024bd2e48ab2edf159839c28

  • SHA1

    594f900daa3509c0f1046f1807e89caf246e39de

  • SHA256

    c7f94c611bc7e5521e37d2080b2bbc48cc9078a043471f49242d9acdfeb1ae61

  • SHA512

    4d1c8ed512491f4d8b9d77c1195e40acd0b898911712d9f4a5fbb52e790f87032eefdef9b6f454ddc4c9745677dbcd32b69f9ab3f9201b23b313c7d23c8f6c17

  • SSDEEP

    384:fV8Naf38OC30AIp++KH//WggkP3yag1o3D7rGbBHNxlJKd:fV8Naf3jN++KH//Ryxo3D/G1HNxed

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 62 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c7f94c611bc7e5521e37d2080b2bbc48cc9078a043471f49242d9acdfeb1ae61.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4056
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4056 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:4920

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    3a50ce37c484741b6394155c1f7581e0

    SHA1

    19bbc1d0c2b6aa535a01270633d49160b0e4630e

    SHA256

    2c16cea1471e4e46950429a7c0ac0481e88a24d365ccc0398c1e6a858d577140

    SHA512

    64ef562f568d14a3da0345b8c58e91c7416d0fb8707cc704ebab0bf556fd3d6b9c7c9d20e88632bb851f4e82a45c3144979dcbdf3706088e6b89c85fe3347cbf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    404B

    MD5

    12aa35c0c085f66b14361206e1297788

    SHA1

    b1ae723ed37a7af8f8c2e9b0ebab7647d215a46e

    SHA256

    5fb180e01c1d3f85bc5fd85d4174fc0afef08de45ae5c8464206771736f81410

    SHA512

    d04121e58da28c469247abd9b3cc638f0d8f48bad26a61cfc1503ba60d8ca5c3a151c56b90ec48343bd9df0db863247e9e993343d14e9838bcf8313f31c02be2

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\VersionManager\ver1BB1.tmp
    Filesize

    15KB

    MD5

    1a545d0052b581fbb2ab4c52133846bc

    SHA1

    62f3266a9b9925cd6d98658b92adec673cbe3dd3

    SHA256

    557472aeaebf4c1c800b9df14c190f66d62cbabb011300dbedde2dcddd27a6c1

    SHA512

    bd326d111589d87cd6d019378ec725ac9ac7ad4c36f22453941f7d52f90b747ede4783a83dfff6cae1b3bb46690ad49cffa77f2afda019b22863ac485b406e8d

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\LI0YKDG9\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\D0V7G6EG.cookie
    Filesize

    651B

    MD5

    e40ab97f9a7a270e74b8d8529598cb77

    SHA1

    d61885b0e4ffb2b2e0300d76da5e8c9de93fd7b7

    SHA256

    3b556e4da3a850fab4e804a0657406b970e9d43e5cdb2a5df5b954981e7d850c

    SHA512

    bcfcba272eb75ba10b42cdbb4d7e0870642dd00bc2016186421603934b803c55b5eebceeb23d7a6dfb0a814d88359f3b39b9da9349c2cfec5163882e8d68be45

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\L7BHELX8.cookie
    Filesize

    615B

    MD5

    bde2cedb19f046ec23a0aed273d299d7

    SHA1

    e082ef4317b58d7ac9b2aa5a7b4425b615755887

    SHA256

    61c2e3b26f91fb4877aacf5f86a4067f3863daeebffa353d5cae6d13c391a2f7

    SHA512

    3a9329a8468c50133f1f9b8a8471827195cc23bd3e6ba52029ac1f5f8ef11c8e12132c5543855036e91b3311fa6bb155abc7cde4f46ea94f189c8f13580aa2e0

    Download Submit