Overview

overview

1

Static

static

1

21mDJCm0.gif

windows7-x64

1

21mDJCm0.gif

windows10-2004-x64

1

Resubmissions

03/09/2023, 16:24

230903-twge9sba2v 6

03/09/2023, 16:18

230903-tsfdssah9y 1

03/09/2023, 16:18

230903-trxxfsah9w 1

03/09/2023, 16:01

230903-tgjxvabd43 7

Analysis

  • max time kernel
    118s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    03/09/2023, 16:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    21mDJCm0.gif

  • Size

    6.3MB

  • MD5

    30cd8b85b2a203cd9ba81de0d5b43462

  • SHA1

    91086e3d6121a76c2269c333a0466b301de8c52a

  • SHA256

    63bef0f06a1edd62aca4c666ac89ea94f09817f9355da918130f0299da85e923

  • SHA512

    4382ea8d33011adf1ac1d13f6c6bc30e3664d693c95dd7ed998f9b67086f419d70b9ecde3618ef5c637e63d575a8b420d1e2f407cd1385bed35a5d3c1d18764e

  • SSDEEP

    98304:RVIUqcdD6rR5bD+rp1mk8t3TEvMOUSsRtz2Cq833I:l9g70p0b3TExatBqx

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\21mDJCm0.gif
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2288
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2288 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2972

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    908bebb53b19e5156c4262f7623881a3

    SHA1

    7ed34d0a765bea8b27efef04e7016af880d39b79

    SHA256

    3b1d94edc55838857336c1d0f22317219766ad05416c0b6ae5d52b81b12638ea

    SHA512

    cdc0e62c24434779bca43b14aa37fe981cc79e87ec4bea0512339541a3199f8123ec7a18fec6821dbd2d85cec169eb15edbae5109a0359cb7c8bbf52b66c8878

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a9c2715e7c700c2b12254054308cf7cd

    SHA1

    3b61852c644ac8a629b9c8b666b1e1cf491dd71d

    SHA256

    e269262d92e4663280b45d56a4ee9322ddecdec1de76b2a001e1c67e9868387a

    SHA512

    1d3a5845ee595b8b396a6d61f373e5cd1b49f556cfbd0f545dcec4f2d4fe74588e7d6bdd5df60fd83c72427fbbc142b49da74fe6b2f2959f223013fa1d6cae3c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eda9a22df986a42e2e667103069b014a

    SHA1

    87eb4fd10fadb6ec597c82acc486d4820efe09df

    SHA256

    d6077928e4741c04da1b6ad38f6d97762bcbc455b685e0448dc2787c96cea128

    SHA512

    d4fab7abfb4ae5133fd6340970d57130ee380a72d8ad3f0ead27df14e7a4956b59b6d6ff1c32485855352994168e165cfaf3fa441f29f17e1e72dac30eee211d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    86664f3cbca51f8557d7730f825a1c82

    SHA1

    978499f458f7045ca54a3963665cfb016b9024be

    SHA256

    d131ef90442bc989173bec4e729fbac1c1b1176797da1cb0d92dcc347b3f3456

    SHA512

    26025314164db7c501a60d05863d37b186cdbbe28d4ecd9cd56e0a8407a3a10079c8676a3ddfac43b0569a2037f17c67ac733ba595b7364bbb2032f044d9b37f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8947691069f2b255661a4ec897f8dc1d

    SHA1

    70e0d6d71ad721719e4a97374745699bbbfa362c

    SHA256

    8010cf1e317d5189e1a7009d50c623843e0b160760fa893b60c894cf11996caa

    SHA512

    fae55a0625b7cf0d903eb2e25881841dac88d68cb9bcaf9f25aed16c454c82c6e0d3139ceb799c5120f3f02ac0b78ba5aa1b10a74d3b065d4e4eea561d4c1419

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    562be621a277364f534f585a3b296a59

    SHA1

    f268b84ae3bb3d894961094ea8ce14560746b97b

    SHA256

    97589084be16b5cb38b94a799eb02672291c984b292e37d5dfa98bafc720a1d6

    SHA512

    eb249d90f4776d7fa66b7f1c2fd2f6b65fca6ab0b94e841a0c1bb2620027cc4f958349fcaf340f7196309c9ac2b9bd401cbedd5e6b8e003d25aaf23938a3223a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    df0b9f38a506817eec1aa2901704c6d2

    SHA1

    bf289bcf11c0f5eecd2150acb9d4f268305d0c31

    SHA256

    25e35128632a5bf64ed295c05d3c0955be4acf0b2cc9e65e30f599beb895c4fc

    SHA512

    c999ec1a421c39f0d67be7401ed0e01f7bb37874c56e646a0b041938c7b0aeef621b27a0bce240b5c2ad63b2bf064d2a591edf42accf433d6930e35c7f225720

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    df2af9bb8c32151e13f7c402a8e3fe14

    SHA1

    24e92c31db76bf43274d3405984851944013c7c5

    SHA256

    84f912c0ea0af60bd0f29f3c999842b1d21f9119cfd5e2e174fb3386c9a5fa43

    SHA512

    46da8999c14380185cce74f4e971de1d2c4f1f6d94a270f7f1fbc9aeb848f7f7598abf009f81c20d83c72890ea262806b8eda65081fbc2081519ccd13c216f50

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fddc04a74cef7f20227619bbfc49b7b4

    SHA1

    72d1eec964ea997f421acc00798c98b44614c4c9

    SHA256

    ea233b2e58233612a7526a4b13634c22f31202108ec855139dc938f2ea8eea0d

    SHA512

    86518de18fb751a3c231643a4f061826f539a9317b458cd3e87dd1051b09e89e03e9bcb0f3b5ef046562353200667ebc05c3be357f238c1bbc16f9cbf2604df4

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab58FC.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar596C.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\~DF3B796B00B5F30BBB.TMP
    Filesize

    16KB

    MD5

    a1856b20b32b4d93f52794a038cbb9f5

    SHA1

    f03796450aa9b19bac18d13c904943a25b777bad

    SHA256

    8b6de28148318f54d16e94207f1e6d1d9a62093726dfa445bed0a8da61119d7a

    SHA512

    7ba6ca5588cf97158b9fe458c058994880bc6ebde068863c2a17d2161748861b6159d23a258c18737831ddee4024d3e284b0e0e0f59a9051da3e6dd43ca42627

    Download Submit