Overview

overview

6

Static

static

1

view.html

windows7-x64

6

view.html

windows10-2004-x64

1

Analysis

  • max time kernel
    145s
  • max time network
    154s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    11/10/2023, 11:48

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    view.html

  • Size

    79KB

  • MD5

    5f086529e14b1de38d847ea8b7965e06

  • SHA1

    46bf53d9406ae7f86ba8e3bf8baabb2333e76008

  • SHA256

    f6410a8e81a15717577b1e94bc45c2609dd832e50191ba9d66fdf2694015c295

  • SHA512

    415326e9fcb7f576967ae7f22364f799fe87f11d9f094d08639dd7ac9675ea63f10ecc2e3021c8332939d0245cc5e01e234df0677a72d2e0595cc503acd23306

  • SSDEEP

    1536:k8yuchEjlJi2qDSjr8mUNBMKEb/ZwC1cjW9+1Zqh:k+cWHtnUI1llh

Score
6/10

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\view.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2088
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2088 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1212

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
          Filesize

          914B

          MD5

          e4a68ac854ac5242460afd72481b2a44

          SHA1

          df3c24f9bfd666761b268073fe06d1cc8d4f82a4

          SHA256

          cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

          SHA512

          5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
          Filesize

          1KB

          MD5

          a266bb7dcc38a562631361bbf61dd11b

          SHA1

          3b1efd3a66ea28b16697394703a72ca340a05bd5

          SHA256

          df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

          SHA512

          0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
          Filesize

          252B

          MD5

          4a049cc31c27efb3a719562a7b26ea01

          SHA1

          c199500206c0ca4e46b094eda55533e18e639371

          SHA256

          ccea1e61b1d0081e28dc9ef42e136795b552975832a7f25089d6bb11aa06c2a3

          SHA512

          9f9fc8a1b8835cc11f50b9d6343485deb4b1f26ea72b35a6883aa8470f520f5cf9c37c2bd332f753ff47b2806fdf81499bc275ddd6a97d11e7e98e303eff6042

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          6f9ea9b3a0303598b5f7aa2d64b60ed9

          SHA1

          663e469115c091491508bd3d913cd97ca2deb551

          SHA256

          813ead70ad38ba373ffee21c4044c94ada39c6007a6acf85d050a1104ca104be

          SHA512

          52008b49313754da94ae730f4587056364b5acad25cb90dd61e4918d0b60555961fbc72975028966d26c0bec32d94d775b45707385f5e5a98371ac20997c3d00

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          e64b03454d2636a888915165f95395b1

          SHA1

          c04273856efb9d33126dc23159778662d11ae166

          SHA256

          0ed5fadcc1829bbd9be0956801944f3c0e3c0d56a5972e521a0920a0e254f957

          SHA512

          632f00131063c5664fb728f8e48938cb5ee195738624a135d9b20526425a26ea3a6ac4c9c8fbbbf2e54d25cdb11be7533bfd68cec50fbce26323a91ae5512ffb

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          2ca57ca3d83f5c07fbc4e8466a54c349

          SHA1

          cfa40d2bc4828e84a4dda6faad1c02e9a31d94af

          SHA256

          b84f55b1290c8500ddd7e10e47976122657519c9972d7b2138ebf233ed591355

          SHA512

          3e524c56410c2400c2ca620a456e4f2666a24ddddff3313ff0ce6d5a92212ae867237c6a0f75109e6f80420202f8d75466f4812aebd0d0c9b165f32df8e907b7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          4cdc5276f100c3d8dd0bee12bafd7c4a

          SHA1

          25d2d6c18673f5ce81e906ecff92f9a16dab817b

          SHA256

          4d388660c1db799a7192272f3e0709a6a992a11fabaac62a404cb38fd050a0d1

          SHA512

          bd91d3c841bc2741e227737a98ad680e1d3240d01f8bcd050c3354e2b7a5334c85f7cc697fcec745a001c6f08ff5dfc9bce271d408d938b168f1abd1d10c6ba6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          7a3b5a88af44cf01e89955be0f0006e5

          SHA1

          2a3813a7b438e18d801a2bc0afe2e3db0bac2a4b

          SHA256

          ea1e8320c97d41d3ef809851fa6f041447dee02203fd88959cf28571f138e30a

          SHA512

          25787ba9a8f12399be00cf52270a8dddc0b26e8dda0ef342dcff312a1caf7cca415c8477dd5c7278d6f75a2f2c1a7b8420a2436c34c36120e5222ee1f344ece8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          c3de9af6e031f70b2c5b686c0942b609

          SHA1

          8188508a768bbd0b8053b96a4e9df38963dd83dd

          SHA256

          1a2c77d99949c6435448376cb7e72ebebb7fe91e5e428e1b826164c48e7b3fcd

          SHA512

          112983dcce65f497e9aef83d7a721b856cecb0591c565be859a1f507186967d6a3ffe9c085122a5ccfc43755fb7e1faf541591f1a76049e9fd82dca47a0a34b2

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          c987497b22fc9bd622c018a9b5f1dfc1

          SHA1

          e34be2f290bd77128baea6f164fa48cc23c1fd30

          SHA256

          ebaf24165fba3a46f45a9ae6e94da0ba2d2b1f17c772f224e76626ca1930c709

          SHA512

          cfb0dc0d2996a1daef0b68c1c14dd884ca4f410b9b548dd5baa025694a5657654426704a09eeb130be6085f4f0ba4dbea16b8471736a8b0ee5ed997da15e5177

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          50d04e127dfb40b2b0c1d8d03b6097b1

          SHA1

          02ced79864967282298cb3c3f269846a4844013c

          SHA256

          92dcf3f0a6679b836a2facf150c1b6d3675faba8082239956bab1e29b478e687

          SHA512

          5a464217581af67ab9c776db1b1eb8224be07395560f0d3e090693462f8afab608df392942db0cc6b2a008d4a643d0d9ba44348a7fb295f6175ca76c8dda40a0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          82e172a91ae55d5e5eff0bf16fd931e3

          SHA1

          7baa85edc3eb5af512eb39fbc8c3741073318f25

          SHA256

          ff8558ccf36f3fce5d702fddcf1ea8d90cdd9b3fd820099aa7b552dba62c9216

          SHA512

          ddf2cc436a22bc5beddd57d0e120654d4aba10aed39261de9b571ac13968395feba20428942a68dddd3d910429ad8fccca1374e7e38f61773bdca3c74a84da2a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
          Filesize

          242B

          MD5

          29575ac2fcb05b655b4af0d4639cc2be

          SHA1

          28632837f184caabed07ccfec474162afcefaa48

          SHA256

          4a9ae887463f228db170acb614397bb8d36598d69594c7ff3d2e677e4014acfc

          SHA512

          197bc78f743a90aca3468ef87c82a1cdebe470e4b45d44c1fc0673eb67c1d158dd89d4dbae8a2835ce94dd46737d04806eaf03c694f012a2289e4556e9cbb74b

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3UYVU6FI\cb=gapi[2].js
          Filesize

          77KB

          MD5

          f8641435b075d5b0a4e0e9efda7ed078

          SHA1

          f59a288c49b88045dbea3981904533b291fb04c4

          SHA256

          bb2275ed1c4a0d331755bc21d559e1fd796f3a7c0909887e187b12d5e0bade24

          SHA512

          8c595f19ad88e0ce76e881ef4973ef894da50e340ff600ecf3344fe5f81c3a2910d7dac27fdd47b1caaed1a24895babd0bef7c7894cd9af69b3c54b226e4cf7b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabC581.tmp
          Filesize

          61KB

          MD5

          f3441b8572aae8801c04f3060b550443

          SHA1

          4ef0a35436125d6821831ef36c28ffaf196cda15

          SHA256

          6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

          SHA512

          5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarCBEA.tmp
          Filesize

          163KB

          MD5

          9441737383d21192400eca82fda910ec

          SHA1

          725e0d606a4fc9ba44aa8ffde65bed15e65367e4

          SHA256

          bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

          SHA512

          7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

          Download Submit