Analysis

  • max time kernel
    167s
  • max time network
    188s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11-10-2023 12:08

General

  • Target

    file.html

  • Size

    304KB

  • MD5

    1e8cdfca85d466d78fe0f2822b6e1645

  • SHA1

    f095e64b4578799003b88bf60f305b785926a06f

  • SHA256

    49056d60c91d641f074106a77d55a9aba39e461054a7b3b0261ae294eeafd4d5

  • SHA512

    67fe153351fd62793a8136e9dcabf0f40e2634d721434dee60697782b7b7a62262974a7d0e609236d7043d8bc0b85456f6a4693dbefb450eb20ca5aad7fd03dd

  • SSDEEP

    3072:fifgAkHnjPFQ6KSEG/0HEPaW+LN7DxRLlzglKhvqX:igAkHnjPFQBSEfkPCN7jBhvqX

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 64 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\file.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3268
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3268 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3984

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\sotksz9\imagestore.dat

    Filesize

    11KB

    MD5

    323aa8443d3dff19760cfb8002268e08

    SHA1

    dde3b476d9ccea93f8f1bb8a96a43902b7f090ac

    SHA256

    5f2cd6c9b9384fac215f0aa5825f8af19f46803d3674683f1bb87e6c97d7f8e2

    SHA512

    5c46131c50fffd4c25cb7d57112aea08d562d0882de5a3f38c2228d5aae150597ef8c0a5d77c4c4bf2c76dfc40ec92b84e5200bc092cdfb94b7ce4386c5c5257

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\24U7FPCO\analytics[1].js

    Filesize

    51KB

    MD5

    575b5480531da4d14e7453e2016fe0bc

    SHA1

    e5c5f3134fe29e60b591c87ea85951f0aea36ee1

    SHA256

    de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

    SHA512

    174e48f4fb2a7e7a0be1e16564f9ed2d0bbcc8b4af18cb89ad49cf42b1c3894c8f8e29ce673bc5d9bc8552f88d1d47294ee0e216402566a3f446f04aca24857a

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\24U7FPCO\element[2].js

    Filesize

    85KB

    MD5

    00126176ff71bdb52de46dba776e16c0

    SHA1

    c13429f72ee695ae8f4e0ca8e81bdd8dd5c2d313

    SHA256

    7030f234eb0071da7843fb532399c72d68f105ddea92635c29bf5824982eea39

    SHA512

    4fe08f268551c6a9d4a57f012c5c3be3f980cc8b2917d09fc7350e52be746aa6910f49ce6ed06f65e15a548aca600e5d0e724bbceebfe114c3edcdc0077219f0

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\24U7FPCO\gtm[1].js

    Filesize

    259KB

    MD5

    4f82155645376a4fd81b43be3f976a16

    SHA1

    15a6ca9f863bc4356c629c0a0066f5813c60d5d3

    SHA256

    f135af820f1d0f3f19634df9ffd33ce5e0c884335ddea434a054b89aa02713fc

    SHA512

    681d38b737df1cb7b12dfbe9b4858be36afd9252fd28865328b8432bea4fc57242468577f1ea93b2f9aba9168c15d4c45cbadaa9961f42219936ea705f6a4eef

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\24U7FPCO\m=el_main_css[1].css

    Filesize

    19KB

    MD5

    ece37b7141d806ee65edeed7e1a7fa4d

    SHA1

    4df420e785778e5e4ea1d3708e83f9177ecaf3f7

    SHA256

    aedbcc46e00deb73efd45fd02fe1d4b5264d2cfbd7dcbcbf1e1411de34237ca6

    SHA512

    c96590c5048ad20337f16a956c94a53f6257743d0ff6658a35a524a0936833382e5614f4f386658193bb7efed727b72290da4903879dcf6b8e012a2c859932c5

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\24U7FPCO\main[1].js

    Filesize

    26B

    MD5

    2b75f9dccdef18d2dbf1469fcb1fb3aa

    SHA1

    5b0fb390b7ef8e5c175b0a2876642008a2043651

    SHA256

    56349dac70498943f2afaf70be3d3774ae35156bd57537b896f4d8337f9deee4

    SHA512

    4aa788ef061cc99ec88172958557ef98a4bf5e21bea41fc8328141160c4f523e2ea09f1791c81bd9f7a53f7b8be1effe900126bfc69d1643c71abdb48bc96e8e

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\24U7FPCO\suggestions[1].en-US

    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\HNGI42RJ\js[1].js

    Filesize

    173KB

    MD5

    ab757859fc3dff4266d01e201b039cce

    SHA1

    527bfde01504d17b1b1f66aac1677f163fe8b679

    SHA256

    bfb7634f7decebbab2932304690ed647e9af1f83504e87859d969fba89627ed0

    SHA512

    93b743fc120034fab3653df1fca2961a287648e7b786104f1c34f121fe3a31abbcfbb1f3b25bf8c597857c94daaf6b83b76f924e76fceaed7d7e36e2eeb8a551

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\Y9DO0VHG\amplitude-8.5.0-min.gz[1].js

    Filesize

    67KB

    MD5

    c43d9f000a09bd500ed8728606a09de3

    SHA1

    36ad6b0fa2c6bcd116fb642f25789fc2d08a68e6

    SHA256

    2450e5580136f94bda7ccf95e3167b57e15b05b513a430967943a50036fa47a4

    SHA512

    802af189282aff84b1262a54e59463bdb9b07ec6d1dbf20fa26712b3e19a2212f1a31f2a2d4dd620d7d1313ceff43dc4272f51a7a2407296bf6d57c11e38801b

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\Y9DO0VHG\js[1].js

    Filesize

    234KB

    MD5

    6acce2d69ce9d9549337534c77b9ce6d

    SHA1

    bc348a0a925278036e8003fed3a5c15c50c1f097

    SHA256

    f5c97549630fc9f5d9396ead60f4b3615e2b5a2e1f31acf96a02c72093ea9e4c

    SHA512

    64e032b97f849d2d39a62b29bec77cdf68eae4f3408c75abcd52e46ee80cca471c60935fe9238295db8169d5a24b049424494aed182e988f132a097d6f965e34

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\Y9DO0VHG\m=el_main[1].js

    Filesize

    216KB

    MD5

    2819f00ec120902182590a2f811476fc

    SHA1

    83069d56fdcfc49df0af94e0fda5d7e9f7dd2ee1

    SHA256

    8a065e80d938e5e1c158f8bb49cef0b4a55a30567837292445537ce45ae40ebf

    SHA512

    ee9e82414e5588bd2a75641a4aab447eac7ef53dbfd99e3b3f8a369c042e64c9583f99746fbf859e0f8ac588075b18a1303d0e68f58166b34fdf6fca76af254b

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\Y9DO0VHG\main[1].js

    Filesize

    7KB

    MD5

    5d9be25d4f0d37620d72cc57be2851aa

    SHA1

    3228027425af2b0ec5c8379bf71cc9c3490e380f

    SHA256

    9861415b0acf0d7e8bbd58f92ccbf1b3e90451380217ebd1801af7446d857efc

    SHA512

    90d09e83a330f223d757a145384de9e7e0245e50ca7cadb9d1f8ca22c9401982a86ff86e7d7f0ce1b27fc073db14971eade6e2c612ebe1a87fa14f4781504c6f

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\Y9DO0VHG\tag[1].js

    Filesize

    17KB

    MD5

    676a5fb3fdc6d1a886ece869f9a39517

    SHA1

    b8ad21902a95f22c4cfefacc423c78e0940772da

    SHA256

    7beffed50b7b0d9187a79f86a24bbf55246a990b16a0978acf4fd463bf0c694e

    SHA512

    d3e2809cab44303ff8f58197c3e7a224fb18a2d14266bbf4a79b14ee0798cd969f32425e09bbd1b0554d07f1358fb4b56ea084b51c5593e19f655a14610a13c1

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\ZFOAR009\cmp.min[1].js

    Filesize

    20KB

    MD5

    3db81b9d1ee55f355b6420d2798dd424

    SHA1

    c833e35a6e939b625c57b070600f84ca6eeb74b8

    SHA256

    a972c946830d3a3715a64d229b929f89aa92cb8fd640449f2f1aaa7c303aa700

    SHA512

    694ec64228e7345f3d9920194dd551b02411e12f31bc26d78d38b1970a82390ea44c6540416d96a408fa7b0e88b1716a496b90b5cc852d747aa6339fb12ab201

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\ZFOAR009\favicon[1].ico

    Filesize

    10KB

    MD5

    a301c91c118c9e041739ad0c85dfe8c5

    SHA1

    039962373b35960ef2bb5fbbe3856c0859306bf7

    SHA256

    cdc78cc8b2994712a041a2a4cb02f488afbab00981771bdd3a8036c2dddf540f

    SHA512

    3a5a2801e0556c96574d8ab5782fc5eab0be2af7003162da819ac99e0737c8876c0db7b42bb7c149c4f4d9cfe61d2878ff1945017708f5f7254071f342a6880a

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\ZFOAR009\favicon[1].ico

    Filesize

    10KB

    MD5

    a301c91c118c9e041739ad0c85dfe8c5

    SHA1

    039962373b35960ef2bb5fbbe3856c0859306bf7

    SHA256

    cdc78cc8b2994712a041a2a4cb02f488afbab00981771bdd3a8036c2dddf540f

    SHA512

    3a5a2801e0556c96574d8ab5782fc5eab0be2af7003162da819ac99e0737c8876c0db7b42bb7c149c4f4d9cfe61d2878ff1945017708f5f7254071f342a6880a

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\ZFOAR009\v8b253dfea2ab4077af8c6f58422dfbfd1689876627854[1].js

    Filesize

    19KB

    MD5

    efeb2542712dce8a2c51cf68396e4a05

    SHA1

    ac9ce350c598644c7b7f6186aaf0368eb077d396

    SHA256

    c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

    SHA512

    6e382750a5f86b3bb774b4d5b627bdbba4caaa0c76f510707e3dd05d8b7910a7d633ff613d2008ff8a9c5793400a3c00a3c52d4de59e7f1e99ab93c770c9bb4e