Overview

overview

1

Static

static

1

revocaMail.html

windows7-x64

1

revocaMail.html

windows10-2004-x64

1

Resubmissions

12/10/2023, 14:37

231012-rzhfmagd73 1

12/10/2023, 14:06

231012-relybafe23 1

Analysis

  • max time kernel
    135s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    12/10/2023, 14:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    revocaMail.html

  • Size

    2KB

  • MD5

    f58ce6e393a63af56d34ef02885e437c

  • SHA1

    81437891836595d07a3b1343715748abfdb7a677

  • SHA256

    8dde66b24b48b85dad399a1d86d39f3488da20d6d852baddf92a6b02d5c1822c

  • SHA512

    2f7a0c0fdbcc3129f31ea3d0373ec35532760fbe56c9e1e71a3ffa13ab86ec2db5354c52ce60b29a4887345f1d164d108e002098505b7113640caf4e03ba23c7

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\revocaMail.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1692
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1692 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2776

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    88286e1a1754e769dffeb41aff928ead

    SHA1

    41d9993d83660c8ab780d6d2711b5f8733bb4e4f

    SHA256

    50783a04a9ff008c8c90818e63efd8a4d4e8829657996008d40c6fa8f2868759

    SHA512

    41139387c75fd375b78bb59ec547a0b2ade82aca22c66751aa4b9a2b73a3528b69c19584b13a908ec64b61f19c4786db48b5e7f44b105436bf027ca907abc993

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    748ee6c052adbfd23b8ca155c61ee296

    SHA1

    e616722e4464b6e8ceb98885d8ae2e87fbe723dc

    SHA256

    2d1a480004f53feb668b0956bd09aec92457b1a8d50fce26eb9528e20b7ef5b8

    SHA512

    b3f7e3d65673fb942dac291bf6da9715bcd05ae3014759a837d5c9a192812f04fdea7f05c9b260843faf605da152d5156c5978d1de95e3c5c994a27000f9acb1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c04e576eaf80a664372330dccaa65b47

    SHA1

    f02215332200a2b2a0a1ec83b759a37993108252

    SHA256

    c1156bebc6c0e90a508351cdd3f9bdaa487b41dee6bcab869897abbace0a6ba0

    SHA512

    2b5a2165c71dd8d9eb29afd79b0bcebab514d5eb877a20c4afe3ab7a767fdf9c32d6fd674e6e8d859e0a6f2645fc2dc854cfc26bac98d1f7b93442e59651e160

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    16ab62e2a9b020b7580507a4442338bb

    SHA1

    9354239046fffda577cf0d0c3ae966aff170d8cb

    SHA256

    48613b5cf3833a946b4dadc049d8a8a4d22771cac8e674e94209463aca1f668e

    SHA512

    74f5fea5730a81326e8b8c0ca3ff1a37e2bd3af6f6f74d5fc30f1a0beda462024a94934f035817aee68e0eeb525038fd3a837eddff020c9ae0c0f81da30d9696

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4429feb2118624c64730d5d745c97d7a

    SHA1

    1b31a95bd92537f80c5429a3b852607525d7f893

    SHA256

    91848d7cca092efc4de03d8dd56a6223989a9e5fef59e788602846b6be5cf12f

    SHA512

    dbd1804ba19af088b07954129827396cd1f85f8d26c8429aede8cb86781fcafdadd3fcf4e07b4e7d10cd9e5ea28018605ef4f2520d8a46f2dcf727fa17c1cada

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    143fbe3d9f0ebb0b5526eed9149180f9

    SHA1

    f06b8023c40714298979c98045ea6f2ce336e345

    SHA256

    0d6939c3c8f3bec149bdbe445008b3ef5917a729c5fe8dd55cbe147e1d3093e0

    SHA512

    f3eb4073626fa0ecf73d6b3ab0792739eebf6f6ce825901baf85ae2b9db76cdf77e392a512e7793ca43c065e249827af0f76dec0a80e12638961491c32ba5a36

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    acade5836679a280bb9176de5e8bd811

    SHA1

    870750c90b04fa9735b7e0c1d082ed077ce29d60

    SHA256

    22f06fd39db58e8b6c4d81a465041ea21e5f7d97c1556de9e8bfa4bb009ba82c

    SHA512

    8ff725e68d6bdbfea2da4c9e9a4167b6891be80eaf455f4d8b9596a0d9ea8e71652b500aed3b5716a2e432745641ec8c47b53f2c2948f8c6def466db6cf5ee8a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    294eef9ff46525c3c726f808f7f4c452

    SHA1

    e92390223942a45f6db252e3af083c694887a580

    SHA256

    1d6c9906c91143482a8ac62e5eb057f0ad04ad8ae09a84768e5bea3b0ccd1aae

    SHA512

    c5b83934fe44babc87d086045cfad95ad9491f50355c2b90b3ebb306151d88b0ba7f4ad8798727da626a5ea61ecdcc321de741587e82617217b02257c0423c41

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3665694ac61513608065feb930f2b8f0

    SHA1

    3b1b526479320f65ec5e0bcc20096d5f93f2b13f

    SHA256

    56cebb8f16694c72e38fd2b640ef0f143854b15712a18c78979662f38ae04300

    SHA512

    75f8cfcefeb485eff6e04270505fbcd341ceb6c54b6610094e5884ac450a6e65956af5eae164816c5fe84e99425ba077aa9ed3ff3bab4b5641b0a3413bada3f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1a05db78009693c93faf86944f4a0367

    SHA1

    9ab713d8a2136e2ccee9f963299b84449d31aa46

    SHA256

    77a3bc61f7621fa4ce6bba79246534c0e36ce6a4366526ba21185bb288a5557b

    SHA512

    f6809be0dfac3a256f4d52c21815a2a36ddf760a4272e9921320274392d000b53d8a16e0e15121879afc98e160d3190dc20597381be46685bd03688d56a6376a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ac3d0361159ba98516dc36f3ba8a4ada

    SHA1

    c621173fccacbb85b53fdaaf5238e0058aa5f9ad

    SHA256

    baf5438440a1c49a5822fa317afd0d875dab5a81a9f3affef2f31bf70c36a4be

    SHA512

    e920c780daf1559bced016deb2c9ef23917c5b05851e874f298d82e229b1ca507e81b265d04ca0ba975a70fa18dc7401320c2e066db3e1e5943a93938a6a8791

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    09c355a87dfe8449323e7b830b580bdb

    SHA1

    1d357006e9c4a3693f3cc2bec3f16e7dd6e26741

    SHA256

    4965a909f95354cf7eeb4b7d332c686e63b53f0d4f2dd81defb3e03f092e27ce

    SHA512

    17075994a8b064f427b6486b6d9c59f0a2cebd30226a0e262b6d65cd0318b7f4df7e8230e37e1891cd1a9d7f2b64fcc8961f608dd7063c098c1006720bf00d03

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bff77ad5f241181455000a52e42d4dc6

    SHA1

    5fca2ba38224abd58cd927946ae3d94315eaf763

    SHA256

    475271a16eeb768690ae0d0a743681f1260351c46221e24e08893d1b985fe09a

    SHA512

    ade4a5c7eb2a86252ac7a44ea75308d91b35fefcd66bd5d1f60230067ca97f6edbe540393a391c2d6302c30646c71b9b217a0c52dc11119955b897a147e15793

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    da65383409a617409a85a60fe7e2e227

    SHA1

    ec09aa9c052d4c68fe3453da1847574f58889c0a

    SHA256

    ea7869757e19924b3c10f5c57e42e62d1801e282ead3b64653e3e55ee57ab5ea

    SHA512

    0a71e7b984a28b4964185209d1af3a44d1d2645c6dd4d101e1af10ec6b2266514de90054da1626cbbfa42d7176b4746782c89f1117deaa26722e9d29b366a5ab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a210f7c0a7573ce956443d80910578c1

    SHA1

    3386b7acba0c8e3e5097bb52bf6232edb864e49b

    SHA256

    5a4f712f699a863858b93587f0eb9002eb645f32186dda5de710562522929c96

    SHA512

    6deac5b604107f775e2b9bdc5ba5015ea909e66779207f6e966f8c0a1f56e9ec585d1e30a18c9f1b1deaa6605063ca41819e241eb3555f87c67b5bc4fb9993ec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a9c0952b675daf5b41e875e3cb5d6d4a

    SHA1

    04ea79c0cba866cbf6421ccd933a2902ab304a3d

    SHA256

    c1fec901848bc00b6eba7e8fc62aede57be12163f3fc670a4d31c50021584f2c

    SHA512

    daa4948fe8bf18f908fd74153bb6e5583e80c313488e24227332a5303ca2387978df5e1a7244200ab16b96453c6792d12e519034fa53cf9689b5baa4b3598e44

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7be4cbe70a5d42cc089a4dce8ff1d92d

    SHA1

    44b626a57a3b1f0199080748d41f4925e0648372

    SHA256

    dd836166af8756bdd14e1d05131cdc1a5ba70a8e544d7a9726c5990ea9654e80

    SHA512

    4a3930b74f1b0a612a1045c2b1b78ff65470002e7593a8dd9eb2750dd86f10558a4f23fb93232e73cb7a9d4500816826cc02348b04856a95a36de96c03d10afe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    861e92b5855c38cd35be784bd0e9ddff

    SHA1

    0677b915726b27ac940a256533e8dc39a33c27c0

    SHA256

    0b5f8474cf0bb87163294d85b78e8aadda4eccf1fee2350ea1e2e00340a42675

    SHA512

    24b3e264b091eba55935b31bd054ae1e5340701327d2dc628f2ada0843f1e0d813df29e8f6f714e7770621d10076d8debcaf45bccdf4462efd665d61e13f4e86

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f60a79cbd9be362894f98a04e876fb15

    SHA1

    62bc33fc40eadbc1af591f676de33386a3cf8a6b

    SHA256

    556de3126fc8755eb06d37b434317378d97ce038deadcc4df75164313703228d

    SHA512

    e12ecf0ff23bee9729e3921bbcb3f1e4fb7321db3c2b86c1886798d19feb3c58f5efaa2772f699db290d2a9e84d21bee62206a5d21cddc63a5f054185c0a2a02

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0999bd9e86823633e6b9d23ec158e47a

    SHA1

    5a328732102398a0790ebb5569a73c7b86c97489

    SHA256

    20c36c6a3b98cf4556237676ef1d339107eccf836edbb0a417e597a34d4d46be

    SHA512

    64e9a0fd7440a7bcdf0034e25fa09ee853410b87a34d67fc5268528f6cd3998eecd66b619b08e3e70d863e41a762c1a06b632750c1221b56e72a135759e959ee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    db015d5d90d1e76b381516ded8316dca

    SHA1

    1339ab9a5ced75691aa6e7b221911243e01aef67

    SHA256

    af95bb2aa420058b7a582584488d1854af8b548e1fa222f50d00f7b19e127a37

    SHA512

    37aca9fe4460aa70fb6daed19b4504a99acf792af98586e04d6e34ea9c8d6436675cf480c84d4eed25408cf23351cde4ed9a665e00c0fb04b018b10558c148f9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    488bee5272279e2240ce66b4ac558dbd

    SHA1

    01518206304d048884a89b3b00db15bd72e53ad8

    SHA256

    64e428be6af143a1321893dce04bd7368885a58ec4468366317651c1042ebfa4

    SHA512

    5aa004e6b30bdee4264643935db75d74b19a8c7c73aba198720f79cfef6cbd97f8b3e19e213b76c37cf2aebcf73346d6e5baf75baa905661d591da415887e624

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabEBF6.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarED14.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit