Overview

overview

1

Static

static

1

Review_Settings.html

windows7-x64

1

Review_Settings.html

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    14/10/2023, 03:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Review_Settings.html

  • Size

    3KB

  • MD5

    a81db6c7ef3f0caf6ce3cd69807416cb

  • SHA1

    e9f0887e67e757875d7288a2593d9a0affd2950b

  • SHA256

    a1d48a93e50e0e9c349866ce68fc76d6642b40ecc15afcd0acc41f4588a55b31

  • SHA512

    0438fa1712ab9c9e41c1f80fc9b81fb7199cd87b78b3d39ab3cd95006134dc75a8a8035cc551d05b9e236ba59902e291a728168ad05eee6ab45bc80802f75dcd

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Review_Settings.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1844
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1844 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2492

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eee6c016ff95c11c6a4aae3c9fff09d9

    SHA1

    7ea958b087243b99daadf6231f74f64078c23472

    SHA256

    2520cb258c3fb871185ca2a03ecc30fa37cd5cdeac089cd8b03f4e54c736ad0b

    SHA512

    69d9751cdd84678a81e6bdc24b4d49cefd6dacb9cad3f4da48dbdff7937d20e63e6c4b9f1b5d0068695af48ab9bd3d3a69094523be1662f516c66b997f214e87

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    64d8c38bd99f1dbef9206221ef814c30

    SHA1

    4ed8eca4874aa4e8c92737f4e5ebb8ce20d66173

    SHA256

    78cc5de4818f18be1ae8efc34d7f32782a169b67a835c7f32acc5c457ce4f2a4

    SHA512

    52251d5cc7179a0eea18632864788575d9f695b59f32fb14062865ac6840d4fad6e384a2333c324e272cb5890d4027acfac41cf23255e5b7aa56d03ff33dcfa2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    984b9dd0e43f933d3da718701a64c189

    SHA1

    5e504bd0142f96658a1b0ec0875bd0cd157196f0

    SHA256

    e2ef42635033e5edff489cf4ea1a358770c7a7796cfbcdeb99280db5a006f95f

    SHA512

    781d2381a67fbb2f01764b0dc267789a7d2d53b88d2b56c8a45a5c26376365f35f5bf79679a11a153c10efaa79cb7a51a244cb550ebca6ae48f590cdd2a44269

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9185b155a7440e95d7caf9265fe22714

    SHA1

    57ccf872ae137897f47f517f63a1ff526e0be3fa

    SHA256

    abce5353a350f120952faf6c96b004668280e3883b100f3c9466c52c434553ef

    SHA512

    f9531779178f7cedb5f91886977c5a499200c50f9d775ef93818128d1a09c25b96c857563e832ef7dcea386ccd819eb9ffec8ded2b503809bf3f4cf9fa5583c8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e4d3aef5ca5591544f651c8407867109

    SHA1

    968f910380fc2ae82592bbb0b272dc0c860fd300

    SHA256

    ac1bed2569969a94150e60e46d5d140e53b2a029ef11d08c08a5dc8988b798c7

    SHA512

    ae827058862bfb2964ecc1e0c87807e3e2d4279770cf424254953010ec4e469e419f68850983ccf32a238528008fb5a5195478038bae9dbc6b99d3755815c93d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9993724426664b39d3110947800aabb2

    SHA1

    3a1c8518425e672cb9f3da42be2be65e366d1754

    SHA256

    ef3bf86783ce56167000ec4e63133c8807962971c9065db14effdf09a63752f2

    SHA512

    c8c69777a49e44233bb190add36f4bde9f21a6d27c7e80f545ef1b01f45599b9d7749e5690e0b7bb8469db1f0f715d2c0189b8f0653dcdea8a04569c92522107

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8f25f1a904f6f5db0e9acdf2fe1d66c1

    SHA1

    034da4efc5410d77b7a9c4a97bc9119e1d2942bc

    SHA256

    be11928843e72f1d37d5ed3e898f36631b0369386f3fb0abf88ef078fea62ce2

    SHA512

    03a170cfb8cac01a7753f376d602ee1a668f50ca7b9c6be22fa03deaaa58313ecaebf2e4dd428dd83b998f3a9aeeb85dbd57158aaf281b9ce55398fec8ebbe00

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    10dc1d4b7e3906a5594968767adbc007

    SHA1

    886b65818a3af6af73ddc7d16790216a0a5bb115

    SHA256

    092ab35c3267197d6f0341b223c25f1e9c10680aad5501fb3016f4c60e78b192

    SHA512

    5fe5fa69f67bc098bd39ac88041fd68fa82c9523e71c19473fa43798e67a2005f3a4a649883663ad180c1650cfa1d1c7f8dd95998d6973b5f1cb0a50fd5ba897

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7610b92f4aa3773594d4237fcdc053a5

    SHA1

    0521a9f7bf6a839b3f2a43eac648311cbd117bf3

    SHA256

    90a3714eb964ab14fbdc30b87f78bb4a4ecf0d89b24f728d095b63aaef5bff3f

    SHA512

    f8073d4cda29e55de92d8161a06b2b63b393749d81dedd4deacf65063a3c5b2c72b4341e38161a170c5aac146e6dc4e70e406d22fadf69952aa77dc7f673c1bc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5bf062b71857da46cd525b56e5426832

    SHA1

    e58872333e2815494e2c41162eb112b091575a36

    SHA256

    5b2fccd393c35d8b6d4622714911bcb634ed30dcf80b918032cfcb237275e863

    SHA512

    f2d4f83b514d0390b3ca82ec67685709f040739a5c93d83f7f352dca60d7e4ad9678630cb01647b1f4303dad76106740e58f54e480d5c2885f3c7b8d46b0f30e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6bb11b9d77b4bd772b6276a27114c5fa

    SHA1

    1ae983c21770e490ab6654e28d5f10047bada0a4

    SHA256

    1bcff841b063b66607d703fb1c1646114b99c99d91dc3b39ac93dab6e8fce0ca

    SHA512

    1641f4c8c8e6c32c124deebeac1ca4e06aa9301609600131d81d834fd5583bd59f6204bc2e268978c93fc3175196758bcb49c7a1324921c173eec1710fd4a646

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ae6c81850e45ca9ec0e06d22f48339ad

    SHA1

    a50aecdd6f5cc9597ce0fa4e8e9fc6b71a9767a8

    SHA256

    c035c25f3853b2bb1442edba783f140920b6c6acc938e742f390e79581d82446

    SHA512

    8fb9ac787a763e1e21dfe97bc2a4175771ff9bfec25bff5d7b23335f7ad5263c9481afe4bf08a94937ab40788d94c56744687ae8451534839bdfff23859759d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0f97c5f5936e31abc87a27aa52c186f8

    SHA1

    a2aaad720d00c7dbc8d994059f5d920618b29864

    SHA256

    18a7ede1d118983864d57d5e8c295f706cea8b6a88e8d016d0c09a9c9c8c1b13

    SHA512

    6af5a095a7bd4e89edead8d6ef6aca14a66021cbb8d24981a0bb1d70350dd3d2276ad2439bd90ff02978edb2a6668ded3e39fb9bcaebc68bfd28f5d8c266e975

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    17b5de00289a1def6ea80449ad36d2c2

    SHA1

    b8b5a08bf02e97318afa6f15af5b2a5830b79fac

    SHA256

    ecff746c9ac577b4613f8a7ba5ed29571742243f8a93add25cda196f438c171b

    SHA512

    3cc1259a237891f2119b722d902f71a0be9362840f74ba0ced5b2a92786ae16245769d92e8158a08669159f8ca45a0ee70d87813e2521f91cd0897c1af75a621

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ddd18531061e0276ddbf50e233efda3f

    SHA1

    8884638f67dcdc84d718a1bf11484b50143ffd83

    SHA256

    6f69385c674e06f405ca0a14451b80e6cc7ff685170c7debe4450568af9f2f44

    SHA512

    588140876e6a7405cd3810bd42d2394dbd3e51196c944d2140b592afb902073eb3bd5406572bd05e16853936f6cc561b75438f0b8cedd896935ea6f40e30def0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    02b1255a79dbe0d9bb26b90f372e4b9f

    SHA1

    6bb8ab798497cdce881d45250c1de2d8b3d1abd1

    SHA256

    13f89b8bfbb9708b2b3ba6cb5baf1d2fabe11326c20ee67652e84551f6fa9680

    SHA512

    389b4cc5c7675746c1c0270a685ef9d2e2e9b03722b742397e34ef85cea3728dbf3ff3f6401690f9181b3dffd1a83688dbe944993110be35d98b480321209b25

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5ed9e81704409c24a37f9c64d48b4e4d

    SHA1

    7c9b49b7362bb1ad53132a68e1b6fa8365bf9411

    SHA256

    d762138b6017ea3ac7da8218324a6c35b84efe7a68d3d5a17bf5459fd034642d

    SHA512

    e9d1959c3e6fefb97c96fd5c609d2d908bddf039cb40ac41330d7c516f541256a3e55af695965e43d306c3a84ef74519b2ba870c458bcfd12aeb74c5d90ff76c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    02f4f1b010c9bce8676bbbbd32a27d8b

    SHA1

    915cd5743194573affd5317195359b17c4104dca

    SHA256

    5068bec3bafc9885eda160674a4e13dff9f371ff97e5abeb1f2282c53ab2df0b

    SHA512

    dd781d550048182573af5b52a9e5bad6e6724844f17e1afeeeaac68c1f96785dfd0f002fdc069ef55b3de3a20c60e11e769f31d58e3dc936a5e8e17add72d96e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2d3f496c8a02f5a9fb9362fa918add1d

    SHA1

    2bbf7d7cc952b77e772fcd51d90ad44e3b55b555

    SHA256

    8e327bffe8e20cf1968949fcbcf04bc4257c0aba21a062c026fdf96d82578aac

    SHA512

    c7a954c2ec3e3fb413c1c8fc460b7e92e24d5b83a213fc65068a26b3825c360c2694a5a0fb04567a1ea7b30cd29b689fe4db3b509b0e3bf76533debfc14ba125

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab567C.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar56EC.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit