Overview

overview

1

Static

static

1

winprofile

windows7-x64

1

winprofile

windows10-1703-x64

1

Analysis

  • max time kernel
    299s
  • max time network
    157s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    15/10/2023, 22:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    348dc600514c47f78481de243a1730396e348a89878fe6cebda26cc57331235c.html

  • Size

    398KB

  • MD5

    70518cd9533d536435e124f086eb3c85

  • SHA1

    22c0720bd4bb763a6a8bc61f05cf4bcd95a6041e

  • SHA256

    348dc600514c47f78481de243a1730396e348a89878fe6cebda26cc57331235c

  • SHA512

    18ec8145ee0acdddf0d2836705314979cedd45c617ee24db199c71f4061071b3e28afce5b2c0fc849c89518c5445361d9facca41ed285e3836e500cffda3b4f8

  • SSDEEP

    6144:oAgcXSuXnkZi7Gyh+yr5hWxIOOQXx7wSXJ:RgcXSuXnkZi7Gyh+yr5hWxIOOQdw8J

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\348dc600514c47f78481de243a1730396e348a89878fe6cebda26cc57331235c.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2368
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2368 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2988

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    f45655902b852bb42b2dd5156ba916a0

    SHA1

    f7a2288005c92848e353810eccf31bc67b3eab01

    SHA256

    c4f8919d29d22d034e8ecf0f68dd39a5de9769c3ec4f938d4ba78349a9e2e5b7

    SHA512

    8c7a7e037ed96160eec2e6b742e8e72150b4cd7db74557f8e0199c1fcbe02b08c8029c921d16b3b4f02a0b483ea94c94e8c460c0c36d6adde166f9c7571b1722

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    faf89c3cc0d126bc95f5174ca5209112

    SHA1

    26be9fbd58e8a333be26d2a17bedfb95c3bec2da

    SHA256

    66697840f256b102e3b444780945b38b5af8ce86f462b04df4c42c25cdaa3cd2

    SHA512

    955486cc0f1baf72fd07a4c42cf4eb89efbbed65f137395a7d91b9eeece25eeed505b242ce736d9ea65a7f29f8b93066e2745c193fc03609d98ade1762c1093e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    fd3cdaaad661cecc0fa11a0a88e79806

    SHA1

    e46fe2aae8438e15f567789c0e8e764b3251bc87

    SHA256

    4178deb8b017cad4ea152bcb6a9d2af978748759ea38b595289eafedcd80d902

    SHA512

    6a3ffaa987a9ff2740dbb77607582e2a895b6adc7e80fcef58fde20247070fedaf97f7e50d4e4b5d54ac7b027493a6ed30393c1509720c85ac1a24826701bc4b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    063ef2e019f8deecf1ec0f264847d0b0

    SHA1

    dc4be73776e5b9e48e8d25a2dd568c743256f401

    SHA256

    81d864e0211786f58182df3e5833759b4091cd0f62f06178623b20703d413f65

    SHA512

    78cb3caa736e4519f19aaf63d6f4aa12d134ac3acaea8e5345aa9b14dc51a356b617b15571aa53e5a2fff1f8da51a8a924361ba2eb2566799a9197d1ecdff0da

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    3ad4a83b696a66579a82ce15456bbe54

    SHA1

    59e10dad9bff21c07fc85319bbdbc8b5e8d33b54

    SHA256

    da9b81b321f1576028baca7c54be53afd8f478c6aa3a94baa83466b78f0334a5

    SHA512

    4531815b0fcc5d33665ac167a0dd7d3c0617500fd79397d18cd12963100929430bc9ba4834ad727e6ffc3b58e09735361ffc38b169ad86014a183ca158ea0732

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    7363f8de45a13046c891717b9fff91f0

    SHA1

    48cb86260f0984222be876b619a41efca325f9b4

    SHA256

    d3878b24c26f1b93972203a5210fd65c7ccf2469de03e9d003c312e7a8f9ac28

    SHA512

    aede21340d5eae876c76b5aa5d68d802c6d5d0284000d1f6b05f618d1b19d981c588b98bea26d75ef15d4a4a74d7d4baedec2f03206615633c8306efb2c124e5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    28a47edb160be45de7484407ca1cb048

    SHA1

    80214ddb911bb57f7240d5408e5bbacc59e871ff

    SHA256

    ba2409b2cc39ec4e79be60f6d265b50b21b686a4a1f65d53c7fa1a0a7df50ced

    SHA512

    8da0c1e56d6a25ce93a1c5612b4333e4029a9e9cc4fa8af4c73a0332b3fbf49733c91dede4ec706c1ea58c7c7f658bd0add483b5170f5a7050c7a5cbdc0ecaa1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    852460c2210125eb534431a47c16b7ec

    SHA1

    51fa8a7807cd3d0c59bae31cd253c3f47dc3546a

    SHA256

    a99fd2c58d26c1295de6d0f36c102446277d01446b2fd4218cdd614d55056a6d

    SHA512

    c7bfecc388a69f9d0677b804df9fa0886cede223529b12a3b078a2ccc36db7caafefc070196cce0b94adbed6752afc033d76bf7d1121f08a94e8bf15fa5cd179

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    660151cdb76f2eb4a9cb2b7480b153f3

    SHA1

    18c60919c636eb05eb9934bdb52bae84ec7bce2c

    SHA256

    8bd5f281ada5a4f1d13317bc89eb9f39f3a931597eb0cebf3cc18e31af1c8786

    SHA512

    f1a29ae419ff9b09b5af856350590f57bdf81249e2994e660be78c832689109fab037a34ad1848a2437806a7f418a16f00df6873fbf16c60ccbd2f2678956fc3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    b99d452149903b0f85fca42aa7fad502

    SHA1

    7e92c08dc99fe02746b33404f0305b25a89737d9

    SHA256

    c165d3065c2eec725ee43f3c199f3f957b642cc2d00c00a0b7e7413161cda49e

    SHA512

    63f679b48808a379c7ae6f6451ec1cc6d90910815f4ff45dac165fcc39fc50bf585a7b80820fe331d510af35fbe90cbfb8b11a47020f2492d66eeed8489de8f7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    bd454b3d5a291e912cb8507b364e0d0b

    SHA1

    f43757bf7df8a1fad8466695ef12af65101cd95a

    SHA256

    1e91e0836bab3688fbf696422a9ddbc1c41c63372c75982413cd690d4d17ac4d

    SHA512

    98c3d29b1eb0b702c555c5c43c39c9c80929e3404a5d3e785b4064ad8e3d89ad9c821027c52cada772eece8ec21001d26a47b8a76968ebfe2de3f3d604b34d25

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    eb7ef852b59a2a07a76c9abfd0b203f4

    SHA1

    3c71a6a04d50f30465864fb9322846aeaa5ea802

    SHA256

    58619b5310d83c7f2d5cc0c17f13d25b9a79e1c68b096d4c5927de1e7eb5dee9

    SHA512

    50d3162c31bded877dc46538dc1077c5abf8b0119ae3f8426bae82995acead1cc9842f765d2fbfade3952cb0fcd1c157b242ff61de928ab0061c69731a5ecfa6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    4aa5001dd0746d61bf323e0455c2bee7

    SHA1

    b9a7025aa1f45e6fe0054752764d58335e4b2497

    SHA256

    64f241153950bb2b2194860a705e9771cbaae882e516812f104d5dbee59ac82d

    SHA512

    a16b7aca485bdc026a7bcd3cbb0082668fb55eac2af8a93e340da726307b6def2e4b6414a9e487756ccc5f64522f8b704af045d0086e5f8b5045f878f84d2a08

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    fda365319aca4a64935a8cecc140388c

    SHA1

    0d3d358507d3d93770b5b6eb9d49f206fcd99f8c

    SHA256

    c06c4abb65bee6e232bf88f1ccc677f5cbf354da07dd34fbbd011dce7cb15743

    SHA512

    ca2ccdbdafd65ef1a5ebea70f0963c2365591a19a1725d28a7678ee8df4c2ae7dbb21825f52858b5311f5afdfff79c3da8992ac94baa0cd3ea013947610c6e29

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    b016fa09f2fddd6a9d1725e5b4659a35

    SHA1

    bbeabd8bb32a68b3810be297ac806639b839ee61

    SHA256

    a17ee5a9cf2575d98bbeef2769c44b40382046dcf899ce53bb9ff13e783d30b3

    SHA512

    3d8311ed301c76d82f9305cf349e38f2217fb1d4537f0f71fd61f1c6ef2cc8960b81fb093f36fffc338eb3e4216fbaf339ffa0ca0c3339b63d3e696598d8a9e7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    2bada133c68dc9787b59d50e0d19f07b

    SHA1

    dfbcaea8abb5bb621b0f6f9f89f7199ce01c4d8b

    SHA256

    2092f681f01c176503d7d65b5865042e1799acb449391b7ec2aebf3a2fc91bc3

    SHA512

    6b9a3919dbe6bf620ff1bdfee519c4708677f6a867b2681a66ca85ea61765899afee244022ad85b8881d34b8660b2eedecf040b3264acc478af9c3335ede82cf

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VCB5UVUE\likes.7965f6735e8e39fbbe73[1].css
    Filesize

    554B

    MD5

    d11928ebd8a1101a2d6b4476ad292606

    SHA1

    e369a7d65299feb97d8c11525d8c831cc463c63f

    SHA256

    7bab9c45d7c84255c431ca155530532d5ea19f30bcb389db20f7edf26a5cd43b

    SHA512

    f3999089fdd2719f70bc2999b1b282452add77eae62c4c55777ccb376bd0d0a3a738e2492301a9816df4885f2693fe47a9539a31ff47a445b2c86a1b8a6cafa1

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8A27.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8A3A.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit