Overview

overview

1

Static

static

1

winprofile

windows7-x64

1

winprofile

windows10-1703-x64

1

Analysis

  • max time kernel
    266s
  • max time network
    271s
  • platform
    windows10-1703_x64
  • resource
    win10-20231023-en
  • resource tags

    arch:x64arch:x86image:win10-20231023-enlocale:en-usos:windows10-1703-x64system
  • submitted
    29/10/2023, 22:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    99539ed569ae2f855fbc50c1b40ef99e1d16bb7273be52cfeb02dba57684b33c.html

  • Size

    406KB

  • MD5

    a2874c6a73f741661404bd518a16984b

  • SHA1

    5b39a7b6fac70bba5db3e5a3469f543d802f8416

  • SHA256

    99539ed569ae2f855fbc50c1b40ef99e1d16bb7273be52cfeb02dba57684b33c

  • SHA512

    79737695f6f170d447047ee8e06002f22e733c33464bd40ba09a0abbbf3f81016b9ba2434421f14d48dc3059f279588917b68380e7fb47aa1da1a46557638d56

  • SSDEEP

    6144:ibgcXSuXnkZi7Gyh+yr5hWxIOOQvxydjJH:kgcXSuXnkZi7Gyh+yr5hWxIOOQkdtH

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 59 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\99539ed569ae2f855fbc50c1b40ef99e1d16bb7273be52cfeb02dba57684b33c.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2804
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2804 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1752

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
    Filesize

    4KB

    MD5

    1bfe591a4fe3d91b03cdf26eaacd8f89

    SHA1

    719c37c320f518ac168c86723724891950911cea

    SHA256

    9cf94355051bf0f4a45724ca20d1cc02f76371b963ab7d1e38bd8997737b13d8

    SHA512

    02f88da4b610678c31664609bcfa9d61db8d0b0617649981af948f670f41a6207b4ec19fecce7385a24e0c609cbbf3f2b79a8acaf09a03c2c432cc4dce75e9db

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    daa59d6bc511e3ec248862c3e5ee5fdf

    SHA1

    3ad6bf274db8176e9d93e319476455ab027dc300

    SHA256

    b3f90472408b0ee58ed31f0625bce6487647d8cb07b4e8d7bd67bc8ba005f2a8

    SHA512

    d4aaa8a1e2b67aec7a4dc58cb4ad4c25b14ca60f0acba479408a5f51831458be44a9b4c9ca2c871ea1513a271ead895abe63536c7ccf52633104c855cbde677a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
    Filesize

    338B

    MD5

    cd68ca1ab471ebcaf9d26d8c6ef8fe56

    SHA1

    e9067eeefe1f63c9e8d368dce08857285e884b5d

    SHA256

    e77fd0dc3218b56a17a2733246bf77ad6c7b60464afb58e1730924df8b071427

    SHA512

    6604792ac1e1f5755eeac53a25c742795ec2b786ec8202b756761763471124b47fef134613f5b6510eed5134e398e77d03f032207bfec7a7b88e6d359cb6d252

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    404B

    MD5

    897d144e496ab68b61174ef8b6a9646a

    SHA1

    a1c89b58b864478eccc37dc369fdbad2c7929152

    SHA256

    bb343851e30054b83f0c4c2476680bdce5af2741ff0c9d3ba6355b718346e55e

    SHA512

    32948592b7e7208314b7c9937ba07bfff6851b92608128ca549ce66b4968e4fbc3ff1b9df2a9f06d44272f42a92247b474315a34702ab9bf0c8c6e189fe6966e

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\VersionManager\ver267E.tmp
    Filesize

    15KB

    MD5

    1a545d0052b581fbb2ab4c52133846bc

    SHA1

    62f3266a9b9925cd6d98658b92adec673cbe3dd3

    SHA256

    557472aeaebf4c1c800b9df14c190f66d62cbabb011300dbedde2dcddd27a6c1

    SHA512

    bd326d111589d87cd6d019378ec725ac9ac7ad4c36f22453941f7d52f90b747ede4783a83dfff6cae1b3bb46690ad49cffa77f2afda019b22863ac485b406e8d

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\1VCC5IA7\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\F01YT1OE\docs.7965f6735e8e39fbbe73[1].css
    Filesize

    554B

    MD5

    d11928ebd8a1101a2d6b4476ad292606

    SHA1

    e369a7d65299feb97d8c11525d8c831cc463c63f

    SHA256

    7bab9c45d7c84255c431ca155530532d5ea19f30bcb389db20f7edf26a5cd43b

    SHA512

    f3999089fdd2719f70bc2999b1b282452add77eae62c4c55777ccb376bd0d0a3a738e2492301a9816df4885f2693fe47a9539a31ff47a445b2c86a1b8a6cafa1

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\UGV5BMAF.cookie
    Filesize

    545B

    MD5

    1ca7bf08e6cd817c4910f327411a6a23

    SHA1

    9af1d9de889ebb41f2612ceaa1905693691f1787

    SHA256

    0aa24c95a1f9de654635cd16505dd9f7c15a5ded3b621f4ff1e1ab60e6160396

    SHA512

    dff1f4ccfd2490ca7be41a9670c19f65caf2acfedfaf1308046d09a6d647277e31627e55df1bbc7f139446860bee192af399950c74efca3b900064f09c0e1ba7

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\XSW78OVE.cookie
    Filesize

    545B

    MD5

    0895b80cdbdefb82083c8601e4813462

    SHA1

    9120af16246c5b9f3ede7bf2435b1ef0b5d9e2c3

    SHA256

    fe550cb6f0c78deef23dc9e04ca0e8c6efd0149e5938702a23b030f86f15b105

    SHA512

    28fc5ff875043bcfde0e2f1d4b67f9ba809a0318198d5a30140f0d55ba5a25bf42128adb12bc1f6cd144c7dcb30ed3bf9f4c709ff5bd80e625b15448fccdad55

    Download Submit