Overview

overview

1

Static

static

1

OEBPS/Text/1.html

windows7-x64

1

OEBPS/Text/1.html

windows10-2004-x64

1

OEBPS/Text/2.html

windows7-x64

1

OEBPS/Text/2.html

windows10-2004-x64

1

OEBPS/Text/3.html

windows7-x64

1

OEBPS/Text/3.html

windows10-2004-x64

1

OEBPS/Text/4.html

windows7-x64

1

OEBPS/Text/4.html

windows10-2004-x64

1

OEBPS/Text/5.html

windows7-x64

1

OEBPS/Text/5.html

windows10-2004-x64

1

OEBPS/Text/6-1.html

windows7-x64

1

OEBPS/Text/6-1.html

windows10-2004-x64

1

OEBPS/Text/6-10.html

windows7-x64

1

OEBPS/Text/6-10.html

windows10-2004-x64

1

OEBPS/Text/6-11.html

windows7-x64

1

OEBPS/Text/6-11.html

windows10-2004-x64

1

OEBPS/Text/6-12.html

windows7-x64

1

OEBPS/Text/6-12.html

windows10-2004-x64

1

OEBPS/Text/6-13.html

windows7-x64

1

OEBPS/Text/6-13.html

windows10-2004-x64

1

OEBPS/Text/6-14.html

windows7-x64

1

OEBPS/Text/6-14.html

windows10-2004-x64

1

OEBPS/Text/6-15.html

windows7-x64

1

OEBPS/Text/6-15.html

windows10-2004-x64

1

OEBPS/Text/6-16.html

windows7-x64

1

OEBPS/Text/6-16.html

windows10-2004-x64

1

OEBPS/Text/6-17.html

windows7-x64

1

OEBPS/Text/6-17.html

windows10-2004-x64

1

OEBPS/Text/6-18.html

windows7-x64

1

OEBPS/Text/6-18.html

windows10-2004-x64

1

OEBPS/Text/6-19.html

windows7-x64

1

OEBPS/Text/6-19.html

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    04/11/2023, 19:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    OEBPS/Text/4.html

  • Size

    7KB

  • MD5

    26625544e29595b42282f09c3aa56099

  • SHA1

    00c9a08b7e30282f9fc306263db4210d23499c7a

  • SHA256

    e9183b88f0c8dcc275d0c28c00682cb5d56e8e10722fa20ee4487b0b61542704

  • SHA512

    2c0f928bfe0bc15cfa103f639e0a826c3289435473e49c25b08dee332d102505afa9c4b39d10804b8d84f178704ad9845148f2687da6a89bd1a416f93563224a

  • SSDEEP

    192:tvMD1KIqt8WN30+lg1KAk4ZPuL3g8IlWoMJC3:lMBtqt8WN39lABPOg8E1Mo3

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\OEBPS\Text\4.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2000
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2000 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2376

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e4b005ba68c255492cac2d86b2fdc37e

    SHA1

    2a632de5454141c5bd62a97e7d36682b8a4946fa

    SHA256

    2beccbfd53e16dd10312269fbe628674191b9ee1d1225759055e15fc38b55d13

    SHA512

    c71600f08a05e2aab6b4f0fd36764be0f27c13daea05ebe018aa2114d35300166a8f103669d4ec35c01e5077cf4d0dada03b5477ce33235b41d9d2499d2198fc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c90d820b7c9004a5b34211434eacfd0f

    SHA1

    22024e71159eedeb7d7e4c67a6c0603853961d22

    SHA256

    7c8fefb5b2e2a0c3e0c3e4b896574bbcbfe8e5507cf7ed316a563125fbafef54

    SHA512

    9e0185ccffa79c041d1efdf7133e585bcfb9b5c93661496437fcf1c044816c317352449182d0c5b4d592667a2b3cfb2836647183b1fb11a656259b7afcbc6bc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    06c8354f4a9420eb9073c0c8a739c7b2

    SHA1

    8f4bb5f736006715dfe9c7511e207bdb14abeaa2

    SHA256

    1688452cc7bd144fc7c3526dfce893dde0e3d76563a33d48c7e53535d92f5beb

    SHA512

    10e047df7b104ac11e7c2ffaf93e26e4e4ffb071e63f92c034e03ad1d1f9a2d488a1e1918f302a430f396a2e09f5c06736a084f46a437b343b2883af6ed7505f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a983e5a8f5f37bd9119e2855abc32abb

    SHA1

    ce9efcb08688253fba2012533c74944b748e203f

    SHA256

    6cbb336c07e7fa479977df7233a498a89eb3d9bee99bebe6e40cd52cf38895ec

    SHA512

    2e7f1cb79ca9e7bcab570b330dcd3f3f5105db2501bfab3e7f5bfbd89a5d0de2e3dbb4199b0f46e1c60f9d8cb8d0ca90ae3b9df53d64a38b01f0469c2a33040c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4e65da8bd7c0505e5a767eaaed40f2e0

    SHA1

    4f864eefa7226c8bf50041c502d74938ba7680f6

    SHA256

    88d482bbef5e324b8d0dd98166629d01c9a4c4647e9a10a7b9f41425deca0c8e

    SHA512

    ff8d98d3f3fa41fdf2f988d514beb03f7d64aa9031b25456b24ed9f0e5b7c4b51d81d6ff4774e90c2cd781feaff644311ff924dbb4bcab20566163b139645821

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    76a179f9d982a9c6fe62e9757e464efd

    SHA1

    03a94ddf42e87388d58933218e864da9cb7bba6a

    SHA256

    0c400092e0b992f83d454ddf7febb5ebc20c0cc56fbdf2fe01a4a5e22e4ec711

    SHA512

    65db7d889994667b5b086d00f84962217266a687f18bb9469db44fd59d76e3e41c6213583c0fa2f9dc276abcdffb8315c0289fcf2241d161ea0ea1dabe8d57db

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b06b15af00cf8bc4964d943696cac075

    SHA1

    b83e606cf99a6052867d60e1e253a5b0bc7d294e

    SHA256

    58417bfe648759d61768312770f89f919e72bc54a98672a3396a2dbc040d7ac1

    SHA512

    a8569f9112c100b936a43d9b66cd9ab266bcd85707a2a5d71623ac3f24f5589aca028025c8c7096ec300fd538072eb8cebc769e22bf3ff30c94867ecd2a41545

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e7a306680e602bb52bb91d21767ee129

    SHA1

    dc5e6c3e5c5b70f77a185362609a2da80150c1cf

    SHA256

    15a6ae29422c304fe5eccb450dedfdfa5b0b32b18d381d1cc52d7b5a7b50a4e5

    SHA512

    ee4fd707d6e77919369df9ddd179bea288abf626ace8dd5e9d63e92c7afecb073cff7d48d711f2b6f3a37bc4512b366ea9484c778f05a2ba11d058f22f24a5b0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1e494c216dbb28290bf07b3a05dda66f

    SHA1

    cace23e068f8d59bcd85437b8e651e995c6da255

    SHA256

    5d1ca7684785039d9e1d383ef28a6598fb21a99eed795937a7248e6d615d179d

    SHA512

    fbcb11576b06e4ea1d155a91a31da8ab262dae3f9d5c842c4a5a9dcc30a0ae81d0ba11cefa0e8d0b648c26f4d9dc3e28c18cbdc9a95d8e933b4f9701e023048e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dfbfefddcd103be07f6b05e5d10e45e4

    SHA1

    c625f797211e3e5cf0d8e888e26f54ca8adac169

    SHA256

    bf1567d5c54d9f54b0f6cc37338cbdd7d3bb41efa742cb41ec9fd19eae1b900f

    SHA512

    06698b03b0af043dd9a4ed3a7ed2bdcdff01ea9482b05ea6b5a31fed9c161e9771359742ed08ea27c80dfe6d2958a6f3bf5b9a3a7f7f55ea09f0d8853ccea084

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c1786b531814fe64f4ffcdc6e5c436eb

    SHA1

    c9f0f6e3453abb4f663276b21e8580c7eff5c131

    SHA256

    5714321cec68fce1c60dbd3c193a1cc702eb778bfd01c4963f4988eb15f6944f

    SHA512

    8546f913c532235b01b35672a2194035159cf97d89454ff28df72f50aecdd022d9578a8f977859c3c15499485770116da3596c63af852440b08a31bcd8249b94

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7ff5e12102edc6bd9ac42e7ad8b237c2

    SHA1

    870ca0b5a0cc4da880ad5ac747afb83add11539c

    SHA256

    17bb04db660df9ffa9ad72c89cfd08ee4b1db8f1278bfa83d91907106500d184

    SHA512

    865557ef95861b1a0c2825dddd03ab2c21d1e6f69c6125de41decafa290b082034cc7d9af209e045f7eb356e3aea0043d5568dfdd0ce2ccd39ec8bc90907f24b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fbf54969025c1be3cb15f1f9e7574672

    SHA1

    87ca4e7f044da9fb0b0ae1e3096584082781361e

    SHA256

    fa387611791a5ef309df3d49fec210b16f75e81929a753c0f555e45be925f85f

    SHA512

    8f2bf7087b4850963deac4f85ebbdb2f4c34ea12b92c69152780785e5feb3c1d2b98e1bee431817fa6ccd12f771bcbcb9508ca06ec38c5d02dc4aed191c075f3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7e8aa3f2475a667e247debce97eec510

    SHA1

    71effe086f1745607dcf5cf40d3f0f71f0c62928

    SHA256

    1438885cf8e999221e7fe78995016e2350af771505c8216bfa343593039f9ea4

    SHA512

    d5e2ecb85fb4f7faa92fa2a256d6d88f37cadc315f575ef5144881828addff8ff7c68a3b08dfa865a41a1e552458dbb1b9042b7b2ad9d5bd4a3ed0629a8ac01f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3613e753e969e8526140e98e698984f8

    SHA1

    0abef2c2ee1bfd7dbe31e0c50ee0411d14f4004a

    SHA256

    a6a43cefcb01a1d6c9a49db6a512041a66f85c7dc9ea4d6a76c68d32f947e378

    SHA512

    596169cc4639ffe79d7da524d09ce7a5e67d8c63d3d2baced9a961e9da0a4e5f58ccc5522e0da1d68b6302f1effdd2917e02c1f2a0b978b7fba3f36cc6416770

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b2ee6d8ae26213233539e2c01186d328

    SHA1

    a572042903beb555548f359e7044aab75c8aa1b8

    SHA256

    d34fbdb337f01b170302270d5d95922ec49fb41555efb19444778d18fa9a5f85

    SHA512

    623a6e91a7490ce669ddc4c1b9b9c18dbc3094c17117c729bd2738a228600a332a7e62d40b7ce030fe81a030110d77483f5c9720367e13027d223db0da31672d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cced765cb1aa6dbedc84d7a06513f716

    SHA1

    183ea70def5e284a774bbe3fad77dda0680abe83

    SHA256

    4fb775ca20830c2c23d307cc574b1d0f6cec0562e45d2d6154ece130858ce595

    SHA512

    b1fc41d9832db11be2a6fc2e271fadfbf6281579f53a8f398fdf2dd3b6e699daed67ad56ccb0e0bce547d17a73f7aab6e895ca27899125e6a02effdc9fce926d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    585441d69e486f8d8d664bb064098624

    SHA1

    34604d1e4f7e97839739041eee331d35f7db598c

    SHA256

    06459debc5d548f22a009648025c940dece52244db2ef08ecaa08297d44a3bd0

    SHA512

    677f6c35db6d5023b3a1fa4e80b2c7f42172f6471890c7fe1c9bbb8387550bc6cad94e82a5ce0a9064112073746813ce3148620bed1c88374291866927785d86

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    df1900ab2078d15a6051f0f8a5bf9278

    SHA1

    4e8a7d7b4084ef19060ee095bf8391432cf4eced

    SHA256

    5f45d7b3e51901835d7e4f9aa74ffc9b8948420f6695ea31c12963c696a99616

    SHA512

    235c62adbef44eeafcd5e94047de5ab753513e648e70ed4cc33fb043fde4e8d1a03c26daa45a73c30d7021a7bce90e2d64749279a8e44079ab8063684e09efd0

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabACD6.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarAD17.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit