Overview

overview

1

Static

static

1

OEBPS/Text/1.html

windows7-x64

1

OEBPS/Text/1.html

windows10-2004-x64

1

OEBPS/Text/2.html

windows7-x64

1

OEBPS/Text/2.html

windows10-2004-x64

1

OEBPS/Text/3.html

windows7-x64

1

OEBPS/Text/3.html

windows10-2004-x64

1

OEBPS/Text/4.html

windows7-x64

1

OEBPS/Text/4.html

windows10-2004-x64

1

OEBPS/Text/5.html

windows7-x64

1

OEBPS/Text/5.html

windows10-2004-x64

1

OEBPS/Text/6-1.html

windows7-x64

1

OEBPS/Text/6-1.html

windows10-2004-x64

1

OEBPS/Text/6-10.html

windows7-x64

1

OEBPS/Text/6-10.html

windows10-2004-x64

1

OEBPS/Text/6-11.html

windows7-x64

1

OEBPS/Text/6-11.html

windows10-2004-x64

1

OEBPS/Text/6-12.html

windows7-x64

1

OEBPS/Text/6-12.html

windows10-2004-x64

1

OEBPS/Text/6-13.html

windows7-x64

1

OEBPS/Text/6-13.html

windows10-2004-x64

1

OEBPS/Text/6-14.html

windows7-x64

1

OEBPS/Text/6-14.html

windows10-2004-x64

1

OEBPS/Text/6-15.html

windows7-x64

1

OEBPS/Text/6-15.html

windows10-2004-x64

1

OEBPS/Text/6-16.html

windows7-x64

1

OEBPS/Text/6-16.html

windows10-2004-x64

1

OEBPS/Text/6-17.html

windows7-x64

1

OEBPS/Text/6-17.html

windows10-2004-x64

1

OEBPS/Text/6-18.html

windows7-x64

1

OEBPS/Text/6-18.html

windows10-2004-x64

1

OEBPS/Text/6-19.html

windows7-x64

1

OEBPS/Text/6-19.html

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    04/11/2023, 19:11

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    OEBPS/Text/5.html

  • Size

    706B

  • MD5

    dfb79273585647acc9921533c7870a15

  • SHA1

    aa1ccbd0379c575846195b223f6a6234e729c0bd

  • SHA256

    ea7f20b2f92e3216bf9e2721aa839dcc01725922c8c4d2fc396528bc3239003b

  • SHA512

    aaee3826ff3c7c124f90504bd1b1c007543b694838836d696e3acfd8a086637ca7a74d9b7bc48131a7a8d15e5a431c14411e052fb34a9bad54a67d42dc76272a

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\OEBPS\Text\5.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3048
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3048 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2444

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          ef99c4eed51d8a3fdcf547d3a827b97a

          SHA1

          cff0d07ecca74f7dde5ece215a3c002afecd476e

          SHA256

          f90f43083e24c65e708450f6d95f07bbdf110e9c6a1c201126524a5a25d8f736

          SHA512

          f2907a307930e4f9a70b38dc5cfe80c869420216eecb8743b5b1c3b05459f83f441cb19fb0437b725c8943584a75a5715ac54812855d33cb4b969119b94d5130

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          7e68384a464a831aad84ccb450b6fe76

          SHA1

          3788d9909c27ff042d00e13236413d1275629368

          SHA256

          3fab8fe3b544ed96fd3ae9f65ad4b573da8423a6d36527eedf83a39157d82bd8

          SHA512

          930794b782b298f9638c0a97aa10c6dbb2dfb1f72604c4095b9f5bb1a6d527b2094d2faba711ec4fe2215aa9a6ee4005e6713f8f311d505398464a98326525ca

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          89f7ac09b8a55cf7940bbf8e24f1d67e

          SHA1

          8ba61c8e7be65cd7514c24d818a710669cd9e74a

          SHA256

          ba55b44e893d64375b73966e381ad152e46bfbb83a26811b2b3d56d142c2a96a

          SHA512

          006c8ebf6ab79869c0f4c4970aafa590ec902e0ad4180ce6f188b1cd1da2f3b2fa4783b8a40cff8e0dc616d255c32af1223c0d7ac1249d734ab3e7171972b942

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          680adb859185f275804713407d26a4d5

          SHA1

          866347cb2d77ceaf17f7a0d961c9ae6d5d1cde0b

          SHA256

          36a92f0ac266fb384938e43e6f8dfa13df130246c2414630100d35271e31a479

          SHA512

          689ff8e3abe84f4484a4fc6e0202c0923c6166222397620c2bfe7a4cea96f28695265595b5c07138ad2780cdac4231a46e94c268a9634af59061030390fa9b84

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          e6cf5ba18aa7c69bbc53fbadecab51b5

          SHA1

          5a40379ae26cdbda6f08a0d515c6425d2421a34f

          SHA256

          b972726745fcfe438029d0d62c48ac3f8e4cf30ed8939c0f79823b011ebf12ae

          SHA512

          fd1e637eadb8c6336b83bad4d19d91ee748e8cd2549f8b96732729088d18ac7fbfb92082073e0c441cc66c20f6c14a836ef99617bbd55a0c3140327251eac1ee

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          1ec542e6f111c065ada8206ea731a01c

          SHA1

          f199dc55a9e6eba25e7770a1daa233a93f6cb834

          SHA256

          29b0ea5cd677a1633dcb89d433282d67a5d13e61a9dabebc68deb45313023e03

          SHA512

          64bc226097312dbe3f5d8836f380ba112242385877a8cbbbd89a79e915afe1c9d2bf10bc927d136e67878d4dc0709cf5ba27a263171bf1c489e8f53c3830dc4a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          c822c46fb022bfaa38c6bbcb53581e09

          SHA1

          aae04c653bd413d26486df8e632cf83af780ab99

          SHA256

          f4f41f6bea47c3b0b81c66579d559f3c309496822b0ca150f9b3b61491c28e94

          SHA512

          61d810a0d756d1542360939d45aa4d1152882eb1f7161ee864273557938f6ec737dcf4dc51bef2cfd5aaabfe0b547b5c458f423383475cd191749e40bb882974

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          cae4027fe83e6df50f757e8e24fadde6

          SHA1

          bf6a3b12d08c8a8c25a887c32e23c26cde7296ca

          SHA256

          4f32df9bb54aabff4e6a1c83fe652a81c5d807dc7c884cd9c1d34b1b92380043

          SHA512

          c5ae0dd8e62e6be83f604ccfd892363228ae7facdce7be4b6e66d725e8e2a9c4cea8aba0873ad8ea95b48f3661b6de8934a73d3855e331ed0adcd9912b9bc65a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          14a85be42d7db33623c827ef8211544b

          SHA1

          9812e3b3499ffc89683e7e0484ef37b8a969cc40

          SHA256

          25360765f11a800fd9ff34a9878fad6c84c0555f27257277da186cd966bc5f95

          SHA512

          5902863ba9137838dd19c7f0badd99718e8d908ba61545300de7fa225eaa9663e77e42fa4d1ba74dd9e937389832d353ef84dd0743cab5863742fa44a381a14d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          95bfd1a97e0e504f5ec82d8e64607b26

          SHA1

          f787ddc42e851c6654d133c30874c7848a2e163c

          SHA256

          ff66e770867c45eb250096db811ea0b4d791d775631318911b471789b7e8241f

          SHA512

          ac7861cc07c26aa351ce3b4b865d707a91d1e73f40e3e4c7bcd92e31845fab67050b8e0bd3d11c66abf4465618d8598a3177e368d16ea65773c41f9e28772f86

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          aa156586300cbfe1cb5c6bdbff25506f

          SHA1

          03bc67365783aa3615d84034a024da53e761801c

          SHA256

          880233767f57b7bfc0962a13b09310b21a976d8da3e56ef018c3c0d39200313a

          SHA512

          7b10e48cf00741f216ae592fbebbb1ae3d05219dd1d563bf976947c54a8af871638ffe28d71685f1a36e171e5a2797521bd2b6a8bcb9aaed2516fc0e14478220

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          e4cb75595d675ec8956f10924aa52100

          SHA1

          b2b1d4044080f3832776b438a10bda3959c9a652

          SHA256

          73432733d11830ee3793ccef10f54d05b722cf91bc109b7168fb4ac25559aa23

          SHA512

          fdba7430bdcdfa487da626725a9ac00c277a3557bd4128111b0e756eb92ee5e13834d87bdfb0d0fb5234f898eafcdce27ea3c3acb2fda58e86ed40a2f2167e33

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          63d532e0f00d484cd6e21bf75cbd0fd5

          SHA1

          d7c4461a049a64d69d1b15dbaaf7c3a991975741

          SHA256

          2c152daef2e61f8b912703dbee069267272dc30cfb819e0064ecfc049219b203

          SHA512

          0054d5570324d575a1c8e4fa1f544f5265477c3fb3ee0a8a3b67eb46c2f58afd5945dc81c3308b67fd4e895d814a6c66850bd584d187ecf753e3863071c66c32

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          68709f4d9af93310a9d94df945ed50b0

          SHA1

          84bf7eac148944f5b48c09cbd78102a6b1705eb6

          SHA256

          97dda56986085dcb7aff0be99c36e40cd28de68b270b0f99ef3b9ad8e30ac77d

          SHA512

          6daf646a8b99c4678f77de7ab9fff09b4f4e5d1f66013dc02ae0b1c3c2f44bb844dd2305a3a27888b5e8c0e94fa36fc9fe31b3635533710667eccea8f8a439b3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          044f8563b356f8401896b89626ab05ce

          SHA1

          8a8412778ac994d2343e32495a3e232940445498

          SHA256

          a47d2d965867d62decbb25fde9d798a382a739c522e2c8354dc1fa01829c5408

          SHA512

          d08f0bfd48161ff86b0a91e730948647f9e5d0fc6b0766c81b9d670996d738878f5b23a104e9055cc685457cfddb4a609234ba0fb4454e9f43909e8936fcb540

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          50ee743034865b86c12835409408021d

          SHA1

          56e9866d5f23792410d852f2bc563007a6c78846

          SHA256

          419b560f73ebba2f9df5f7e5b8c0445f241c62365c81a501a0cea407aa962de0

          SHA512

          a1fe1e39341cd39448616776b2c8bd1fba341b63208bfef378afeed212691dc7bfa177b5c1f93b69530d8f8c9e936abc18a1b7395af4215d5f4de9da17f26cef

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab8A1A.tmp
          Filesize

          61KB

          MD5

          f3441b8572aae8801c04f3060b550443

          SHA1

          4ef0a35436125d6821831ef36c28ffaf196cda15

          SHA256

          6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

          SHA512

          5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar8A7A.tmp
          Filesize

          163KB

          MD5

          9441737383d21192400eca82fda910ec

          SHA1

          725e0d606a4fc9ba44aa8ffde65bed15e65367e4

          SHA256

          bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

          SHA512

          7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

          Download Submit