Overview

overview

1

Static

static

1

winprofile

windows7-x64

1

winprofile

windows10-1703-x64

1

Analysis

  • max time kernel
    186s
  • max time network
    262s
  • platform
    windows10-1703_x64
  • resource
    win10-20231025-en
  • resource tags

    arch:x64arch:x86image:win10-20231025-enlocale:en-usos:windows10-1703-x64system
  • submitted
    07-11-2023 04:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ff1f6a397a1b64dac9ecc817f0a0a25540e59b7c0fc05fd802df2dbe0252354f.html

  • Size

    377KB

  • MD5

    5e1808d737442b7a245e0b299fd4fd2c

  • SHA1

    fe1a253c0f61fe43ec15f77cb552ea00164f11f7

  • SHA256

    ff1f6a397a1b64dac9ecc817f0a0a25540e59b7c0fc05fd802df2dbe0252354f

  • SHA512

    153aff7beb65fb60c7c70e8a6c5ac71de087ebbfef57199a66060acd0c1def93a9d5002305c17d00118ca07ba2a77f58d418112f1b86e0971d459febad8a5f92

  • SSDEEP

    6144:dr831TgcXSuXnkZi7Gyh+yr5hWxIOOQvxI2+:dri1TgcXSuXnkZi7Gyh+yr5hWxIOOQD+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 59 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ff1f6a397a1b64dac9ecc817f0a0a25540e59b7c0fc05fd802df2dbe0252354f.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2600
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2600 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3100

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
    Filesize

    4KB

    MD5

    1bfe591a4fe3d91b03cdf26eaacd8f89

    SHA1

    719c37c320f518ac168c86723724891950911cea

    SHA256

    9cf94355051bf0f4a45724ca20d1cc02f76371b963ab7d1e38bd8997737b13d8

    SHA512

    02f88da4b610678c31664609bcfa9d61db8d0b0617649981af948f670f41a6207b4ec19fecce7385a24e0c609cbbf3f2b79a8acaf09a03c2c432cc4dce75e9db

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    bcacf2eb2e90ec30159afd9304f27274

    SHA1

    16f1541a15d174abc13a0d04240527e76e670129

    SHA256

    2f2ee3d6122a7d9fef1c875c7829ca511a992da2efe61d13876a4c46ff911775

    SHA512

    23a321d25fc4a5aff8ce9537b925ad58c2dd7dd8d61acc65932efacb937b0eb6b8b65c78520094f50e126a60e2f5494252419d9e06abcadb6e627254a6ca8210

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    404B

    MD5

    4a22abcef09c8637a420038e96882a57

    SHA1

    d8ae68e0b81d5baf116c51898d8cc36615d4a2ec

    SHA256

    e384239e8d5fb1d7614966d3c1b4f2f1c3de3d463cac5481c3e566e1ec54db98

    SHA512

    b095a60555136cf42379b2c6e85a6def604c29322c45f0a2dee0f6c680feb5126bbe6175b84cada75eeeb61e5c4bc2c344fe739ce07c3dffae08a06cbaec8ba8

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\VersionManager\ver2BA.tmp
    Filesize

    15KB

    MD5

    1a545d0052b581fbb2ab4c52133846bc

    SHA1

    62f3266a9b9925cd6d98658b92adec673cbe3dd3

    SHA256

    557472aeaebf4c1c800b9df14c190f66d62cbabb011300dbedde2dcddd27a6c1

    SHA512

    bd326d111589d87cd6d019378ec725ac9ac7ad4c36f22453941f7d52f90b747ede4783a83dfff6cae1b3bb46690ad49cffa77f2afda019b22863ac485b406e8d

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\1K8HXUO8\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\MPRIPRHB\likes.7965f6735e8e39fbbe73[1].css
    Filesize

    554B

    MD5

    d11928ebd8a1101a2d6b4476ad292606

    SHA1

    e369a7d65299feb97d8c11525d8c831cc463c63f

    SHA256

    7bab9c45d7c84255c431ca155530532d5ea19f30bcb389db20f7edf26a5cd43b

    SHA512

    f3999089fdd2719f70bc2999b1b282452add77eae62c4c55777ccb376bd0d0a3a738e2492301a9816df4885f2693fe47a9539a31ff47a445b2c86a1b8a6cafa1

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\8L3T1C3C.cookie
    Filesize

    541B

    MD5

    89b59e8aa7a54e2cf1ce07fdf2429c5d

    SHA1

    cf1a8d9cb4d2fc6d3614a8ff82477a731997a8cf

    SHA256

    93a094a1bbe5d502581b1b43d3153abe22ca930be707702b76bcc43188ec2770

    SHA512

    f4c1dc2a8840c98101c201bb7b9652b76cdb6a025e08161a26d2c69c4588081f8bbb0ed8a3c66a42dc69f6f0de63123ebbb3374081d27c936de4e1dae45ed17e

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\WPMV1BAV.cookie
    Filesize

    540B

    MD5

    2faa6acb8ad8a905fe10680dd9b8b2c4

    SHA1

    6eea83410333e8e7f7092074e4d23cfecd99f056

    SHA256

    984a18cee8a832d2a4a1bbd4a34896c3a6044eddd87756295e05203c4a1aaefc

    SHA512

    c132b308fe7e2cea1d61858994a7d2d00039e791269ab2cfdc292f2595e90009bfd17fa792c22677d7b0aa348d9a0faad1498d37675ab854f6333c57c2dff5e8

    Download Submit