Overview

overview

1

Static

static

1

demconf[1].gif

windows7-x64

1

demconf[1].gif

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    08-11-2023 20:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    demconf[1].gif

  • Size

    42B

  • MD5

    d89746888da2d9510b64a9f031eaecd5

  • SHA1

    d5fceb6532643d0d84ffe09c40c481ecdf59e15a

  • SHA256

    ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

  • SHA512

    d5da26b5d496edb0221df1a4057a8b0285d15592a8f8dc7016a294df37ed335f3fde6a2252962e0df38b62847f8b771463a0124ef3f84299f262ed9d9d3cee4c

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\demconf[1].gif
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2172
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2172 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2896

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b67ed6b10d75874c95faa291d7d43afb

    SHA1

    5295c59b3f98705cfae68079bd9aedbe74544b6b

    SHA256

    e66f42bba3e19ccce91f3b29f0d8aba06710e0f249bd08812313d5771e231bbf

    SHA512

    b16be4f374310f1f32bf00cc66b08fbeffad0803721101d8a7aa5468b20e13451f5003aa9b62c5ec1ed4cadfe777a911d3bca49a5d948c7169137c936a4b2190

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    858841c8d77e2ae2f3781ee636f25062

    SHA1

    da7d9cfa648a53a0b8e9f16eda68b813ca631196

    SHA256

    8f63031af63f40134c0b212db881f08a85807faa68f5631c5d75bac9e7158415

    SHA512

    1870ea43d73749450c34d3c2a263308a728d2fd7ea7928994489a0a730e379f3b6704750072487b8ecc93f1beb12993b5ff3a191385b8fae04f21353411e49c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a3c2ce2b42bcffa653f73f999640e87a

    SHA1

    a72c021bedd6a5b872cb9e063bd19761d355ffb8

    SHA256

    0d142b9b93e613da071d96567093d52cf903a6e195b5b74b0ababb6e5ff154c2

    SHA512

    161cab6b83b6dda01ca8e18d79b07305189d82d36c3c884e53d9ff342a7edfa8605081a935c43fc4a0c19e5c03e65fa8a467d56f5eb0c644b2bb33cad1da0696

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bd6b40addd17b649521c51c161627b8b

    SHA1

    4d6101ce26ab5e6f30b666d87522038a55786343

    SHA256

    e4b38439730dea8f8791717bd1c60a3a7fe10d29ccc2c476af47a77de4346bb2

    SHA512

    fbb0bf54ed1bfe5f4eb53114e771a02726d856a2aa13d9ccd272b572991f8788287b4d936c7c6013a23166f1f5934a231bba15157caedbc4408017ea3a8bc0e6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e47a75428ef61df793b44999f14ed0c6

    SHA1

    da07a8d844e8c3ebbcd2ae0a47b68c2ab3ebc2c2

    SHA256

    0d58aaf8ddb8f6b531e3b0d7914c66d69caa4bb4d196b64ac7788c4b5b341e96

    SHA512

    2a23e48abe5c7d8f9a5d031de21ffaf28bda3863cf161e6f721657afe3b4c22c7eddb664bc3c41162c9e8dceb186e48ded4bd801eac3dcf8471316d92f7aba04

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    829b6a54414a984b0aa7b273d9823e32

    SHA1

    7c94cdc5765a7dd0c3281823ffdc44fa1832a85b

    SHA256

    b6f97e2f0dc962c57d559567ccf803f74a1f0a9b9c8f094c05c11ce0770c7ee5

    SHA512

    5ff7faee327a2f18be75a811ee6fc8320e33ace4bad8b6f326ad620a8b11fa9cf46871c8bcae651d16aa18bd62df705550dd08cde3eb1b143e4cc1ce30315c65

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ab99756b504a5a5a966a5d4ee7de8cad

    SHA1

    e08960c048a6aedf7ec0cfd1ee6acba05cdd7e06

    SHA256

    cf2a6a22685e5c9ab004e5c05ea250321b6d1091a73cedec330ecf322baeeff5

    SHA512

    750f6702135feac70fbd1cb2585a916edbd41f6af47a358318431d9f67831743e82dbcc0137a943aed3d58854463eb5ec8422670405135edb1ba822a707280a0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4200b1683ddbd4aed4721179982ea3d5

    SHA1

    4c74f9c6721ca46d7b82eca123e04955bb05477e

    SHA256

    06bab3a3f30c2b92a1e50b3ee5ae05fd4c44e6f43bf445085494870cd9e32526

    SHA512

    d30157bdde3069feab9bb8ed6cabb0edddd14d4b1fd8dc5697af8bf41efdd6e3386b7573b18a1a06e0ac180d6f4aaea071db5a67469ac4ce900f1e657133c306

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    da6cee23962b2443bb896494b699b492

    SHA1

    f30a7be88f9dcfc1eff2cd083b30ea09441a2882

    SHA256

    40d8ac6f99e2ed64c03d3d96c692e20d4f99e393379197e94fc6113f341afb48

    SHA512

    ff9322348bbbfba6a2db709a7724f3af0b3c452dd8cd3104e70b65db5086af47a807788afe0d02f882255112ae12d12e632d4d8feb5bf32d6aeda02e01ef99ac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    73a784606bca11810c341cf61c857c3e

    SHA1

    f068a87c179c0f7697837a21409db4cc53035455

    SHA256

    969ba3378f2ea5874a62b624917fa0d9e0368fc1ccc1dd073bd5f4627bda032f

    SHA512

    169818e2ac7ad71e86fea25fe0cfda370967015d8460e2d7bdce7ccbf6a60708670fdf963f5d47389bddb49e9fe57bc706815660470697fe32704b4528c9edac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7bb5e7881403a58ccc2c5de739aa7d8a

    SHA1

    7662b3d5ab85b8dd1ce837810409699ac0b23626

    SHA256

    0c72c42c598363bb52215d1ee87072544d431cd60faa0f94f52eebc93a25e521

    SHA512

    ea03a60b5e4c993147f821ecca2106f5ce7b1382666986c449c140332d379ea59b45308d5f7be0382956ddb33f2831306a8347ef5ed9e48d2d1dd67c006a30c7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ca354fd11f1d46c80ff2ebc17c8e9db7

    SHA1

    b616cbded28a5642a0fe5d7f519cb1dac420de47

    SHA256

    d19a09d0a9175889e1c9d6f8d22bfc454e52df6c3784f082d535d437323106a8

    SHA512

    e2cf6734e73847c2c6e8ec43048f7aa36a2677c9e13ce11e5493814c37eb574fbf41069531767c9b90a350c5c7a65dbed473556043ebf7f506e33340e42dba00

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dbd5694f03148ad2cdcba3e23a9e4f99

    SHA1

    0caac60d0e288929c31f1e7ede68622acd214010

    SHA256

    c187b7c1c574a762ea1ace6abe5ca196c6b4f82dd72d959054e9ed541ced60bf

    SHA512

    141cebd4835a8d350e131c72d357375ee5a9001e064d19991acb8b0383f6f1100fff1f73fdc7fe76901c92331139856a94ffd11e1b70d5dec512caf708d408bb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b7e378e1a446f2394ecf524db3f897c6

    SHA1

    11bfe5c593b4d6f2cf7826c86f4e714488612047

    SHA256

    1f62ac12811f10caee570730c950774838f65078d8170d4e399bb2595675e3fb

    SHA512

    8f578e38260d851ba78a50c394c2b1ea6fb88bf0d090216bc28c3bcf25ceae24f9ae05a552cf752f8e418a9529c70b41b47d4661405c9f615d09118ad39d31cc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    659eca704e2b8e95aec4cd15a4c54546

    SHA1

    26337491cdc26701cdb5a062b9f47b0a56451be2

    SHA256

    3d2a622056876ec1a9b03c61b5bd18dd160772a3fa9055b50295051b196cd9e9

    SHA512

    96f56321e695c82597170e832d25208dee8e8c0397211fbe6a56bc1b41adebca80d2827a4200a4991653b1a9c892071ab98c7ecccce45e4209e313bdccf237ec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b0741680cc536ea470282aded6bb6d6f

    SHA1

    800e29104db60a0192db3679f0e3945418b1ea66

    SHA256

    d3724d446bca52b83c8e7664356ca9ef288418808a8f270d2faefa5704cf1010

    SHA512

    ff6cf0d83fae1a5eeaad7d0063f0966cf488ec1633f53b8251d2ced3fc9be5822f196ecf1c73dc555d61e86e0a756b258563d62b18361f7d3207c8bda639fb68

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a5bb313c164e284cd93eef3c9bc16164

    SHA1

    5affa3163fa74799e86f6f30bd10d88edadbece8

    SHA256

    bb8f5a34f50600851ffd0534ab0e5d02c0eaa225f141bc3251e879e1d4941cc1

    SHA512

    387dc0684fa25d12e2d3b849a39445a93f40afb284e37cdfa2e634abf6b2e9dcb48ea01ef5e45d55a856b8609fedd2f389e1ca72480eff6863687676ff78efd3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a192597e136a035518f68f370361567f

    SHA1

    5d9cc51e6870aa3c94467a0ff297592f487e7366

    SHA256

    04757aea0e40ce8882b9cbc757b3e30b081f927eae9176af5c697cdd7a3810b9

    SHA512

    315458defd80b16b909a195aa6d1d3b22e56727a9857e2ad13adc0389fbb3f5bc844b363c9d9f13b25a6187f9e55edcd651ad04fe0f20a0f574b16e265029454

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab873C.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar87DB.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit