Overview

overview

6

Static

static

1

sample.html

windows7-x64

1

sample.html

windows10-2004-x64

6

Analysis

  • max time kernel
    121s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231023-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
  • submitted
    16-11-2023 18:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    sample.html

  • Size

    131KB

  • MD5

    57e429f966832244cf9508e96535867a

  • SHA1

    e973da3e248123e6549ad6a80e823206c8d6b855

  • SHA256

    735cbe02cee5f13171e6ea7558ac32e75ee2c8aa1e79fddf1c724834def0fed8

  • SHA512

    f961a511c5817462e200cfc94f48352ad1f61db388d6a07808daf44333a7c3c167f7cdab4925f3afb9e5ffb08bb61f9174625d53c209839ffc5718638ecb41c3

  • SSDEEP

    3072:jIcKkkAu0NVYa/MvP5fwtMEDilLgE1Pc2Oco:jIND5SJ

Score
6/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\sample.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4300
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4300 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1276
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 1276 -s 3148
        3⤵
        • Program crash
        PID:2316
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4300 CREDAT:17414 /prefetch:2
      2⤵
        PID:4908
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4300 CREDAT:214018 /prefetch:2
        2⤵
          PID:3052
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -pss -s 444 -p 1276 -ip 1276
        1⤵
          PID:3936

        Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\5FZHGTXM\js[1].js
          Filesize

          216KB

          MD5

          eb0890815d6b7806c20ed4e1eb57349c

          SHA1

          1a2dbe4a8a56541be5dd383e1ca54eb73a0d92f6

          SHA256

          edc837ff248b032eb1091bf6596787d77c5e1dbec21356f09ed0ef2e956bb19e

          SHA512

          41ce006ffa7692adb72f18a609024102da1b48ecdef0b371f5fb67a5f8ed4ba53c1dc206bf66d924f17dbf4eb4b0010b96ca3161bfd6fa7a4e1eba69e09ed6db

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\5FZHGTXM\js[2].js
          Filesize

          185KB

          MD5

          555b41d462368821c7d0b703c6e835a9

          SHA1

          fcbfb1271dad40f6a2fc7ef40c7d75afa3161e09

          SHA256

          7220ec17f8384a539af86a7c60c59a30474c5de21826b77d6a3e1d13b9094f94

          SHA512

          9aec33d8132ced31bf7c9f32a2480572f95d7f417633c52ce8c02db725c0b6d944831d7544812565f2794724837402b67a800f21070cab93f4b96128fd79975b

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\E51EX1F6\ga[1].js
          Filesize

          446B

          MD5

          26da5226166e2b35109627fb63cde21d

          SHA1

          ec6bc7d2868a2448dfad6514141eb1c0e8d9174f

          SHA256

          118bdfd4efb0bfc2c5c33935249bbe60dda510585ac00deda6100a80c491b9db

          SHA512

          a165e52525ea226b59e233660aca86a97f0ef05da13341ab0d90895e32f96305c51d8ddc6c469f4d1f15f897d7a50b98752dff4c231b0adadcc9cf26ac4134cf

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\E51EX1F6\js[1].js
          Filesize

          186KB

          MD5

          79f8b3d25865ee15be79dcb95fe59cc5

          SHA1

          06e3d6734b00032e145211cde4e51617cdb181d6

          SHA256

          3afe2f102375bdc52f2f9f1f919f6daebaa51a1ef959ce33d3b85e4adb88e6d9

          SHA512

          4fbb9ee2f1237136a5caa8aad6a4d4421d759cf9005d00949b9dd5400e874d1242e6460e958d5db0aaf647492cefc14bcbacfc88a514c1c9736c0b09c61ac2b2

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\E51EX1F6\suggestions[1].en-US
          Filesize

          17KB

          MD5

          5a34cb996293fde2cb7a4ac89587393a

          SHA1

          3c96c993500690d1a77873cd62bc639b3a10653f

          SHA256

          c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

          SHA512

          e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\FG4P7PGK\analytics[1].js
          Filesize

          51KB

          MD5

          575b5480531da4d14e7453e2016fe0bc

          SHA1

          e5c5f3134fe29e60b591c87ea85951f0aea36ee1

          SHA256

          de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

          SHA512

          174e48f4fb2a7e7a0be1e16564f9ed2d0bbcc8b4af18cb89ad49cf42b1c3894c8f8e29ce673bc5d9bc8552f88d1d47294ee0e216402566a3f446f04aca24857a

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\FG4P7PGK\ga[1].js
          Filesize

          446B

          MD5

          26da5226166e2b35109627fb63cde21d

          SHA1

          ec6bc7d2868a2448dfad6514141eb1c0e8d9174f

          SHA256

          118bdfd4efb0bfc2c5c33935249bbe60dda510585ac00deda6100a80c491b9db

          SHA512

          a165e52525ea226b59e233660aca86a97f0ef05da13341ab0d90895e32f96305c51d8ddc6c469f4d1f15f897d7a50b98752dff4c231b0adadcc9cf26ac4134cf

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\FG4P7PGK\ga[1].js
          Filesize

          446B

          MD5

          26da5226166e2b35109627fb63cde21d

          SHA1

          ec6bc7d2868a2448dfad6514141eb1c0e8d9174f

          SHA256

          118bdfd4efb0bfc2c5c33935249bbe60dda510585ac00deda6100a80c491b9db

          SHA512

          a165e52525ea226b59e233660aca86a97f0ef05da13341ab0d90895e32f96305c51d8ddc6c469f4d1f15f897d7a50b98752dff4c231b0adadcc9cf26ac4134cf

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\LZ39371N\js[1].js
          Filesize

          223KB

          MD5

          e735179899f28e4f03e6afbdcb357a27

          SHA1

          c5549c9195509211dc679d807ef45db51a04235b

          SHA256

          a203a7bde6e2b4dd319c9f1811a4b886e31e66a7be09056c13e750cdf13c6685

          SHA512

          0bb24487e1818d5ba153c04038b1fc11efda2516afb1a48093a456acfc0b9e2361fff34b87665f3f68195a4d8eff0e1b5df37d1ef0d7c7bbd822bcfa0ea066df

          Download Submit