Overview

overview

5

Static

static

1

a1s-root1=...46.eml

windows7-x64

5

a1s-root1=...46.eml

windows10-2004-x64

1

email-html-2.html

windows7-x64

1

email-html-2.html

windows10-2004-x64

1

email-plain-1.txt

windows7-x64

1

email-plain-1.txt

windows10-2004-x64

1

hdjdkddk44.jpg

windows7-x64

3

hdjdkddk44.jpg

windows10-2004-x64

3

Analysis

  • max time kernel
    333s
  • max time network
    317s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    17/11/2023, 17:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    email-html-2.html

  • Size

    5KB

  • MD5

    ca140e60feaadb0094174e21dde8aa8e

  • SHA1

    5abfe8aa539c4b6bebfaf814f0ec39a665ed62c0

  • SHA256

    6156a73d489fc2a40ea51b5bd1d071684dfa10868c4f7cd7e08a35bbaf6426ce

  • SHA512

    49bf9bcea8334af72dd26418b1f8904135d9ab5c9f823553bf8561ba0055bb5bdbb26d34e70824de92a15870af3b279e931baa0ae85c16d417efc85ff4c3666a

  • SSDEEP

    96:ROZHeqJ6MPMbGFerf/33q0aO2KZKcEh78eONNNNNNNNNNNNNNNe4Pbq1+Ued9PVi:W+qJhUa+XHnZ4vZJ8fm5P2Ur

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\email-html-2.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2604
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2604 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2640

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a2c45041af9e191d9e317d6e5a67eeb1

    SHA1

    219df165c058356a13016ca85b3123310eb8ba6d

    SHA256

    26596f308c3f962be9c969d126e4b67fa48947f0b7b59c17db33cf8a884dabba

    SHA512

    06d4c9055c1036b330248387b75538ec1faaf38aeeb27a14c2eeeeefc4991ea052a3dc50f98a310a8a9f8714aa774c40e75fbd84eb5b6d24b0220303c9659953

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    542e56601c14e5387bd0d7ae300d1bfc

    SHA1

    aec58c8623a5be15039a7ead1efba67928ef789a

    SHA256

    fd59b4a70c94e375de2881033eb97bb2f484c4dd3572c78db04e738f2b78bd0e

    SHA512

    13c92d04280ee282554db9e9efd2c6e4654fb2376e207b48d64eace35beb888285300d4ff84d55d97763b1fac387def1d8ce548bdf5b639e932db8cf3ac34af8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ce0b7ba25941fe9b77b1312c44d5249d

    SHA1

    c502a5bab9e06d0109e9154967161689844a1d05

    SHA256

    fec64331176cc4fc1f87608b4a921b7c0bce5a1815ea07be9ff12ad6b138b4cc

    SHA512

    b260e421e39050d9ec65f5aad9bb4b51d0ef057563e03dd801c09dd6d391e9ea98fff7b5ad2ebddb6295d5415cdfb7a78fcbcd19f4ec13afd641559a7753fafd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c8deffcb89f0aaaabdc0007e1bbef52b

    SHA1

    6b4c86c2bc82ca8d502c0897f525938f9a737b40

    SHA256

    60f4a33eb849ab88b8041f39440abc923b928859ab7c23fbe54bb2e0bd8a76d8

    SHA512

    bacfbc0ec8fd96791dc09ba813e0356f69aa5b6cc6e84c31ba96c192ba4141cccf93293891652213f85df939b3b2998c917fdc04162ffad93dfe53a16b0db46b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    889359f6fda8573b398568653052a875

    SHA1

    ecfc616f5e65731594381c0a590e0df45bcb15aa

    SHA256

    88b977233d963b40f884a40fe9081b5f04333463e7b04e3037ebd9d50c64b401

    SHA512

    156ed70a3792750ee90001c3b79b1fd57fe458e67dcd0bbd3b5869ca6b7718c7ae429d7876adbba73a28635015b4e781ab89ec494e4fe6a770dc17561794eb4d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a92b6be3d887e47ffb82ffd2c89cac0f

    SHA1

    cd4191592030e1ea8cbe746cc959374e958242c4

    SHA256

    c3d4b676c6c12312f73c5d4f6e374a39136075810d11a2621b2f5f225e29a104

    SHA512

    576d628cfc4434971558ad749cf248664d377ee26d77099d6a4c56d66b3fa7548f5d7202f4fd866c26605632668b415ce95ba12aa98773efb142c0193ed4ea07

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    357b12a02674922f2f6425b131bc1abb

    SHA1

    4fa92568a11462024b9fb010160a92e22ec57da0

    SHA256

    06551b1c61060638fd448efe5559ed0ac4439e5c01eaee2aa6584939dbfb7005

    SHA512

    206d742250c15f1a67239cbc9ee4473014f235ff9960978425d5dec3249ffe7da49a06ec4d0e7873237cebb2ac862ac31ce35bbfeb58a86fd84e14f4d4e29029

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    81f2f151cc69c90880a380a1ef9b308d

    SHA1

    76947b2f7a6bab38e91c06d5caba529ac471f4a4

    SHA256

    800e991542291ffb534edff00ab1c234da61b1026f42a3ce28eb6c2ab530e8a1

    SHA512

    9e8002964caf9a07ca99fba2d1b2fc132a8506b69b1f5568d8b97dc5988f2369c26a156ab06dae7c5c5ee7714dd4bb9a049342c350e774e57a1ca60680793527

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2b09477a28df708ad9e6c4e7be5cc587

    SHA1

    31c043ffd8147a3f92e41a551ee8817b49320cc4

    SHA256

    027455b6915c4ef396e41ccdec6a3262a60226ed4f2df6be47a3ba88dd54bf4d

    SHA512

    02f148392b6a2a46f631449828e2e8ff3ef8c2b300e42edd775666bb9087fa2522291213aa425942418afd5fa4e07944ebfa11dd31aeecf0b6cefd667f6d60c0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    51d790c7d0b96eb5eb96064292f28749

    SHA1

    560cad0c55e8eef0acfa2f6a9f89fd2f8a61a486

    SHA256

    4b5642318bf5a69eab77014f3f72679cf651dca4ae72c04fccb0c0651cb20dbb

    SHA512

    c28a00997f504868d4f99d4b263351263b08e0abde5170990b1dc9f6ce39c0085c60745e29f31baa53d3f88caa823a354d216af71979ea6f3872ccf0e46b63f1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fd0359e8fa81db92e951eb6acdfd28e0

    SHA1

    cd768f591140d200a9c51670ab16b0b118d187a4

    SHA256

    9fd2fc3e3499da009c61d4889d7576ac3352d2d9cb269ee9ed27a3c12c0f7327

    SHA512

    1175a8d699f5d04815a056009f63367d1d7b8df9310e731ce7746356f22b2d1f4121352569d9c0414c847525d8ae8847993ca4545914820d17d2cc80800ac01f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    704b1a6e826f557b6420a289abe4c4fa

    SHA1

    c38aba75dd07afdae138adf24003cf6eb395519b

    SHA256

    d04938dcbcb6bfe4372fe347670c4f60ced50cdb0bcd118941b8839b3eddc3d0

    SHA512

    7a598ae2792f5764e4440bcc06e7a431d93b09e768cdf607c1c337de80a6997f2a8412262b44bda8f37cb4aa264eb4fdde3fa169091f491ad7222ba6e33c6db6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    14e9b870bd7ad600c59e3221ef243ec8

    SHA1

    08a9ab5b62c18c981429209623b1045e76c74f22

    SHA256

    845d210fb47dc8ff0771206b556ed1b16188780817ffca57f759abb65b7baccb

    SHA512

    ee6c1c5f7b1d54284bd297b05c87081ccef97c1bdce90a9a4108bf8ea4ace695079d961a8dfe91eea27d8364f4bb838a999173090e1bb953ed4509495ed0965d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9c91486166708797eea70ca9d1a48a03

    SHA1

    8d3df289995ed2f7fc1ae598dfebe12a60234ef2

    SHA256

    e2d10aea6ded3a914946879001baa9a425278971b94187973f6dc09e78b162f5

    SHA512

    9c5f68a474f4c69e19d925f5a32e6ef4b70c0ced82a53322833c6633070c19b61fe21918962cccfd1f8d0b050bd18c165a5170f9b2fa631cc1b84ed39117a287

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    006394c2a0d6cb202d040a37f3f5e69c

    SHA1

    b1eeb71b850244531480811f433774c64257cc51

    SHA256

    d4a3f057056d9afc9b2c2a91c55b5d94e28788986a360b843114c9259611396b

    SHA512

    82bb80674fcd710be716d208c0a63431aee63b39478eaaa769d922936f645924fc4bb10341fc21bc7f8ffd1c790db44230cdd4d961b890cd26d266a584e68f19

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e35d416f83172c4a7c32f59d280d2443

    SHA1

    59511480447b42a9e4c44a96adab2f92f362cd0e

    SHA256

    d8b0937c650d56c840d05131047d0242ce99f7f7812125e5a123002c84901164

    SHA512

    954ecca0ab2ecc6318a246369beb2ccfca1b1afd6c08a56913a754b1c792f5672ada7cab8a39ed3457191ccf07d5865c03da7ffbd502dfa82e1a1f495c941355

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b4827ea1c7ce2fd217417448ccd9987a

    SHA1

    5fb06e9a1faef24295a0c0dca208414572a7fb04

    SHA256

    845c863d6aded9953571e0da3af3bc3af79f12077d56f5c09300ed2848918233

    SHA512

    e73e70706b15e2c88a2c8e2da718ac76eefbdbe85ba85528c271e9287f0b3a8f57eb422aae2bca8d131ade1b59778491890dee5cdaea63f4c852501055d6fbba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7a2deb5bc812117edc24158b6afa3dd1

    SHA1

    858e6f30f71ede3219bdf8aafee923114dd3c023

    SHA256

    bfbf8c72beec6a64360e0bfaf8ab1c94f4c1ed96bdf679782c5c7c255e4148c9

    SHA512

    963554c748ee7c4adcda91f472e70360743a4705915f264f47d59e7b9997885b12bf2747be879e209a3e7e80d0837da6b082b8dc1462a595a365fb4edbd11cd4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a165bb0de1090fd954c7555eddea3a24

    SHA1

    cee5e4c7dd54ff5f43a92b7459a34d8ab5dec225

    SHA256

    3a3578366da18e4397164bf5d8fb44dc53dd57fe2bbdfdbf3c6191722f955899

    SHA512

    21e05c9ca79319a3774a4e1930ee17eba1cd71f2cd8e0a3ec4daaba097f72d2d1241c7f72ed44bbb6f365c7b52e2e0eeca94271ce80c0e0389d187a4d03fed0f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fe1af5f3b86bb707a6d24017144b0a99

    SHA1

    336de9e140fd6e3042d7f4b5d7c21e8184d2b9ae

    SHA256

    978b9840d1139fac219a26421d9aad584a652a9c2195364cfbe3fb465c849c31

    SHA512

    28e2ac6bde30b9d4c9715ae10c635db406c0ebf327fe9a89a2ee1fb6b83ba9618c8c8f51b76f73257bc27305cb1c501b66db65d96444bb78b30179274f12b509

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8DA2.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8E13.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit